2011
09.28

It has happened.  Amazon has launched the new Android-based Kindle reader and it is called the Kindle Fire.

Already this $199 (wow!) tablet is making waves.  That’s because Amazon already has a huge library of content available.  This one device release puts Android in a position to compete with the iPad – despite some hype, none of the other offerings have counted for much.  Amazon’s tablet is different because it leverages a very successful database of content and Kindle brand.

The machine is small at 7 inches and 1024 * 600 pixels (making it a nice high res for the size).  They’re going primarily for the reading or mobile audience.  It has just 8 GB of storage (“That’s enough for 80 apps, plus either 10 movies or 800 songs or 6,000 books”) but that’s a lot of books, and probably enough space for movies/apps for most users.  Not everyone has a gigantic library of apps.  But it is supplemented by Amazon Cloud Storage.  The battery should be good for 7.5 hours of playback with a 4 hour charge time.  And yes, it has USB 2.0 and Wi-Fi (no 3G). 

I bet the Kindle Fire is a winner by one minute to midnight on Black Friday (the first day of Christmas shopping in the USA after Thanksgiving).  It’s cheap, it’s got a huge library of content to sell, it’s based on a known and liked brand name (Kindle), and did I mention that it is cheap?  So cheap, that Amazon might just be selling it at a $50 loss … just to get you to buy it and lots of content!

2011
09.28

It seems like some people have started to write tech guides for Windows 8 already.  Me being an avid blogger, you’d expect to see me at it too.  Not yet.  And here’s why.

What we have now is a Developer Preview.  It isn’t even a beta.  We know squat about how things work under the hood.  We know even less about best practice.  Heck, the product is buggy (as one should expect at this stage of the development and test cycle) and probably isn’t feature complete or locked.

If I write something on Windows 8 then I want to give you as much valid information as possible.  My SEO (by no skill or knowledge) is not bad so when I write a doc or a guide, it tends to score well on the search engines.  That means the content sticks around and is referenced.  Therefore I will be waiting a while until we have a more complete product, we do know more about how things work, and we have figured out some best practices.

Until then, have fun playing with the pre-beta release, but be aware than the Server Core group are still hard at work and are still listening to feedback.  Things will change and so will your plans.

2011
09.24

With the coming changes in Windows Server 2012 (WS2012), I thought I’d take a few minutes to explain the difference between HA and Live Migration.

High Availability (HA)

HA is when we make a virtual machine highly available by placing it on a cluster of hosts, e.g. a group of Hyper-V hosts in a Windows Server Failover Cluster, or a group of ESXi hosts in a vSphere cluster.  If a host has a failure VM can be failed over to a different host.  This means that an automated system provides better levels of availability than you get with non-clustered hosts.  Typically, the failed host has crashed or powered down, and the VM is booted up on a different host.

Live Migration (aka VMotion)

Live Migration is a system where a running virtual machine can be moved from host A to host B with zero downtime.  It is different from HA because it is more proactive than a failover operation.  For example, Live Migration will be used by an administrator to move a VM from one host, that is going to have some maintenance operation, to another host with spare capacity.

Windows Server 2012

I have brought up this topic because in Hyper-V, Live Migration and HA went hand in hand, because they both required a Hyper-V cluster.  That’s changing.

In Windows Server 2012 the tie between Live Migration and Failover Clustering has been broken.  All you will need to do Live Migration is a 1 Gbps network, meaning you can live migrate a VM between two non-clustered hosts, between clusters, and of course, between clustered hosts.

As you now know, Live Migration is not high availability.  I’m sure the tech media is going to confuse things – in fact, I believe they already are Smile If you want your virtualised workloads to be independent of hardware/host fault then you must still install a Hyper-V cluster … and don’t forget that Windows guests need appropriate clustering (you can move a MSFT license from one hardware to another once every 90 days so you really should license hosts).  If you work in a small/medium business, then don’t fret – Windows Server 2012 doesn’t require that expensive SAN any more – have a look at my previous posts on Storage Pools where you can now store HA VMs on active/active clustered file shares using cheaper JBOD.

Don’t get me wrong; Live Migration without clustering is an excellent addition.  Many choose not to do HA because they cost of downtime is less than the cost of HA for some applications.  They will like the agility and mobility they’ll now get with zero downtime.

2011
09.19

THIS EVENT IS FOR MICROSOFT PARTNERS ONLY

I will be speaking at a series of events next week on behalf of my employers, MicroWarehouse Ltd (a Microsoft Value Added Distributor).  Anyone who works for a Microsoft partner is welcome to attend (no cost).  Each event (Dublin, Belfast, Galway and Cork) will be aimed at the technical audience: so that’ll be field engineers, consultants, IT architects and, technical sales. 

The first part of the session is aimed at getting the best from Hyper-V.  It’s based on best practices, things I’ve learned from Microsoft and other MVPs, and common mistakes I’m encountering in the field.  That’ll be about 2 hours of “level 400” in-the-guts deep tech.  The second part of the session will be 1 hour, looking at The Great Big Hyper-V survey.  In that we’ll look at what people are doing with Hyper-V and System Center, now and in 2012, comparing/contrasting with best practices (from the first part of the session), and maybe more Smile

And who knows, maybe I’ll have my Windows 8 slate PC there and I might be able to answer some questions about Windows Server 8 Hyper-V if I’m asked Smile All the details are below:

THIS EVENT IS FOR MICROSOFT PARTNERS ONLY

MWH Logo

Call us now on 01 616 0400 or events@mwh.ie


Header

Learn how to improve your Hyper-V deployments with resident MicroWarehouse MVP, Aidan Finn. During his presentation Aidan will cover:

  • How to improve your Hyper-V Deployments: This level 400 technical presentation will contain information about how to design and deploy Hyper-V while avoiding some common issues and maximising performance.
  • The Great Big Hyper-V Survey of 2011: Learn how other organisations are deploying Hyper-V, System Center, and security including analysis of the information, how people could improve their deployments and looking to the future of Hyper-V and System Center in 2012.

 

When & Where All events 9am – 1pm.

Monday 26/09/2011

MicroWarehouse, Dublin

Tuesday 27/09/2011

The Fitzwilliam Hotel, Belfast

Thursday 29/09/2011

The G Hotel, Galway

Friday 30/09/2011

Rochestown Park Hotel, Cork

 

About Aidan Finn

 

 

Aidan Finn (Hyper-V MVP) of MicroWarehouse   has been working with Hyper-V since it was a beta on Windows Server 2008.  He has 15 years’ experience working in IT infrastructure, specialising in Windows Server, desktop deployment and management, System Center, and virtualisation.  Aidan Finn is the author of Mastering Hyper-V Deployment (Sybex 2010), and a contributing author of Mastering Windows 7 Deployment (Sybex 2011) and Mastering Windows Server 2008 R2 (Sybex 2010).

 

 

 

 

 

MicroWarehouse | 13 Heaney Avenue | Park West | Dublin 12
t: +353 (0)1 616 0400 | f: +353 (0)1 623 2800 | www.mwh.ie |sales@mwh.ie

MicroWarehouse sends out news and offers to keep you aware of new products, promotions and margin opportunities. If you no longer wish to receive any of these emails please forgive the intrusion and click here to unsubscribe.

THIS EVENT IS FOR MICROSOFT PARTNERS ONLY

2011
09.18

When I got off my plane from Anaheim in Chicago, I went to the nearest power station to recharge my devices for the next leg to Dublin.  I noticed something interesting; my Windows 8 (Developer Preview release) slate PC booted up much faster than my 10 month old iPhone 4.  I wondered how that would compare with my iPad (1).  One of the perks of the iPad has been quick access to the device when I needed it.  It seemed like I needed to do a comparison test.

The first thing I did was test the cold boot times of both devices.

 

It seems like the Windows 8 slate, now taking advantage of UEFI hardware, is faster at cold booting than the iPad.

Most of the time, these portable devices are carried around in a sleep state.  Next I decided to test a warm wakeup. 

It seems to me that Microsoft has managed to knock down that criticism of Windows.

Technorati Tags:
2011
09.17

Please forgive me while I take off my tinfoil (aluminium) hat; the aliens have taken a break from trying to read my thoughts.

I previously stated that I believed that Windows 8 would release before July 2012 because of how Microsoft’s financial year works (think EA Sports game titles) and their fear of the number 13.

Mary-Jo Foley and Paul Thurrot stated on Windows Weekly that they think an early RTM is coming – we have the developer preview, there will be 1 beta and 1 RC before RTM, and they think Microsoft is aiming to have GA for the lucrative back-to-school timeframe in August/September.

Microsoft won’t do an RTM without a big event to go along with it.  It just so happens that TechEd Europe is moving back to Amsterdam and Summer in 2012.  To be precise, it will be held on the week of June 25th, 2012.  That allows Microsoft to call the server product “Windows Server 2012”, and it allows them time to start the OEM build up for August and September.  I’d expect actual launch events in early September.

OK, that’s done and I can hear the aliens, it’s time to don my protective cover once again.

Technorati Tags:
2011
09.16

It’s Friday afternoon in Anaheim USA, I’m sitting in my hotel room (jetlagged), and it’s that time of the week when I have to look back on what’s happened.  First thing’s first; how well did Build Windows go?

The Event

I thought the event was excellent.  There was a little bit of drama by some people about the lack of an agenda before the event.  We knew that “Build Windows” was going to be about Windows 8.  And we also knew that Microsoft wanted to keep as much of the Windows 8 announcements for this week to maximise their impact on the media.  I think that worked … kind of.  I didn’t see the 6 o’clock news, where I’d expect to see a certain California based appliance company be mentioned on one of their launch days.  But just about everyone I met of the 5,000 delegates seemed pretty excited. 

I thought the venue was good, the event was well organised, food/drink was good, the crew managed to get 5,000 people fed without much in the way of queuing, and I can’t complain about getting a UK£999 device with Windows 8 developer preview preloaded on it. 

The Sessions

The two keynotes were well thought out.  Everyone I talked to thought that Steven Sinofsky did a good job.  To be honest, I didn’t notice the time go by.

Most of the speakers knew what they were presenting on.  Was the content level 400?  No – but I wouldn’t expect that here; this was a place to kick things off.  At ask the experts, two of the presenters gave me a good bit of time to answer my questions.

I had a small bit of concern that there wouldn’t be much in the way of content for an IT Pro like myself.  As it turned out, sessions for IT pros were in the minority (as expected for this event) but there were more sessions than I could attend.  I’ll be downloading some to watch on my slate PC on the way home.

