Microsoft Virtualization: the R2 wave

Posted on By Mark Wilson
This content is 16 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

The fourth Microsoft Virtualisation User Group (MVUG) meeting took place last night and Microsoft’s Matt McSpirit presented a session on the R2 wave of virtualisation products. I’ve written previously about some of the things to expect in Windows Server 2008 R2 but Matt’s presentation was specifically related to virtualisation and there are some cool things to look forward to.

Hyper-V in Windows Server 2008 R2

At last night’s event, Matt asked the UK User Group what they saw as the main limitations in the original Hyper-V release and the four main ones were:

  • USB device support
  • Dynamic memory management (ballooning)
  • Live Migration
  • 1 VM per storage LUN

Hyper-V R2 does not address all of these (regardless of feedback, the product group is still unconvinced about the need for USB device support… and dynamic memory was pulled from the beta – it’s unclear whether it will make it back in before release) but live migration is in and Windows finally gets a clustered file system in the 2008 R2 release.

So, starting out with clustering – a few points to note:

  • For the easiest support path, look for cluster solutions on the Windows Server Catalog that have been validated by Microsoft’s Failover Cluster Configuration Program (FCCP).
  • FCCP solutions are recommended by Microsoft but are not strictly required for support – as long as all the components (i.e. server and SAN) are certified for Windows Server 2008 – a failover clustering validation report will still be required though – FCCP provides another level of confidence.
  • When looking at cluster storage, fibre channel (FC) and iSCSI are the dominant SAN technologies. With 10Gbps Ethernet coming onstream, iSCSI looked ready to race ahead and has the advantage of using standard Ethernet hardware (which is why Dell bought EqualLogic and HP bought LeftHand Networks) but then Fibre Channel over Ethernet came onstream, which is potentially even faster (as outlined in a recent RunAs Radio podcast).

With a failover cluster, Hyper-V has always been able to offer high availability for unplanned outages – just as VMware do with their HA product (although Windows Server 2008 Enterprise or Datacenter Editions were required – Standard Edition does not include failover clustering).

For planned outages, quick migration offered the ability to pause a virtual machine and move it to another Hyper-V host but there was one significant downside of this. Because Microsoft didn’t have a clustered file system, each storage LUN could only be owned by one cluster node at a time (a “shared nothing” model). If several VMs were on the same LUN, all of them needed to be managed as a group so that they could be paused, the connectivity failed over, and then restarted, which slowed down transfer times and limited flexibility. The recommendation was for 1 LUN per VM and this doesn’t scale well with tens, hundreds, or thousands of virtual machines although it does offer one advantage as there is no contention for disk access. Third party clustered file system solutions are available for Windows (e.g. Sanbolic Melio FS) but, as Rakesh Malhotra explains on his blog, these products have their limitations too.

Windows Server 2008 R2 Hyper-V can now provide Live Migration for planned failovers – so Microsoft finally has an alternative to VMware VMotion (at no additional cost). This is made possible because of the new clustered shared volume (CSV) feature with IO fault tolerance (dynamic IO) overcomes the limitations with the shared nothing model and allows up to 256TB per LUN, running on NTFS with no need for third party products. The VM is still stored on a shared storage volume and at the time of failover, memory is scanned for dirty pages whilst still running on the source cluster node. Using an iterative process of scanning memory for dirty pages and transferring them to the target node, the memory contents are transferred (over a dedicated network link) until there are so few that the last few pages may be sent and control passed to the target node in fraction of a second with no discernible downtime (including ARP table updates to maintain network connectivity).

Allowing multiple cluster nodes to access a shared LUN is as simple as marking the LUN as a CSV in the Failover Clustering MMC snap-in. Each node has a consistent namespace for LUNS so as many VMs as required my be stored on a CSV as need (although all nodes must use the same letter for the system drive – e.g. C:). Each CSV appears as an NTFS mount point, e.g. C:\ClusterStorage\Volume1
and even though the volume is only mounted on one node, distributed file access is co-ordinated through another node so that the VM can perform direct IO. Dynamic IO ensures that, if the SAN (or Ethernet) connection fails then IO is re-routed accordingly and if the owning node fails then volume ownership is redirected accordingly. CSV is based on two assumptions (that data read/write requests far outnumber metadata access/modification requests; and that concurrent multi-node cached access to files is not needed for files such as VHDs) and is optimised for Hyper-V.

