70-740: Installation, Storage, and Compute with Windows Server 2016

Chris RhodesIT MasterclassesMicrosoft Certified TrainerMVP

Joe LurieSenior Consultant, MCSMicrosoft Certified Trainer

70-740: Installation, Storage, and Compute with Windows Server 2016Install Windows Servers in host and compute environments (10–15%)Implement storage solutions (10–15%)Implement Hyper-V (20–25%)Implement Windows containers (5–10%)Implement high availability (30–35%)Maintain and monitor server environments (10–15%)

01-Install Windows Servers in host and compute environments

• Determine Windows Server 2016 installation requirements• Determine appropriate Windows Server 2016 editions per workloads• Install Windows Server 2016• Install Windows Server 2016 features and roles• Install and configure Windows Server Core• Manage Windows Server Core installations using Windows PowerShell, command line,

and remote management capabilities• Implement Windows PowerShell Desired State Configuration (DSC) to install and

maintain integrity of installed environments• Perform upgrades and migrations of servers and core workloads from Windows Server

2008 and Windows Server 2012 to Windows Server 2016• Determine the appropriate activation model for server installation, such as • Automatic Virtual Machine Activation (AVMA), Key Management Service (KMS), and

Active Directory-based Activation

Install, upgrade, and mitigate servers and workloads

Windows Server 2016 Essentials edition• Designed for Small Businesses

Windows Server 2016 Standard edition• Designed for physical server environments with little or no virtualization**.

Windows Server 2016 Datacenter edition• Designed for highly virtualized infrastructures, including private cloud and hybrid cloud

environments

Microsoft Hyper‑V Server 2016• Acts as a stand-alone virtualization server for virtual machines

Windows Storage Server 2016 Workgroup edition• Allows 50 users, one processor core, and 32 GB of RAM & supports domain joining.

Windows Storage Server 2016 Standard edition• Supports up to 64 sockets but is licensed on a two‑socket, incrementing basis

Windows Server 2016 OS Editions

• Hardware Requirements

*Server Datacenter supports 640 lCPU, 4Tb RAM, and 64 nodesNote: VM Setup will fail if only 512 MB:To resolve: (1) Allocate > 800 MB RAM or(2a) Use Diskpart.exe create a partition(2b) Run createpagefile command

Windows Server 2016 Installation Requirements

• Additional Recommendations• UEFI 2.3.1c for Secure Boot

Component RequirementProcessor architecture

64-bit

Processor speed 1.4 gigahertz (GHz)RAM 512 MBHard drive space 32 GB

• Installation Types• Clean Installation• Upgrade• Migration

• OS Selection• Standard & Datacenter• Desktop Experience = GUI

• OS Editions• Datacenter, Standard, Essentials,

Multipoint Premium Server,• Storage Server, Hyper-V Server

Windows Server 2016 Installation Requirements

• Determine appropriate usage scenarios and requirements for Nano Server

• Install Nano Server• Implement Roles and Features on Nano

Server, manage and configure Nano Server

• Manage Nano Server remotely using Windows PowerShell

Install and configure Nano Server

• Nano Server: A new headless, 64-bit only, deployment option for Windows Server

• Deep refactoring with cloud emphasis• Cloud fabric & infrastructure (clustering, storage, networking)• Born-in-the-cloud applications (PaaS v2, ASP.NET v5)• VMs & Containers (Hyper-V & Docker)

• Extend the Server Core pattern• Roles & features live outside of Nano Server• No Binaries or metadata in OS image• Standalone packages install like apps• Full driver support• Antimalware

What is a Nano Server

Nano Server

ServerCore

Serverwith a

Desktop Experienc

e

• Description: Super Small Footprint

• Install options: Physical Host, VM Guest, Container OS

• Roles Supported:• Hyper-V• Scale-out File Server• DNS Server• Failover Clustering• IIS (subset)• IIS.NET Core• ASP.NET Core can be installed

Nano Server Installation Options

• Nano Server is an installation option• Like Server Core, but cannot be

selected during Setup• Must be customized with drivers• Located on the Windows Server

media

Getting started

• Nano Server folder has a Packages sub-folder

• Dism /Add-Package /PackagePath:.\packages\<package>

• Dism /Add-Package /PackagePath:.\packages\en-us\<package>

Nano Server Roles and Features

Role or feature Package fileHyper-V role Microsoft-NanoServer-Compute-Package.cabFailover Clustering Microsoft-NanoServer-FailoverCluster-

Package.cabFile Server role and other storage components Microsoft-NanoServer-Storage-Package.cabWindows Defender Antimalware, including a default signature file Microsoft-NanoServer-Defender-Package.cabReverse forwarders for application compatibility, for examplecommon application frameworks such as Ruby, Node.js, etc.

Microsoft-OneCore-ReverseForwarders-Package.cab

• Nano Server roles and features are available on the media and from a package repository

• NanoServerPackage provider for the PackageManagement PowerShell module• Install-PackageProvider

NanoServerPackage• Import-PackageProvider

NanoServerPackage• You can then search for, download,

and install Nano Server roles and features from the repository• Find-NanoServerPackage• Save-NanoServerPackage• Install-NanoServerPackage

Installing Roles/Features from the Package Repository

Convert WIM to VHD1 On Windows 10 or Windows Server 2016, mount the ISO, and, assuming the drive letter for

the mounted image is D:\, run the following:Copy "D:\NanoServer" "C:\NanoServer" -Recurse

2 Generate a VHD from NanoServer.wim by using Convert-WindowsImage.ps1 from TechNet Script Center.C:\Cd \NanoServer. .\Convert-WindowsImage.ps1Convert-WindowsImage –SourcePath C:\NanoServer\NanoServer.wim –VHDPathC:\NanoServer\NanoServer.vhd –VHDFormat VHD -Edition CORESYSTEMSERVER_INSTALL

• Can be used to further specialize Nano Server for your environment

Optional Nano Customizations

• Set Computer Name• Run commands on first

boot, e.g. set a static IP address

• Domain Join• Dual Boot• Enabling Emergency

Management Services (EMS)

• Installing Agents and Tools

Notice the reduction in disk size of the VHD\VHDX, with a Nano server.