What Stood Out?

I don’t believe that Microsoft mentioned that Windows Server 8 is optimised for the cloud.  They should have because it is Winking smile 

I have said over and over that the Hyper-V group listen to feedback like no other, and we got further proof of that this week:

  • NIC teaming by Windows is a reality
  • Snapshot merge is done while the VM is online
  • Hyper-V on the client, with support for wifi and host power settings

And let’s not forget the innovation:

  • Hyper-V replica
  • Hyper-v extended switch
  • Network virtualisation
  • Live migration without Failover Clustering
  • Virtual fibre channel HBA
  • All sorts of offloading
  • VHDX for up to 16 TB of virtual hard disk with metadata
  • A new VDI story on preventing the disk storm
  • Using file shares for VM storage
  • … and on, and on, and on.

If day 2 seemed to be the private cloud/Hyper-V day, then day 3 was the storage and failover clustering day.  It is no secret that I hate Redirected IO and what it does to the backup and CSV design story in Hyper-V.  That has been changed because we now have direct IO during CSV backup.  That’s all I needed to hear to make me happy.  But no, we found out that storage would never be the same again with a new feature called Storage Pools, in which we could create highly available and scalable Storage Spaces.  Combined with 10 GbE, NIC teaming, offloading, and RDMA, and SMB 2.2, we get very fast storage on file shares!!!  It’s simple, it’s cheap, it makes clustering possible for the small business, and it makes storage more flexible for the large enterprise.  Believe it or not, but the thing I most want to try out now is to create one of these active/active clustered file shares on a Storage Spaces located CSV – that’s a mouthful Smile

What’s Next?

The developer preview release is an early pre-beta release aimed at the software developers and hardware manufacturers.  It gives them a chance to start getting their products ready in time for RTM, if not earlier – it would be best to test on RC so a final product is ready on RTM day.  But that isn’t stopping us IT pros from starting to learn.

We can expect Microsoft to start revealing more information.  We IT pros actually learned very little of the new OS this week.  We heard nothing of Active Directory, security and identity, “better together”, OS deployment, and so on.  There isn’t a TechEd Europe this November/December so I guess most of the announcements will either be online, at some other event (that I don’t know of). 

My money is on some kind of event/announcement in January/February 2012 where the complete feature set is detailed. 

ARM devices were on display behind secure Perspex cases at Build.  There is no public ARM build of Windows 8 so that will have to wait.

Until then, we finally have something to install, dig into, and learn about, and isn’t that what the Build event was all about in the end?

Technorati Tags: ,
2011
09.16

Speakers are Gene Chellis and Cristian Teodorescu

A file server NAS could be a fine appliance for SQL Server or Hyper-V file storage.  This is the last of the sessions in the storage track.

Why is NAS Relevant?

  • Customers like them according to sales figures. Sales rising steeply for last 2 year and into future, whereas file servers sales growing slowly now and in future (after 2 years of big drop)
  • Simple deployment (appliance)
  • Supports virtualisation and private cloud
  • Storage optimized hardware

Requirements of NAS

  • Support heterogeneous environments: Windows/Unix and File/Block
  • Support multiple workloads: client and server
  • Designed for end-to-end storage performance
  • Designed for continuous availability
  • Integrated software/hardware/packaging (appliance)
  • Simplified setup, configuration, and management (appliance experience)

New for Unified Storage on Windows Server 8

  • iSCSI target continuous availability
  • NFS v3 server continuous availability
  • NFS 4.1 server

End-to-End Storage Performance

Requirements vary by workload.  Some OEMs have not considered that and sometimes have a bottleneck that prevents high end-end performance.

Long demo of a virtualised pre-packaged NAS/cluster appliance with lots of wizards to set it up.

Technorati Tags: ,
2011
09.16

The speaker is Brian Dewey of Microsoft.

If you came to this post because it is about Hyper-V, then I really urge you to read the other “Building Continuously …” session notes that I have taken.  They all build to this session (it was a track of sessions).

Continuously available:software and hardware are designed to support transparent failover without service or data loss.

Continuous Availability Improvements

Live Migration: Move a VM with zero downtime.  Now we can LM VMs inside of clusters as well as between clusters. 

Live Storage Migration: Move the VM storage with no downtime between hosts.  First the VHDs and config files are copied from one location to another (while the VM is running).  IO is mirrored to both locations – stays in that state while LM of the VM state happens.  Once we’re in sync, the VM starts running on the destination location with just I/O running over there.  If there’s a failure in the workflow, nothing is lost and the VM resumes on the source location.  More flexibility for maintenance, host migrations, etc.

Guest clustering: now high end storage customers can use virtual fibre channel HBAs to create failover clusters using VMs.  This allows a legacy service running in the VM to become highly available so a VMs OS can be maintained or fail with no service downtime.

Hyper-V Replica: Maintain a warm standby disaster recovery site with asynchronous replication.  At high level, configure any running VM to replicate to a remote host.  Perform an initial replication of all content.  Once that’s done, Hyper-V tracks changes to the VM.  The changes are shipped on a scheduled bases to the remote location to update it.  This is optimised for high latency WAN and DR.  Initial replication can be huge so it can be done out of band using USB drive.  Loose coupling of source and destination: use certificates to replicate to a Hyper-V host in a different AD forest or company, e.g. hosting company.  It’s “warm standby” because the administrator initiates the failover – might be one for PSH or System Center Orchestrator to bring up lots of VMs in specific order.

Consolidation Magnifies the Effect of Failure

Virtualisation puts more eggs in one basket: fewer servers and less storage systems.

How to Build the Right Solution with Hyper-V?

Continuously available Hyper-V systems require shared storage.  W2008 R2 requires SAN.  Windows 8 now adds Remote File Servers, Storage Spaces, and Clustered PCI RAID to the mix. 

VHDX

  • Supports up to 16 TB, which all but eliminates need to use inflexible passthrough disk for scalability
  • Aligns to megabyte boundaries for large sector disk performance
  • Customers can embed meta data in VHDs – server applications likely to do this.
  • VHDX will be the default format going forward.  Does not support anything earlier than Windows 8 developer preview release.

Offloads

  • ODX: offline data transfer where SAN does copy work directly instead of involving slower server.  See previous notes on ODX token. Note that ODX makes creation of VHDX happen more quickly, so ODX is more than just data transfer.
  • Trim: freed up space in a disk can be returned to the storage system – thin provisioning.

Demo:

Creates a large VHDX and it is created in a few seconds.  It is not dynamic.  It is a fully allocated, zeroed out disk.  ODX makes this possible. 

Hyper-V and SMB

We now know that file share storage of VMs is now supported.  You get Live Migration and planned/unplanned failover.  Can cluster the file server for HA and scalability.  Cross-cluster LM requires remote file shares, even if only transient.  Requirements:

  • SMB 2.2
  • Remote VSS for host based backup

Storage Spaces

See previous notes.  It provides thin provisioning and resiliency.  Mirror and parity spaces deliver resilience to physical storage failures.

PCI RAID

Resiliency to node failure as LUN is switched to the failover node.  Resiliency to disk failure through RAID.

Continuously Available Networking

NIC teaming is in the box for network path fault tolerance.  NIC teaming works in the root and in the guest VM (2 NICs, connecting to 2 virtual switches, each on different pNICs).

Scalable Networking

Get concurrent live migrations with 10 GbE.  Hyper-V can use RDMA in the parent partition for efficient file access.  Hyper-V hosts can use network offloads.  Hyper-V can utilise SR-IOV on capable NICs to optimize VM networking. 

Note: SR-IOV bypasses the virtual switch, so any extensions or configurations you’d have on a virtual switch are no longer applicable.

Note: I’m sure Cisco’s extension offers a SR-IOV option.

Modern Server Hardware

  • Going from up to 64 logical processors to up to 160 LPs.
  • Physical NUMA topology projected into the guest.  Big issue with more than a few vCPUs in a guest on multi-CPU hosts.
  • Fault containment: H/W memory errors confined to the affected virtual machine.  This is a feature of some modern processor.  If an error happens in pRAM that is only used by a VM, then only that VM needs to shut down. 

Jose Barreto comes up to do a demo.  Two hosts.  1 Ethernet and 1 Infiniband NIC.  1 of each switch type connecting to 2 file servers – 1 Ethernet and 1 Infiniband each on the front end.  Each file server has 2 SAS HBAs meshed to 2 JBODs.

The Hyper-V hosts use \<cluster-name> to access VM files on the file share, not \<server-name>.  The file servers are using storage pools.  Instead of IQN or WWN, we grant permission to the file shares to the Hyper-V hosts’ computer accounts.  The cluster has no cluster storage: all file shares.  In the HA VM properties, you can see the VHDX is stored in \<cluster-name>VMFolder.  That share is in a volume that is in a Storage Space.  He’s pumping 2.6 Gbps of data throughput to the VHDX from within the VM. Using high speed NICs and RDMA with multiple connections. 

Next up: a demo of a transparent failover of the file share on the clustered file servers.  This is while huge throughput is happening.  We get a drop in IO because it is being cached.  The cluster witness tells the client to redirect after the failover so there is no timeout, cache purges, and IO continues as normal with no loss.

2011
09.16

It was announced this week at Build Windows that IE10 in the Windows 8 Metro UI would not support any plugins.  The goal is to eliminate common performance and security flaws, e.g. Adobe Flash in being increasingly viewed (at least by me) as a vulnerable attack vector that doesn’t get updated quite as well as it should.  This ban effects Flash, ActiveX, etc.

Note: IE10 via the desktop does still support plugins.

I paid little attention to this story until last night when a couple of developers I was spending time with expressed how they felt.  They were not happy; not one little bit.  One of them had made great investment in a SaaS cloud product that was based on one or more plugins.  Their work, if nothing changes with IE10 for Metro, will have been for naught because they will have to convert everything to HTML5.  I don’t know what the toolset is like so I am not sure about how easy/difficult such a porting operation would be.

This morning I was lucky to sit down for breakfast with two other developers who I had met the previous morning at breakfast.  I asked them what they thought.  Firstly, they hadn’t heard the news.  They made some very interesting points:

  • Apple users have lived without Flash and other plugins for years.  OK, Apple users are a little different because they “do what they have done told by the turtle-necked one”, and they are used to not having access to all of the possibilities we PC users have had for 20 years.
  • Developers and users might not have such a bad reaction if they are educated about they why’s and how’s of plugin removal.  Yes, there will be a vocal minority, but Microsoft has to have the toolset and education available to win them back.
  • A critical plugin is ActiveX.  It apparently will not be compiled for ARM.  The same is probably true of lots of other plugins that are used in personal and commercial apps.  If true application universality across x86, x64, and ARM is to happen then there has to be a common denominator.  That is HTML5.

