What's New in Failover Clusters
Microsoft Corporation
Published: September 2007
Author: Jan Keller
Editor: Ronald Loi
Abstract
In Windows Server® 2008, the improvements to failover clusters (formerly known as server
clusters) are aimed at simplifying clusters, making them more secure, and enhancing cluster
stability. Cluster setup and management are easier. Security and networking in clusters have
been improved, as has the way a failover cluster communicates with storage. This document
describes the improvements in failover clusters.
1
�This is a preliminary document and may be changed substantially prior to final commercial
release of the software described herein. The information contained in this document represents
the current view of Microsoft Corporation on the issues discussed as of the date of publication.
Because Microsoft must respond to changing market conditions, it should not be interpreted to be
a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any
information presented after the date of publication.
This White Paper is for informational purposes only. MICROSOFT MAKES NO WARRANTIES,
EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS DOCUMENT.
Complying with all applicable copyright laws is the responsibility of the user. Without limiting the
rights under copyright, no part of this document may be reproduced, stored in or introduced into a
retrieval system, or transmitted in any form or by any means (electronic, mechanical,
photocopying, recording, or otherwise), or for any purpose, without the express written
permission of Microsoft Corporation.
Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual
property rights covering subject matter in this document. Except as expressly provided in any
written license agreement from Microsoft, the furnishing of this document does not give you any
license to these patents, trademarks, copyrights, or other intellectual property.
© 2007 Microsoft Corporation. All rights reserved.
Microsoft, MS-DOS, Windows, Windows Server, Windows Vista, and Active Directory are either
registered trademarks or trademarks of Microsoft Corporation in the United States and/or other
countries.
All other trademarks are property of their respective owners.
2
�Contents
What's New in Failover Clusters.....................................................................................................1
Abstract....................................................................................................................................1
Contents..........................................................................................................................................3
What's New in Failover Clusters in Windows Server 2008..............................................................4
What does a failover cluster do?.................................................................................................4
Who will be interested in failover clustering?...............................................................................4
Are there any special considerations?.........................................................................................4
What new functionality does failover clustering provide?.............................................................4
New validation wizard...............................................................................................................5
Support for GPT disks in cluster storage..................................................................................5
What existing functionality is changing?......................................................................................5
Improvements to setup.............................................................................................................6
Improvements to management interfaces................................................................................6
Improvements to stability and security to help maximize availability........................................6
Improvements to the way a cluster works with storage............................................................7
Improvements to interfaces for working with shared folders.....................................................7
Improvements to networking and security................................................................................8
Do I need to change any existing code to work with Windows Server 2008?..............................9
How should I prepare to deploy this feature?..............................................................................9
Is this feature available in all editions of Windows Server 2008?................................................9
3
� What's New in Failover Clusters
What's New in Failover Clusters in Windows
Server 2008
In Windows Server® 2008 Enterprise and Windows Server® 2008 Datacenter, the improvements
to failover clusters (formerly known as server clusters) are aimed at simplifying clusters, making
them more secure, and enhancing cluster stability. Cluster setup and management are easier.
Security and networking in clusters have been improved, as has the way a failover cluster
communicates with storage.
Note
The failover cluster feature is not available in Windows® Web Server 2008 or
Windows Server® 2008 Standard.
What does a failover cluster do?
A failover cluster is a group of independent computers that work together to increase the
availability of applications and services. The clustered servers (called nodes) are connected by
physical cables and by software. If one of the cluster nodes fails, another node begins to provide
service (a process known as failover). Users experience a minimum of disruptions in service.
Who will be interested in failover clustering?
Failover clusters are used by IT professionals who need to provide high availability for services or
applications.
Are there any special considerations?
Microsoft supports a failover cluster solution only if all the hardware components are marked as
"Certified for Windows Server 2008." In addition, the complete configuration (servers, network,
and storage) must pass all tests in the Validate a Configuration wizard, which is included in the
Failover Cluster Management snap-in.
What new functionality does failover clustering
provide?
• New validation feature. With this feature, you can check that your system, storage, and
network configuration is suitable for a cluster.
4
� What's New in Failover Clusters
• Support for GUID partition table (GPT) disks in cluster storage. GPT disks can have
partitions larger than two terabytes and have built-in redundancy in the way partition
information is stored, unlike master boot record (MBR) disks.
New validation wizard
By using the new validation wizard in failover clusters, you can perform tests to determine
whether your system, storage, and network configuration is suitable for a cluster. These tests
include specific simulations of cluster actions, and fall into the following categories:
• System Configuration tests. These tests analyze whether the selected servers meet
specific requirements, for example, the requirement that the servers must run the same
operating system version and software updates.
