Skip to main content

Are other services (like MSSQL) next HyperV on the host system a normal approach? [Resolved]

First of all, I'm not very experienced with HyperV, Microsoft stuff and this could be an opinionated question. Nevertheless I wonder since I've learned about the following situation, if it's really the way to go or just nonsense.

A company is about to virtualize their infrastructure. The selected company, which should implement the virtualization, plans to do that with HyperV. I've visualized their plan:

enter image description here

In my opinion there are a few odd things about this:

  1. Is it fine to have other services like SQLServer directly on the host system and not virtualized into a container?
  2. Is the domain controller fine with being virtualized? Can the host system be in the domain, while one of it's guest is the domain controller?
  3. Is it possible that they do like this, to save license coasts?

Thank you in advance.

Question Credit: Robin
Question Reference
Asked October 10, 2018
Posted Under: Network
2 Answers

Your Hypervisor should be a Hypervisor and nothing else.

If there is an actual performance based need to keep SQL non-virtualized, then your better bet would be to get a second server to run SQL on. However, most likely if this is the entire infrastructure you can get away with virtualizing SQL, and separating the storage in Hyper-V to dedicate some to your databases so that there's nothing else on that storage competing for IO. Depending on performance requirements you may not even need to do this.

As long as you're running Hyper-V 2016, and you don't join the Hyper-V machine to the domain, there are no issues with virtualizing your DC. If you join the Hyper-V box to the domain, you may have some issues getting into the server if there is an issue with your DC VM restarting. Having a domain-joined Hyper-V host, hosting your only DC is supported with 2016, but I wouldn't do it. Regardless of what MS says these days, it's safer to keep at least one physical DC running in case there are issues with the virtual one starting that prevent you from logging into the Hyper-V box for administrative purposes.

You shouldn't put WSUS on your DC though. Domain controllers should be treated with the same specificity as hypervisors. Only run what's required on them, nothing else. In a smaller shop, running DNS/DHCP/DC on one box is very common, just isolate the DHCP service account. In a massive network, running DHCP on a separate box is a better configuration.

All of this is possible, and cheaper. With AVMA you'll simplify your activation/licensing as long as you've licensed all cores in the host. I'm assuming you're using Server 2016 Datacenter, in which case adding an additional server to do WSUS is covered by your license. Datacenter gives you unlimited virtualized environments when the whole host is licensed, so you're better to split WSUS off from your DC.

For more details on configuring DHCP see here:

For more information on best practices regarding other apps on Hyper-V see here:

For more information about AVMA see here:

credit: RobbieCrash
Answered October 10, 2018
Your Answer