Creating and Installing Nano Server

Remotely Managing Nano ServerRemote

Graphical & Web Tools

• Server Manager• Azure Portal

tools• Task manager• Registry editor• File explorer• Server

configuration• Event viewer• Disk manager• Device & driver

management• Performance• Users & groups

PowerShell Remoting

• Core PowerShell engine, language, and cmdlets

• Windows Server cmdlets (network, storage, etc.)

• PowerShell DSC• Remote file

transfer• Remote script

authoring & debugging

• PowerShell Web Access

VM and Container

Management• Hyper-V

Manager• Hyper-V

cmdlets• PowerShell

Direct over PSRP

• CimSession support

• Docker• SCVMM agent &

console• 3rd party

agents & consoles

Deployment & Monitoring

• DISM online & VHD support

• Unattended setup

• Visual Studio integration

• DSC Local Config Manager

• Setup & boot eventing

• SCOM agent• VSO App

Insights• Azure Op

Insights

Partners & Frameworks

• Chef integration• .NET Core and

CoreCLR• ASP.NET 5• Python, PHP,

Ruby, Node.js• PowerShell

Classes• PS Script

Analyzer• PowerShell

Gallery• PowerShellGet

PowerShell Core

Refactored to run on CoreCLRFull PowerShell language compatibility & remotingInvoke-Command, New-PSSession, Enter-PSSession, etc.

Most core engine componentsSupport for all cmdlet types: C#, Script, and CIMLimited set of cmdlets initially

Server management toolsWeb-based Includes replacements for local-only tools• Task Manager• Registry Editor• Event Viewer• Device Manager• Sconfig• Control Panel• Performance Monitor• Disk Management• Users/Groups Manager• File ExplorerAlso manages Server Core and Server with GUI

• Plan for Windows Server virtualization• Plan for Linux and FreeBSD deployments• Assess virtualization workloads using the Microsoft Assessment and Planning (MAP)

Toolkit • Determine considerations for deploying workloads into virtualized environments• Update images with patches, hotfixes, and drivers• Install roles and features in offline images• Manage and maintain Windows Server Core, Nano Server images, and VHDs using

Windows PowerShell

Create, manage, and maintain images for deployment

• Define the scope of the project• Which servers will be virtualized• Existing servers or new servers only

• Define the workloads that will be virtualized• Many workloads can be virtualized, but some can’t (custom vendor apps, for example)• Use MAP (Microsoft Assessment and Planning) to scan those that can be virtualized to

design the host and guest infrastructure

• Determine backup and fault tolerance needs

• Backup and fault tolerance for hosts and for guest VMs

• Determine networking needs of the guest VMs

• DOCUMENT THE DESIGN

Planning for Windows Server Virtualization

• What is it?• Solutions Accelerator used to scan

networks and servers, for operating systems, hardware and software inventory, Hyper-V and VMWare guests and hosts, etc…

• Features• Discovery• Hardware and software inventory• Virtual Server Consolidation Wizard• Private Cloud Fast-track Wizard

Using MAP Toolkit

• What’s supported?• Both emulation and running within Hyper-V are supported scenarios• Hyper-V offers better performance• With Hyper-V you need Hyper-V specific drivers

• LIS and BIS• Linux Integration Services is added to the Linux kernel (newer versions), provides these

drivers, and is updated with new Linux releases• FreeBSD Integration Services provides these drivers and is built into newer FreeBSD

builds• For older versions of either, download the latest available

Planning for Linux and FreeBSD Deployments

For supported Linux and FreeBSD operating systems and configurations, see https://technet.microsoft.com/en-us/windows-server-docs/compute/hyper-v/supported-linux-and-freebsd-virtual-machines-for-hyper-v-on-windows

• Sector-based images vs. File-based• Sector-based images require you to install the image, update it, re-capture• File-based images can be updated offline

• Basic strategies for updating images• Windows setup: include an answer file with setup to install updated drivers, patches,

etc…• Online servicing: like sector-based, this requires installing the image to a reference

computer, updating it, and re-capturing the OS• Offline servicing: use DISM to mount the image, update the drivers, or install hotfixes,

language packs, or add/remove folders

• When to use online servicing• Installing applications via .exe or .msi files• Installing a feature or component that requires a running Windows service, such

as .NET Framework

Updating Images – Patches, Hotfixes, Drivers, Roles

You plan to install a server that runs Nano Server.You need to ensure that the server can run virtual machines.

Which PowerShell command should you run?

A Install-NanoServerPackage Microsoft-NanoServer-DCB-PackageB Install-NanoServerPackage Microsoft-NanoServer-Host-PackageC Install-NanoServerPackage Microsoft-NanoServer-Guest-PackageD Install-NanoServerPackage -Compute https://technet.microsoft.com/en-us/windows-server-docs/compute/nano-server/getting-started-with-nano-server

Practice Question

Installing Windows Server

Tip #1Nano ServerNano ServerNano ServerNano ServerNano Server

Tip #2Manage Core and Nano with tools like PowerShell, djoin.exe, DISM…

MAP Toolkit

Tip #3Server virtualization using Hyper-V or Azure. Use MAP Toolkit to assess the needs and plan the virtualization strategy

Setup.exe includes Server Core (default) or with GUI (desktop

experience)

02-Implement Storage Solutions

• Configure sector sizes appropriate for various workloads• Configure GUID partition table (GPT) disks• Create VHD and VHDX files using Server Manager or Windows PowerShell Storage

module cmdlets• Mount virtual hard disks• Determine when to use NTFS and ReFS file systems• Configure NFS and SMB shares using Server Manager, configure SMB share and session

settings using Windows PowerShell• Configure SMB server and SMB client configuration settings using Windows PowerShell• Configure file and folder permissions

Configure disks and volumes

• MBR• Standard partition table format since early 1980s• Supports a maximum of four primary partitions per drive• Can Partition a disk up to 2 TB

• GPT• Successor of the MBR Partition table format• Supports a maximum of 128 partitions per drive• Can partition a disk up to 18 exabytes

• Use MBR for disks smaller than 2 TB• Use GPT for disks larger than 2 TB

Determine the Partition Table Format

Reference Link on GPT disks - https://support.microsoft.com/en-us/kb/302873

On-DiskStorageEngine

• FAT provides:• Basic file system• Partition size limitations• FAT32 to enable larger disks• exFAT developed for flash drives

• NTFS provides:• Metadata• Auditing and journaling• Security (ACLs and encryption)

• ReFS provides:• Backward compatibility support for NTFS• Enhanced data verification and error

correction• Support for larger files, directories and

volumes

When to use NTFS and ReFS file systems

NTFSInheritedEngine in

UpperLayer

On-DiskStorageEngine

NTFSUpper

Layer API Engine

ReFS File System

NTFS File System

Use cases for VHD(x)• Hyper-V, VHD boot, virtualized storage for storage spaces, iSCSI storage

VHD format• Disks up to 2TB. Format backwardly compatible• Compatible with Azure VMs

VHDX format• Used in WS2012+• Sizes > 2TB• Can be used for shared storage for VMs

New-VHD or Disk Management or Diskpart Create VDisk

Virtual Hard Disks

Server Manager• Can create volumes, storage spaces, shares, disk deduplicationDisk management• Simple tool, lacks features but OK for basic tasksDiskpart• Command line tool, useful in scriptingPowerShell• 150+ cmdlets for storage• Also useful in scripting and server core

Exam Tip: Know the limitations/features of each. E.g. which tool(s) can create a storage space?

Disk management tools

• Inheritance• Deny vs. allow• Effective access• How ACLs work

NTFS / ReFS Permissions

• Configure storage pools• Implement simple, mirror, and parity storage layout options for disks or enclosures• Expand storage pools• Configure Tiered Storage; configure iSCSI target and initiator• Configure iSNS• Configure Datacenter Bridging (DCB)• Configure Multi-Path IO (MPIO)• Determine usage scenarios for Storage Replica• Implement Storage Replica for server-to-server, cluster-to-cluster, and stretch cluster

scenarios

Implement server storage

Software defined storage1. Add disks (any type) to a pool2. Create virtual disks using the pool3. Virtual disks can be thin

provisioned or use physical space4. Create volumes and format

Virtual disks can now be ‘enclosure aware’ to store data on separate JBOD enclosures for resilience.

Storage spaces direct• Local storage on 3+ nodes• Networked nodes present

JBOD/SAS storage to the pool.• The pool can be configured as a

CSV for applications.• Primary use-case: Hyper-V VM

storage

Storage Pools

RAID configurations now moved into Storage SpacesOptions:• Simple – data is striped across disks, no

resilience• 2 way mirror – 2 disks, protects against

1 drive failing• 3 way mirror – 5 disks, protects against

2 drives failing• Parity – 3 disks min to protect against 1

drive failing or 7 min to protect against 2 drives failing

Disk Layouts

Built-in: iSCSI Initiator• Used to connect to iSCSI targets on the network• Can use IP/FQDN/iSNS to locate targets• Remote disks appear as ‘local’ disks in disk tools

iSCSI Target• Installable role service part of the file server role• Presents storage to networked initiators• Secured access using IP white-list and authentication• Uses standard TCP/IP components and commodity

Ethernet to access storage• Cheaper than a fiber-channel SAN• Low-cost software based shared storage solution

iSCSI Components

Allows storage-agnostic replication between clusters or servers.

Software-based disk volume replication technology.Uses SMB 3.0 over TCP/IP or RDMA.

Storage Replica offers both synchronous and asynchronous replication.

Supports SAS JBODs, Storage Spaces Direct, fibre channel SAN, shared VHDX, iSCSI Target, or local SAS/SCSI/SATA storage.

Storage Replica supports three scenarios:• Stretch cluster• Server-to-server• Cluster-to-cluster

Storage Replica

• Implement and configure deduplication

• determine appropriate usage scenarios for deduplication

• monitor deduplication• implement a backup and restore

solution with deduplication

Implement data deduplication

Add-WindowsFeature -Name FS-Data-Deduplication

Ddpeval.exe from \Windows\System32 to estimate gains

Configured per volume in Server ManagerUsage scenarios: VDI or general purposeEnable-DedupVolume –Volume VolumeLetter –UsageType StorageType

Runs on a schedule against files of minimum age and over, default 3 days old.

Configuring Deduplication

You plan to create a storage pool on a Windows Server 2016 that will provide storage for an application named App1. You need to ensure that App1 can still function if the server suffers two disk failures.

How should you prepare the virtual disk for App1?

A A simple storage layout with 7 physical drivesB A mirror layout with 5 disksC A parity layout with 5 disksD A parity layout with 4 disks

Practice Question

03-Implement Hyper-V

• Determine hardware and compatibility requirements for installing Hyper-V• Install Hyper-V• Install management tools• Upgrade from existing versions of Hyper-V• Delegate virtual machine management• Perform remote management of Hyper-V hosts• Configure virtual machines using Windows PowerShell Direct• Implement nested virtualization

Install and configure Hyper-V

Hardware• 64-bit CPU with SLAT• VM Monitor mode extensions• Virtualization support on in BIOS/UEFIIntel-VT/AMD-VDEP enabled• Enough RAM for workloads

• Other features require other hardware such as TPM for shielded VMs, and UEFI 2.3.1c for secure boot & measured boot

• Tip: Run Systeminfo.exe to validate hardware

Hyper-V requirementsSoftwareWindows Server 2016 in:• GUI mode• Server Core• Nano server

Guest OS support:• Windows Vista – Windows 10• Windows Server 2008 – WS2016• Linux• FreeBSD

Tools• Hyper-V Manager• PowerShell• RSAT toolsPowerShell Direct• Uses PowerShell remoting

to a VM where you would not have network access to normally.

