Less than two months ago, we posted an article by Microsoft MVP Gary Olsen on the topic of domain controller virtualization. The article was actually a follow-up to something he wrote way back in 2006, where he pondered if virtualizing DCs was really a good idea.
At the time of the first article (which predates Hyper-V), questions about I/O bottlenecks, security and even Microsoft’s questionable support of DC virtualization made the whole concept seem somewhat dicey. The recommendation was that while it was possible (Microsoft did have “how to” documentation, after all), virtual domain controllers should really only be implemented on a limited, non-critical basis.
Obviously, virtualization is a lot more popular today than it was back then, and continued technological advances have made it arguably the driving force in today’s IT market. So of course everyone is all together when it comes to virtualizing DCs now, right? Wrong.
I was reading a thread recently on the subject, and the debate is as heated as ever before. People were basically falling into three camps:
Those who think domain controller virtualization is a great idea. (Not good, mind you, great.) The one opinion these folks seem to share is the importance of following the recommended best practices to a T. Not virtualizing all of your DCs and leaving some physical is also a common suggestion, though not something everyone finds necessary. (I believe Microsoft recommends two physical DCs per domain.)
These are the people who simply say, “Thanks, but no thanks.” Questions involving security, backups and high availability abound, or the planning/configuration process is too much.
The last camp is made up of people who are all for domain controller virtualization, but can’t seem to agree on the right way to do it:
“Don’t keep all your virtual DCs on the same host machine!”
“No way that defeats the whole point!”
“Don’t virtualize FSMO roles!”
“Why the heck not?”
You get the idea. One thing that’s clear is that DC virtualization is getting more popular. But while those who have done it successfully appear set to never look back, others remain reluctant to take the plunge.
What are your thoughts on domain controller virtualization? Do you fall in the pros or the cons camp? Share your thoughts in the comment section below.