Recovering Windows Server 2012 with Hyper-V role into a VM ?

I am about to set up a server for a small office with about 10 people. Will be Windows Server 2012 running as DC, DHCP, DNS, file and print server, WSUS, and should host about 2 vms (one of them Kerio mail server probably on linux). Nice Hardware HP Proliant ML 350p, a lot of nice disks.

Considering whether to  
(A) set it up as Hyper-V server with the actual 2012 server (DC+everything) in a VM
(B) take a traditional approach by installing 2012 on the physical machine and adding the Hyper-V role only for the mail server and 2nd vm,  
Desaster recovery is one of the things to compare for the two choices.
Assuming I am backing up the server to a NAS box (second-stage to RDX as off-site backup) for instance using Acronis ABR11.5. In the event of a complete hardware failure, I would like to be able to run the server in a VM on a powerful Windows 8.1 workstation PC for a few days.

Now I find myself with the following question regarding case (B):
(I guess (A) is simple, I basically need to convert the server backup image from Acronis TIB into a hyper-v VM, which Acronis B+R is supposed to handle, just need to check for 2012.)
(B) is tricky: Given that a Windows 2012 server with the hyper-V role installed internally is in fact a hyper-v server that is running one special VM containing the original 2012 server (cmiiw), I wonder what would happen - or what should happen - if I try to run this server in a VM — or whether this can work at all?
From what I understand, the backup image will contain the hyper-V host as well as the 2012 server OS, since both reside on the same file system (cmiiw). But to run it on the workstation (which has its own hyper-v), I guess I would need to "extract" only the 2012 VM, otherwise I would get a hyper-V instance running inside the windows 8 hyper-V instance, wouldn't I? This looks a bit frightening, or, say, weird to me....

Is this a realistic scenario at all?

Or should I better forget about (B) completely and go for (A)?
But I am reluctant to choose (A) because it will be the only server on this site, and I am not sure if it is a clever idea to not have the Windows OS in case of any trouble with the hyper-V host.... besides the fact that my backup software would then need to run inside the VM, initiating backup of up its parent hypervisor, which looks weird to me...
prowsaIT ConsultantAsked:
Who is Participating?
Eddie-LopezConnect With a Mentor Commented:
No no... On my above scenarios those are VMs, not physical servers. In scenario 1 the servers listed from 1 to 4 are all virtual inside your current Hyper-V host, so you only have 1 physical server if you do this (but you will need an additional Windows Server License, since you have 3 Windows VMs and Standard edition only allows for 2 Windows VMs).

On my second scenario, servers listed 1 to 3 are also virtual running from your current Hyper-V host, but the DC/DNS/DHCP server is a second, not necessarily with a lot of resources, physical server. So in this second scenario you will only need your current physical server and a second smaller physical server (and as in scenario 1 you will need an additional OS license, for your second small server).

Both scenarios are with Windows Server 2012 Standard Edition, not Hyper-V Server 2012. You could use Hyper-V Server as well, since in both scenarios you are using your Hyper-V host just for that (serving VMs), but from a licensing point of view using Windows Server is more convenient.

And as you mentioned you can definitely run your DC as a VM (as in my first scenario). But for many people it is a virtualization best practice to run at least their primary DC on a separated physical server since if you have Hyper-V issues and your VMs don't work, you will also have DC/DNS/DHCP issues that will make things even worse (having all eggs in one basket kind of thing...). But you can do it either way and it should work just fine.
Cliff GaliherCommented:
The answer is simple. NEVER collocate Hyper-V with other roles. Or put another way, always have other roles in one or more VMs, never on the hyper-v physical installation.

If that means you can't p2v, then do a traditional migration. Stand up a new VM, join the domain, make it a DC, and let it replicate AD. Sysasmins have been migrating DNS, Ad, and DHCP for longer than virtualization was ever mainstream. So there is plenty of knowledge, tutorials, and assistance on the web to draw from.

But it is worth doing the setup right the first time, even if it is more work. Don't cut corners.
Hi there,

As stated above, it is not recommended to use your Hyper-V host for anything else (DC, Exchange, web server, etc.). You can, however, add these other roles on VMs running on your host. Assuming you have Standard Edition, you may add up to 4 Windows VMs to your host with no liscense costs. Based on your needs I would do a DC/DNS VM, WSUS VM, File/Print Server VM, DHCP Server VM, and mail server VM (which won't count on the 4 VMs limit since it's Linux).

Also having everything virtual will make your disaster recovery a lot easier. All you have to backup is your VMs and in case of a failure you can restore your VMs on any Windows Server 2012 and up or Windows 8 and up with the Hyper-V role installed.