Virtual Machine Management

New feature in WS2016Requires:• Host running WS2016 Hyper-V• VM running WS2016 or Windows 10 anniversary update• A Hyper-V VM with configuration version 8.0 or greater.• An Intel processor with VT-x and EPT technology

To configure:1. Create a virtual machine. 2. While the virtual machine is in the OFF state, run the following on the Hyper-V host to enable

nested virtualization.

Set-VMProcessor -VMName <VMName> -ExposeVirtualizationExtensions $true

3. Start the virtual machine.4. Install Hyper-V within the virtual machine, just like you would for a physical server.

Nested virtualization

• Add or remove memory in running a VM• Configure dynamic memory• Configure Non-Uniform Memory Access (NUMA) support• Configure smart paging• Configure Resource Metering, manage Integration Services• Create and configure Generation 1 and 2 VMs and determine appropriate usage

scenarios• Implement enhanced session mode, create Linux and FreeBSD VMs, install and

configure Linux Integration Services (LIS)• Install and configure FreeBSD Integration Services (BIS)• Implement Secure Boot for Windows and Linux environments, move and convert VMs

from previous versions of Hyper-V to Windows Server 2016 Hyper-V, export and import VMs, implement Discrete Device Assignment (DDA)

Configure virtual machine (VM) settings

What can be changed (and live)Gen1 and Gen2 differences

NUMA spanningDynamic memoryCPU(s)Integration services (and when to configure them)Smart paging and other paths

Tip: Be sure to explore all options

VM Settings

Hardware differences• Secure boot• Disks - must boot from IDE disk in Gen1• No IDE disks in Gen2• Legacy NIC Gen1 only (allows PXE)• BIOS vs Firmware• Gen2 is for WS2012+ guest OS• TPM in Gen2• Shielded VMs possible with new hardware presented

Gen1 & Gen2 Support

• Create VHDs and VHDX files using Hyper-V Manager• Create shared VHDX files• Configure differencing disks• Modify virtual hard disks• Configure pass-through disks• Resize a virtual hard disk, manage checkpoints• Implement production checkpoints• Implement a virtual Fibre Channel adapter• Configure storage Quality of Service (QoS)

Configure Hyper-V storage

FormatsVHD• Classic format. Backward compatibleVHDX• Larger disk size beyond 2TB (64TB)Pass-through• Uses physical disks from host

exclusively

TypesFixed• Uses physical space from day 1 equal

to disk sizeDynamically expanding• Space is consumed on demand up to

max disk sizeDifferencing• Disk chains allow parent-child disk

relationships for speed of deployment

Types of disk

Allows for sharing of a VHDX file to >1 VMExample: data disk that multiple VMs can simultaneously access to read/write to

Allows data for services/applications to exist once in inexpensive storageRequires hosting on shared storage

Primary use case: Guest-based VM clusters

Host-level backups can leverage access to the VHDX file

Configure access through the SCSI controller on a VM

Shared VHDX files

• Add and remove virtual network interface cards (vNICs)• Configure Hyper-V virtual switches, optimize network performance• Configure MAC addresses, configure network isolation, configure synthetic and legacy

virtual network adapters• Configure NIC teaming in VMs• Configure virtual machine queue (VMQ)• Enable Remote Direct Memory Access (RDMA) on network adapters bound to a Hyper-V

virtual switch using Switch Embedded Teaming (SET)• Configure Bandwidth Management

Configure Hyper-V networking

Legacy Network adapter• Used in Gen1 VMs• Limited bandwidth 100MbpsNetwork adapter• Gen1 and Gen2 support• 10 Mbps connections

PXE Support for VMs• Legacy network adapter only in Gen1 VMs• Native support in Gen2 Network adapters

Add and remove virtual network interface cards (vNICs)

External• Uses physical NIC in host to allow LAN/Internet

connectivity.• VM NIC must use IP address relevant to

physical subnetInternal• Connectivity between VMs and host only on

the same switchPrivate• Connectivity between VMs only on the same

switch

New NAT switch in WS2016New-VMSwitch -Name “NATSwitch” -SwitchType NAT -NATSubnetAddress 172.16.1.0/24

Configure Hyper-V virtual switches, optimize network performance

Bandwidth ManagementVLAN IDSR-IOVVMQ

Configurable in VM or host

New 2016 host feature:Switch-embedded teaming (SET) - a new way to implement network teaming that is compatible with RDMA and VMQ.• Combine network adapters into a team with up to 8 network adapters. • All of the network adapters in a team must be identical with the same firmware version and

driver. SET is automatically enabled when multiple network adapters are used.

To create a virtual switch with SET, use the following Windows PowerShell command: 

NIC teaming

MAC addresses assigned from a pool• Configurable on host, always starts 00-15-5DYou can assign static MAC• Know when you would – NLB, Nested VMsWhen to use spoofing?• If a VM uses NLB or similar services that use a common MAC address

DHCP Guard• Protects leakage of packets from a VM acting as a DHCP serverRouter Guard• Suppresses router advertisements from VMs configured as routersPort Mirroring and more!

Configure NIC settings

You plan to deploy a Hyper-V based nested virtualization solution onto a number of servers. The nested servers need access to the Internet. You have the following virtual machines (VMs) available.You need to identify which servers from the following table can be used for this purpose.

Which servers should you identify?