At a technical level, CSVs:

  • Are implemented as a file system mini-filter driver, pinning files to prevent block allocation movement and tracking the logical-to-physical mapping information on a per-file basis, using this to perform direct reads/writes.
  • Enable all nodes to perform high performance direct reads/writes to all clustered storage and read/write IO performance to a volume is the same from any node.
  • Use SMB v2 connections for all namespace and file metadata operations (e.g. to create, open, delete or extend a file).
  • Need:
    • No special hardware requirements.
    • No special application requirements.
    • No file type restrictions.
    • No directory structure or depth limitations.
    • No special agents or additional installations.
    • No proprietary file system (using the well established NTFS).

Live migration and clustered storage are major improvements but other new features for Hyper-V R2 include:

  • 32 logical processor (core) support, up from 16 at RTM and 24 with a hotfix (to support 6-core CPUs) so that Hyper-V will now support up to 4 8-core CPUs (and I would expect this to be increased as multi-core CPUs continue to develop).
  • Core parking to allow more intelligent use of processor cores – putting them into a low power suspend state if the workload allows (configurable via group policy).
  • The ability to hot add/remove storage so that additional VHDs or pass through disks may be assigned to to running VMs if the guest OS supports supports the Hyper-V SCSI controller (which should cover most recent operating systems but not Windows XP 32-bit or 2000).
  • Second Level Address Translation (SLAT) to make use of new virtualisation technologies from Intel (Intel VT extended page tables) and AMD (AMD-V nested paging) – more details on these technologies can be found in Johan De Gelas’s hardware virtualisation article at AnandTech.
  • Boot from VHD – allowing virtual hard disks to be deployed to virtual or or physical machines.
  • Network improvements (jumbo frames to allow larger Ethernet frames and TCP offload for on-NIC TCP/IP processing).

Hyper-V Server

So that’s covered the Hyper-V role in Windows Server 2008 R2 but what about its baby brother – Hyper-V Server 2008 R2? The good news is that Hyper-V Server 2008 R2 will have the same capabilities as Hyper-V in Windows Server 2008 R2 Enterprise Edition (previously it was based on Standard Edition) to allow access to up to 1TB of memory, 32 logical cores, hot addition/removal of storage, and failover clustering (with clustered shared volumes and live migration). It’s also free, and requires no dedicated management product although it does need to be managed using the RSAT tools for Windows Server 2008 R2 of Windows 7 (Microsoft’s advice is never to manage an uplevel operating system from a downlevel client).

With all that for free, why would you buy Windows Server 2008 R2 as a virtualisation host? The answer is that Hyper-V Server does not include licenses for guest operating systems as Windows Server 2008 Standard, Enterprise and Datacenter Editions do; it is intended for running non-Windows workloads in a heterogeneous datacentre standardised on Microsoft virtualisation technologies.

Management

The final piece of the puzzle is management:

There are a couple of caveats to note: the SCVMM 2008 R2 features mentioned are in the beta – more can be expected at final release; and, based on previous experience when Hyper-V RTMed, there may be some incompatibilities between the beta of SCVMM and the release candidate of Windows Server Hyper-V R2 (expected to ship soon).

SCVMM 2008 R2 is not a free upgrade – but most customers will have purchased it as part of the Server Management Suite Enterprise (SMSE) and so will benefit from the two years of software assurance included within the SMSE pricing model.

Wrap-up

That’s about it for the R2 wave of Microsoft Virtualization – for the datacentre at least – but there’s a lot of improvements in the upcoming release. Sure, there are things that are missing (memory ballooning may not a good idea for server consolidation but it will be needed for any kind of scalability with VDI – and using RDP as a workaround for USB device support doesn’t always cut it) and I’m sure there will be a lot of noise about how VMware can do more with vSphere but, as I’ve said previously, VMware costs more too – and I’d rather have most of the functionality at a much lower price point (unless one or more of those extra features will make a significant difference to the business case). Of course there are other factors too – like maturity in the market – but Hyper-V is not far off its first anniversary and, other than a couple of networking issues on guests (which were fixed) I’ve not heard anyone complaining about it.

