Reading Time: 4 minutes
Share:
Twitter
LinkedIn
Facebook
Google+
Reddit
Whatsapp
Follow by Email

What is Cloud Witness?

Cloud Witness is a new type of Failover Witness Quorum Witness that uses Microsoft Azure blob storage to read/write a blob file which is then used as an arbitration point in case of split-brain resolution. There are significant benefits with using a Cloud Witness.

  • Uses Microsoft Azure. (No need for a 3rd host or 3rd datacenter.)
  • Uses Microsoft Azure Blob Storage. (No need for a VM hosted in Microsoft Azure, Saves on maintenance overhead.)
  • The same Microsoft Storage Account can be used for multiple clusters. (One blob file per cluster.)
  • Very Low cost to the storage account. (Data is only written to a small blob file, blob file only updated when cluster nodes change state.)
  • Built into Microsoft Server 2016 Failover Clustering.

In this guide, I am going to create a new Microsoft Azure Cloud Witness for my two node test lab.

cloud-witness-two-node

As you can see no 3rd node is required. The Cloud Witness, like any other quorum witness, gets a vote and can participate in quorum calculations.

Create a storage account.

For Cloud witness to work we need a Storage account in Microsoft Azure. You can always use an existing Storage account, but I have chosen to create a new one to keep things tidy.

Log in to your Azure subscription via http://portal.azure.com.

Click the green + and look for storage.

Click Storage account.

capture20161019102151129

Give your new Storage account a unique name.

Select General Purpose for Account kind.

Select Standard for Performance type.

Select Locally-redundant storage (LRS) for Replication. This is very important and needs to be LRS.

Select Hot for Access tier.

Select Disabled for Storage service encryption.

Choose your Subscription.

You can either use an existing Resource group, or you can Create a new one.

Select a location closest to you.

The cloud account has now been created.

Access Keys.

For our Failover Cluster to be able to use your new Storage account for its Cloud Witness we need to get our Storage accounts Access Keys.

In Azure, find your storage account you want to use for Cloud Witness.

Click Storage account.

In the new Blade, Click Access Keys.

capture20161019103117554

Take a note of the Storage account name.

Copy key1 to the clipboard.

You now have your Storage account key ready to finish off creating the Cloud Witness.

Setup Cloud Witness.

On server go to failover cluster manager.

Right click the Cluster.

Navigate to More actions > Configure Cluster Quorum Settings…

capture20161019103303702

Click Next.

capture20161019103329012

Click Select the quorum witness.

capture20161019103400052

Select configure cloud witness.

capture20161019103432896

Enter Azure storage account name and past key1 into Azure storage account key.

capture20161019103529065

Click Next.

Verify the message and click Next.

capture20161019103628116

Click Finish.

capture20161019123855484

You have now created a Cloud Witness and your cluster will now be able to handle one node failure.

capture20161019124046124

Powershell Option!

Once you have created the storage account in Microsoft Azure. You can use powershell to configure the Failover Cluster. Just use the following Code, change the storageAccountName and StorageAccountAccessKey as needed.

Set-ClusterQuorum -CloudWitness -AccountName <storageAccountName> -AccessKey <StorageAccountAccessKey>
Share:
Twitter
LinkedIn
Facebook
Google+
Reddit
Whatsapp
Follow by Email

Pixel Robots.

I’m Richard Hooper aka Pixel Robots. I started this blog in 2016 for a couple reasons. The first reason was basically just a place for me to store my step by step guides, troubleshooting guides and just plain ideas about being a sysadmin. The second reason was to share what I have learned and found out with other people like me. Hopefully, you can find something useful on the site.

5 Comments

Phil · December 13, 2016 at 3:08 pm

To save somebody else banging their head against a brick wall for a couple of hours. When following this article and specifying blob storage as the Account kind I couldn’t get this to work, I constantly got the error message :

Set-ClusterQuorum : An error occurred while validating access to Azure from cluster node ‘xxxxxxxxxxxx’.
Please check your storage account name, endpoint, and access key.

When I deleted and recreated the storage account as a General Purpose account everything worked fine.

    Pixel Robots. · January 23, 2017 at 3:06 pm

    Thanks for the Pointer! I have updated the guide now.

Adam · December 17, 2016 at 5:33 pm

Phil you are a life saver. I ran into the same issue. I removed my storage account and added a new one with the general type and all is working.

Thanks!

Chad Haston · March 9, 2017 at 2:20 pm

Thanks Phil, creating it a ‘General Purpose’ instead of ‘Blob’ account resolved my issue as well!!

Max · March 27, 2017 at 2:26 pm

Cheers Phil, had the same issue and your fix worked for me too.

Leave a Reply

Your e-mail address will not be published. Required fields are marked *

*

I agree