This is my 75 minutes "highlights" presentation on what's new in WS2012 R2. It's not all encompassing - intended just to get across the key points of the core OS. It followed a "Cloud OS" keynote and preceded a "System Center hybrid cloud" presentation.
2. About Aidan Finn
• Technical Sales Lead at MicroWarehouse (Dublin)
• Working in IT since 1996
• MVP (Virtual Machine)
• Experienced with Windows Server/Desktop, System
Center, virtualisation, and IT infrastructure
• @joe_elway
• http://www.aidanfinn.com
• http://www.petri.co.il/author/aidan-finn
• Published author/contributor of several books
6. Active Directory Improvements
• None to speak of in the traditional sense
• Honestly, most of you are still on W2003 FL AD
• There‘s lots of new stuff in WS2012 AD
• Microsoft‘s efforts went into enabling BYOD
7. Today‘s Challenges
Users
Users expect to
be able to work
in any location
and have access
to all their work
resources.
Devices
The explosion of
devices is eroding
the standardsbased approach to
corporate IT.
Apps
Deploying and
managing
applications
across platforms
is difficult.
Data
Users need to be
productive while
maintaining
compliance and
reducing risk.
8. Empwering People-Centric IT
Enable users
Allow users to work on
the devices of their
choice and provide
consistent access to
corporate resources.
Users
Devices
Apps
Management. Access. Protection.
Data
Unify your
environment
Deliver a unified
application and device
management onpremises and in the
cloud.
Protect your data
Help protect corporate
information and
manage risk.
9. Self-Registration of Devices
Users can enroll devices which configure
the device for management with Windows
Intune. The user can then use the
Company Portal for easy access to
corporate applications
Users can register BYO
devices for single sign-on and
access to corporate data with
Workplace Join. As part of
this, a certificate is installed
on the device
IT can publish access to corporate resources with the
Web Application Proxy based on device awareness
and the users identity. Multi-factor authentication can
be used through Windows Azure Multi-Factor
Authentication integration with Active Directory
Federation Services.
Data from Windows Intune is sync
with Configuration Manager which
provides unified management
across both on-premises and in the
cloud
As part of the registration process, a
new device record is created in
Active Directory, establishing a link
between the user and their device
10. Enabling Application Access
Users can enroll devices for
access to the Company Portal for
easy access to corporate
applications
IT can publish Desktop
Virtualization (VDI) for
access to centralized
resources
Users can work from
anywhere on their
device with access to
their corporate
resources.
IT can publish access to
resources with the Web
Application Proxy based
on device awareness and
the users identity
Users can register
devices for single signon and access to
corporate data with
Workplace Join
IT can provide seamless
corporate access with
DirectAccess and
automatic VPN
connections.
11. Single-Sign On Options
User provided devices are “unknown”
and IT has no control. Partial access
may be provided to corporate
information.
Browser session single
sign-on
Seamless 2-Factor Auth
for web apps
Enterprise apps single
sign-on
Desktop Single Sign-On
Registered devices are “known”
and device authentication allows
IT to provide conditional access to
corporate information
Domain joined computers are
under the full control of IT and
can be provided with complete
access to corporate information
13. NIC Teaming in WS2012
• Built-in and supported NIC teaming added in WS2012
• Up to 32 NIC (physical) of different manufacturers in a single team
• 2 vNICs in a single team in a guest OS
• LBFO
• Load balancing: bandwidth aggregation
• Failover: automatic NIC fault tolerance
• 2 load distribution modes
• Address Hashing
• Normally used for non-VM networking
• Spreads data across physical NICs based on destination address/port hashing
• Hyper-V Port
• Normally used when connecting a virtual switch
• Limits a VM’s NIC to bandwidth of a single physical NIC
14. Dynamic Load Balancing
• New load balancing algorithm in
WS2012 R2
• Think of it as the best of:
• Hyper-V Port
• Address Hashing
• Uses “flowlets” to hash outbound
data streams across physical NICs in
the host’s team
• Inbound traffic “affinitized” to a
single physical NIC (still can failover)
• Default load balancing algorithm
• Microsoft STRONGLY
recommending that we use this
type
Virtual
adapters
Team network
adapter
Team network
adapter
18. Hyper-V VMs Are Enterprise Ready
• WS2012 Maximum virtual machine scalability:
•
•
•
•
64 virtual processors
1 TB RAM
256 * 64 TB VHDX files
VM aware NUMA
• We can truly deploy huge services in Hyper-V VMs
• But what about the networking?
