Cluster Failover

(imported topic written by nberger91)

TEM guru’s !

The following Task ‘should’ identify the active resource group, then fail it over. The thinking behind this is that we can add it to a Basline as a pre-action so we can deploy security patches to first the passive node followed by the active node in a cluster. The relevance for this task is ‘True’ so we can target botht he active/passive node however there is relevance embedded in the action script to identify whether the ‘computer’ is the active and should failover. The issue i have now is the relevance (//4. Execute PowerShell with ps1 script file) in the IF statement doesnt seem to work when embedded in the action, but does if you create a retrieved property.

Can anyone identify what im doing wrong, or does anyone have a better suggestion for failowing over an active resource group as part of a patching cycle -

///============================================================================

//PowerShell Script…

//

//1. Save old ExecutionPolicy value

parameter “PolicyExisted”="{exists value “ExecutionPolicy” of key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell” of (if exists x64 registry then x64 registry else registry)}"

parameter “oldExecutionPolicy”="{if (parameter “PolicyExisted” as boolean) then (value “ExecutionPolicy” of key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell” of (if exists x64 registry then x64 registry else registry) as string) else “”}"

//2. set to ExecutionPolicy=Unrestricted and Pull PowerShell exe from registry… if 64bit then pull PowerShell x64

if {x64 of operating system}

regset64 "

http://HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell

" “ExecutionPolicy”=“Unrestricted”

parameter “PowerShellexe”="{value “Path” of key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell” of x64 registry}"

else

//we need to determine what the current execution policy is so we can put it back when we’re done.

regset "

http://HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell

" “ExecutionPolicy”=“Unrestricted”

parameter “PowerShellexe”="{value “Path” of key “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell” of registry}"

endif

//3. Create PowerShell script and save to a ps1 file

delete script.ps1

createfile until __END

Function Failover-Cluster {{

#This statement ensures the valid powershell module is loaded.

If (!(get-module -ListAvailable failoverclusters)) {{

#Write-Eventlog -LogName Microsoft-Windows-FailoverClustering/Operational -Source Microsoft-Windows-FailoverClustering -EntryType Error -EventId 3001 -Message "Please install Failover Clustering Tools under Features "

}

Else {{

Import-Module FailoverClusters

}

#Get all cluster nodes in the cluster

$Clusternodes = Get-Clusternode

Write-Host -ForegroundColor Black “Checking nodes status…”

#Check that each Node is up and running using the foreach loop at set the condition

Foreach ($node in $Clusternodes) {{

If ($node.state -eq “Up”){{

Write-Host -ForegroundColor Green “The Cluster Node $node is online”

$state = “online”

}

Else {{

$state = “offine”

Break

}

}

#Evaluate the condition from the previous foreach loop on each node. If any of the nodes are offline, the script will break.

If ($state -eq “online”) {{

Write-Host -ForegroundColor Black “Both cluster Nodes are online, proceeding with failover…”

#Pipe each cluster resource group into the move cmdlet, out-null is to stop the output to screen.

Get-ClusterGroup | Move-ClusterGroup | Out-Null

Write-Host -ForegroundColor Green “Failover process complete.”

Write-Host -ForegroundColor Black “Checking cluster resources are back online…”

#All the Cluster resources should have failed across to the other node. This block is to confirm that they are all back online.

(Get-ClusterGroup) |

Foreach {{

If ($_.State -eq “Online”) {{

Write-Host -ForegroundColor Green "$_ is back Online on node: " $_.ownernode.name

Write-EventLog -LogName Microsoft-Windows-FailoverClustering/Operational -Source Microsoft-Windows-FailoverClustering -EntryType SuccessAudit -EventId 3002 -Message “$.name has failed over successfully to $.node and is $_.state”

}

Else {{

Write-Host -ForegroundColor Red “$_ is Offline, please check status manually”

}

}

}

Else {{

Write-Host -ForegroundColor Red “The Cluster Node: $node is offline, cancelling failover…”

  1. Write-EventLog -LogName Microsoft-Windows-FailoverClustering/Operational -Source Microsoft-Windows-FailoverClustering -EntryType Error -EventId 3004 -Message “$node is not currently online, stopping the failover process”

Break

}

}

cls

Failover-Cluster

__END

move __createfile script.ps1

//4. Execute PowerShell with ps1 script file

if {(exists running service “clussvc”) AND ((it contains (computer name)) of concatenation of (string values of selects “GroupComponent from MSCluster_NodeToActiveGroup” of wmi “root\MSCluster” ))}

action uses wow64 redirection false

waithidden “{parameter “PowerShellexe”}” -file “{pathname of client folder of current site}\script.ps1” >> “{pathname of parent folder of regapp “besclient.exe”}\script.log”

action uses wow64 redirection {x64 of operating system}

endif

//5. Restore ExecutionPolicy back

if {x64 of operating system}

if {parameter “PolicyExisted” as boolean}

regset64 "

http://HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell

" “ExecutionPolicy”="{parameter “oldExecutionPolicy”}"

else

regdelete64 "

http://HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell

" “ExecutionPolicy”

endif

else

if {parameter “PolicyExisted” as boolean}

regset "

http://HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell

" “ExecutionPolicy”="{parameter “oldExecutionPolicy”}"

else

regdelete "

http://HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell

" “ExecutionPolicy”

endif

endif

//============================================================================

(imported comment written by nberger91)

Issue resoved using ‘continue if’ at the start of the action instead of ‘if endif’

(imported comment written by RawWAR)

I’ve used this script and it completes without error. However, I’m attempting to move nodes in a SQL cluster and I’m getting an access denied on the SQL nodes. I’m a custom task from the TEM server under a user that is a Domain Admin. The same Domain as the SQL clusters. I’ve also changed the service creds to match the Domain Admin I’m using as well. Still, I’m unable to move the nodes. Any suggestions?