Need some server related advice

[Ericarthurc]

Hey, hope everyone reading this is doing well! So a little quick background I am a IT systems admin for a small business and private elementary school. I inherited a lot of IT related problems, mostly networking issues. Everything is all smooth and running well for the last year! Learned a ton this year! Been fun! Okay enough of me! 

 

I made a custom built server; running a ryzen 1700 (16 thread) and 16gb of ddr4. I have windows server 2016 running as the main OS with a couple ubuntu server Virtual Machines running a custom DNS server and a openVPN server. I was wondering if it was a good idea to switch the vm os and the main os. So I am considering running linux on the server and then running windows server in a vm. The reason why is due to windows server being ridiculously slow in most aspects of everything. A simple restart can be a pain in the butt hole. The windows server runs an active directory domain and some gpos (group polices) for the school. 

 

It was just a thought I had today... I am kinda asking if that a horrible idea or if its a good idea and maybe some reasons for both.

[tt2468]

Yeah I personally do not see hyper-v as a production hypervisor. It is outdated in so many ways.

 

You should check out proxmox. I've been using it for almost 2 years now in the datacenter and it's been great. It's got a debian base and runs kvm or containers. Really awesome IMO. It will run windows server just fine and has its own web management interface that is used for taking care of everything.

[Ericarthurc]

3 minutes ago, tt2468 said:

Yeah I personally do not see hyper-v as a production hypervisor. It is outdated in so many ways.

 

You should check out proxmox. I've been using it for almost 2 years now in the datacenter and it's been great. It's got a debian base and runs kvm or containers. Really awesome IMO. It will run windows server just fine and has its own web management interface that is used for taking care of everything.

Thanks for the advice; I will look into it!

[Blake]

2 hours ago, Ericarthurc said:

Hey, hope everyone reading this is doing well! So a little quick background I am a IT systems admin for a small business and private elementary school. I inherited a lot of IT related problems, mostly networking issues. Everything is all smooth and running well for the last year! Learned a ton this year! Been fun! Okay enough of me! 

 

I made a custom built server; running a ryzen 1700 (16 thread) and 16gb of ddr4. I have windows server 2016 running as the main OS with a couple ubuntu server Virtual Machines running a custom DNS server and a openVPN server. I was wondering if it was a good idea to switch the vm os and the main os. So I am considering running linux on the server and then running windows server in a vm. The reason why is due to windows server being ridiculously slow in most aspects of everything. A simple restart can be a pain in the butt hole. The windows server runs an active directory domain and some gpos (group polices) for the school. 

 

It was just a thought I had today... I am kinda asking if that a horrible idea or if its a good idea and maybe some reasons for both.

Okay, here is what you do:

1. Get an actual OEM to supply the server (unless your IT budget is lower then your weekly wage, you can get this sorted and get a 4hr support contract). Get more RAM.

2. Get a 2nd physical server.

3. Don't use Windows 2016 as a hyper-v server, they have a free product called Hyper-V server 2016, look now you can run 2x windows server VM's on the system.

4. Install windows server 2016 as a vm, have the AD stuff do just that. AD. Nothing else.

5. Do the same thing to 2nd server, and spin up another DC.

6. Spin up other vms as needed.

7. get 3rd and 4th server to act as san/shared storage.

8. move vhd files to 3rd server

9. now configure reduncancy settings to auto migrate in the event of a failed server.

 

You can replace Hyper-v with ESXi or KVM or Proxmox, but they'll all be slow if you don't configure them correctly.

Try doing every windows server install as a core install, I'm surprised at how many "System Administrators" are just glorified "professional next clickers"

 

I'd also hazard a guess that your performance issues are going to be surrounding poor AD tuning (i.e. having the sysvol on the c:\ etc etc, and having ~1000+ clients doing logins at the same time)

 

[Ericarthurc]

2 hours ago, Blake said:

Okay, here is what you do:

1. Get an actual OEM to supply the server (unless your IT budget is lower then your weekly wage, you can get this sorted and get a 4hr support contract). Get more RAM.

2. Get a 2nd physical server.

3. Don't use Windows 2016 as a hyper-v server, they have a free product called Hyper-V server 2016, look now you can run 2x windows server VM's on the system.

4. Install windows server 2016 as a vm, have the AD stuff do just that. AD. Nothing else.

5. Do the same thing to 2nd server, and spin up another DC.

6. Spin up other vms as needed.

7. get 3rd and 4th server to act as san/shared storage.

8. move vhd files to 3rd server

9. now configure reduncancy settings to auto migrate in the event of a failed server.

 

You can replace Hyper-v with ESXi or KVM or Proxmox, but they'll all be slow if you don't configure them correctly.