• Can we push huge workloads into those VMs?
• Back to basics … before we solve the problem
19. Virtual RSS (vRSS)
• Added in WS2012 R2
• RSS provides extra processing capacity for inbound traffic to a
physical server
• Using virtual processors beyond CPU 0
• vRSS does the same thing in the guest OS of a VMM
• Allows inbound networking to VMM to scale out
• Requires VMs with > 1 virtual processors
• DVMQ must be enabled on physical NIC(s) used by virtual switch
• Enable RSS in the advanced NIC properties in the VM’s guest OS
22. SMB 3.0
• Server Message Block (SMB):
• Old protocol
• Use for client/server file sharing
• Reinvented for WS2012:
• Called SMB 2.2 in preview & beta
• Renamed to SMB 3.0 in RC & RTM
• Designed to rival and beat legacy protocols for applications
accessing networked storage:
• iSCSI
• Fiber Channel
• SMB 3.0 is Microsoft’s enterprise data protocol
23. What Made SMB 3.0 So Good?
• SMB Multichannel
•
•
•
•
Make the most of 1 or more NICs
Auto detection, unlike MPIO
Used by cluster Redirected IO
Use SMB Multichannel Constraints to control NIC
selection
• SMB Direct
• Lots of bandwidth = lots of H/W interrupts = high
CPU utilisation
• Remote Direct Memory Access (RDMA) capable NICs
(rNICs)
• Reduce CPU usage, improve performance
• Increase scalability of file servers N/W
• New SMB workloads:
• IIS
• SQL Server
• Hyper-V over SMB
24. Changes to SMB 3.0 in WS2012 R2
• Technically it’s SMB 3.02 but still called SMB 3.0
• Improved performance for small I/O workloads
• Improved error messages
• You can uninstall SMB 1.0 (used by Windows XP and
W2003)
• New -SmbDelegation PowerShell cmdlets in the AD
Module for easier share delegation to hosts (no
reboots!)
• There is more to WS2012 R2 SMB 3.0 …
26. Reminder: Storage Spaces
• An alternative to hardware RAID
• This is not Windows RAID of the past
• All that was good for was head wrecking exam questions
• Storage Spaces added in WS2012
• Does what SANs do but with JBODs
• SAS attached “dumb” just-a-bunch-of-disks trays
• Special category in the Window Server HCL
• Aggregate disks into Storage Pools
• Can be used as shared storage for a cluster
• Create fault tolerant virtual disks that span the pool’s disks
• Simple, 2-way mirror, 3-way mirror, parity
• Storage pools can span more than one JBOD
28. Storage Spaces Hardware
• A “dumb” JBOD tray
• Trays can be daisy chained - adds:
• Disk capacity
• Tray fault tolerance (min 3 trays)
• Requires:
• Dual channel SAS
• SCSI Enclosure Services (SES) 1.2 or
later
• There is a WHQL (HCL) category for
supported hardware:
• http://tinyurl.com/StorageSpacesHCL
29. Storage Spaces Improvements
• Tiered Storage Spaces
• Mix 1 tier of SSD with 1 tier of HDD
• Create virtual disks with X GB in SSD tier and Y GB in HDD
tier
• Pin entire files to SSD tier, e.g. VDI template
• Auto scheduled (1am by default) re-tiering of 1 MB slices
• Write-Back Cache
• Leverage SSD tier as persistent write cache to absorb
activity spikes
• Just 1 GB of SSD required per virtual disk (LUN)
• Improves peak performance of Hyper-V and SQL Server
(write-through)
32. Reminder: Scale-Out File Server
(SOFS)
• Software-defined storage
• Place 2-8 cluster nodes in front of cluster supported storage
• SAS/iSCSI/FC/FCoE SANs, PCI RAID, JBOD + clustered Storage Spaces
• Create Cluster Shared Volumes (CSVs) on storage
• Active/active cluster file system
• Create File Server for Application Data role on cluster (the SOFS)
• Active/active
• Create file shares on SOFS, stored on CSVs
• Permission to servers (Hyper-V) and administrators
• Store data (virtual machines on file shares)
• Share physical storage via shared folders and SMB 3.0
