Just upgraded from Symantec Antivirus v10 to Symantec Endpoint Protection v11.0.6100.645 (on the first node in a four-node Microsoft cluster).
Also installed Microsoft security updates on that node (first of four updates in planned maintenance sequence). This is an active/active/active/active 4-node file and print Windows Server 2003 R2 Enterprise Edition (32bit) Microsoft Cluster. Now have had at least one cluster service failure. Trying to determine if the Symantec or Microsoft updates and failure are related.
Here is a list of Microsoft patches applied: KB2481109 KB2485663 KB2508429 KB2506212 KB2506223 KB2511455 KB2503658 KB2507618 KB2510531 KB2412687 KB2509553 KB2508272 KB2497640 KB2492386 KB2524375.
After normal restarts and normal cluster service startup, I moved a workload from one of the other nodes. Four days later the cluster service failed and caused workload to failover to one of the other other nodes:
Event Type: Error
Event Source: ClusNet
Event Category: None
Event ID: 1118
Date: 5/14/2011
Time: 4:04:22 AM
User: N/A
Computer: FPNODE01C
Description:
Cluster service was terminated as requested by Node 2.
Event Type: Warning
Event Source: Ftdisk
Event Category: Disk
Event ID: 57
Date: 5/14/2011
Time: 4:04:23 AM
User: N/A
Computer: FPNODE01C
Description:
The system failed to flush data to the transaction log. Corruption may occur.
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7031
Date: 5/14/2011
Time: 4:04:23 AM
User: N/A
Computer: FPNODE01C
Description:
The Cluster Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Is anyone else having trouble with these new Ms patches or Symantec SEP v11?
I know, I changed 2 variables, so now not sure which (if either) are source of problem. D'oh! :) Any help appreciated anyway. Please pardon my cross-posting on Microsoft Cluster support forums. Thank you.