Microsoft Cloud Witness is a high- availability feature for failover clusters that uses storage in Azure so that clusters will continue to work if there is an onsite outage. It is a type of failover cluster quorum witness that uses Azure. I briefly discussed Cloud Witness earlier in the chapter, but now I want to go over how to create a cloud witness using Azure.
A cloud witness uses Azure Blob Storage to read/write a blob file, which is then used as an arbitration point. I will be discussing Azure Blob Storage in greater detail later in this chapter. There are several benefits of using a Cloud Witness in Azure:
■ Built- in Cloud Witness resource type.
■ Cost is minimal to the Storage Account since only a small amount of data is written per blob file. The blob file is updated only when a cluster node’s state changes.
■ No need for third separate datacenter because it uses Microsoft Azure.
■ Same Azure Storage account can be used for multiple clusters (one blob file per cluster; cluster unique ID used as a blob filename).
■ Uses standard available Azure Blob Storage (no extra maintenance overhead of virtual machines hosted in public cloud).
The cloud witness feature can benefit organizations that have clusters across multiple sites or that are running small Hyper- V clusters in remote offices. You must have an Azure storage account in order to use a cloud witness. You add the Azure account information when configuring the cloud witness portion of a failover cluster quorum. The cluster nodes must have access to the Internet and open HTTPS ports to use the Azure account.
There are a number of ways which you can set up a cloud witness. Let’s take a look at some of them.
Set Up a Cloud Witness for a Cluster Using the Windows Admin Center
If one of your servers in a cluster goes offline, you will want to make sure that you have a witness resource assigned. That way, it does not cause the other nodes to become unavailable. To set up a cloud witness using the Windows Admin Center, perform the following steps:
- In Windows Admin Center, select Cluster Manager from the top drop- down menu.
- Under Cluster Connections, select the cluster.
- Under Tools, select Settings.
- In the right pane, select Witness.
- For Witness Type, select File Share Witness.
- Specify a file share path such as \servername.domain.com\Witness$ and supply credentials if needed.
- Click Save.
Set Up a Cloud Witness for a Cluster Using Azure
You can also use an Azure cloud witness if all the server nodes in the cluster have a reliable Internet connection. To set up a cloud witness as a quorum witness for your cluster, you must first create an Azure Storage Account to use as a cloud witness, and then configure the cloud witness as a quorum witness for your cluster.
To create an Azure Storage Account, perform the following steps:
- Sign into the Azure portal.
- From the Hub menu, select New ➢ Data + Storage ➢ Storage Account.
- On the Create A Storage Account page, do the following:
a. Enter a name for your storage account. The name must be between 3 and 24 characters in length and may contain numbers and lowercase letters only. The storage account name must also be unique within Azure.
b. For Account Kind, select General Purpose. You cannot use a blob storage account for a cloud witness.
c. For Performance, select Standard. You cannot use Azure Premium Storage for a cloud witness.
d. For Replication, select Locally- Redundant Storage (LRS) or Zone-R edundant Storage (ZRS) as applicable.
When you create an Azure Storage Account, two access keys are automatically generated. They are the Primary Access key and the Secondary Access key. For a first- time creation of a cloud witness you will want to use the Primary Access key. To view your storage access keys, go to the Azure portal, navigate to your storage account, click All Settings, and then click Access Keys to view, copy, and regenerate your account access keys.
Configure Cloud Witness as a Quorum Witness
To configure a cloud witness as a quorum witness, perform the following steps:
- Launch Failover Cluster Manager.
- Right- click the cluster and choose More Actions ➢ Configure Cluster Quorum Settings.
This will start the Configure Cluster Quorum Wizard.
3. On the Select Quorum Configurations page, choose Select The Quorum Witness.
4. On the Select Quorum Witness page, select Configure A Cloud Witness.
5. On the Configure Cloud Witness page, enter the following information (as shown in Figure 13.23):
a. Azure Storage Account Name (Required).
b. Access Key corresponding to the Storage Account (Required).
c. If you plan on using a different Azure service endpoint (for example, the Microsoft Azure service in China), then update the endpoint server name (Optional).
6. Once the cloud witness has been successfully configured, you can view the newly created witness resource in the Failover Cluster Manager snap- in.