• Less LUN management
• Easier provisioning
• Faster performance via SMB 3.0
33. Possible Hyper-V Over SMB 3.0 Design
Host
VM
vNIC
SOFS Node
VM
vNIC
SMB 3.0 Storage
(Constrained)
Mangement OS
Cluster
Cluster
Live Migration
SMB 3.0 Storage
(Constrained)
vSwitch QoS
(VLAN 10) 10.0.10.10
NIC Team
DCB QoS
rNIC
172.16.1.52
(RSS, DCB)
pNIC
pNIC
(dVMQ)
(dVMQ)
rNIC
rNIC
172.16.1.11
(RSS, DCB)
Storage Network 2 (DCB)
DCB / OS Packet
Schedule QoS
NIC Team
pNIC
pNIC
172.16.1.12
(RSS, DCB)
Server/VM Networks
Storage Network 1 (DCB)
(VLAN 10)
10.0.10.1
DCB QoS
rNIC
172.16.1.51
(RSS, DCB)
Mangement
Server Network
Storage Network 1 (DCB)
Storage Network 2 (DCB)
38. SOFS Improvements
• Larger CSV Cache Percentage:
• Up from max of 20% of RAM on WS2012 to 80%
• CSV Load Balancing:
• Automatic for best load distribution
• SMB Client redirected to SMB Server that also owns
the CSV (less cluster Redirected IO)
• Dedicated SMB Server for:
• CSV operations
• SMB client connections
40. Generation 2 Virtual Machines
• Legacy free
• UEFI based
•
•
•
•
Many emulated devices removed
Boots from virtual SCSI or synthetic network adapters
Enables UEFI secure boot standard
PXE boot from synthetic NIC
• Supported guest operating systems:
• 64-bit versions of Windows 8 and Windows Server 2012
• 64-bit versions of Windows 8.1 and Windows Server 2012 R2
• And yes, System Center 2012 R2 (GA) can manage
Generation 2 VMs
• Learn much more at http://tinyurl.com/Gen2VM
41. Enhanced Session Mode
• RemoteFX (Remote Desktop) via VMBus
• Full remote desktop capabilities
• Shared clipboard
• Audio redirection
• Enhanced login
• and more….
• Works even when the VM’s network is down
• Integrated into Hyper-V Management experience
• Disabled by default in WS2012 R2 Hyper-V host settings
• Requires Windows 8.1/WS2012 R2 guest OS
43. Automatic VM Activation (AVMA)
• Zero touch activation of virtual machines
• Virtual machines automatically activated according
to the hosting environment
• Reduces configuration for hosters / enterprises
• Install AVMA product key when creating template VM
using SLMGR
• Create VM template
• Deploy VMs from that template
• Requires:
• Host: Activated WS2012 R2 Datacenter edition
• Guest OS: WS2012 R2 Datacenter/Standard/Essentials
45. Faster Live Migration
• Compression
• Makes the most of existing network/hardware investment
• Uses spare CPU cycles – CPU monitored by Hyper-V
• Over 2x improvement in live migration time
• Enabled by default
• SMB
• For 10 GbE or faster networks
• Make the most of network investment for SMB 3.0
• Converged networks
• Enables high-speed & low impact live migrations
• Uses SMB Multichannel to leverage multiple interfaces
• Uses SMB Direct to minimise impact on hosts’ CPUs
46. Converging SMB 3.0
Cluster (W=10)
iWARP rNIC
(RSS, DCB)
Backup (W=20)
• VirtualMachine: Hyper-V over SMB
storage traffic
• LiveMigration: Live Migration over SMB
traffic
• Default: All other types of SMB traffic
• Set-SmbBandwidthLimit -Category
LiveMigration -BytesPerSecond 4GB
Management OS
SMB Direct (W=70)
• A few will install dedicated 10 Gbps or
faster networks for Live Migration
• Most will converge Live Migration &
storage
• Traditional QoS just sees SMB 3.0 so how
do you guarantee bandwidth to storage
AND Live Migration
• Add-WindowsFeature FS-SMBBW
• Set-SmbBandwidthLimit
SMB
Multichannel
Constraint
10 Gbps Switch1
(VLAN 201, DCB)
Management
(VLAN 101, W=50)
NIC Team
(Dynamic)
iWARP rNIC
(RSS, DCB)
10 Gbps Switch1
(VLAN 202, DCB)
1 Gbps NIC
1 Gbps Switch1
(Trunk Port)
1 Gbps NIC
1 Gbps Switch2
(Trunk Port)
48. Online VHDX Resize
• Increase and decrease the size of virtual hard disks
• While the virtual machine is running!!!