I’m sure this one will boil up slowly over the coming 6-12 months.  Maybe when launch happens, Metro UI will be ignored because of this, and users will focus on IE10 for the desktop.  Maybe legacy business apps that use God-knows-what will be an issue – let’s remember that IE6 is still widely used on XP because of them!

Technorati Tags: ,
2011
09.16

In Windows 2008/R2 Hyper-V, a virtual network was the term that was used to describe the switch that connected a physical network card to the port of a VM’s virtual network adapter.  That has changed in Windows Server 8; it is now referred to as a virtual switch, or to be more precise, the extensible virtual switch.

Why extensible?  Microsoft has made it possible for 3rd party software developers to plug into the switch and add more functionality.  One such example is Cisco, who have developed a solution.  To put it simply, using extensions, you can extend your Cisco network into  Hyper-V networking.  I heard about it on Twitter, and then I heard that Cisco had a booth at Build Windows so I went to talk to them, and got a demo.

Wait a moment: I have had the next question twice when working with senior Cisco network engineers.  I asked Cisco the question, and their eyes rolled; they’d heard this question non-stop since opening the booth Smile  How will virtual switches, to be precise, Cisco virtual switches deal with spanning tree?  The answer was that “they will break the loop” so there should be no problem.

The core advantage for customers that do this is that they can use a single management solution and skill set to manage all of networking.  In the demo, I was shown how everything about the virtual switch in the Cisco command line console was very similar, if not identical, to managing a physical switch. 

Additionally you get the power and configurability of Cisco networking.  For example, in a GUI, you could create Port policies to dictate:

  • What a port could talk to
  • What protocol it could use
  • Etc

You assigned a policy to the port and suddenly it was filtering – but this was all done using Cisco tools that network admins already know.  Another integration was VLAN support for ports.

Pretty powerful stuff!

2011
09.16

If you asked me, any Hyper-V expert, or Microsoft that question about Windows Server 2008 R2 then it was easy: either 4 or 6 (or 8 or 10 with NIC teaming) depending if you used iSCSI (2 NICs with MPIO) or not.  Ask that question with Windows Server 8 and the answer is … it depends.

You do have several roles that need to be serviced with network connections:

  • Parent
  • Cluster/Storage
  • Live Migration
  • Hyper-V Extensible Switch (note that what we called virtual network is now virtual switch – a virtual network is an abstraction or virtualisation now.  This is probably serviced by 2 NICs with NIC teaming (by Windows)

How this connections are physically presented to the network really does depend on the hardware in your server, whether you need physical fabric isolation or not (trend is to fabric convergence to reduce physical fabrics complexity and cost), and whether you want to enable NIC teaming or not.

Here’s a converged example from yesterday’s Build Windows sessions that uses fault tolerant 10 GbE NICs (teamed by Windows Server 8). 

image

All of the networking functions all have port connections into the Hyper-V Extensible Switch.  The switch is bound to two 10 GbE network adapters in the host server.  NIC teaming provides network path fault tolerance (in my experience a switch is more likely to die than a NIC now).  QoS ensures that each connection gets the necessary bandwidth – I reckon the minimum bandwidth option is probably best here because it provides a service guarantee and allows burst when capacity is available.  Port ACLs can be used to control what a connection can connect to – to provide network isolation.

The reason that MSFT highlighted this example is because it is a common hardware configuration now.  If you buy HP blades, you can do some of this now with their Flex10 solution.  Microsoft are recommending 10 GbE for future proofing, and you can use 2 NICs and physical switch ports with NIC teaming and network fault tolerance, instead of using 10 NICs and 10 switch ports for the 1 GbE alternative!

A lot of examples were shown.  This one goes down a more traditional route with physical isolation:

image

Most servers come with 4 * 1 GbE NICs by default.  You could take the above example, and use just 1 * 1 GbE NIC for the Hyper-V Extensible switch if budget was an issue, but you’d lose NIC teaming.  You could add NIC teaming to that example by adding another 1 GbE NIC (now giving a total of 5 * 1 GBe NICs).

The answer to the “how many NICs” question is, fortunately and unfortunately, a consultants answer: it depends.

2011
09.16

Today was storage day at Build for me.  I attended 1.5 Hyper-V networking sessions and filled out the rest of the day with clustering and storage (which are pretty much one and the same now).  The highlights:

  • CSV backup in Windows Server 8 does not use Redirected I/O
  • The storage vendors were warned to increase the size of their iSCSI 3 tables (much bigger cluster support now from Microsoft, and more opportunity to use the SAN)
  • Storage Pool and File Share Clustering … well let me dig deeper ….

image

Investing in a virtualisation cluster is a pricey deal, for anyone because of the cost of SAS/iSCSI/FC SANs.  Even a start kit with just a few TB of disk will be the biggest investment in IT that most small/medium businesses will ever make.  And it requires a bunch of new skills, management systems, and procedures.   The operations of LUN deployment can slow down a cloud’s ability to respond to business demands.

Microsoft obviously recognised this several years ago and started working on Storage Pools and Spaces.  The idea here is that you can take a JBOD (just a bunch of disks, which can be internal or DAS) or disks on an existing SAN, and create a storage pool.  That is an aggregation of disks.  You can have many of these for isolation of storage class, administrative delegation, and so on.  From the pool, you create Storage Spaces.  These are VHDX files AFAIK on the disk, and they can be mounted as volumes by servers.

In this new style of Hyper-V cluster design, you can create a highly available File Server cluster with transparent failover.  That means failover is instant, thanks to a Witness (informs the server connecting to the cluster if a node fails and to connect to an alternative).  For something like Hyper-V, you can set your cluster up with active-active clustering of the file shares, and this uses CSV (CSV is no longer just for storing Hyper-V VMs).  The connecting clients (which are servers) can be load balanced using PowerShell scripting (could be a scheduled task).

Note: active/passive file share clustering (not using CSV) is recommended when there are lots of little files, when implementing end user file shares, and when there is a lot of file metadata activity.

Now you can create a Hyper-V cluster which uses the UNC paths of the file share cluster to store VMs.

This is all made possible by native NIC teaming, SMB 2.2, RDMA, and offloading technologies.

The result is actually a much cheaper storage solution than you could get with a starter kit SAN, and probably would include much more storage space.  It is more flexible, and more economic.  One of the examples we were shown had the file server cluster also hosting other shares for SQL Server files and end user file shares.

Brian Ehlert (@BrianEh) said it best: file servers are now cool.

Asymmetric Hyper-V Cluster

Elden Christensen briefly mentioned this one in his talk and I asked him about it at Ask The Experts.  The idea is that you take the above design, but only a single Windows cluster is used.  It is used to cluster the VMs and to cluster the file share(s).  This flattens the infrastructure, reduces the number of servers, and thus reduces the cost.  This one would be of great interest to small and medium businesses, as well as corporate branch offices.

Self Healing CSV

Myself and Didier van Hoye (@workinghardinit) once had a chat about sizing of CSV.  He brought up the point that no one wanted to take a CSV offline for a weekend to chkdsk a multi-terabye CSV volume.  True!

Microsoft have now implemented this solution in Windows Server 8:

  • Every 60 seconds, the health of the CSV volume is assessed.
  • If a fault is found, Windows will target that fault for a fix.
  • Windows will dismount the volume, and start caching VM write activity.
  • With the CSV offline, Windows will start fixing the fault.  It has an 8 second window.
  • If the fault is fixed the volume is brought back online and the storage activity cache is pushed out.
  • If the fault is not fixed, the volume is brought back online, and Windows will take a later 8 second break at continuing to fix the fault.  Eventually the fault is fixed with a one or more 8 second cumulative attempts.

VDI Changes

It seems like the VDI management/broker architecture will be getting much simpler.  We’re also getting some performance boosts to deal with the 9am disk storm.  Pooled VMs will be based on a single VHD.  Each created pooled VM will actually be a differencing disk.  When a pooled VM is booted up on a host, a differencing disk is created and cached on the host.  The disk is stored on an SSD in the host.  Because it’s a differencing disk, it should be tiny, holding probably no more than the user’s state.  Using local high IOPS SSD massively improves performance over accessing AVHDs on the SAN, and takes care of the 9am storage storm.

2011
09.15

The speakers are Jim Pinkerton and Claus Jorgensen

Topic is on using SMB for remote storage of application files. Servers access their files on UNC file paths. Example: VM VHDs, SQL Server database and log files. Easier to provision and manage shares than LUNs. More flexible with dynamic serer relocation. No need for specialised hardware/netwok knowledge or infrastructure. LOWER cost.

Basic idea of architecture: some shared stord (e.g. Storage Spaces), file server cluster with shares, Hyper-V cluster hosts, SQL, or other servers store files on those shares.

Transparent Failover
In W2008 R2 a failover is not transparent. There is brief downtime to take down, move over, bring up the clustered service or role. 99% uptime at best

Failover in W8 is transparent to the server application. Supported planned and unplanned failovers, e.g. maintenance, failures, and load balancing. Requires Windows Failover Cluste, and both server and client must be running Windows Server 8. All operations, not just IO, must be continuous and transparent – transparent for file and directory operations.

This means we can have an application cluster that places data on a back end file server cluster. Both can scale independently.

Changes to Windows Server 8 to make transparent failover possible:
- New protocol: SMB 2.2
- SMB 2.2 Client (redirector): client operation replay, end-to-end for replay of idempotent and non-idempotent operations
- SMB 2.2 Server: support for network stte persistence, singles share spans multiple nodes (active/active shares – wonder if this is made possible by CSV?), files are always opened write-through.
- Resume Key – used to failover to: resume handle state after planned or unplanned failover, fence handle state information, mask some NTFS issues. This fences file locks.
- Witness protocol: enables faster unplanned failover because clients do not wait for timeouts, enables dynamic reallocation of load (nice!). Witness tells the client that a node is offline and tells it to redirect.

SMB2 Transparent Failover Semantics:
Server side: state persistence until the client reconnects. Example: delete a file. The file is opened, a flag is set to delete on close, and you close the file -> it’s deleted. Now you try to delete the file on a clustered file share. A planned failover happens. The node closes the file and it deletes. But after reconnect the client tries to close the file to delete it but its gone. This sort of circumstance is handled.

