SQL Server 2012/2014

AlwaysOn Availability Group

Part 3 - Install WS2012 R2 Core Server

v1.0 - 2014 - G.MONVILLE

Summary Part 3 - Install WS2012 R2 Core Server ....................................................................................................................... 2

Virtual Machine .............................................................................................................................................................. 2

AD Account ..................................................................................................................................................................... 2

Server Installation - 1st Node.......................................................................................................................................... 3

Install and Configure a WS2012 R2 Server ............................................................................................................ 3

Core Server Installation - Three other Nodes............................................................................................................ 3

Install and Configure a Windows Server 2012 R2 Core Server ........................................................................ 3

Configure all Nodes .......................................................................................................................................................... 4

Configure Network ................................................................................................................................................... 4

Enable Remote Desktop ......................................................................................................................................... 6

Configure Firewall ..................................................................................................................................................... 8

Join Server to Domain ........................................................................................................................................... 11

Add account to Local Administrators Group .................................................................................................. 11

Add Route (optional) ............................................................................................................................................. 12

[Note] Remote Management .............................................................................................................................. 12

Configure DVD-Drive Letter................................................................................................................................. 13

Configure update .................................................................................................................................................... 13

[Note] Switch between Full-GUI/Minimal/Core interface................................................................................ 15

Manage all nodes from Server M-SQLA1 ............................................................................................................ 16

Part 3 - Install WS2012 R2 Core Server

This part covers the installation and configuration of Windows Server 2012 R2 Core.

Virtual Machine

Create the four SQL Servers and configure the three Network adapters and the three Virtual disks:

AD Account

Create Group:

lab1\SQLAlwaysOnAdmins

Create accounts:

lab1\sqlaoinstall

Add your account and sqlaoinstall account to SQLAlwaysOnAdmins Group. This is not mandatory but

I recommend using an “Install account” for environments installation.

Server Installation - 1st Node

Install and Configure a WS2012 R2 Server

Server: M-SQLA1

Install WS2012R2 (in full GUI mode). For reminder this server will be used for management

(consoles, …)

Configure Network

Note about IPv6 for WSFC Cluster

For Cluster network you can disable IPv6 protocol, but by default the heartbeat mechanism

prefer use first IPv6 addresses. Now on WS2012, it’s not recommended to disable IPv6.

Note for Cluster and Replication NIC

Disable “Register this connection’s addresses in DNS”

Configuration: Do the same configuration as the Core server bellow.

Core Server Installation - Three other Nodes

Servers: M-SQLA2, M-SQLA3, M-SQLA4

Install and Configure a Windows Server 2012 R2 Core Server

Configure all Nodes

Script “WSCoreNode-Configuration.ps1.ps1”

Configure Network

List NIC:

Identify NIC, retrieve MAC address from Hyper-V:

Rename Network Adapter

Rename-NetAdapter -Name “Ethernet” -NewName “eth1-public”

Repeat operation for “Ethernet 2” and “Ethernet 3”:

Set IP Address

Note: Option -Gateway <IP>new

New-NetIPAddress -InterfaceAlias “eth1-public” -IPAddress 10.0.1.24 -PrefixLenght 24

Repeat Operation for “eth2-cluster”: New-NetIPAddress -InterfaceAlias “eth2-cluster” -IPAddress 10.0.10.24 -PrefixLenght 24

Repeat Operation for “eth3-replication”: New-NetIPAddress -InterfaceAlias “eth3-replication” -IPAddress 10.0.20.24 -PrefixLenght 24

Set DNS

To set multiple DNS: “-ServerAddresses 10.0.1.1, 10.0.1.2”

Configure Protocols

Retrieve Protocol status:

Get-NetAdapterBinding -InterfaceAlias “eth1-public”

NIC “eth1-public”:

I disable “Link-Layer Topology ...” and “IPv6” protocols.

Disable-NetAdapterBinding -InterfaceAlias “eth1-public” -ComponentID ms_rspndr, ms_lltdio, ms_tcpip6

Repeat Operation for “eth2-cluster”:

I disable “Link-Layer Topology ...” and “QoS” protocols.

Disable-NetAdapterBinding -InterfaceAlias “eth2-cluster” -ComponentID ms_rspndr, ms_lltdio, ms_pacer

Repeat Operation for “eth3-creplication”:

I disable “Link-Layer Topology ...”, “QoS”, and “IPv6” protocols.

Disable-NetAdapterBinding -InterfaceAlias “eth3-replication” -ComponentID ms_rspndr, ms_lltdio, ms_pacer, ms_tcpip6

Enable Remote Desktop

Method 1 - From SCONFIG

Go to “7”:

Method 2 - From PowerShell

Enable Remote Desktop: Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server'-name "fDenyTSConnections" -Value 0

Enable Secure Connections: set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "UserAuthentication" -Value 1

Enable Firewall Exception: Enable-NetFirewallRule -DisplayGroup "Remote Desktop"

Check:

Get-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server'-name "fDenyTSConnections"

Get-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "UserAuthentication"

Check Firewall: Get-NetFirewallRule -DisplayGroup "Remote Desktop" | ft displaygroup,displayname,enabled,profile -AutoSize

Configure Firewall

This configuration can be done (and it’s better) though AD GPO. Commands bellows are for

information or for lab environment.