A Server1 and Server2B Server2 and Server3C Server1 and Server 3D Server3 and Server 4

https://msdn.microsoft.com/en-us/virtualization/hyperv_on_windows/user_guide/nesting

Practice Question

VM Name Installation type

VM Configuration version

Network configuration

Server1 Server with GUI

7.0 Internal network switch

Server2 Server Core 8.0 External network switchServer3 Nano Server 8.0 NAT switchServer4 Server Core 8.0 MAC address spoofing configured

Hyper-V Networking

Tip #1Know the difference between virtual switch types

Tip #2Understand the hardware and advanced NIC settings

NAT Switches

Tip #3Know how to implement NIC teaming in a Virtual Machine

SR-IOVVMQ

NIC Teaming

04-Implement Windows Containers

• Determine installation requirements and appropriate scenarios for Windows containers• Install and configure Windows Server container host in physical or virtualized

environments• Install and configure Windows Server container host to Windows Server Core or Nano

Server in a physical or virtualized environment• Install Docker on Windows Server and Nano Server• Configure Docker daemon start-up options, configure Windows PowerShell for use with

containers• Install a base operating system, tag an image• Uninstall an operating system image• Create Windows Server containers• Create Hyper-V containers

Deploy Windows containers

What is a container?Containers

Traditional virtual machines = hardware virtualization

VM VM VMApplication

OS

Hardware

Hardware

OS

OS Applications

Kernel

= Operating system virtualizationContain

erContain

erContain

er

Windows Server containersMaximum speed and density

Container Container Container

Kernel

Hyper-V containersIsolation plus performance

Hyper-V

Container

Kernel

Container

Kernel

Container

Kernel

Windows Server 2016 supports two different types of containers:Windows Server containers• Provide app isolation through process and namespace isolation technology.

Containers share the OS kernel with the host.• Provides fast startup experience• Does not provide complete isolation of the containers.• Host can run on GUI/Core/NanoHyper-V Containers• each container runs in a virtual machine (VM). • the OS kernel of the container host does not share with the Hyper-V

containers.• Can use nested virtualization (see Hyper-V section)• Requires Intel VT-x extensions (only)

Containers overview

New-NanoServerImage -MediaPath $WindowsMedia -BasePath c:\nano –TargetPathORC:\nano\NanoContainer.vhdx -GuestDrivers -ReverseForwarders -Compute –Containers

Install-WindowsFeature ContainersNew-NetNat -Name ContainerNat -InternalIPInterfaceAddressPrefix "172.16.0.0/12“ORNew-VMSwitch -Name Virtual Switch Name -SwitchType Type

Get-VMNetworkAdapter -VMName Container Host VM | Set-VMNetworkAdapter -MacAddressSpoofing On

Installing support

Docker ContainersNative support for the Docker in-host daemon.Documentation is sparse as of Sept 2016. Expect more in the future!

Docker.exe• Docker engine that sits on Windows Server 2016• Can be installed on WS2016 or Nano Server• Configured with c:\ProgramData\docker\config\daemon.json

DockerD.exe• Used to register Docker as a Windows service • c:\Windows\System32\dockerd.exe –-register-service• Start-Service Docker

Download Docker from https://aka.ms/tp5/dockerdInstallation steps (too many to write!)

• containers using Windows PowerShell• manage container networking• manage container data volumes• manage Resource Control• create new container images using Dockerfile• manage container images using DockerHub repository for public and private scenarios• manage container images using Microsoft Azure

Manage Windows containers

Provide networking support for containers• Network switches• NAT switches

• Understand dockerfile settings

Docker documentation online on www.docker.comContainers in Azure as well as WS2016

Managing Containers

Your company is developing an application named App1 that will run on Windows Server 2016. App1 is very resource intensive.You plan to deploy App1 onto a new Windows Server 2016 server.

You need to ensure that App1 does not interfere with other applications running on the same server.

How should you deploy App1?

A Create a Generation 2 Virtual MachineB Create a Nano Server instanceC Create a Windows Server ContainerD Create a Hyper-V Container

Practice Question

Containers

Tip #1Find out more and experiment

Tip #2Learn Docker technologies, and use their website to learn more and keep up to date

Configuration of containers

Tip #3Understand when to deploy a container, a VM, or a physical machine

New feature!

05-Implement High Availability

• Implement Hyper-V Replica• Implement Live Migration, implement Shared Nothing Live Migration• Configure CredSSP or Kerberos authentication protocol for Live Migration• Implement storage migration

Implement high availability and disaster recovery options in Hyper-V

• Levels of Availability• High availability• Continuous availability• Business continuity• Disaster recovery

• Many pieces to high availability• Configure Hyper-V replica and Hyper-V movement in clustered environment• Fail-over clustering• Storage spaces direct (SSD)• Network Load Balancing (NLB)

Implementing High Availability (HA)

• What options are available?• Host clustering• Guest clustering• Network load balancing

• Live Migration• Move VMs between physical hosts

without shutting down first• Clustered non-clustered

High Availability with Hyper-VOption DetailsHost clustering

• VM’s are highly available• Applications in guest do not

need to be cluster awareGuest Clustering

• VM are failover cluster nodes• VM applications must be

cluster-aware• Requires iSCSI or Fibre Channel

interfaceNLB • Virtual machines are NLB

cluster nodes• Used for web-based

applications

• Implement Workgroup, Single, and Multi Domain clusters • Configure quorum• Configure cluster networking• Restore single node or cluster configuration• Configure cluster storage; implement Cluster-Aware Updating• Implement Cluster Operating System Rolling Upgrade• Configure and optimize clustered shared volumes (CSVs)• Configure clusters without network names; implement Scale-Out File Server (SoFS)• Determine different scenarios for the use of SoFS versus clustered File Server• Determine usage scenarios for implementing guest clustering• Implement a Clustered Storage Spaces solution using Shared SAS storage enclosures• Implement Storage Replica• Implement Cloud Witness; implement VM resiliency• Implement shared VHDX as a storage solution for guest clusters

Implement failover clustering

• What is it?• A cluster is a group of computers or storage devices that work together as a single

organized system• A Failover Cluster is a group of independent computers that work together to

increase the availability of applications or services

• Properties of a Failover Cluster• Each node has full connectivity and communication with all other nodes and is

aware when another node leaves or joins the cluster• Each node is connected to a network where client computers can access the cluster

and through iSCSI connection to shared storage• Each node is aware of the services or applications that are running locally and the

resources running on the other nodes in the cluster

• What’s new in Server 2016?• Cluster Operating System Rolling Upgrade

Implementing Failover Clustering

• Terminology:

Failover Clustering – Terminology and Types

Term DescriptionNode A Windows Server 2016 computer that is part of a failover

cluster, and has the failover clustering feature installed.Service or application

A service that can be moved between cluster nodes (for example, a clustered file server can run on either node).