I’ll write more about Windows 7 and Windows Server 2008 R2 virtualisation options (i.e. client and server) as soon as I can but, based on a page which briefly appeared on the Microsoft website, the release candidate for is expected to ship next month and, after reading Paul Thurrott’s post about a forthcoming Windows 7 announcement, I have a theory (and that’s all it is right now) as to what a couple of the Windows 7 surprises may be…

TechEd EMEA 2008: a round up of some of the Windows Server content

Posted on By Mark Wilson
This content is 16 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

Imagine the situation (purely hypothetical of course) – you work for a large company where the overseas travel approval process requires signoff at such a senior level that, even with a really good business case for conference attendance, it’s just too difficult to get approval…

Well, I didn’t make it to TechEd EMEA IT Pro this year (or any year recently – although that’s normally down to family commitments and this year the conference was a week earlier) – and that’s why there has been precious little TechEd content on this blog. I did spend a good chunk of this week catching up on my RSS subscriptions though and I came across some write-ups on some of the sessions that would have been of interest to me – sadly there are many more that I have missed.

Maybe I’ll make it to TechEd EMEA in Berlin next year but, in the meantime, videos from TechEd EMEA and the other TechEd events help around the world may be found at TechEd Online.

Remote Desktop Services – more than just a terminal

Posted on By Mark Wilson
This content is 16 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

In last week’s post looking some of the new features to expect in Windows Server 2008 R2 I didn’t mention terminal services at all. There’s a reason for that – Terminal Services is being replaced by what Microsoft is calling Remote Desktop Services (RDS) and all the Terminal Services applications will change names accordingly.

Why the change of name? Well, RDS is no longer limited to presentation virtualisation as it includes a new session broker capability to extend its role to support a virtual desktop infrastructure – further strengthening the ties between Microsoft’s virtualisation platform and the Windows Server operating system. By combining RDS with Windows Server 2008 Hyper-V or Microsoft Hyper-V Server, System Center Virtual Machine Manager, App-V within MDOP, and VECD licensing, Microsoft now provides an end-to-end VDI solution.

With Remote Desktop Services, centralised desktop environments can be created and managed, allowing remote connections from managed and unmanaged clients whilst keeping critical intellectual property secure and to radically simplifying regulatory compliance by removing applications and data from the desktop. Furthermore, unlike existing presentation virtualisation methods, RDS includes multiple application delivery methods.

Windows Server 2008 R2 provides the platform – with RemoteApp, Remote Desktop Web Access, Remote Desktop Gateway and the new Remote Desktop Connection Broker, which extends the session broker capabilities in Windows Server 2008 to create a unified administrative experience for session-based remote desktops and for virtual machine-based desktops, supporting bother persistent (permanent) and pooled virtual machines. As with VMware’s VDI offering, persistent VMs have a 1:1 mapping between users and the VM with any changes preserved, whereas the pooled VMs use a single, replicated, image with user state stores via profiles and folder redirection rather than in the VM. In either case, the images are stored on a Hyper-V host.

Meanwhile, the Remote Desktop Protocol (RDP) is also enhanced to offer more of the functionality that is typically associated with a local desktop, including: multimedia redirection; multiple monitor support; audio input and recording; Aero glass support; DirectX redirection; improved audio/video synchronisation; and language redirection.

RDS also includes improved application publishing and streaming through a Remote Desktop and Application feed with full Windows 7 support whereby RemoteApp programs and desktops appear on the Start Menu with a system tray icon indicating connectivity status, but also with connectivity options for Windows XP and Vista.

There are also improvements around management, with a new Windows PowerShell provider for RDS, as well as features to: help improve application compatibility (MSI compatibility); profile improvements; group policy caching; IP address virtualisation; and to ensure system stability by protecting against runaway applications (kernel scheduling).

