[21전국] 2과제 5. 장애조치 클러스터 구성

ROAD-CA, ROAD-CA2

※가상 머신에 각각 10GB 하드디스크를 3개씩 추가한다. (추가할 때 하나씩 따로따로 추가해줘야함.)

 

ROAD-CA, ROAD-CA2

※powershell 실행

Install-WindowsFeature Failover-Clustering -IncludeManagementTools

restart-computer

 

ROAD-CA

※powershell 실행

Test-Cluster -Node road-ca,road-ca2 -Include "Storage Spaces Direct"

New-Cluster -Name FAILOVER -Node road-ca,road-ca2 -NoStorage -StaticAddress 192.168.2.100

enable-ClusterS2D

New-Volume -StoragePoolFriendlyName S2D* -FriendlyName ROAD -FileSystem NTFS -UseMaximumSize

※cluadmin.msc 실행

 

※powershell 실행

Stop-Service CertSvc

mkdir C:\ClusterStorage\ROAD\CertLog

copy C:\windows\system32\CertLog\* C:\ClusterStorage\ROAD\CertLog\

※regedit 실행

 

 

 

※certsrv.msc 실행

 

+

 

 

ROAD-CA2

※서버관리자 실행

 

 

 

 

 

ROAD-CA

※cluadmin.msc 실행

 

 

 

 

※노드를 ROAD-CA로 변경

 

 

ROAD-DC2

※adsiedit.msc 실행

 

 

 

 

ROAD-CA

※powershell 실행

mkdir C:\ClusterStorage\ROAD\Cert

 

ROAD-CA, ROAD-CA2

※inetmgr 실행

 

 

ROAD-CA

※powershell 실행

Add-CACrlDistributionPoint -uri C:\ClusterStorage\ROAD\Cert\ROAD-CA.crl -PublishToServer -PublishDeltaToServer

Add-CACrlDistributionPoint -Uri http://ca.road.com/Cert/ROAD-CA.crl -AddToCertificateCdp -AddToCrlIdp

Add-CAAuthorityInformationAccess -uri http://ca.road.com/Cert/ROAD-CA.crt -AddToCertificateAia

restart-service certsvc -passthru

Get-Childitem –path Cert:\localmachine\my\

※위에서 확인한 ROAD-CA 인증서의 지문을 사용

Export-Certificate -Cert Cert:\LocalMachine\My\E6980338F5E5CD55452AC253504079784E8E9878 -FilePath C:\ClusterStorage\ROAD\Cert\ROAD-CA.crt

certutil –crl

 

ROAD-DC

※powershell 실행

repadmin /syncall /Aed

Restart-Service dns -PassThru

※dnsmgmt.msc 실행 후, ca와 FAILOVER A레코드가 업데이트된 것을 확인하고, 진행