In Hyper-V world, we have “surprise failover” where a faulty VM can be failed over. The files are locked on file share by original node with the fence. A new API takes care of this.

SMB2 Scale Out
In W2008 R2 we have active-pasive clustered file shares. That means a share is only ever active on 1 node, so its not scalable. Windows Server 8 has scale out via active-active shares. The share can be active on all nodes. Targeted for server/server applications like SQL Server and Hyper-V. Not aimed at client/server applications like Office. We also get fewer IP addresses and DNS names. We only need one logical file server with a single file system namespace (no drive letter limitations), and no cluster disk resources to manage.

We now have a new file server type called File Server For Scale-Out Application Data. That’s the active/active type. Does not support NFS and certain role sevices such as FSRM or DFS Replication. The File Server for General Use is the active/passive one for client/server, but it also supports transparent failover.

VSS for WIndows Server 8 File Shares
Application consistent shadow copyof server application data that is stored on Windows Server 8 file shares. Bckup agent on the application server triggers backup. VSS on app server acts with File Share Shaow Copy Provider. It hits the File Share Shadow Copy Agent on the file server via RPC, and that then triggers the VSS on the file server to create the shadow copy. The backup server can read the snapshot directly from the file server, saving on needless data transfer.

Performance for Server Applications
SMB2.2 makes big changes. Gone from 25% to 97% of DAS performance. MSFT used same DAS storage in local and file share storage with SQL Server to get these numbers. NIC teaming, TCP offloads and RDMA improved performance.

Perfmon counters are added to help admins troubleshoot and tune. IO size, IO latency, IO queue length, etc. Can seperately tune SQL data file or log file.

Demo:
Scale-out file server in the demo. 4 clients accessing 2 files, balanced across 2 nodes in the scale out file server cluster. A node in the cluster is killed. The witness service sees this, knows which clients were using it, and tells them to reconnect – no timeouts, etc. The clients do come back online on the remaining node.

Platforms
- Networking: 2+ interfaces … 1 GbE, 10 GbE optionaly with RDMA, or Infiniband with RDMA
- Server: 2+ servers … “cluster in a box” (a self contained cluster appliance) or 2+ single node servers.
- Storage: Storage Spaces, Clustered PCI RAID (both on Shared JBOD SAS), FC/iSCSI/SAS fabric (on arrays)

Sample Configurations
- Lowest cost: cluster in a box with shared JBOD SAS using 1 GbE and SAS HBA. Or use the same with Cluster PCI RAID for better performance instead of the SAS HBA. An external port to add external storage to scale out. Beyong td that look at 10 GbE
- Discreet servers: 1/10 GbE with SAS HBA to Shared JBOD SAS. Or use advanced SANS.

Note: This new storage solution could radically shake up how we do HA for VMs or server applications in the small/mid enterprise. It’s going to be cheaper and more flexible. Even the corporations might look at this for low/mid tier services. MSFT did a lot of work on this and it shows IMO; I am impressed.

2011
09.15

Speakers: Elden Christensen and Mallikarjun Chadalapaka

This session will focus on block based storage. It’s a clustering session. It seems like failover clustering is not opimised for the cloud. *joking*

Sneak Peak at Failover Clustering
- scale up to 4,000 VMs in a cluster
- scale out to 63 nodes in a cluster
- 4 x more than W2008 R2

Note: more persistent reservations and iSCSI-3 resevations to the SAN!

Multi-Machine Management with Server Manager, Featuring Cluster Integration
- Remote server management
- Server groups to manage sets of machines – single click to affect all nodes at once (nice!)
- Simplified management
- Launch clustering management from Server Manager

New Placement Policies
- Virtual Machine Priority: start with the most important VMs first (start backend first, then mid tier, then front tier). Ensure the most important VMs are running – shut down low priority VMs to allow high priority VMs to get access to constrained resources
- Enahance Failover Placement: Each VM based on note with best avaialble memory resources. Memory requirements determined on the per VM basis – finds best node based on how DM is configured. NUMA aware.

VM Mobility
- Live Migration Queing
- Storage Live Migration
- Concurrent Live Migrations – multiple simulataneous LMs for a given source or target
- Hyper-V Replica is integrated with clustering

Cluster Management
Demo: The demo cluster has 4001 VMs and 63 nodes (RDP into Redmond). In the FCM, it is smooth and fast. You can see the priority of each VM. You can search for VMs with basic and complex queries. The thumbnai of the VM is on the FCM.

Guest Clustering – Increased Storage Support
- Most common scenario is SQL Server
- Could only be done in iSCSI. Now we have a virtual fibre channel HBA

VM Monitoring
- Application level recovery: Service Control Manager or event triggered
- Guest Lvel HA Recovery – FC reboots the VM
- Host level HA recovery – FC fails over VM to another node
- Generic health monitoring for any application: Service Control Manager and generation of specific event IDs

VM Monitoring VS Guest Clustering
- VM Monitoring: Application monitoing, simplified configuration and event monitoring – good for tier 2 apps
- Guest clustering: applciation health monitoring, application mobility (for scheduled maintenance) – still for tier 1 apps

Automated Node Draining
Like VMM maintenance mode. Click a node to drain it of hosted roles (VMs).

Cluster Aware Updating
CAU updates alll cluster nodes in an automated fashion without impacting service availability. It is an end to end orchestration of updates. Built on top of WUA. Patching does not impact cluster quorum. Workflow:

- Scan nodes to ID appropriate updates
- ID node with fewest worklaodss
- Place node into maintenance mode to drain
- WSUS update
- Rinse and repeat

The workloads return to their original node at the end of the process.

Note: The machine managing this is called the orchestrator. That might be a little confusing because SC Orchestrator can do this stuff too.
Note: I wonder how well this will play with updates in VMM 2012?

There is extensibility to include firmware, BIOS, etc, via updates, via 3rd party plugin.

Demo: Streaming video from a HA VM. The cluster is updated, the workflow runs, and the videos stay running. The wizard gives you the PSH. You can save that and schedule it. No dedicated WSUS needed by the looks of it.

Cluster Shared Volume
Redirected I/O is b-a-d.

Windows Server 8: Improve backup / restore of CSV. Expanded CSV to include more roles. CSV expands out to 63 nodes. Enables zero downtime for planned and unplanned failures of SMB workloads Provides iteroperability with file system mini-filer drivers (a/v and backup), and lots more.

CSV no longer needs to be enabled. Just right click on a disk to make it a CSV. File systems now appears as CSVFS. It is NTFS under the covers. It enables applications to know they are on CSV and ensure their copatibility.

AV, Continuous data protection, backup and replication all use filter drivers to insert themselves in the CSV pseudo-file system stack.

High speed CSV I/O redirection will have negligible impact. CSV is integrated with SMB mutli-channel. Alows streaming CSV traffic acros multiple networks. Delivers improved performance when in redirected mode. CSV takes advantage of SMB 2 Direct and RDMA

BitLocker is now supported on traditional shared nothing disks and CSV. The Cluster Name Object (CNO) ID is used.

Cluster Storage Requirements Are:
- FC
- SAS RBOD
- Storage Spaces
- RAID HBA/SAS JBOD
- SMB
- iSCSI
- FCoE

Data Replication storage requirements:
- Hardware
- Software replication
- Aplication Replication (Exchange, SQL Denali AlwaysOn)

SCSI Command requirements: storage must support SCSI-3 SPC-3 compliant SCSI Commands.

Cost Effective & Scale Out with Storage Spaces. Integrated and supported by clustering and CSV.

Redirected I/O is normally file level. There is now a block level variant – not covered in this talk.

What if your Storage Spaces servers were in the same cluster as the Hyper-V hosts? High speed block level redirected IO. Simplified management. Single CSV namespace accessiible on all nodes. Unified security model Single cluster to manage. VMs can run anywhere.

Note: Wow!

Called an asymmetric configuration.

CSV Backup
Support for parallel backups on same or different CSV volumes, or on same or different cluster nodes. Improved I/O performance. Direct IO mode for snapshot and backup operations. (!!!) Software snapshots will stay in direct IO mode (!!!!) CSV volume ownership does not change during backup. Improved filter driver support for incremental backups. Backup applications do not need to be CSV aware. Fully compatible with W2008 R2 “requestors”.

Distributed App Consistens VM Shadow Copies:
Saw you have a LUN with VMs scattered across lots of hosts. Can now snap the entire LUN using an orchestrated snapshot.

Comparing Backup With W2008 R2
- Backup app: W2008 R2 rquires CSV aware backup app
- IO performance: No redireced IO for backup
- Locality of CSV volume: Snapshot can be created by any volume
- Complexity: Cluster coordinates the backup process

Note: I’m still trying to get over that we stay in direct IO during a system VSS provider backup of a CSV.

Cluster.exe is deprecated. Not there by default but you can install it in Server Manager. Use PSH instead.

SCSI Inquiry Data (page 83h) is now changed from recommended to required.

2011
09.15

Extra session where I ran to in this slot after previous one ended very early.  This one is on storage pools and spaces.  Speaker has a Dell 1U server with a bunch of internal unallocated disks.  Uses PSH to:

  1. New-StoragePool (Get-StorageSubsystem and Get-PhysicalDisk)  The command pools all un-pooled disks.  The disks appear from Disk Manager because they are pooled.
  2. A space (which is a virtual disk) is created: New-VirtualDisk
  3. Initialize-Disk is run to initialise it.
  4. New-Partition formats the disk which is visible in disk manager and can be explored.  Note that it has a drive letter.

Optimized Space Utilisation

  • On-demand provisioning with trim (h/w command that gives space back to the pool when files are deleted) support – for NTFS, Hyper-V, and apps like SQL.
  • Elastic capacity expansion by just adding more disks.  You’ll get alerts when nearly full.
  • Defrag optimized to work with Storage Pools

Resiliency:

  • Mirrored spaces and Parity Spaces with integrated journaling supported.
  • Per-pool hot spare disk supported
  • Application driven intelligent error correction: SQL and Exchange should be able to take advantage of this.

Not very well explained – sorry. 

Demo: he plays a video that is stored on a resilient space and pulls a disk from it.  The video is uninterrupted. 

Spaces have granular access control.  Could be good for multi-tenant deployment – I’m hesitant of that because it means giving visibility of the back end system to untrusted customers (rule #1 is users are stupid).

You can base SLA on the type of disks in your JBOD, e.g. SSD, 15K or SATA.  Your JBOD could be connected to a bunch of servers.  They can create spaces for themselves.  E.g. a file server could have spaces, and use the disk space to store clustered VMs.

