This is simple deployment on the one highly available (clustered) VM. This is not guide for the highly available (fault-tolerant) deployment. For complex deployment please continue to the next article.
Install and configure SQL Server
Highly-available databases in AlwaysOn Available Groups
I recommend you to use the Microsoft SQL Server 2012 AlwaysOn Available Groups for every System Center products that supports it.
- Please continue to the Building Microsoft SQL Server AlwaysOn Availability Groups series to learn how to deploy cluster with AlwaysOn Availability Groups.
- Please follow the guide in the Building Microsoft SQL Server AlwaysOn Availability Groups series to learn how to make the new databases highly-available.
Highly-available VM with SQL Server
If you do not want to use SQL Server AlwaysOn Available Groups you can simply deploy a separate VM and install SQL Server. But I suggest you to use highly-available databases in AlwaysOn Available Groups even when the installed System Center product is not highly-available.
- We will install MS SQL in a default instance. In production environment you will probably need named instance.
- Install Microsoft SQL Server as usual.
- If you are keeping Firewall enabled (I recommend it even for the testing environment) then do not forgot to open TCP 1433 port.
- Now it is a good time to install the latest patches for the OS and the SQL Server. You do not have to worry about the Microsoft SQL Server Service Packs. Just check the DB requirements for the VMM and install the latest SP that is supported.
Install Microsoft Windows Assessment and Deployment Kit (Windows ADK)
Deployment Tools and Windows Preinstallation Environment (Windows PE) are prerequisites that have to be installed.
- Download Microsoft Windows Assessment and Deployment Kit (Windows ADK).
- Virtual Machine Manager have to run under defined account. I am not showing to you the real production environment but I do not want to act as you can usually see in the demos and use the Administrator account so we will create a Domain User.
- And we will set them as local administrator in the OS where the VMM should be installed.
- The user do not have to have manually permissions to the DB server because the VMM will create new DB and set this newly created identity as the DB owner.
Container in the Active Directory
If we wants to store the VMM encryption keys in the AD we need to create container for the VMM. From my point of view it is also much simpler to store the keys in the AD because in the case you replace VMM server you do not have to migrate the locally stored keys.
- Begin by creating a new object in AD using the ADSI Edit.
- The object will be a container.
- Set name as VMMDKM.
- And set Full control permissions for the Domain Admin users.
- The Full control permissions for Domain Admins are by default for the object only but it is required to inherit them also to the child items.
- After creation it is handy to copy the distinguished name because we will need them during installation.
Install Virtual Machine Manager
- All prerequisites are satisfied so now we can start with the installation.
- It is recommend to set the RAM statically but in the testing environment I need to save resources so and I set dynamic RAM. Therefore I do not worry about the warning message.
- Now it is a good time to put correct name of the instance.
- And enter the copied distinguished name. In our case it is: CN=VMMDKM,DC=ad,DC=contoso,DC=com
- We will configure the Library later so at this moment we do not have to change the settings.
- Now it is a good time to install updates. If you have management PC then do not open the console yet.
SCVMM console on the management server
It is a proper way to use management consoles from a single server or PC that is your management point. From my point of view it is not only better for the security but it is also very handy because using this approach you have all your toys (consoles) in one place.
What happened during installation?
Just for those who are interested...
- VMM created a new DB.
- DB owner is the service account that we used.
- And installer opened required ports in the Windows Firewall so unless you have separate company firewall between VMM and other servers you do not have to open any ports manually.