Skip to main content
G
greggmh123
Participating Frequently
July 10, 2011
Question

Installing CF 9 on a Server 2008 R2 domain controller?

  • July 10, 2011
  • 1 reply
  • 2543 views

Hello!

I provide IT support for a small company. They have two OLD servers, and the one running ColdFusion MX7 is being replaced with an HP ML350 G6 that has 6GB memory (expandable if needed), RAID 1 300GB 15K SAS 6Gbps drives, and a single Quad-core Xeon E5506 CPU.

I have nothing to do with the CF stuff. Per their CF developer, CF9 is not supposed to be installed on a DC, and Adobe's reasoning is "Do not configure the server running ColdFusion as a Primary Domain Controller (PDC) or Backup Domain Controller (BDC). Adobe follows the Microsoft network model, in which the first level is the PDC or BDC. These systems only manage the network or domain and are not designed to run application servers. ColdFusion should reside on the second level of Microsoft Windows stand-alone systems. Stand-alone servers can participate in a network or domain."


However, most IT techs know that millions of small networks have DCs with LOB apps on them. I wonder if Adobe has an actual technical reason for their view, or if they are stuck with 1990s-era thinking when a DC could only handle one role.


I am thinking more along the lines of “will a function of CF9 not work properly” if it’s on a DC. I know the hardware can handle the DC load for the client's four workstations. Right now, it only uses 1.7GB of the 6GB memory (which is expandable anyway), and it is using less than 5% of the Quad-core Xeon E5506 CPU. Drives are 15K RPM SAS 6Gbps, barely being touched.


So, other than (in my opinion) the old-school "don't run anything else on a DC" thinking, is there an actual technical problem with having CF9 running on a Server 2008 R2 DC with the listed hardware?


Thank you for your opinions!


Gregg Hill

This topic has been closed for replies.

1 reply

C
carl type3
Legend
July 10, 2011

Hi Gregg,

In my opinion CF9 will install and you will not loose any particular functionality when installed on AD role server. I have a personal preference not to install CF on a Windows AD box however sounds like with 4 users on the domain in your case the overhead load on server is light.

You may do well to add webserver role and features before installing CF9.

HTH, Carl.

G
greggmh123Author
Participating Frequently
July 10, 2011

Carl,

Thank you for the response. It already has IIS running for the Trend Micro WFBS antivirus server and console, so that is good to go, and it has the WatchGuard log server on it for the firewall. All of that running, and it barely touches the resources of the hardware.

The more I think about it, the less I think it being a DC is an issue, at least from a hardware standpoint. Really, how much work does a DC do on a small domain? Not much! Think about SBS servers: they have the AD role, Exchange, SharePoint, and often an LOB app, and they run perfectly.

I prefer two-server networks and a domain for ease of management and better security, but we may have to make do with what we have on hand. No money right now for a second server!

What is your opinion of a virtualized CF 9 server? Their developer did not like the idea. I'm just curious.

Gregg Hill

Owainnorth
Owainnorth
Inspiring
July 11, 2011

Hi Gregg,

I tend to find if a site is running virtual (VM or hyper-V) well for other applications (Exchange, ISA etc) then CF on their virtual structure should be just fine. If they run “metal” for everything and want to install CF on virtual then more as likely issues will be encountered. I have a personal preference for metal.

HTH, Carl.


I don't believe there's any technical reason why it won't install, it's just a Java application. Certainly the hardware is more than up to it, as you say AD boxes tend to be separate purely for sandboxing purposes rather than performance ones, most of them sit there doing nothing all day, with all config stored in RAM.

I suspect it's purely a security issue. If someone hacks your site, they have read access to pretty much everything on your AD controller, which is generally considered a bad thing. For that reason, I'd think carefully about it.

What I'd do (and this links nicely onto your Virtualisation question) - is virtualise the lot. I work for a hosting company (by no means the cheap-end) and all our new shared servers are virtualised. The limitations within CF all tend to be to do with heap sizes, running hundreds of sites on one CF box (which is certainly possible, it's how our older servers are configured) is absolutely fine, but it only takes one customer with a dodgy loop or hung thread to bring the box down. Increasing heap sizes can fix some problems, but CF then slows down trying to manage that much memory.

What we do now is to have one high-spec physical box. Install VMware ESXi on it, and create four or five virtual machines. The same number of customers are then on the same physical box, but are spread across several CF installs. Everyone gets better performance, and not once (touch wood) has it come back to bite us in the ass.

You could then install your AD box, CF box, SQL servers (if you wanted to) as individual virtual machines on the same hardware. You get all the security benefits for zero extra cost.

The idea of not even considering virtualisation is a foolish one, and generally (although there are exceptions) running one install per physical box is becoming increasingly wasteful, on both resource and finance.

Virtualisation FTW, as they say...

Terms & ConditionsAccessibility statement
Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices