what's new in windows server 2012 hyper-v, part 2 jeff woolsey windows server & cloud...
TRANSCRIPT
What's New in Windows Server 2012 Hyper-V, Part 2Jeff WoolseyWindows Server & CloudMicrosoft Corporation
VIR309
Session Objectives and Takeaways
What’s New In Windows Server 2012 Hyper-V Part 2Networking
Clustering
VM Mobility
Linux as a Guest
We can’t cover everything in two sessionsThere’s simply too much content. Pointers to other sessions too…
Public
Commontechnologi
esIdentity ▪ Virtualization ▪ Management ▪
Development
Private
Helping You Cloud Optimize Your BusinessThe Microsoft Hybrid Cloud
Building your own cloud just got a lot easier with
Windows Server 2012.
Windows Server 2012 Networking
Network ConsiderationsCustomers
How do I ensure network multi-tenancy?IP Address Management is a pain.What if VMs are competing for bandwidth?
Fully Leverage Network FabricHow do I integrate with existing fabric?Network Metering?Can I dedicate a NIC to a workload?
Hybrid Clouds
Windows Server 2012 is optimized for Hybrid Clouds to host multi-tenant workloads
Tenant 2: Multiple VM Workloads
Data Center
Tenant 1: Multiple VM Workloads
Security
In a multi-tenant environment …… customers want security and isolation
Tenant 2: Multiple VM Workloads
Data Center
Tenant 1: Multiple VM Workloads
[VIR305] Hyper-V Network Virtualization for Multi-Tenancy in WS2012
LEARN MORE
Multi-Tenant Network Requirements
Tenant wants to easily move VMs to/from the cloud
Hoster wants to place VMs anywhere in the data center
Both want: Easy Onboarding, Flexibility & Isolation
Cloud Data Center
Woodgrove BankBlue 10.1.0.0/16
Contoso BankRed 10.1.0.0/16
One Solution: PVLAN
Isolation Scenario
Hoster wants to isolate all VMs from each other and allow internet connectivity
#1 Customer Ask from hosters
Community Scenario
Hoster wants tenant VMs to interact with each other but not with other tenant VMs
Requires a VLAN id for each “community” (limited scalability, only 4095 VLAN IDs)
u
Win 8 Host
Blue10.1.1.21
Red110.1.1.11
To Internet (10.1.1.1)
Hyper-V Switch
Red210.1.1.12
Green10.1.1.31
Isolated4, 7
Isolated4, 7
Community4, 9
Community4, 9
Introducing Hyper-V Network Virtualization
Physical network
Physicalserver
Woodgrove VM Contoso VM Woodgrove network Contoso network
Hyper-V Machine Virtualization• Run multiple virtual servers
on a physical server• Each VM has illusion it is
running as a physical server
Hyper-V Network Virtualization• Run multiple virtual networks on a physical network• Each virtual network has illusion it is running as a
physical fabric
[VIR305] Hyper-V Network Virtualization for Multi-Tenancy in WS2012
LEARN MORE
Reliability
Even when hardware fails …… customers want continuous availability
Tenant 2: Multiple VM Workloads
Data Center
Tenant 1: Multiple VM WorkloadsTEAMING
[WSV314] Windows Server 2012 NIC Teaming & MultiChannel Solutions
LEARN MORE
Predictability
Even when multiple VMs are competing for bandwidth …… customers want predictability
Tenant 2: Multiple VM Workloads
Data Center
Tenant 1: Multiple VM Workloads
15
25
$$
$$$$
Scalability
Cloud admins want scalability …… and customers want performance
Tenant 2: Multiple VM Workloads
Data Center
Tenant 1: Multiple VM Workloads
Extensibility
Customers want specialized functionality with lots of choice …
… for firewalls, monitoring and physical fabric integration
Tenant 2: Multiple VM Workloads
Data Center
Tenant 1: Multiple VM Workloads
[VIR307] Get Hands-On with the New Hyper-V Extensible Switch in WS2012
LEARN MORE
Hyper-V Extensible Switch
Physical NIC
Root Partition
Extensible Switch
Extension Protocol
Extension Miniport
Capture Extensions
WFP Extensions
Filtering Extensions
Forwarding Extensions
Host NICVM NIC
VM1
VM NIC
VM2 Capture extensions can inspect traffic
and generate new traffic for report purposes
Capture extensions do not modify existing Extensible Switch traffic
Example: sflow by inMon
Windows Filter Platform (WFP) Extensions can inspect, drop, modify, and insert packets using WFP APIs
Windows Antivirus and Firewall software uses WFP for traffic filtering
Example: Virtual Firewall by 5NINE Software
Filtering extensions can also be implemented using NDIS filtering APIs
Example: VM DoS Prevention by Broadcom
Forwarding extensions direct traffic, defining the destination(s) of each packet
Forwarding extensions can capture and filter traffic
Examples:– Cisco Nexus 1000V and UCS– NEC ProgrammableFlow's vPFS OpenFlowCapture Extensions
WFP Extensions
Filtering Extensions
Forwarding Extensions
Filtering Engine
BFE Service Firewall
Callout
[VIR307] Get Hands-On with the New Hyper-V Extensible Switch in WS2012
LEARN MORE
Cloud Admins Want Scale, Customers PerfDVMQ, IPsec Task Offload, SR-IOV
Dynamic Virtual Machine Queue (VMQ) is a feature available to computers running Windows Server 2008 R2 with the Hyper-V server role installed, that have VMQ-capable network hardware. VMQ uses hardware packet filtering to deliver packet data from an external virtual machine network directly to virtual machines, which reduces the overhead of routing packets and copying them from the management operating system to the virtual machine.
Feature Rich Networking in the Box
Open, Extensible Virtual Switch
Nexus 1000 SupportOpenflow SupportNetwork IntrospectionMuch more…
Advanced NetworkingACLsPVLAN…much more…
Windows NIC Teaming
Network QoSPer VNIC bandwidth reservation & limits
Network Metering
DVMQ
SR-IOV Network SupportReduce Latency & CPU Utilization
Supports Live Migration
Single-Root I/O Virtualization (SR-IOV)
Reduces latency of network pathReduces CPU utilization for processing network trafficIncreases throughputDirect device assignment to virtual machines without compromising flexibilitySupports Live Migration
Network I/O path with SR-IOVNetwork I/O path without SR-IOV
Physical NIC
Root Partition
Hyper-V Switch
RoutingVLAN Filtering
Data Copy
Virtual Machine
Virtual NIC
SR-IOV Physical NIC
Virtual Function
VMBUS
Virtual MachineNetwork Stack
Software NIC
Enable IOV (VM NIC Property) Virtual Function is “Assigned” Team automatically created Traffic flows through VF
Turn On IOV Break Team Reassign Virtual Function
Assuming resources are available Migrate as normal
Live Migration Post Migration
Remove VF from VM
VM has connectivity even if
Switch not in IOV mode IOV physical NIC not
present Different NIC vendor Different NIC firmware
SR-IOV Enabling & Live Migration
SR-IOV Physical NICPhysical
NIC
Software Switch
(IOV Mode)
“TEAM”Software NIC
Virtual Function
SR-IOV Physical NIC
Software Switch
(IOV Mode)
“TEAM”
Virtual Function
Software path is not used
DVMQ vs. SR-IOV Considerations
DVMQ Pros:Improves VM PerformanceProvides Receive Side Scaling benefits by spreading network load across multiple logical processorsCan use the Hyper-V Extensible Switch
DVMQ Cons:If you need greater than 10 Gb/E for a workload, SR-IOV is likely the better choice
SR-IOV Pros:Great performanceGreat for low latency workloads
SR-IOV Cons:Bypasses the virtual switch
Cloud Admins Want Scale, Customers PerfDVMQ, IPsec Task Offload, SR-IOV
IPsec Task Offload: Microsoft expects deployment of Internet Protocol security (IPsec) to increase significantly in the coming years. The large demands placed on the CPU by the IPsec integrity and encryption algorithms can reduce the performance of your network connections. IPsec Task Offload is a technology built into the Windows operating system that moves this workload from the main computer's CPU to a dedicated processor on the network adapter.
SR-IOV is a specification that allows a PCIe device to appear to be multiple separate physical PCIe devices. The SR-IOV specification was created and is maintained by the PCI SIG, with the idea that a standard specification will help promote interoperability. SR-IOV works by introducing the idea of physical functions (PFs) and virtual functions (VFs). Physical functions (PFs) are full-featured PCIe functions; virtual functions (VFs) are “lightweight” functions that lack configuration resources.
Dynamic Virtual Machine Queue (VMQ) is a feature available to computers running Windows Server 2008 R2 with the Hyper-V server role installed, that have VMQ-capable network hardware. VMQ uses hardware packet filtering to deliver packet data from an external virtual machine network directly to virtual machines, which reduces the overhead of routing packets and copying them from the management operating system to the virtual machine.
Advanced Network SecurityDHCP Guard, Router Guard, Monitor Port
DHCP Guard is a security feature that drops DHCP server messages from unauthorized virtual machines pretending to be DHCP servers.
Router Guard is a security feature that drops Router Advertisement and Redirection messages from unauthorized virtual machines pretending to be routers.
Monitor Mode duplicates all egress and ingress traffic to/from one or more switch ports (being monitored) to another switch port (performing monitoring)
Manage to a Service Level AgreementNetwork Bandwidth & QoS
Bandwidth Management allows you to easily reserve minimum or set maximums to provide QoS controls to manage to a service level agreement
Windows Server 2012 Networking: It’s All ThereFeature rich, extensible, in the box, no compromises
Windows Server 2008 Windows Server 2008 R2 Windows Server 2012
NIC Teaming Yes, via partners Yes, via partners Windows NIC Teaming in box.
VLAN Tagging Yes Yes Yes
MAC Spoofing Protection No Yes, with R2 SP1 Yes
ARP Spoofing Protection No Yes, with R2 SP1 Yes
SR-IOV Networking No No Yes
Network QoS No No Yes
Network Metering No No Yes
Network Monitor Modes No No Yes
IPsec Task Offload No No Yes
VM Trunk Mode No No Yes
Complete VM Mobility
Your Thoughts on VM Mobility
Don’t provide new features that preclude Live Migration.I want to be able to securely move any part of a VM anywhere at anytime. No Limits.
No Downtime ServicingSAN Upgrades/Migrations
When VMs migrate, move the historical data with the VMFully Leverage hardware to speed migrations
Virtual Machine Mobility
Live Migration with High Availability
SMB Live Migration
Live Storage Migration
Concurrent Migration: Limited Only By Hardware Resources
Live Storage Migration
Enables Storage Load Balancing
No downtime servicing
Leverages Hyper-V Offloaded Data Transfer (ODX)
Hyper-V
Virtual Machine
Source Device Destination Device
VHD VHD
VHD Stack
1
2
3
45
Wouldn’t it be great if you could Live Migrate a VM with nothing but
an Ethernet cable?We think so too…
Introducing: Shared Nothing Live Migration
demo
NameTitleGroup
VM Mobility
VM MobilityComplete mobility. Simply the best.