Shared storage

External storage that is accessible to all cluster nodes.

Quorum The number of elements that must be online for a cluster to continue to run. The quorum is determined when cluster nodes vote.

Witness A server that is participating in cluster voting when the number of nodes is even.

Failover The process of moving cluster resources from the first node to the second node, as a result of node failure or administrator’s action.

Failback The process of moving cluster resources back from the second node to the first node, as a result of the first node going online again or an administrator’s action. If the service or application fails over from Node1 to Node2, when Node1 is again available, the service or application will fail back to Node1.

Clients Computers that connect to the failover cluster and are not aware which node the service is running on.

• Node Locations:Node Location Description

Single Site All nodes located in a single data centerMulti-site Stretch-clusters deployed, where nodes are spread across

datacenters. This may include brick and mortor or Azure

• Types:Cluster type DescriptionActive-Active Multiple nodes run cluster application resources and accept

client connectionsActive-Passive One node runs the cluster applications, while the other

nodes are passive and do not accept client connections. If the active node fails, one or more of the remaining nodes become active and accept client connections

The Software-Defined Datacenter—Drilling Down

Disk Enclosures (JBODs)SSD SSD SSD

Hyper-V Cluster (Compute)

SMB3 over RDMA

Scale-Out File Server (SOFS) Cluster

Storage Spaces (SDS)

Compute Cluster• Virtualized workloads generate I/O

to the connected file shares• Typically additional I/O from

replicationand backup operations

Scale-Out File Server Cluster• The storage head node, which

connects clients to the underlying storage

• SOFS & Clustering provide continuous availability, while SDS provides fault-tolerant storage using commodity JBODs and disksPhysical Storage

• Shared SAS Disk Enclosures w/ bunchof HDDs and SSDs

• Each SOFS node is physically connectedto each JBOD through SAS cables

Block protocol fabricLow latency network with FCManagement of LUNs Data deduplicationRAID resiliency groupsPooling of disksHigh availability

Copy offload, snapshotsStorage tieringPersistent write-back cache Scale upStorage QoS ReplicationFirmware updates

Traditional SANFile protocol fabricLow latency with SMB3Direct Management of shares Data deduplicationFlexible resiliency optionsPooling of disksContinuous availabilitySMB copy offload, snapshots

Performance with tiering Persistent write-back cacheAutomatic scale-out rebalancingStorage QoSStorage ReplicaRolling cluster upgradesStorage Spaces DirectAzure-consistent storage

Microsoft SDS

NEWIN R2

NEW IN2016

Storage choice: Traditional SAN or Microsoft SDS

Hyper-V compute nodes

FC/SAS disk shelf

SAN/NAS FC/iSCSI fabric (block)

Hyper-V compute nodes

Shared SAS JBOD or DAS

Scale-Out File Server with Storage Spaces

SMB3 fabric (file)

Shared serial attached SCSI (SAS)• Lowest-cost option

iSCSI• Transmits SCSI commands over IP Networks. Inexpensive, Acceptable Performance

Fibre Channel• Better performance than iSCSI SANs, but more expensive

Shared virtual hard disk• Use Shared VHDs as VM guest-clustering storage. Use CSV or SOFS cluster

Scale-Out File Server• Utilizes shared Server Message Block (SMB) as the shared location for some failover

cluster roles

Shared Storage Options for Failover Clustering

• Install the failover clustering feature• Verify the configuration• Install the role on the cluster nodes• Create a clustered role by using the snap-in• Configure the cluster role• Test failover

Creating a Failover Cluster

In-Box Management Failover ClusteringSome workflow PowerShell only

GUI (Failover Cluster Manager/Hyper-V Manager/Server

Manager)PowerShell

Full provisioning and management

Intended for smaller scale

Storage Replica Protection of key data and workloads

Synchronous replicationStorage agnostic mirroring of data in physical sites with crash-consistent volumes ensuring zero data loss at the volume level.Increase resilienceUnlocks new scenarios for metro-distance cluster-to-cluster

disaster recovery and stretch failover clusters for automated high availability.Complete solutionEnd-to-end for storage and clustering, including Hyper-V, Storage Replica, storage spaces, cluster, Scale-Out File Server, SMB3, deduplication, Resilient File System (ReFS), NTFS,and Windows PowerShell.Streamlined managementGraphical management for individual nodes and clusters through Failover Cluster Manager and Azure Site Recovery.

Stretch cluster and cluster-to-cluster

Site 1 Site 2

• Determine scenario requirements for implementing Storage Spaces Direct

• enable Storage Spaces direct using Windows PowerShell

• implement a disaggregated Storage Spaces Direct scenario in a cluster

• implement a hyper-converged Storage Spaces Direct scenario in a cluster

Implement Storage Spaces Direct

Windows Server 2016—new architectureConverged (disaggregated) architecture with Storage Spaces Direct

Architecture allows for scaling Hyper-V clusters (compute) and Scale-Out File Server cluster (storage) independently

File shares provide storage for Hyper-V hosts, accessed over SMB 3.x. Highest performance delivered via SMB Direct (RDMA) and SMB Multichannel. Supports 56 GB+ speeds

2

Industry standard x86 servers, with local SSD and HDD. Servers are connected together with 10GBE. SATA and NVMe drives supported• Build Windows Server cluster• Enable Storage Spaces Direct• Create storage pool• Create Storage Spaces from pool• Create Scale-Out File Server• Create Continuously Available file shares

on the Spaces• Optimize for Storage Spaces Direct

1

SMB storage fabric

Hyper-V cluster

Storage Spaces Direct with Scale-Out File Server 1

2

Reliability, scalability, flexibility • Fault tolerance to disk, enclosure, node failures• Scale pools to large number of drives• Simple and fine grained expansion• Fast VM creation and efficient VM snapshots