• Network tests. These tests analyze whether the planned cluster networks meet specific
requirements, for example, requirements for network redundancy.
• Storage tests. These tests analyze whether the storage meets specific requirements, for
example, whether the storage correctly supports the necessary SCSI commands and handles
simulated cluster actions correctly.
Support for GPT disks in cluster storage
GUID partition table (GPT) disks are supported in failover cluster storage. GPT disks provide
increased disk size and robustness. Specifically, GPT disks can have partitions larger than two
terabytes and have built-in redundancy in the way partition information is stored, unlike master
boot record (MBR) disks. With failover clusters, you can use either type of disk.
What existing functionality is changing?
The following list briefly summarizes the improvements in failover clusters:
• Improved cluster setup. These improvements make it simpler to get started with a new
cluster.
• Simplified management interfaces. With the improvements to interfaces, you can focus
on managing your applications, not your cluster.
• Improvements to stability and security, which can result in increased availability.
Failover clusters include improvements to the way the cluster communicates with storage,
improving the performance of a storage area network (SAN) or direct attached storage (DAS).
They also offer configuration options that mean the quorum no longer needs to be a single
point of failure. In addition, improvements to the underlying software infrastructure and to
networking and security increase the reliability and availability of failover clusters.
• Improvements to the way a cluster works with storage. With these improvements,
you can achieve better performance with your storage than was possible with server clusters
in previous releases.
5
� What's New in Failover Clusters
• Improvements to interfaces for working with shared folders. With these
improvements, configuration of shared folders is more straightforward and misconfiguration is
less likely.
• Improvements to networking and security. These improvements make it simpler to
configure and maintain the networks that the cluster uses.
Improvements to setup
The Create Cluster wizard has been simplified to make it much easier to set up a cluster. Cluster
setup is also fully scriptable so that you can automate your deployment.
The failover clustering software also includes a wizard that can help you capture certain resource
group settings from a cluster running Windows Server 2003 and apply them to a cluster running
Windows Server 2008. This can help you accomplish a migration more quickly.
Improvements to management interfaces
With failover clusters in Windows Server 2008, you can carry out the following management and
operations tasks more easily than with server clusters in previous releases:
• Quickly configure clustered services and applications. The interface for
administering a cluster is simpler and more intuitive, making it easier to perform such tasks as
making a shared folder highly available. You can focus on managing your applications, not
your cluster.
• Use the command line or Windows Management Instrumentation (WMI) to work
with a cluster. You can use the command line or Windows Management Instrumentation
(WMI) for more tasks than in previous versions.
• Troubleshoot a cluster. In addition to working with the cluster log, you can use Event
Tracing for Windows to easily gather, manage, and report information about the sequence of
events that occurred on the cluster.
• Use the Volume Shadow Copy Service to capture backups. Full integration with the
Volume Shadow Copy Service makes it easier to back up and restore your cluster
configuration.
• Control the way you view shared folders that have been clustered. You can control
or "scope" your view of shared folders so that it is easy to understand which shared folders
are clustered and on which cluster a shared folder is available.
Improvements to stability and security to help maximize
availability
With failover clusters in Windows Server 2008, improvements to the cluster infrastructure help
you maximize availability of services and applications. You can:
6
� What's New in Failover Clusters
• Configure your cluster so that the quorum is not a single point of failure. With
improvements in failover clusters, you can use the two cluster models that previously existed
—the quorum resource model and the majority node set model—or a "hybrid" of the two. For
example, in a two-node cluster, you can specify that if the quorum disk (now called a "witness
disk") becomes unavailable, the cluster continues running as long as the copies of the cluster
configuration database on the two nodes remain available.
• Achieve greater reliability and availability because of improvements to the cluster
infrastructure itself. The cluster infrastructure has been improved to help you achieve
greater reliability and availability with failover clusters. For example, the software
infrastructure that handles clustered resources will isolate dynamic-link libraries (DLLs) that
perform actions incorrectly, minimizing impact to the cluster. As another example, the cluster
will use enhanced methods to ensure consistency among copies of the cluster configuration
database.
Improvements to the way a cluster works with storage
With failover clusters in Windows Server 2008, you can achieve better performance with your
storage than was possible with server clusters in previous releases. You can:
• Make additional disks available to the cluster while applications are online. You can
modify resource dependencies while resources are online, which means you can make an
additional disk available without interrupting access to the application that will use it.
• Obtain better performance and stability with your storage. When a failover cluster
communicates with your SAN or DAS, it uses the least disruptive commands (avoiding SCSI
bus resets). Disks are never left in an unprotected state, meaning that the risk of volume
corruption is lowered. Failover clusters also support improved methods for disk discovery and
recovery.
