Deploy a Cloud Witness in Azure national clouds

Category: Azure   Category: FailoverCluster   Category: WindowsServer

Deploying a Cloud Witness for Windows Server Failover Clusters is a great quorum option. However, if storage account which is to be used as the Cloud Witness is in a national cloud, the the Create Cluster Quorum Wizard and PowerShell cmdlets may not work. Fortunately the CIM method used by wizard and PowerShell cmdlets allow us to successfully create the Cloud Witness.

Assumptions

  • The commands are executed on a cluster node which will use the Cloud Witness
  • The Az.Accounts module is installed
  1. Get the cluster service

     $cluster = Get-CimInstance -Namespace root/MSCluster -ClassName MSCluster_ClusterService
    
  2. Get the storage endpoint URL for the desired cloud

     $endpoint = Get-AzEnvironment -Name AzureUSGovernment | Select-Object -ExpandProperty StorageEndpointSuffix
    
  3. Create a hashtable with the required arguments. Obtain the storage account name and access key following Manage storage account access keys.

     $createCloudWitnessArguments = @{
         AccountName = '<Storage account name>'
         AccountKey = '<key>'
         EndpointInfo = $endpoint
     }
    
  4. Call the CreateCloudWitness method

     Invoke-CimMethod -InputObject $cluster -MethodName CreateCloudWitness -Arguments $createCloudWitnessArguments
    

There you have it. I created a complete script which utilizes this method called New-CloudWitness.ps1.

Written on February 12, 2021