Questions to sfsquestions@microsoft.com

2011
09.15

Speakers: Charley Wen and Richard Wurdock

Pretty demo intensive session.  We start off with a demo of “fair sharing of bandwidth” where PSH is used with minimum bandwidth setting to provide equal weight to a set of VMs.  One VM is needs to get more bandwidth but can’t get it.  A new policy is deployed by script and it get’s a higher weight. It then can access more of the pipe.  Maximum bandwidth would have capped the VM so it couldn’t access idle b/w.

Minimum Bandwidth Policy

  • Enforce bandwidth allocation –> get performance predictability
  • Redistribute unused bandwidth –> get high link utilisation

The effect is that VMs get an SLA.  They always get the minimum if the require it.  They consume nothing if they don’t use it, and that b/w is available to others to exceed their minimum.

Min BW % = Weight / Sum of Weights

Example of 1 Gbps pipe:

  • VM 1 = 1 = 100 Mbps
  • VM 2 = 2 = 200 Mbps
  • VM 3 = 5 = 500 Mbps

If you have NIC teaming, there is no way to guarantee minimum b/w of total potential pipe. 

Maximum Bandwidth

Example, you have an expensive WAN link.  You can cap a customer’s ability to use the pipe based on what they pay.

How it Works Under the Covers

Bunch of VMs trying to use a pNIC.  The pNIC reports it’s speed.  It reports when it sends a packet.  This is recorded in a capacity meter.    It feeds into the traffic meter and it determines classification of packet.  Using that it figures out if exceeds capacity of the NIC.  The peak bandwidth meter is fed by latter and it stops traffic (draining process). 

Reserved bandwidth meter guarantees bandwidth. 

All of this is software, and it is h/w vendor independent. 

With all this you can do multi-tenancy without over-provisioning.

Converged Fabric

Simple image: two fabrics: network I/O and storage I/O across iSCSI, SMB, NFS, and Fiber Channel.

Expensive, so we’re trying to converge onto one fabric.  QoS can be used to guarantee service of various functions of the converged fabric, e.g. run all network connections through a single hyper-v extensible switch, via 10 Gbps NIC team.

Windows Server 8 takes advantage of hardware where available to offload QoS.

We get a demo where a Live Migration cannot complete because a converged fabric is saturated (no QoS).  In the demo a traffic class QoS policy is created and deployed.  Now the LM works as expected … the required b/w is allocated to the LM job.  The NIC in the demo supports h/w QoS so it does the work.

Business benefit: reduced capital costs by using fewer switches, etc.

Traffic Classification:

  • You can have up to 8 traffic classes – 1 of them is storage, by default by the sound of it.
  • Appears that DCB is involved with the LAN miniport and iSCSI miniport is traffic QoS with traffic classification.  My head hurts.

Hmm, they finished after using only half of their time allocation.

2011
09.15

“Windows 8 is the most cost effective HA storage solution”

  • Storage Spaces: virtualised storage
  • Offloaded data transfer (ODX)
  • Data deduplication

File System Availability

Confidently deploy 64 TB NTFS volumes with Windows 8 with Online scan and repair:

  • Online repair
  • Online scan and corruption logging
  • Scheduled repair
  • Downtime proportional only to number of logged corruptions: scans don’t mean downtime now
  • Failover clustering & CSV integration
  • Better manageability via Action Center, PowerShell and Server Manager

Note: this means bigger volumes aren’t the big maintenance downtime problem they might have been for Hyper-V clusters. 

Operational Simplicity

Extensible storage management API:

  • WMI programmatic interfaces
  • PSH for remote access and scripting – easy E2E provisioning
  • All new in-box application using one new API
  • Foundational infrastructure for reducing operations expenditure

Multi-vendor interoperability – common interface for IHVs

  • SMI-S standards conformant: proxy service enables broad interoperability with existing SMI-S storage h/w – standards based approach … wonder if the storage manufacturers know that Smile
  • Storage Management Provider interface enables host-based extensibility

Basically everything uses one storage management interface to access vendor arrays, SMI-S compliant arrays, and Storage Spaces compatible JBOD.  The Windows 8 admin tools use this single API via WMI and PowerShell.

We are shown a 6 line PSH script to create a disk pool, create a virtual disk, configure the virtual disk, mount it on the server, and format it with NTFS.

Storage Spaces

New category of cost effective, scalable, available storage, with operationsl simplicity for all customer segments.  Powerful new platform abstractions:

  • Storage pools: units of aggregation (of disks), administration and isolation
  • Storage spaces (virtual disks): resiliency, provisioning, and performance

Target design point:

  • Industry standard interconnects: SATA or (shared) SAS
  • Industry standard storage: JBODs

You take a bunch of disks and connect them to the server with (shared or direct) SAS (best) or direct SATA (acceptable).  The disks are aggregated into pools.  Pools are split into spaces.  You can do CSV, NFS, or Windows Storage Management.  Supports Hyper-V.

Shared SAS allows a single JBOD to be attached to multiple servers to make a highly available and scalable storage fabric.

Capabilities:

  • Optimized storage utilisation
  • Resiliency and application drive error correction
  • HA and scale out with Failover Clustering and CSV
  • Operational simplicity

Demo:

Iometer is running to simulate storage workloads.  40x Intel x25-M 160 GB SSDs connected to a Dell T710 (48 GB RAM, dual Intel CPU) server with 5 * LSI HBAs.  Gets 880580.06 read IOPS with this developer preview pre-beta release.

Changes demo to a workload that needs high bandwidth rather than IOPS.  This time he gets 3311.04 MB per second throughput.

Next demo is a JBOD with a pool (CSV).  A pair of spaces are created in the pool, each assigned to virtual machines.  Both VMs have VHDs.  The VHDs are stored in VHDs.  Both are running on different Hyper-V nodes.  Both nodes access the space via CSV.  In the demo, we see that both nodes can see both pools.  The spaces appear in Explorer with driver letters (Note: I do not like that – indicates a return to 2008 days?).  For some reason he used Quick Migration – why?!?!?  A space is only visible in explorer on a host if the VM is running on that host – they follow when VMs are migrated between nodes. 

Offloaded Data Transfer (ODX)

Co-developed with partners, e.g. Dell Equalogic.  If we copy large files on the SAN between servers, the source server normally has had to do the work (data in, CPU and SAN utilisation), send it over a latent LAN, and then the destination server has to write it to the SAN again (CPU and data out).  ODX offloads the work to a compatible SAN which can do it more quickly, and we don’t get the needless cross LAN data transfer or CPU utilisation.  E.g. Host A wants to send data to Host B.  Token is passed between hosts.  Host A sends job to SAN with the token.  SAN uses this token to sync with host B, and host B reads direct from the SAN, instead of getting data from host A across the LAN.  This will be a magic multi-site cluster data transfer solution.

In a demo, he copies a file from SAN A in Redmond to SAN B in Redmond on his laptop in Anaheim.  With ODX, runs at 250 Mbps with zero data transfer on his laptop, takes a few minutes.  With no ODX, it wants to copy data to Anaheim from SAN A and then copy data from Anaheim to SAN B, would take over 17 hours.

Thin Provisioning Notifications

Can ID thinly provisioned virtual disks. 

Data Deduplication 

Transparent to primary server workload.  Can save over 80% of storage for VHD library, around 50% for general file share.  Deduplication scope is the volume.  It is cluster aware.  It is integrated with BranchCache for optimised data transfer over the WAN.

The speakers run out of time.  Confusing presentation: think the topics covered need much more time.

2011
09.15

Speakers: Yigal Edery and Ross Ortega from Microsoft.

Windows Server 8 apparently is cloud optimized.  That rings a bell … I expect some repetition so I’ll blog the unique stuff.

There is no one right cloud architecture.  The architecture depends on the environment and the requirements.  Don’t take from this that there are no wrong cloud architectures Winking smile  “Building an optimized could requires difficult decisions and trade-offs among an alphabet soup of options”.  This session will try provide some best practices.

Requirements

  • Cost
  • Scalability
  • Reliability
  • Security
  • Performance
  • High availability

Balance these and you get your architecture: workloads, networking, storage and service levels.

Which workloads will run in my cloud?

You need to understand your mission.

  • Cloud aware apps or legacy/stateful apps? Are you IaaS or PaaS or SaaS?
  • Are workloads trusted?  This is an important one for public clouds or multi-tenant clouds.  You cannot trust the tenants and they cannot trust each other.   This leads to some network security design decisions.
  • Compute-bound or Storage-bound?  This will dictate server and storage design … e.g. big hosts or smaller hosts, big FC SAN or lower end storage solution.
  • Workloads size?  And how many per server?  Are you running small apps or big, heavy apps?  This influences server sizing too.  Huge servers are a big investment, and will cost a lot of money to operate while they are waiting to be filled with workloads.

Networking

  • Are you isolating hoster traffic from guest traffic?  Do you want them on the same cable/switches?  Think about north/south (in/out datacenter) traffic and east/west (between servers in datacenter) traffic.  In MSFT datacenters, 70% is east/west traffic.
  • Will you leverage existing infrastructure?  Are you doing green field or not?  Green field gives you more opportunity to get new h/w that can use all Windows Server 8 features.  But trade-off is throwing out existing investment if there is one.
  • Will you have traffic management?

Infiniband VS 10 GBE vs 1 GbE

10 GbE:

  • Great performance
  • RDMA optional for SMB 2.2
  • Offers QoS (DCB) and flexible bandwidth allocation
  • New offloads
  • But physical switch ports are more expensive
  • New tech appears on 10 GbE NICs rather than on 1 BgE

InfiniBand (32 Gb and 56 Gb):

  • Very high performance and low latency
  • RDMA includes for SMB 2.2 file access
  • But network management different than Ethernet.  Can be expensive and requires a different skillset.  Can be hard to find staff, requires specific training.  Not many installations out there.

1 GbE:

  • Adequate for many workloads
  • If investing in new equipment for long life, then invest in 10 GbE to safeguard your investment

Price of WAN traffic is not reducing.  It is stable/stuck.  Datacenter north/south WAN links can be a fraction of the bandwidth of east/west LAN links.

How many NICs should be in the server? 

We are shown a few examples:

Physical Isolation with 4 NICs:

  • Live Migration –1
  • Cluster/Storage – 1
  • Management – 1
  • Hyper-V Extensible Switch – 2 bound together by Windows 8 NIC teaming, use Port ACLs for the VMs

Many people chose 10 GbE to avoid managing many NICs.  Windows Server 8 resloves this with NIC teaming so now you can use the b/w for throughput.