As has always been the case with Terminal Services, Windows Server’s Remote Desktop Services capability is targeted at low-complexity deployments and as a platform for partner solutions, which can extend scalability and manageability to address the needs of more demanding enterprise deployments, for example with policy, load-balancing, orchestration and placement extensions for the connection broker. Regardless of this, RDS represents a signifcant step forward – and the inclusion of a connection broker for virtual desktops is a long overdue addition to Microsoft’s virtualisation portfolio.

Just a few of the new features to expect in Windows Server 2008 R2

Posted on By Mark Wilson
This content is 16 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

Windows Server 2008 R2 logoIn case you hadn’t noticed, it’s Microsoft’s conference season – PDC this week, WinHEC next, TechEd EMEA the two weeks after that… lots of announcements – and I’m missing them all!

Luckily, last week I got the chance to catch up with Ward Ralston (a Group Technical Product Manager in Microsoft’s Windows Server Product Group) and he gave me the rundown on what to expect from Windows Server 2008 R2.

For those who are not familiar with Microsoft’s release cycles for server operating systems, ever since Windows Server 2003, the company has aimed to release a major update every 4-5 years with an interim second release (R2) in between. Windows Server 2003 and Windows Server 2003 R2 share the same basic code but R2 includes SP1 and new functionality. Similarly, I would expect Windows Server 2008 R2 to include SP2 and it certainly has some goodies for us.

One of the reasons for an interim release is to take advantage of new hardware advances and changes in the overall IT market and one significant point to note is that Windows Server 2008 R2 will be 64-bit only. That’s right – no more 32-bit server operating system – and that is A Good Thing. We all have 64-bit hardware (and have had for some time) but many IT administrators don’t realise it, and install 32-bit operating systems even though driver support is no longer an issue (at least for servers) and most 32-bit applications will run quite happily on a 64-bit operating system.

The main themes for the Windows Server 2008 R2 release are: improved hardware, driver and application support; taking advantage of ever-increasing numbers of logical processor cores and new power management features; improvements around virtualisation, power management and server management; new technologies to lay the foundation for the next version of Windows; and a unified release focus – with the Windows 7 client and Windows Server 2008 R2 providing engineering efficiencies to work “better together”.

There are many new features in Windows Server 2008 R2 and, first of all, is the area of most interest to me – virtualisation. Windows Server 2008 R2 includes the second release of Hyper-V with new features including:

  • Live Migration to allow virtual machine workloads to fail over between cluster nodes with no discernable break in service. I still argue that this is not a feature that organisations need (cf. want) for their server infrastructure but as the dynamic datacentre and virtual desktop infrastructures (VDIs) become more commonplace, it makes sense to support this functionality with Hyper-V (besides the fact that competitors can already do it!).
  • A new clustered shared volume file system (codenamed Centipede) which sits on top of NTFS and allows multiple cluster nodes to access the same storage.
  • Support for 32 logical processors (cores) on the host computer (twice the original limit with Hyper-V), paving the way for support of 8-core CPUs and improved consolidation ratios.
  • Hot-addition and removal of storage (allowing VHDs and pass-through disks on a SCSI controller to be added to a virtual machine without a reboot).
  • Second level translation (SLAT) – moving past Intel-VT and AMD-V to take advantage of new processor features (Intel Nested Page Tables and AMD Enhanced Page Tables), further reducing the hypervisor overhead.
  • Boot from VHD – using a kernel-level filter to take a virtual hard disk and boot from it on hardware – even without hardware support for virtualisation.

Microsoft also spoke to me about a dynamic memory capability (just like the balloon model that competitors offer). I asked why the company had been so vocal in downplaying competitive implementations of this technology yet was now implementing something similar and Ward Ralston explained to me that this is not the right solution for everyone but may help to handle memory usage spikes in a VDI environment. Since then, I’ve been advised that dynamic memory will not be in the beta release of Windows Server 2008 R2 and Microsoft is evaluating options for inclusion (or otherwise) at release candidate stage. These apparently conflicting statements, within just a few days of one another, should not be interpreted as indecisiveness on the part of Microsoft – we’re not even at beta stage yet and features/functionality may change considerably before release.

