With the advent of Windows Server 2012 R2, Microsoft has worked diligently to provide support for virtualization and allow corporations to reduce costs by virtualizing as much hardware as possible. New features in 2012 R2 help prevent USN rollback and/or Lingering objects via the new VM-Generation ID. If a guest o/s is restored from a snapshot the VM-Generation Id that is stored in the DIT (msDS-GenerationID attribute on the DC’s computer object) is compared to the value on the Host. If they don’t match then the Invocation-Id is updated with a new value and any RID’s from the machine are replaced with a new set from the RID Master.
So the question is, “Do I need a physical DC in my Domain?”
Microsoft has no requirements that at least one DC be physical. They do have a recommendation that there is at least one but this is to ensure that you always have access to the domain in the event the virtualization HOST is unavailable. If a site loses its virtual HOST then all guests on this HOST are unavailable including any DC’s. Virtualization and Active Directory Domain Services (ADDS) architects need to plan carefully to ensure that ADDS is always available at any site.
Having a physical DC at a site is to just ensure there is fault tolerance in the event a virtual DC fails there is a second one to continue to provide ADDS services. This physical DC protection can be handled by a two separate virtual (Hopefully clustered) HOST’s running on either separate virtual farms –or- using anti-affinity groups.
“Windows Server 2012 introduces an “anti-affinity” function so you can specify that two particular VMs shouldn’t run on the same host. This would defeat the benefits of guest clustering. VMM 2012 SP1 supports this, as well as extending this functionality to non-clustered, standalone hosts it also manages”
So therein lies the risk. Can you ensure that the virtual enterprise is always available similar to how it would be for a physical system?
The article below calls out that you need to “Avoid Creating Single Points of Failure”, in this Microsoft points to the fact that you need to ensure that you are controlling your guests to independent HOST hardware. Below is guidance for your infrastructure for Server 2008/2008 R2, nothing has been released to cover Server 2012/2012 R2.
You should attempt to avoid creating potential single points of failure when you plan your virtual domain controller deployment. You can avoid introducing potential single points of failure by implementing system redundancy. For example, consider the following recommendations while keeping in mind the potential for increases in the cost of administration:
- Run at least two virtualized domain controllers per domain on different virtualization hosts, which reduces the risk of losing all domain controllers if a single virtualization host fails.
- As recommended for other technologies, diversify the hardware (using different CPUs, motherboards, network adapters, or other hardware) on which the domain controllers are running. Hardware diversification limits the damage that might be caused by a malfunction that is specific to a vendor configuration, a driver, or a single piece or type of hardware.
- If possible, domain controllers should be running on hardware that is located in different regions of the world. This helps to reduce the impact of a disaster or failure that affects a site at which the domain controllers are hosted.
- Maintain physical domain controllers in each of your domains. This mitigates the risk of a virtualization platform malfunction that affects all host systems that use that platform.
One thing I find interesting is Microsoft is pushing to move to the cloud in a BIG way, Azure if you aren’t aware. If you have a solution that is completely in the cloud using Azure or one of its competitors there is no way to have a physical DC, unless of course you had a site-to-site VPN to an on premise DC infrastructure. Just another stone to examine as you try and look at all the options on what can be considered.
I have also heard folks talk about the PDCe should be a physical machine. My question is “Why”? The PDCe isn’t magical but the one thing that can make it different from other DC’s is that it can use from 2% – 12% more physical resources than other DC’s. So with that thought in mind, manage your platforms on your DC’s. If you are doing your due diligence on your platforms to ensure they aren’t being overloaded then it shouldn’t matter where your PDCe is running.