Use cases• Hyper-V IaaS storage• Storage for backup and replication targets• Hyper-converged (compute and storage together)• Converged (compute and storage separate)

Cloud design points and management• Standard servers with local storage• New device types such as SATA and NVMe SSD• Prescriptive hardware configurations• Deploy, manage, and monitor with SC VMM, OpsMgr, and PS

Storage Spaces DirectSoftware-defined storage using industry standard servers with local storage

SMB storage fabric

Hyper-V cluster

Storage Spaces Direct with Scale-Out File Server

Windows Server 2016—new architectureHyper-converged storage and compute with Storage Spaces Direct

Hyper-converged stack

Hyper-V virtual machines

Cluster share volumes ReFS file system

Storage spaces

Storage pools

Software storage bus

C:\Cluster storage

SMB network

Industry standard x86 servers, with local SSD and HDD. Servers are connected together with 10GBE. SATA and NVMe drives supported• Build Hyper-V cluster• Enable Storage Spaces Direct• Create storage pool• Create Storage Spaces from pool• Create Cluster Shared Volumes• Optimize for Storage Spaces Direct

1

Compute and storage resources scaleand are managed together. Typically smallto medium sized scale-out deployments

2

• Configure role-specific settings, including continuously available shares

• configure VM monitoring• configure failover and preference settings• implement stretch and site-aware failover

clusters• enable and configure node fairness

Manage failover clustering

Failover clusteringIntegrated solution, enhanced in Windows Server 2016VM compute resiliency: Provides resiliency to transient failures such as a temporary network outage,or a non-responding node.In the event of node isolation, VMs will continueto run, even if a node falls out of cluster membership.This is configurable based on your requirements—default set to 4 minutes.VM storage resiliency: Preserves tenant virtual machine session state in the event of transient storage disruption.VM stack is quickly and intelligently notified on failureof the underlying block or file based storage infrastructure.VM is quickly moved to a PausedCritical state.VM waits for storage to recover and session state retained on recovery.

Shared storage

Hyper-V Cluster

Failover clusteringIntegrated solution, enhanced in Windows Server 2016Node quarantine: Unhealthy nodes are quarantined and are no longer allowed to join the cluster.This capability prevents unhealthy nodes from negatively affecting other nodes and the overall cluster.Node is quarantined if it unexpectedly leavesthe cluster three times within an hour.Once a node is placed in quarantine, VMsare live migrated from the cluster node,without downtime to the VM.

Shared storage

Hyper-V Cluster

Guest clustering with Shared VHDXNot bound to underlying storage topologyFlexible and secure: Shared VHDX removes need to present the physical underlying storage to a guest OS.NEW Shared VHDX supports online resize.Streamlined VM shared storage: Shared VHDX files can be presented to multiple VMs simultaneously, as shared storage.The VM sees shared virtual SAS diskthat it can use for clustering at the guest OSand application level.Utilizes SCSI-3 persistent reservations.Shared VHDX can reside on a Cluster Shared Volume (CSV) on block storage, or on SMBfile-based storage.NEW Protected: Shared VHDX supportsHyper-V Replica and host-level backup.

CSV onblock storage

SMB Sharefile-based storage

Guestcluster

SharedVHDX files

Guestcluster

SharedVHDX files

Hyper-Vhost clusters

• Perform a live migration• Perform a quick migration• Perform a storage migration• Import, export, and copy VMs• Configure VM network health protection• Configure drain on shutdown

Manage VM movement in clustered nodes

Requires:• The Failover Cluster Management

console• The VMM Admin Console• WMI for Windows PowerShell Script

Perform a Live Migration

Live Migration Process1. Migration Setup2. Guest-memory transfer3. State transfer4. Cleanup

Exam Tip: In Windows Server 2016, you can perform a virtual machine Live Migration by using server message block (SMB) 3.0 as a transport.

Quick Migration• Machines placed in

saved state• Causes downtime

VS

• Quick Migration• VM is placed in saved state causing downtime while memory is copied

• Live Migration• Migrate VMs without any downtime, also Shared Nothing Live Migration

is possible• Storage Migration• Migrate VM storage to the same host, another host, or an SMB share

• Exporting and Importing VM• A very time consuming procedure. But much simpler to import with

Server 2016

Moving VMs in clustered nodes (comparison)

• Available in Server 2012 R2 and Server 2016

• Cluster resource checks availability of VM resources

• Controlled individually on each virtual network adapter• Protected Network setting is enabled for all virtual network adapters.

Understand Network Health Protection

When a host shuts down• Save the virtual machine state• Turn off the virtual machine• Shutdown the quest operating

system

During a drain on shutdown• Failover cluster placed in pause

state• If Server 2008 or Earlier > Quick

Migration• If Server 2012 or later > Live

Migration

• Install NLB nodes• configure NLB prerequisites• configure affinity• configure port rules• configure cluster operation mode• upgrade an NLB cluster

Implement Network Load Balancing (NLB)

What is it?• Allows clients to address the

application using the NLB cluster address.

Know what and how NLB works

NLB Facts for Server 2016• Adding or removing nodes from a NLB

cluster is known as convergence.• NLB can only detect server failure• Use NlbCluster• Use NlbClusterNode• Can have up to 32 Nodes• Unicast vs Multicast vs IGMP multicast

• Stateful applications• Key workloads – web applications• Consider session state – by default in-

process in IIS• Unicast vs. Multicast• Port rules• Affinity settings

NLB Considerations

You have two host servers that run Hyper-V named Server1 and Server2.You plan to move a virtual machine named VM1 that runs a LOB application, from Server1 to Server2.You need to minimize the downtime taken to move VM1.

What should you do?