2 NICs with Management and guest isolation:

  • Live Migration, Cluster/Storage, Management (all on different subnets) – 1
  • Hyper-V Extensible Switch – 1 NIC, use Port ACLs for the VMs

1 * 10 GbE NIC:

  • Live Migration, Cluster/Storage, Management all plug into the Hyper-V Extensible Switch.
  • VMs plug into the Hyper-V Extensible Switch
  • 1 * 10 GbE NIC for the Hyper-V Extensible Switch
  • Use QoS to management bandwidth
  • Use Port ACLs for all ports on the Hyper-V Extensible Switch to isolate traffic
  • This is all done with PowerShell

Windows Server 8 NIC Scalability and Performance Features

  • Data Center Bridging (DCB)
  • Receive Segement Coalescing (RSC)
  • Receive Side Scaling (RSS)
  • Remote Direct Memory Access (RDMA)
  • Single Root I/O Virtualisation (SR-IOV)
  • Virtual Machine Queue (VMQ)
  • IPsec Offload (IPsecTO)

Note: no mention of failover or Hyper-V cluster support of the features.  E.g. We don’t recommend TOE in W2008 R2 … not supported.

Using Network Offloads for Increase Scale

  • NIC with RSS for native (parent) traffic: Live Migration, Cluster/Storage, Management
  • NIC with VMQ for virtualisation traffic: Hyper-V Extensible Switch

Note: RSS and VMQ cannot be enabled on the same NIC.  RSS not supported on the Hyper-V switch.

  • Raw performance: RDMA and SR-IOV:
  • Flexibility and scalability: Hyper-V extensible switch, network virtualisation, NIC teaming, RSS, VMQ, IPsecTO

Notes:

  • SR-IOV and RSS work together.
  • Offloads require driver and possibly BIOS support.
  • When you are working with 1 or restricted number of NICs, you need to pick and choose which features you use because of support statements.

Storage

HBAs VS NICs.  HBA (FC, iSCSI, or SAS) bypasses networking stack and has less CPU utilisation.

Storage Architectures

2 possible basic solutions:

  • Internal/DAS disk: cheap with disk bound VMs
  • External disk: expensive but mobile VMs, can grow compute and storage capacity on 2 different axis, compute bound VMs, storage offloading

The Great Big Hyper-V Survey of 2011 findings are that the breakdown in the market is 33% use A, 33% use B, and 33% use both.

Service Levels

  • What performance guarantees do you give to the customers?  More guarantees = more spending
  • How important is performance isolation?
  • What are the resiliency promises?  This is the challenging one: in-datacenter or inter-datacenter. 

More on the latter:

  • Some failure is acceptable.  You can offer cheaper services with storage/compute bound VMs.  Often done by hosters.  Windows Server 8 trying to offer mobility with non HA Live Migration.
  • Failure is not acceptable: Failover clustering: make everything as HA as possible.  Dual power, dual network path, N fault tolerant hosts, etc.  Maybe extend this to another data center.  Often done in private cloud and legacy apps, rarely done by hosters because of the additional cost.  Windows Server 8 trying to reduce this cost with lower cost storage options.

Representative Configurations by Microsoft

Tested in MS Engineering Excellence Center (EEC).  Optimized for different cloud types.  Guidance and PowerShell script samples.  These will be released between now and beta.

Start with:

The traditional design with 4 NICs (switch, live migration, cluster, and parent) + HBA: physically isoated netwowkrs, HBA, and W2008 R2 guidance.

Enable Support for Dmeanding Workloads:

  • Put Hyper-V switch on 10 GbE. 
  • Enable SR-IOV for better scale and lower latency

Enable 10 GbE for Storage:

  • Enable RSS
  • Fast storage
  • Ethernet so you have single skill set and management solution

Converge 10 GbE if you have that network type:

  • Use the NIC for Live Migration, Clsuter/Storage/Management.  Enable QoS with DCB and RSS.  MSFT saying they rarely see 10 GbE being fully used.
  • Switches must support DCB
  • QoS and DCB traffic classes ensure traffic bandwidth allocations

Use File Servers:

  • Share your VM storage using a file server instead of a SAN controller.  Use JBOD instead of expensive SAN.
  • Enable RDMA on file server NIC and converged 10 GbE NIC on host
  • RDMA is high speed, low latency, reduced CPU overhead solution.
  • “Better VM mobility”: don’t know how yet

High Availability and Performance with 3 * 10 GbE NICs

  • 2 teamed NICs for parent, cluster/storage, parent with DCB and RSS (no RDMA)
  • File server has 10 GbE
  • Hyper-V Switch and 10 GbE

Sample Documented Configuration:

  • 10 GbE NIC * 2 teamed for Live Migration, Cluster/Storage, and parent with DCB, RSS, and QoS.
  • 1 * 1 GbE with teaming for Hyper-V switch.
  • File server with 2 by 10 GbE teamed NICs with RSS, DCB, and QoS.
  • File server has FC HBA connected to back end SAN – still have SAN benefits but with fewer FC ports required and simpler configuration (handy if doing auto host deployment)

Damn, this subject could make for a nice 2 day topic.

2011
09.15

Then you seriously need to look at Hyper-V.  Even now, if you strip vSphere down to it’s most economic deployment with the Standard edition, you can save quite a bit by going with Windows Server 2008 R2 Hyper-V (with Software Assurance or though a scheme with upgrade rights like OVS) and the System Center Management Suite (for managing the entire application/infrastructure stack AKA cloud).  And because Windows Server Hyper-V is not vTaxed cripple-ware, you get access to all of the features.

I mentioned upgrade rights for Windows Server because you will want Windows 8 Server Hyper-V.  If Windows Server 2008 R2 Hyper-V has more features than vSphere Standard (which it does), then Windows 8 Server Hyper-V will leave VMware and their overpaying customers in the dust.

If you’re a VMware customer then you need to look now.  Get a lab machine or two and try it out – do some prep because they are different products.  System Center Virtual Machine Manager will allow you to migrate from vSphere, and you’ll get to focus systems management on what the business cares about: the service.

If you’re a Microsoft partner that’s focused on VMware then go looking for Symon Perriman’s content on Hyper-V training for VMware engineers.  Work with you local Microsoft PTA to get trained up.  in Ireland, MicroWarehouse customers can work with me – I will be running a number of virtualisation and System Center training classes for partners in MSFT Dublin, and I am available to call out to prepare sales staff and account managers.

Windows Server 2008 R2 Hyper-V made an impact.  Windows 8 Server Hyper-V is a game changer.  Ignore it at your peril!

2011
09.15

Stuff happens.  Sometimes you install a dodgy piece of software.  Sometimes the cumulative effect of lots of installs messes up the PC.  Sometimes you’re running a pre-beta developer preview release of an operating system and it breaks.  And that’s when some new features in Windows 8 come in handy.

In Control Panel, under General, you can find two useful features:

Refresh Your PC

This will allow you to undo changes to your PC back to the Windows defaults without affecting your data or files.  I did this yesterday on my Microsoft Build Samsung slate PC when the gyroscope functionality broke.  It took around 5 minutes, and I got a “new” operating system that remembered who I was and retained my limited amount of data (in My Pictures). 

A application report is posted on the desktop.  This details the applications that were uninstalled, and in my experience, it gave me URLs to download the software again.

Reset Your PC

You might want to sell your Windows 8 PC on Ebay.  You can reset the operating system without any media by hitting this option.  It will restore the entire OS to factory defaults, wiping all of your data (allegedly). 

EDIT:

I did a reset a few minutes ago to see how it would work.  It worked as advertised; the PC was reset to the original installation and all my data and settings were gone.  It took around 5 minutes to reset, and maybe another 5 to do the mini-setup wizard.

Technorati Tags:
2011
09.15

I’ve just been woken up from my first decent sleep (jetlag) by my first ever earthquake (3.5) and I got to thinking … yesterday (Hyper-V/Private Cloud day) was incredible.  Normally when I live blog I can find time to record what’s “in between the lines” and some of the spoken word of the presenter.  Yesterday, I struggled to take down the bullet points from the slides; there was just so much change being introduced.  There wasn’t any great detail on any topic, simply because there just wasn’t time.  One of the cloud sessions ran over the allotted time and they had to skip slides.

I think some things are easy to visualise and comprehend because they are “tangible”.  Hyper-V Replica is a killer headline feature.  The increase host/cluster scalability gives us some “Top Gear” stats: just how many people really have a need for a 1,000 BHP car?  And not many of us really need 63 host clusters with 4,000 VMs.  But I guess Microsoft had an opportunity to test and push the headline ahead of the competition, and rightly took it.

Speaking of Top Gear metrics, one interesting thing was that the vCPU:pCPU ratiio of 8:1 was eliminated with barely a mention.  Hyper-V now supports as many vCPUs as you can fit on a host without compromising VM and service performance.  That is excellent.  I once had a quite low end single 4 core CPU host that was full (memory, before Dynamic Memory) but CPU only averaged 25%.  I could have reliably squeezed on way more VMs, easily exceeding the ratio.  The elimination of this limit by Hyper-V will further reduce the cost of virtualisation.  Note that you still need to respect the vCPU:pCPU ratio support statements of applications that you virtualise, e.g. Exchange and SharePoint, because an application needs what it needs.  Assessment, sizing, and monitoring are critical for squeezing in as much as possible without compromising on performance.

The lack of native NIC Teaming was something that caused many concerns.  Those who needed it used the 3rd party applications.  That caused stability issues, new security issues (check using HP NCU and VLANing for VM isolation), and I also know that some Microsoft partners saw it as enough of an issue to not recommend Hyper-V.  The cries for native NIC teaming started years ago.  Next year, you’ll get it in Windows 8 Server.

One of the most interesting sets features is how network virtualisation has changed.  I don’t have the time or equipment here in Anaheim to look at the Server OS yet, so I don’t have the techie details.  But this is my understanding of how we can do network isolation.

image

Firstly, we are getting Port ACLs (access control lists).  Right now, we have to deploy at least 1 VLAN per customer or application to isolate them.  N-tier applications require multiple VLANs.  My personal experience was that I could deploy customer VMs reliably in very little time.  But I had to wait quite a while for one or more VLANs to be engineered and tested.  It stressed me (customer pressure) and it stressed the network engineers (complexity).  Network troubleshooting (Windows Server 8 is bringing in virtual network packet tracing!) was a nightmare, and let’s not imagine replacing firewalls or switches.