The types of storage connections that failover clusters support are Serial Attached SCSI
(SAS), iSCSI, and Fibre Channel.
• Perform disk maintenance tasks more easily. "Maintenance mode" has been
improved so that you can run tools to check, fix, back up, or restore disks more easily and
with less disruption to the cluster.
Improvements to interfaces for working with shared folders
In Windows Server 2008, the interfaces for viewing or configuring shared folders in a failover
cluster have been extended and streamlined. Configuration is more straightforward and
misconfiguration is less likely. The improvements include the ability to configure the following for
shared folders:
• Access-based enumeration: You can use access-based enumeration to hide a
specified folder from users' view. Instead of allowing users to see the folder but not access
anything on it, you can choose to prevent them from seeing the folder at all. You can
7
� What's New in Failover Clusters
configure access-based enumeration for a clustered shared folder in the same way as for a
nonclustered shared folder.
• Offline access: You can configure offline access (caching) for a clustered shared folder
in the same way as for a nonclustered shared folder.
• Clustered disks always recognized as part of the cluster: Whether you use the
failover cluster interface, Windows Explorer, or the Share and Storage Management snap-in,
Windows Server 2008 recognizes whether a disk has been designated as being in the cluster
storage. If such a disk has already been configured in Failover Cluster Management as part
of a clustered file server, you can then use any of the previously-mentioned interfaces to
create a share on the disk. If such a disk has not been configured as part of a clustered file
server, you cannot mistakenly create a share on it. Instead, an error indicates that the disk
must first be configured as part of a clustered file server before it can be shared.
• Integration of Services for Network File System: The File Server role in Windows
Server 2008 includes the optional role service called Services for Network File System (NFS).
By installing the role service and configuring shared folders with Services for NFS, you can
create a clustered file server that supports UNIX-based clients.
Improvements to networking and security
With failover clusters in Windows Server 2008, network performance and security are improved,
compared to previous releases. You can:
• Use IPv6, which is fully integrated into failover clusters. Failover clusters fully
support IPv6 for both node-to-node and node-to-client communication.
• Use Domain Name System (DNS) without legacy NetBIOS dependencies. This
simplifies the transport of server message block (SMB) traffic and means you do not have
Windows Internet Name Service (WINS) and NetBIOS name-resolution broadcasts.
• Achieve better reliability through other improvements to networking. Because of
improvements to networking, you can fine-tune the dependencies between a network name
and associated IP addresses so that the network name will be available if either (not both) of
the IP addresses is available. In addition, when nodes transmit and receive "heartbeats" to
confirm that each node is still available, they use Transmission Control Protocol (TCP) rather
than the less reliable User Datagram Protocol (UDP).
• Achieve enhanced security through security improvements and auditing of cluster
access. Security improvements in failover clusters enhance authentication and encryption. In
addition, you can use auditing to capture information about who accessed your cluster and
when.
• Place clustered servers on different subnets: You can now place clustered servers on
different IP subnets, which reduces the requirements for geographically dispersed clusters.
• Create additional security for intra-cluster communications: You now have the option
either to digitally sign or encrypt all intra-cluster communication. By default, intra-cluster
8
� What's New in Failover Clusters
communication is digitally signed. Intra-cluster communication typically includes information
about changes to the cluster configuration or to the state of clustered resources.
Do I need to change any existing code to work
with Windows Server 2008?
If you have an application that ran in a server cluster running Windows Server 2003, and the
application depends on the Cluster service account that was required for server clusters, you
might need to change the application so that it no longer depends on the account. Failover
clusters running Windows Server 2008 do not use a separate Cluster service account.
How should I prepare to deploy this feature?
Carefully review the hardware on which you plan to deploy a failover cluster to ensure that it is
compatible with Windows Server 2008. This is especially necessary if you are currently using that
hardware for a server cluster running Windows Server 2003. Hardware that supports a server
cluster running Windows Server 2003 will not necessarily support a failover cluster running
Windows Server 2008.
Note
You cannot perform a rolling upgrade from a server cluster running Windows Server 2003
to a failover cluster running Windows Server 2008. However, after you create a failover
cluster running Windows Server 2008, you can use a wizard to migrate certain resource
settings to it from a server cluster running Windows Server 2003.
Is this feature available in all editions of Windows
Server 2008?
The failover cluster feature is available in Windows Server 2008 Enterprise and Windows
Server 2008 Datacenter. The feature is not available in Windows Web Server 2008 or Windows
Server 2008 Standard.