Try doing every windows server install as a core install, I'm surprised at how many "System Administrators" are just glorified "professional next clickers"

 

I'd also hazard a guess that your performance issues are going to be surrounding poor AD tuning (i.e. having the sysvol on the c:\ etc etc, and having ~1000+ clients doing logins at the same time)

 

Haha I mean that's a great plan, great info. But I work for a non-profit, my yearly IT budget is less than 10k. But I mean thanks is for the info Question though, why should I pay for an OEM server?

And my client base is more like 50 people. 

[Blake]

1 hour ago, Ericarthurc said:

Haha I mean that's a great plan, great info. But I work for a non-profit, my yearly IT budget is less than 10k. But I mean thanks is for the info Question though, why should I pay for an OEM server?

And my client base is more like 50 people. 

The support contract is the number 1 reason. You get that call at 2am that your DC is dead, you call [vendor of choice] and they'll be there within 4 hours starting to replace hardware.

 

 

[GDRRiley]

33 minutes ago, Blake said:

The support contract is the number 1 reason. You get that call at 2am that your DC is dead, you call [vendor of choice] and they'll be there within 4 hours starting to replace hardware.

 

 

true but at under 10K that just 1 server with 4 hour replacement. 

[leadeater]

6 hours ago, Ericarthurc said:

I made a custom built server; running a ryzen 1700 (16 thread) and 16gb of ddr4. I have windows server 2016 running as the main OS with a couple ubuntu server Virtual Machines running a custom DNS server and a openVPN server. I was wondering if it was a good idea to switch the vm os and the main os. So I am considering running linux on the server and then running windows server in a vm. The reason why is due to windows server being ridiculously slow in most aspects of everything. A simple restart can be a pain in the butt hole. The windows server runs an active directory domain and some gpos (group polices) for the school. 

I've never seen Windows Server/Hyper-V as the actual reason a VM is performing badly, not that Hyper-V is my preferred hypervisor choice but it's equally good as all the others.

 

You also shouldn't be running the Hyper-V role together with the Domain Controller role, this is just a really bad idea. Use Windows Hyper-V server since that is free and virtualize the DC. One of the reasons you're getting bad performance is because when you install the DC role and promote it to a DC it enforces network level encryption among other things so this has a direct impact on hosted VM performance.

 

Nothing should ever be run on the hypervisor OS unless it is directly hypervisor related, this is true for all of them.

 

1 hour ago, Ericarthurc said:

Haha I mean that's a great plan, great info. But I work for a non-profit, my yearly IT budget is less than 10k. But I mean thanks is for the info Question though, why should I pay for an OEM server?

And my client base is more like 50 people. 

If money is an issue I'd advise buying used servers and using new HDDs in them over buying desktop/workstation computers to use as servers, you'll also get way more for you money.

 

Also non-profits and schools get special Microsoft licensing, in my country Windows Server licenses (actually almost all Microsoft server products) are free for schools and by free I man free/unlimited/go ham/VMs for everyone!

[leadeater]

2 minutes ago, GDRRiley said:

true but at under 10K that just 1 server with 4 hour replacement. 

Apply for a grant from a charitable trust, only schools I've seen that have issues replacing/buying things like servers are the ones that don't know they can get access to the money if they really need it.

 

Schools here generally have really good networks and servers, high end stuff too. I can understand the non-profit having issues but the school shouldn't be a problem.

[GDRRiley]

Just now, leadeater said:

Schools here generally have really good networks and servers, high end stuff too. I can understand the non-profit having issues but the school shouldn't be a problem.

not mine. running 2010 mac pros for mutimedia, Imacs for computer labs. and mac 2010 servers, my 2 mutimedia servers just gave up.

[leadeater]

2 minutes ago, GDRRiley said:

not mine. running 2010 mac pros for mutimedia, Imacs for computer labs. and mac 2010 servers, my 2 mutimedia servers just gave up.

[Insert Mac joke] 

 

Standard setup here for a high school with 800-1500 students is 2 or 3 Lenovo x3650 M5 with 64GB or 128GB RAM, Lenovo V3700 storage array, FortiGate 600D, stacked core switch with 10Gb to all servers and network cabs, 6 to 12 bay NAS for backups, redundant UPSs, Veeam Backup and Replication, Aruba or Ruckus wireless controller and a Mac mini server if the school has Macs.

 

As schools get smaller they eventually drop down to just a single server with local disk and a backup NAS, bigger schools just add more x3650's as required.

 

It wasn't that long ago that all school networks were trash though, it's just that schools and the boards that run them eventually started taking IT seriously and allocated the required funding.