Port VLANs will allow us to say what a VM can or cannot talk to.  Imagine being able to build a flat VLAN with hundreds or thousands of IP addresses.  You don’t have to subnet it for different applications or customers.  Instead, you could (in theory) place all the VMs in that one VLAN and use Port ACLs to dictate what they can talk to.  I haven’t seen a demo of it, and I haven’t tried it, so I can’t say more than that.  You’ll still need an edge firewall, but it appears that Port ACLs will isolate VMs behind the firewall.

image

Port ACLs have the potential to greatly simplify physical network design with fewer VLANs.  Equipment replacement will be easier.  Troubleshooting will be easier.  And now we have greatly reduced the involvement of the network admins; their role will be to customise edge firewall rules.

Secondly we have the incredibly hard to visualise network or IP virtualisation.  The concept is that a VM or VMs are running on network A, and you want to be able to move them to a different network B, but they want to do it without changing IP address or downtime.  The scenarios include:

  • A company’s network is being redesigned as a new network with new equipment.
  • One company is merging with another, and they want to consolidate the virtualisation infrastructures.
  • A customer is migrating a virtual machine to a hoster’s network.
  • A private cloud or public cloud administrator wants to be able to move virtual machines around various different networks (power consolidation, equipment replacement, etc) without causing downtime.

image

Any of these would normally involve an IP address change.  You can see above that the VMs (10.1.1.101 and 10.1.1.102) are on Network A with IPs in the 10.1.1.0/24 network.  That network has it’s own switches and routers.  The admins want to move the 10.1.1.101 VM to the 10.2.1.0/24 network which has different switches and routers.

Internet DNS records, applications (that shouldn’t, but have) hard coded IP addresses, other integrated services, all depend on that static IP address.  Changing that on one VM would cause mayhem with accusatory questions from the customer/users/managers/developers that make you out to be either a moron or a saboteur.  Oh yeah; it would also cause business operations downtime.  Changing an IP address like that is a problem. In this scenario, 10.1.1.102 would lose contact with 10.1.1.101 and the service they host would break.

Today, you make the move and you have a lot of heartache and engineering to do.  Next year …

image

Network virtualisation abstracts the virtual network from the physical network.  IP address virtualisation does similar.  The VM that was moved still believes it is on 10.1.1.101.  10.1.1.102 can still communicate with the other VM.  However, the moved VM is actually on the 10.2.1.0/24 network as 10.2.1.101.  The IP address is virtualised.  Mission accomplished.  In theory, there’s nothing to stop you from moving the VM to 10.3.1.0/24 or 10.4.1.0/24 with the same successful results.

How important is this?  I worked in the hosting industry and there was a nightmare scenario that I was more than happy to avoid.  Hosting customers pay a lot of money for near 100% uptime.  They have no interest in, and often don’t understand, the intricacies of the infrastructure.  They pay not to care about it.  The host hardware, servers and network, had 3 years of support from the manufacturer.  After that, replacement parts would be hard to find and would be expensive.  Eventually we would have to migrate to a new network and servers.  How do you tell customers, who have applications sometimes written by the worst of developers, that they could have some downtime and then that there is a risk that their application would break because of a change of IP.  I can tell you the response: they see this as being caused by the hosting company and any work the customers need to pay for to repair the issues will be paid by the hosting company.  And there’s the issue.  IP address virtualisation with expanded Live Migration takes care of that issue.

For you public or private cloud operators, you are getting metrics that record the infrastructure utilisation of individual virtual machines.  Those metrics will travel with the virtual machine.  I guess they are stored in a file or files, and that is another thing you’ll need to plan (and bill) for when it comes to storage and storage sizing (it’ll probably be a tiny space consumer).  These metrics can be extracted by a third party tool so you can analyse them and cross charge (internal or external) customers.

We know that the majority of Hyper-V installations are smaller, with the average cluster size being 4.78 hosts.  In my experience, many of these have a Dell Equalogic or HP MSA array.  Yes, these are the low end of hardware SANs.  But they are a huge investment for customers.  Some decide to go with software iSCSI solutions which also add cost.  Now it appears like those lower end clusters can use file shares to store virtual machines with support from Microsoft.  NIC teaming with RDMA gives massive data transport capabilities and gives us a serious budget solution for VM storage.  The days of the SAN aren’t over: they still offer functionality that we can’t get from file shares.

I’ve got more cloud and Hyper-V sessions to attend today, including a design one to kick off the morning.  More to come!

2011
09.14

See-Mong Tan and Pankaj Garg are the speakers.

Apparently Windows Server 8 is the most cloud optimised operating system yet. I did not know that.

Customers want availability despite faults, and predictiability of performance, when dealing with networking. Admins want scalability and density VS customer wanting performance. Customers want specialisation with lots of choice, fore firewalls, monitoring, and physical fabric integration.

Windows Server 8 gives us:
- Reliability
- Security
- Predicatabiltiy
- Scalability
- Extensibility
- … all with managability

Reliability:
Windows Server 8 gives us NIC teaming to protect against NIC or network path failure. Personal experience is that the latter is much more common, e.g. switch failure.

LBFO provider sits on top of the bound physical NICs (using IM MUX and virtual miniport). The Hyper-V Extensible Switch sits on top of that. You use the LBFO Admin Gui (via LBFO Configuration DLL) to configure the team.

- Multiple modes: Switch dependent and Switch independent
- Hasing modes: port and 4-tuple
- Active/Active and Active/Passive

Windows Server 8 provides security features to host multi tenant workloads in a hybrid cloud. You run multiple virtual networks on a physical network,. Each virtual network has the illusion that it is running as a physical fabric, the only physical network … just like a VM thinks it is the entire piece of physical hardware – that’s the analogy that MSFT is using. You decouple the virtual or tenant networks from the physical network. This is where the IP address virtualisation appears to live too. Other features:

- Port ACLs: allow you to do ACLs on IP range or MAC address … like firewall rules. And can do metering with them.
- PVLAN: Bind VMs to one uplink
- DHCP Guard: Ban VMs from being DHCP servers – very useful in cloud where users have local admin rights … users are stupid and destructive.

QoS provides predictable performance in a multi-tenant environment. You can do maximum and minumim and/or absolute vs weight.

Demo of QoS maximum bandwidth:
He runs a PSH script to implement a bandwidth rate limiting cap on some badly behaving VMs to limit their impact on the physical network. Set-VMNeworkAdapter -VMname VM1 -MaximumBandwidth 1250000.

Scalability:
Performance features mean more efficient cloud operations. Also get reduced power usage.

SR-IOV
Single Route I/O Virtualisation is a PCI group hardware technology. A NIC has features that can be assigned to a VM. WIthout it, vthe virtual swithc does routing, VLAN filtering, and data copy of incoming data to the VM, which then has to process the packet. Lots of CPU. SR-IOV bypasses the Hyper-V switch and sends the packet direct to the VM Virtual Function. This requires a SR-IOV NIC. You can Live Migrate a VM from a host with SR-IOV to a host withou SR-IOV. Apparently, VMware cannot do this. SR-IOV is a property of the virtual switch, and a property of the VM vNIC (tick boxes). The VM actually uses the driver of the SR-IOV NIC. We are shown a demo of a Live Migration to a non SR-IOV non-clustered host, with no missed pings.

D-VMQ is Dynamic Virtual Machine Queue
If the CPU is processing VM network traffic then you can use this to dynamically span processing VM n/w traffic across more than one CPU. It will automatically scale up and scale down the CPU utilisation based on demand. Static VMQ is limiting in high tide. No VMQ is limited to single CPU.

Receive Side Coalescing (RSC) allows a VM to receive live packets. IPsec Task Offload means a VM performs really well when running IPsec (CPU eater). There’s a call to action for NIC and Server vendors to support thiese features.

Extensibility:
The idea here is that partners can develop those specialised features that MSFT cannot do.

Partners can extend the Hyper-V extensible switch with their own features. There’s a set of APIs for them to use. Switch vendors should extend to provide unified management of physical and virtual switches.

Managability:
Features without management is useless. Windows Server 8 designed to manage large clouds. Metering allows chargeback, e.g. on network usage. Metrics are stored with the VM and are persistent after a VM move or migration.

PowerShell for Hyper-V. Unified tracing for network troubleshooting: trace packets from VM, to switch, though the vendor and onto the network. Port Mirroring: standard switch feature redirect switch traffic to analyse.

And this is where I need to wrap up … the session is about to end anyway.

2011
09.14

Speakers: Jeff Woolsey and Yigal Edery of Microsoft.

Was the cloud optimization of Windows Server 8 mentioned yet? Probably not, but it’s mentioned now.

- Enable multi tenant clouds: isolation and security
- High scale and low cost data centres
- Managable and extensible: they are pushing PowerShell here

Windows Server 8 should make building a IaaS much easier.

Evolution of the data centre (going from least to most scalable):

1) Dedicated servers, no virtualisation, and benefit of hardware isolation
2) Server virtalisation, with benefits of server consolidation, some scale out, and heterogeneous hardware
3) Cloud with Windows 8: Shared compute, storage, network. Multi-tenancy, converged network and hybrid clouds. Benefits of infrastructure utilization increase, automatic deployment and migration of apps, VMs, and services. Scaling of network/storage.

Enable Multi-Tenant Cloud
What is added?
- Secure isolation between tenants: Hyper-V extensible swich (routing, etc), Isolation policies (can define what a VM can see in layer 2 networking), PVLANs
- Dynamic Placement of Services: Hyper-V network virtualisation, complete VM mobility, cross-premise connectivity (when you move something to the cloud, it should still appear on the network as internal for minimal service disruption)
- Virtual Machine Metering: Virtual Machine QoS policies, resource meters (measure activity of VM over time, and those metric stay with a VM when it is moved), performance counters

Requirements:
- Tenant wants to easily move VMs to and from the cloud
- Hoster wants to place VMs anywhere in the data center
- Both want: easy onboarding, flexibility and isolation

The Hyper-V extensible switch has pVLAN functionality. But managing VLANs is not necessarily the way you want to go. 4095 maximum VLANs. And absolute nightmare to maintain, upgrade, or replace. IP address management is usually controlled by the hoster.

Network virtualisation aims to solve these issues. VM has two IPs: one it thinks it is using, and one that it really is using. “Each virtual network has illusiion it is running as a physical fabric”. The abstraction of IP address make the VM more mobile. Virtualisation unbinds server and app from physical hardware. Network virtualisation unbinds server and app from physical network.