• Requires:
• VHDX
• Attached to VM’s SCSI controller
• Tips:
• Always put data into dedicated VHDX, e.g. D: drive
• When using Hyper-V Replica, place VM’s paging file into
dedicated VHDX for selective replication
49. Storage QoS
• Control IOPS of individual virtual hard disks
• Enables constant SLA delivery
• Dynamically configurable while the virtual machine
is running
• Can restrict disk throughput for overactive /
disruptive virtual machines
50. Shared VHDX Guest Clustering
Guest Clustering with commodity storage
Cluster Shared Volumes (CSV)
on block storage
Scale-Out File Server
for file based storage
Sharing VHDX files provides shared storage for
Hyper-V Failover Clustering
Guest
Clustering
Maintains separation between infrastructure
and tenants
VM presented a shared virtual SAS disk
Appears as shared SAS disk to VM
Virtual SAS
VHDX
Block Storage
VHDX
File Based Storage
51. Live Virtual Machine Export/Clone
• While the virtual machine is running:
• Export a complete copy – including memory state
• Export any snapshot of a virtual machine
• Useful for diagnostics, pre-testing upgrades, etc
• Without impacting production services
52. Improved Features For Linux Guest OS
• Continued investment in Hyper-V Linux Integration Services
• Built into the Linux distributions
• Dynamic Memory
• Same features as Windows guests
• Live VM Backup
• File system consistent
•
•
•
•
•
•
Linux video driver
Online VHDX resize
Kdump/kexec
Linux Specification of Memory Mapped I/O (MMIO) gap
Linux Non-Maskable Interrupt (NMI)
Note: Oracle Linux & software now supported on Hyper-V & Azure
• Not true of certain other “enterprise” virtualization products!
54. Hyper-V Replica
• Most popular feature of WS2012 Hyper-V
• Lots of feedback
• Finer Grained Interval controls:
• Choose between asynchronous replication intervals
• 30 seconds (“near synchronous”)
• 5 minutes (as in WS2012)
• 15 minutes
• Extended Replication
• Replicate from Site A to Site B
• Extend replication from Site B to Site C
• It is not A-B & A-C
• Improved historical copy maintenance in replica site
• Up to 24 copies/hours
• More IO efficient
• Support for injecting alternative IP into Linux guests
55. Failover Clustering
• Always add a witness disk/file share
• Dynamic Witness
• Vote manipulated to get quorum if witness fails
• Configurable GUM Mode:
• All nodes must receive and process an update before it is committed to avoid
inconsistencies on Hyper-V enabled clusters
• Hyper-V Cluster Heartbeat
• Increased to avoid needless VM failover due to brief cluster network glitch
• Protected Networks
• Live migrate VMs if physical LAN connection fails
• CSV
• Auto-rebalancing across cluster nodes
• ReFS support (for archive data) - Up to 64 TB volumes with no CHKDSK
56. Summary
• Listening to customers and refining features
• Finally we have a path forward for BYOD that isn’t based on
remote desktops
• Networking is improving capacities and fault tolerance
• See Damian’s session for Software Defined Networking & Hybrid
Cloud
• Cost/TB of storage has been reduced without sacrificing
performance or availability
• Maintaining/increasing virtual machine up-time is always a
priority
• Innovating in virtualization