Enable Firewall Remote Management

Show CurrentProfile:

netsh advfirewall show currentprofile settings

Enable Remote Management:

netsh advfirewall set domainprofile settings remotemanagement enable

This enables rules:

NOTE To disable Remote Management (netsh)

netsh advfirewall set currentprofile settings remotemanagement disable

Enable Remote Management Rules

I use script “FW_Enable-GroupRules-RM.ps1” to enable this rules:

NOTE Enable Remote Management rules (netsh/powershell)

Set-NetFirewallRule -DisplayGroup "Remote Service Management" –Enabled True -Profile “Domain,Private”

Or via netsh netsh advfirewall firewall set rule group="Remote Shutdown" new enable=yes

Check the Remote Management Rules: Get-NetFirewallRule -DisplayGroup "Remote *" | ft displaygroup,displayname,enabled,profile -AutoSize

Create Firewall Rules for SQL

You have to create these inbound rules:

Protocol Port Name Note

TCP 1764 Instance and VNN Port

TCP 5022 Instance SQL Endpoint User for AAG communication

Script: FW-Create-Rules-AOLab.ps1

Script overview:

#SQL Server Firewall RULES # VAR $Profile = "Domain,Private" $RuleGroup = "SQL" #Rule: INBOUND - Allow Instance/VNN Port $RuleName = "SQL Database Engine - Instance/VNN (TCP 1764)" $LocalPort = 1764 $Protocol = "TCP" $Action = "Allow" New-NetFirewallRule -Group $RuleGroup -DisplayName $RuleName -Direction Inbound -Protocol $Protocol -LocalPort $LocalPort -Action $Action -Profile $Profile | out-null

Other SQL Ports:

Protocol Port Name Note

UDP 1434 SQL Browser Service Browser Service listens for incoming connections to a named instance and provides the client the TCP port number that corresponds to that named instance.

Browser will be disabled.

For more information (other port for SSRS, AS ...) see TechNet article “Configure the Windows

Firewall to Allow SQL Server Access”: http://msdn.microsoft.com/en-us/library/cc646023.aspx

Join Server to Domain

Rename-Computer -NewName xxxx

Add-Computer -DomainName domain.local -DomainCredential (Get-Credential) Restart-Computer

Add account to Local Administrators Group

Add AD Group to local Administrators group:

CMD

net localgroup administrators /add lab1\SQLAlwaysOnAdmins

List members of a Local Group: net localgroup administrators

Or via PowerShell:

PowerShell

#Add an account/group: ([ADSI]"WinNT://localhost/Administrators,group").psbase.Invoke("Add",([ADSI]"WinNT://lab1/SQLAdmins").path) #Remove an account/group: ([ADSI]"WinNT://localhost/Administrators,group").psbase.Invoke("Remove",([ADSI]"WinNT://lab1/SQLAdmins").path)

Add Route (optional)

I need route for RDP, this is the netsh command:

[Note] Remote Management

Now, we can remotely manage the server with consoles from another Server in Full-GUI mode.

Commands bellows are for information.

Configure DVD-Drive Letter

View the CD/DVD Drive Letter:

Get-WmiObject -Class Win32_CDROMDrive

Change Drive Letter:

(gwmi Win32_cdromdrive).drive | %{$a = mountvol $_ /l;mountvol $_ /d;$a = $a.Trim();mountvol v: $a}

Warning: This method function if there is only one CD/DVD Drive.

Configure update

Now the core server is joined to domain, I have GPO to set Update mode (Automatic during the

night) and WSUS options.

List installed updates

wmic qfe

Force Update:

Copy this script to each core node:

http://msdn.microsoft.com/fr-FR/library/aa387102%28VS.85%29.aspx

And launch it (this script start a Windows Update session):

TechNet Resources:

Configure Automatic Updates by Using Group Policy

http://technet.microsoft.com/en-us/library/cc720539%28v=ws.10%29.aspx

Servicing a Server Core installation

http://technet.microsoft.com/en-us/library/ff698994%28v=ws.10%29.aspx

Searching, Downloading, and Installing Updates

http://msdn.microsoft.com/en-us/library/aa387102%28v=vs.85%29.aspx#fbid=kpO9Qceh-_Y

SQL Core Servers deployment done!

[Note] Switch between Full-GUI/Minimal/Core interface

Command for switch between Full-GUI, Minimal, or Core mode

By default on core installation, “Server-Gui-Shell” and “Server-Gui-Mgmt-Infra” features are removed,

so you have to specify the source files. To do that retrieve Index on the source WIM:

dism /get-wiminfo /wimfile:"v:\sources\install.wim"

To switch to Minimal interface:

Install-WindowsFeature Server-gui-mgmt-infra -Source wim:v:\sources\install.wim:2

To switch to Full interface:

Install-WindowsFeature Server-Gui-Shell, Server-Gui-Mgmt-Infra -Source wim:v:\sources\install.wim:2

To switch to Core interface:

Remove-WindowsFeature Server-Gui-Shell, Server-Gui-Mgmt-Infra

Note: you can use “-remove” option to delete binary files from local disk.

Manage all nodes from Server M-SQLA1

From M-SQLA1 (with full GUI mode), connected with lab1\sqlaoadm account, got to Server Manager

and add the three core nodes.

Click “Add other servers to manage”:

Select the 3 other nodes:

Configure Volume for all nodes:

Note: For AAG the volume letter (for DB and Log) must be the same on all instance that participate to

the AAG

If you want to use PowerShell, you can read this great article on Volume Management with PS:

http://blogs.technet.com/b/meamcs/archive/2012/04/06/windows-server-8-disk-management-with-

powershell-3-0.aspx

Now all nodes are ready, next part covers the WSFC Cluster creation.