A Perform a live migrationB Perform a quick migrationC Export and Import VM1D Perform a storage migration

Practice Question

06-Maintain and Monitor Server Environments

• Implement Windows Server Update Services (WSUS) solutions

• Configure WSUS groups• Manage patch management in

mixed environments• Integrate Windows Defender with

WSUS and Windows Update• Perform backup and restore

operations using Windows Server Backup

• Determine backup strategies for different Windows Server roles and workloads, including Hyper-V Host, Hyper-V Guests, Active Directory, File Servers, and Web Servers using Windows Server 2016 native tools and solutions

Maintain Server Installations

• What is it?• Downloads and distributes updates to

clients and servers• WSUS client can be a desktop OS or

server OS

• Deployment Options• Single server or multiple single servers

(isolated locations)• Larger hierarchy with upstream server

and one or more downstream servers• Disconnected: receives updates from

removable media

Windows Server Update Services (WSUS) Phase

1: Assess

Phase 2:

Identify

Phase 3:

Evaluate and plan

Phase 4:

DeployPatch

management

• WSUS Admin Console• Used to download and approve

updates• Can organize clients into groups for

patch deployment by department, or pilot testing, etc.

• Generate reports

• PowerShell• Cmdlets included with Server 2016• Include commands for managing the

server

WSUS AdministrationCmdlet DescriptionAdd-WsusComputer Adds a specified client computer to a

specified target group.Add-WsusDynamicCategory Adds a dynamic category to a WSUS

server.Approve-WsusUpdate Approves an update to be applied to

clients.Deny-WsusUpdate Declines the update for deployment.Get-WsusClassification Gets the list of all WSUS classifications

currently available in the system.Get-WsusComputer Gets the WSUS computer object that

represents the client computer.Get-WsusDynamicCategory Gets dynamic categories on a WSUS

server.Get-WsusProduct Gets the list of all products currently

available on WSUS by category.Get-WsusServer Gets the value of the WSUS update server

object.Get-WsusUpdate Gets the WSUS update object with details

about the update.Invoke-WsusServerCleanup Performs the process of cleanup on a

specified WSUS server.Remove-WsusDynamicCategory Removes a dynamic category from a

WSUS server.Set-WsusClassification Sets whether the classifications of updates

that WSUS synchronizes are enabled or disabled.

Set-WsusDynamicCategory Sets the synchronization status of a dynamic category.

Set-WsusProduct Sets whether the product representing the category of updates that needs to be synchronized is enabled or disabled.

Set-WsusServerSynchronization Sets whether the WSUS server synchronizes from Microsoft Update or from an upstream server, and if it uses the upstream server’s properties.

• What are WSUS groups?• Used to download updates to specific sets of computers• All computers are members of the “All Computers” and “Unassigned Computers”

groups by default• Create customer computer groups for pilot computers, or specific departments, etc.• In Server 2016, computers may be members of multiple groups and nested groups

• WSUS in mixed environments• Mixed WSUS versions in use• Features on upstream server that are not available on downstream server will not

replicate (nested groups or multiple group memberships, for example)

• Integrating with Windows Defender• Include Windows Defender and Definition Updates in the Products and

Classifications Sync options

WSUS Patch Management

• What is it?• Used to perform full server backup or selected volumes• Can backup/restore individual files or folders, system state, individual VM’s on Hyper-

V host• Can perform a bare-metal restore without first installing an OS

• Backup Scenarios• Hyper-V hosts and guests• Install on host to perform host-level backup• Install on guest to perform an in-guest backup

• Active Directory• Cannot restore from a backup that is older than 180 days. Consider this when creating backup schedule

• Files servers• Web servers

Windows Server Backup

• Monitor workloads using Performance Monitor

• Configure Data Collector Sets• Determine appropriate CPU, memory,

disk, and networking counters for storage and compute workloads

• Configure alerts• Monitor workloads using Resource

Monitor

Monitor Server Installations

• What is it?• Used to collect, analyze, and interpret

performance-related data• Create baseline data during multiple

use-cases• Helps with trend analysis, capacity

planning, understanding bottlenecks and slow-downs

• Key hardware components• Processor• Memory• Network• Disk

Performance Monitor

• What is it?• Include performance counters, event

trases, and system configuration information

• Can collect in real-time or schedule data collection, for example Run for 10 minutes each hour from 8-5

• Can analyze historical data

• How to create• Create from template• Create from existing performance

monitor data• Manually add data collectors

• What’s an alert?• Configure an action to occur if a DSC

hits the min or max limits

Data Collector Sets

• What is it?• Provides real-time information on

server’s performance• Similar to Task Manager, but shows

historical data as well

• How to open• From Task Manager• From Start menu

• How to use• Expand each element for detailed

information on how each process is using server resources

Resource Monitor

You plan to deploy a new web site to your web server tomorrow.You plan to monitor the amount of requests to the web site during the first hour of it going into production.You need to ensure that you can discuss the results in a meeting at the end of the day.

How should you collect the information for the meeting?

A Load settings into Resource MonitorB Use Performance monitor to create a report view.C Use Performance monitor to start the system data collector setD Use Performance monitor to create a user-defined data collector set 

Practice Question

Monitor and maintain servers

Tip #1Understand server patching from the Admin console and the PowerShell commands

Tip #2Windows Server back-up can back-up hyper-v hosts and/or guests

Monitoring Tools built-in

Tip #3There are many tools to use for monitoring, from Perf Mon, to Resource, Mon, to Task Manager

Host-level backup--

In-Guest back-up

70-740: Installation, Storage, and Compute with Windows Server 2016Install Windows Servers in host and compute environments (10–15%)Implement storage solutions (10–15%)Implement Hyper-V (20–25%)Implement Windows containers (5–10%)Implement high availability (30–35%)Maintain and monitor server environments (10–15%)

From your PC or Tablet visit MyIgnite at http://myignite.microsoft.com

From your phone download and use the Ignite Mobile App by scanning the QR code above or visiting https://aka.ms/ignite.mobileapp

Please evaluate this sessionYour feedback is important to us!

© 2016 Microsoft Corporation. All rights reserved.