Hope this helps.
Cliff GaliherCommented:
With 2012, standard allows two VMs, not 4. 4 VMs were allowed with the enterprise edition in the 2008 era,  but that edition was not continued in 2012 versions.
You're absolutely right, got a little confused there... doing like 3 things at once. :)

Then I would suggest one of these scenarios:

Scenario 1

2- File/Print Server
3 - WSUS
4 - Mail Server

Scenario 2

1 - File/Print Server
2 - WSUS
3 - Mail Server

Find an additional box for your DC/DNS/DHCP to be installed as a physical server. It does not have to be anything fancy, any server from a reliable brand from the las 4-5 years with at least 72GB disks, 64-Bit CPUs, 4GB RAM and Gigabit Ethernet should work just fine. That way you also have your primary (and only) Domain Controller installed physically, which is a virtualization best practice after all.

Notice that on both scenarios you will need an additional Windows Server license.

And if I understand correctly your disaster recovery plan, you want to run your Hyper-V host on a Virtual Machine?... If so, no, you can't do that... On Hyper-V you can't run a virtual environment inside another virtual environment. You can, however, backup your VMs and restore them in another Hyper-V host, as stated in my previous post.
prowsaIT ConsultantAuthor Commented:
Hi, and thank you for sharing your knowledge!

I am not sure you got me right - I am wondering about a disaster scenario, in which case I would not have a domain to join nor be able to replicate AD.

Sure, a plain Hyper-V server with nothing else is very clean and would greatly simplify disaster recovery. Do you really mean install it as a Hyper-V Server, or as a Windows Server with Hyper-V role? (See my bottom-most paragraph regarding my doubts for the Hyper-V server.)
Are you sure I really need so many machines? For these 10 people, I am currently running all of that happily on one 7-year-old machine with Server 2003.
I am not so convinced yet about increasing complexity and introducing another single point of failure by adding a second server, plus the license costs (also for backup sw) and maintenance effort (backup, ups config etc, and power consumption for almost no load). Granted, this solution would have the benefit that people could at least access the internet in case the main server is down.

My original question was about the interim solution in case of disaster in scenario (B), how can I restore my 2012 server (without its Hyper-V host) into a VM? I dont want to create a vm inside a vm — my question was how to *avoid* that in the said case. :-)
Or is it just not possible?

For a similar single-machine scenario (in a branch office), a book on Hyper-V 2012 assumes a Windows 2012 server installation with Hyper-V role, and (as you say) keeping everything (except perhaps backup) away from the Hyper-V host. But that means putting the DC in a vm (no problem since 2012, according to MS) – but would you do this in a single server scenario? Thats why (B) seemed like a useful compromise to me.
The only question being what happens in my disaster scenario...
Cliff GaliherConnect With a Mentor Commented:
You made the question overly complex, and even your in-depth explanation didn't clear it up. I think you are overthinking things honestly...

If you plan on virtualizing at all, go ahead. Just install Windows Server with the Hyper-V role (and *no* other roles!) and install your VMs. In a single server environment, do not join the host to the domain. Leave it as a workgroup.

Then back up your VMs using your backup provider of choice. This requires careful planning and is *way* beyond the scope of an EE question. When 600+ page books have been written on the subject, even for the small business space (disaster recovery for dummies, for example), you can understand why.

Now, if your host crashes, you can install Hyper-V on a new machine, and simply restore the VMs.  No problem since the old host wasn't joined to the domain.  And if just one VM crashes, restore it to the existing host. Again, no problem.

The whole VM within a VM thing is moot, as Hyper-V doesn't support such a configuration, and forcing it opens all sorts of data corruption doors.

Does that better answer your question?
prowsaIT ConsultantAuthor Commented:
Thanks again,

I like to overthink and then gladly settle on a simpler solution, than underestimate sth. ;-)
I needed a longer intro to describe my scenario until I could start with the actual question in the 3rd paragraph. Anyway, from the answers I got I now understand that what I was asking (B) was probably unusual because it would not be wise to create such a setup.
(Again, I never wanted to create a VM-inside-VM setup - instead my question was about how to avoid that from happening in my disaster scenario in case of (B).)

However, the answers you both provided are indeed very helpful, and I will accept both your solutions.

thanks, sorry, I thought that your paragraph below scenario 2 was meant for both, 1 and 2, instead of only for 2.
Then, I think I will go with a solution very similar to your scenario 1 by putting 2+3 in one VM. If I understand correctly, the host does not count, so I should be ok with one license then, and I still have a dedicated DC/DNS/DHCP VM.

Thanks to you both!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.