Looking at some of the other improvements that we can expect in Windows Server 2008:

  • On the management front: there is a greater emphasis on the command line with improved scripting capabilities with PowerShell 2 and over 200 new cmdlets for server roles as well as power, blade and chassis management – working with vendors to deliver hardware which is compatible with WS-Management – and new command line tools for migration of Active Directory, DNS, DHCP, file and print servers; Server Manager will support remote connections, with a performance counter view and best practices analyzer (similar to the ones which we have seen shipped for server products such as Exchange Server for a few years now); and a new migration portal will expose step-by-step documentation for migration of roles and operating system settings from Windows Server 2003 and 2008 servers to Windows Server 2008 R2.
  • Power management was an improvement in Windows Server 2008 and R2 is intended to take this further with features such as core parking to reduce multi-core process power consumption (only using the power required to drive a workload) as well as centralised control of power policies (allow servers to throttle-down during quiet time, using DMTF-compliant remote management interfaces).
  • Active Directory Domain Services is improved with: a new management console (with PowerShell integration) to replace the disparate tools that have existed since early NT 5.0 betas; a new AD recycle bin to aid with recovering deleted objects; improved support for offline domain joins (similar to the pre-staging support used in Windows Server 2008 for RODCs); improved management of user accounts and identity services (manage service accounts); and improved authentication assurance in Active Directory Federated Services.
  • IIS continues to improve with: server core support for ASP.NET; an integrated PowerShell provider (more than 50 new cmdlets); integrated FTP and WebDAV support (previously provided as extensions); new IIS Manager modules (e.g. to support new FTP, WebDAV, request filtering and ASP.NET functionality); configuration logging and tracing (building on IIS 7.0’s feature delegation functionality by providing the ability to centrally log and audit changes made by site managers and web developers); and extended protection and security (channel-binding tokens to prevent man-in-the-middle attacks, hardened accounts to prevent application spoofing, and improved management for custom service accounts).
  • Scalability and reliability improvements with: improved multi-processor support, reduced Hyper-V overhead and improved storage performance; greater componentisation – server core installations will support more roles and will also support ASP.NET within IIS as Microsoft.NET Framework support will be added (which also allows PowerShell to run on server core installations); DHCP failover, with the ability to pair DHCP servers as primary and secondary servers (based on an IETF draft for the DHCP Failover protocol); and DNS Security, using DNSSec to validate name resolution and zone transfers using PKI to secure DNS records (preventing the interception of DNS queries and return of illegitimate responses from an untrusted DNS server – a real issue with huge potential impact across multiple platforms that was recently highlighted by security researcher Dan Kaminsky).

Finally, whilst there has always been a good, better, best story for integrating the latest client and server releases with Microsoft products, Microsoft is really pushing “better together with Windows 7” with the Windows Server 2008 R2 marketing. New features like Direct Access and Branch Cache are intended to take existing connectivity technologies and couple them in a less complex manner, connecting routed VPNs over firewall-friendly ports with end-to-end IPSec whilst improving branch office performance by caching HTTP and SMB traffic. Read-only DFS improves branch office security (in the same way that read-only domain controllers did for Windows Server 2008). Then there’s more efficient client power management, BitLocker encryption on removable drives and the new DHCP Failover and DNSSec functionality mentioned previously – I’m sure as we learn more about Windows 7 the list will continue to grow.

So, when do we get to use all this Windows Server 2008 R2 goodness? Well, Microsoft is not yet ready to release a beta and, based on previous versions of Windows Server, I would expect to see at least two betas and a couple of CTPs before the release candidates – but the product team is currently not committing to a date – other than to say “early 2010” (which, incidentally, will be 2 years after Windows Server 2008 shipped). They’re also keen to point out that, although Windows Server 2008 R2 is being jointly developed with the Windows 7 client operating system, there are no guarantees that the two will release together – maybe they will, maybe they won’t – read into that what you like, but some are predicting a late-2009 release for Windows 7 and I would expect the server product to follow a few months after that. No-one needs to get a new server operating system out in time for the holiday season but they do want it to be rock solid.

Of course, at this early stage in product development, there could still be a number of changes before release. Even so, with these new features and functionality, Windows Server 2008 R2 is certainly not just an insignificant minor release.