Mobility Design
Rule 1: no new features that preclude Live Migration
Rule 2: maximise VM mobility with security

Number 1: recommendation is Live Migration with High Availability
Number 2: SMB Live Migration
Number 3: Live Storage Migration

Live Storage Migration enables:
- Storage load balancing
- No owntime servicing
- Leverages Hyper-V Offloaded Data Transfer (ODX): pass a secure token to a storage array to get it to move large amounts of data for you. Possibly up to 90% faster.

You can Live Migrate a VM with just a 1 Gbps connection and nothing else. VHDX makes deployment easier. Get more than 2040 GB in a vDisk without the need to do passthrough disk which requires more manual and exceptional effort. Add in the virtual fibre channel HBA with MPIO and you reduce the need for physical servers for customer clusters in fibre channel deployments.

Bandwitdh management is an option in the virtual network adapter. You can restrict bandwidth for customers with this. IPsec offload can be enabled to reduced CPU utilisation.

Upto 63 nodes in a cluster, with up to 4,000 VMs. That’s one monster cluster.

QoS and Resource Metering
Network: monitor incoming andoutgoing traffic per IP address
Sotrage: high water mark disk allocation
Memory: high and low water mark memory, and average

We get a demo of resource meters being used to rught size VMs.

Dynamic Memory gets a new setting: Minimum RAM. Startup RAM could give a VM 1024MB, but the VM could reduce to Minimum RAM of 512MB if there is insufficient pressure.

High scale and low cost data centres:
- The vCPU:pCPU ratio limit has been removed from Hyper-V support… just squeeze in what you can without impacting VM performance
- Up to 160 logical processors
- Up to 2 TB RAM

Networking:
- Dynamic VMQ
- Single root I/O virtualiation (SR-IOV): dedicate a pNIC to a VM
- Receive side scalling (RSS)
- Receive side coalescing (RSC)
- IPsec task offload

Storage
- ODX
- RDMA
- SMB 2.2
- 4K native disk support

HA and Data Protection
- Windows NIC teaming across different vendors of NIC!
- Hyper-V Replica for DR to scondary site – either one I own or a cloud provider
- BitLocker: Physically safeguard customers’ data. Even if you lose the disk the data is protected by encryption. You can now encrypt cluster volumes. TPMs can be leveraged for the first time with Hyper-V cluster shared disks. Cluster Names Obkect (CNO) used to lock and unlock disks.

Managable and Extensible
- PowerShell for Hyper-V by MSFT for the first time. Can use WMI too, as before.
- Workflows across many servers.
- Hyper-V Extensible switch to get visibility into the network
- WMIv2/CIM, OData, Data Center TCP

go.microsoft.com/fwlink/p/?LinkID=228511 is where a whitepaper will appear in the next week on this topic.

2011
09.14

This is an IT pro session featuring Bill Laing (Corporate Vice President Server & Cloud Division) and Mike Neil (General Manager Windows Server) are the speakers.  This will be jam packed with demos.

“Windows Server 8 is cloud optimized for all business” – Bill Laing.  For single servers and large clusters.  The 4 themes of this server release:

  • beyond virtualisation
  • The power of many servers, the simplicity of one
  • Every app, any cloud
  • Modern work style enabled

Hyper-V headline features:

  • network virtualisation
  • Live storage migration
  • multi-tenancy
  • NIC teaming
  • 160 logical processors
  • 32 virtual processors
  • virtual fiber channel
  • Offloaded data transfer (between VMs on the same storage)
  • Hyper-V replicat
  • Cross-premise connectivity
  • IP address mobility
  • Cloud backup

Did they mention cloud yet?  I think not: apparently this release is cloud optimized.

A VM can have up to 32 vCPUs.  RAM can be up to 512 GB.  VHDX supports up to 16 TB of storage per vDisk.  Guest NUMA is where VMs are now NUMA aware … having 32 vCPUs makes this an issue.  A VM can optimize threads of execution VS memory allocation on the host.  A guest can now direct connect to a fibre channel SAN via a virtual fibre channel adapter/HBA – now the high end customers can do in-VM clustering just like iSCSI customers.  You can do MPIO with this as well, and it works with existing supported guest OSs.  No packet filtering is done in the guest.

Live Migration.  You can now do concurrent Live Migrations.  Your limit is the networking hardware.  You can LM a VM from one host to another with “no limits”.  In other words, a 1 Gbps connection with no clustering and no shared storage is enough for a VM live migration now.  You use the Move wizard, and can choose pieces of the VM or the full VM.  Live Storage Migration sits under the hood.  It is using snapshots similar to what was done with Quick Storage Migration in VMM 2008 R2. 

On to Hyper-V networking.  What was slowing down cloud adoption?  Customers want hybrid computing.  Customers also don’t like hosting enforced IP addressing.  The customer can migrate their VM to a hosting company, and keep their IP address.  A dull demo because it is so transparent.  This is IP Address Mobility.  The VM is exported.  Some PowerShell is involved in the hosting company.  Windows Server 8 Remote Access IPsec Secure Tunnel is used to create a secure tunnel from the client to the hosting company.  This extends the client cloud to create a hybrid cloud.  The moved VM keeps its original IP address and stays online.  Hosted customers can have common IP addresses.  Thanks to IP virtualisation, the VMs internal IP is abstracted.  The client assigned in-VM address is used for client site communications.  In the hosting infrastructure, the VM has a different IP address.

VLANs have been used by hosting companies for this in the past.  It was slow to deploy and complicates networking.  It also means that network cannot be changed – EVER … been there, bought the t-shirt. 

Cross-network VM live migration can be done thanks to IP virtualisation.  The VM can change it’s hosted IP address, but the in-VM address does not change.  Makes the hosting company more flexible, e.g. consolidate during quiet/maintenance periods, network upgrades, etc.  There is no service disruption, so the customer has no downtime, and the hosting company can move VMs via Live Migration as and when required.  This works just as well in the private cloud.  Private cloud = hosting company with internal customers.

More:

  • Extensible virtual switch
  • Disaster recovery services with Hyper-V replicat to the cloud
  • Hybrid cloud with Hyper-V network virtualisation
  • Multi-tenant aware network gateway
  • Highly available storage appliances

And more:

  • SMB transparent failover
  • Automated cluster patching
  • Online file system repairs
  • Auto load balancing
  • Storage spaces
  • Thin provisioning
  • Data de-duplication
  • Multi-protocol support
  • 23000 PowerShell cmdlets
  • Remote server admin
  • Knowledge sharing
  • Multi-machine management

Server Manager is very different.  Very pretty compared to the old MMC style UI.  It has Metro Live Tiles that are alive.  Task/Actions pane is gone.  Selecting a server shows events, services, best practices analyser, performance alerts, etc.  You can select one, or event select a number of VMs at once.  A new grid control allows you to sort, filter, filter based on attribute, group, etc.  Makes cross-server troubleshooting much easier.  You can select a role, and you’ll see just the servers with that role.

Once again …”starting with Windows 8 the preferred install is Server Core”.  We’ll be the judge of that Winking smile  We ruled against MSFT on Server 2008 and Server 2008 R2 on that subject.  New add/remove roles wizard.  You can install a role to a live server or to a VHD!  This is offline installation of roles for pre-provisioning native VHD or VM VHD images.  You can even choose to export the settings to an XML file instead of deploying.  That allows you to run a PowerShell cmdlet to use the XML to install the role(s).  PowerShell now has workflows.  It converts a PSH function into a workflow that can work across multiple machines.  For example, deploy IIS (using install-windowsfeature & the XML file), deploy content, test content (invoke-webrequest), across many machines in parallel – big time saver instead of doing 1 machine at a time.  Great for big deployments, but I really see s/w testers really loving this.

Data Deduplication allows you to store huge amounts of data on a fraction of the disk space by only storing unique data.  We see a demo of terabytes of data on 4% of the traditionally required space.  This is single instance storage on steroids.  Only unique blocks are written by the looks of it. 

Native NIC teaming has come to Windows Server.  No more third party software required for this, increasing stability and security, while reducing support complexity.  In a  demo, we see a file share stored SQL VM with perfmon monitoring storage performance.  The host has 2 teamed NICs.  One is busy and one is idle.  The active NIC is disabled.  The idle NIC takes over automatically, as expected.  There is a tiny blip in storage performance … maybe 1-2 seconds.  The VM stays running with no interruption. 

Now we see a  high availability failover of a VM using a file share for the shared storage. 

On to applications:

  • Symmetry between clouds
  • Common management
  • Common developer tools
  • Distributed caching
  • Pub/Sub messaging
  • Multi-tenant app container
  • Multi-tenant web sites
  • Sandboxing and QoS
  • NUMA aware scaling for IIS
  • Open Source support
  • Support for HTML5

Note: I can’t wait to do a road show on this stuff back in Ireland. 

  • Greater density with IIS8
  • Scalable apps for public/private clouds
  • Extension of programming tools
  • Websocket extensions

Work style improvements:

  • Remote sessions, VDI or apps.
  • USB devices support
  • Simplified VDI management: badly needed
  • RemoteFX for WAN!
  • User VHDs
  • RDP 3D graphics and sound
  • Claims based file access
  • And more

Controlling access to data, discretionary access controls (DACLs) that we use up to now are difficult.  Dynamic Access Control allows you to specify AD attributes that dictate what objects can access a resource: e.g. AD object with “Accounts” in a department attribute gets access to the Accounts file share.  Done in Classification tab for the folder.  Who populates to attributes?  Doesn’t a user have a lot of control over their own object?  Good thing: it is very flexible compared to DACLs.

When a user is denied access to content, they can click on Request Access but to ask an admin for access.  No need for helpdesk contact. 

Automatic classification can search content of data to classify the data in case it is accidentally move to a wrong location.  It removes the human factor from content security.

Next up: RDP.  Metro UI with touch is possible with 10 touch points, rather than 30.  Lovely new web portal has the Metro UI appearance.  RemoteApp is still with us.  Favourite RDP sessions are visible in Remote Desktop.  Locally cached credentials are used for single sign-on.  3D graphics are possible: we see a 3D model being manipulated with touch.  We see a Surface fish pond app with audio via RDP and 10 touch points.  Seriously IMPRESSIVE!  You can switch between RDP sessions like IE10 tabs in Metro.  You can flip between them and local desktop using Back, and use live Side-by-Side to see both active at the same time. 

Get Adobe Flash player