Live Migration with High Availability
Live Migrate among servers in a failover cluster
SMB Live Migration
Live Migrate VMs among servers with SMB storage
Live Storage Migration
Live Migrate VM storage from one volume to another without downtime
Share Nothing (SNO) Live Migration
Live Migrate VMs among servers with nothing, but an Ethernet connection
[VIR304] Building Flexible Hyper-V Environments for LM & Storage Migration
LEARN MORE
Disaster Recovery
34
Disaster Recovery Challenges
Cost
Complexity
Inflexibility
Initial Replication
Distance Requirements
35
Hyper-V ReplicaUnlimited Replication
Disaster Recovery Scenarios:
Planned, Unplanned and Test Failover
Pre-configuration for IP settings for primary/remote location
Key Features:
RPO/RTO in minutes
Seamless integration with Hyper-V and Clustering
Automatically handles all VM mobility scenarios (e.g. Live migration)
Supports heterogonous storage between primary and recovery
Integrates with Volume Shadow Services (VSS)
[SCIM329] Enabling Disaster Recovery for Hyper-V workloads using Hyper-V Replica
LEARN MORE
demo
Hyper-V Replica
Hyper-V ReplicaComplements Array Based Replication
Replication Provider
Cost Management Performance
Hyper-VReplica
Microsoft • Flexible Storage Options Available
• Unlimited VM Replication included
• VM Granularity• Open APIs
provide extensibility, interoperability and prevent vendor lock-in
• 5 minutes RPOs• Application
Level Consistency
• File Level Consistency
Storage Based
Replication
NetApp, HP, Fujitsu,IBM, Hitachi,
FalconStor, 3Par, EMC, LSI, Compellent,
EqualLogic and more…
• High end replicating storage
• Additional replication software
• LUN-VM Layout• Coordination
with storage team
• Synchronous Replication
• High Data Volumes
[SCIM329] Enabling Disaster Recovery for Hyper-V workloads using Hyper-V Replica
LEARN MORE
Key Hyper-V Replica Takeaways
Easy to SetupVia wizardOr, via PowerShell
Works with your current hardwareAll you need is two connected servers running Windows Server 2012No Guest Dependencies
Hyper-V 2012 & Linux Guests
Microsoft Committed to Interoperability
July 2009Microsoft contributes Linux drivers under GPL v2
March 2012“Microsoft appeared in the top-20 contributors for a kernel release”
Q2 2012All Hyper-V Drivers in mainline Linux Kernel
Storage, Networking, VMBus, Input, Utilities, etc
SUSE includes the DriversUbnutu 12.04 and later include
Linux on Hyper-V
Linux workloads can be consolidated into VMs running on to a Microsoft hypervisor at no costHyper-V hosted Linux VMs can leverage high-end enterprise features:
High Availability Live Migration, Shared Nothing Live Migration VM Replication with Hyper-V Replica
Linux VMs can be managed centrally from System Center VMMVM scale improvements (CPU, memory, disk, etc.)
Why Windows Server 2012 Hyper-V for Private Cloud?
Windows Server 2012 for Cloud
Most Manageable & ExtensibleHyper-V Extensible SwitchNew Minimal Server Install (MinShell)PowerShell FlexibilityPersistent MetricsMaintenance Mode in the Box
Windows Server 2012 for Cloud
Most ScalableMost physical memory per serverLargest Virtual Disks (32x)Most Nodes per clusterMost VMs per clusterMost NICs per TeamNative 4K disk supportMost Virtual Disks per VM…and the list goes on and on…
Windows Server 2012 for Cloud
Security ThroughoutBitLocker integration with Failover ClusterSecure Guest Fiber ChannelDHCP Guard, Router GuardIPSec Task OffloadSecure Boot, Attestation, Measured BootSimple Authentication
Windows Server 2012 for Cloud
Complete VM Mobility In the BoxShare Nothing Live MigrationSMB Live MigrationLive Migration with High AvailabilityLive Storage MigrationConcurrent Live MigrationConcurrent Live Storage Migration
Windows Server 2012 for Cloud
Most Feature Rich, All Server Editions include:
1. Hyper-V Extensible Virtual Switch
2. Hyper-V Replica3. Live Storage Migration4. Network I/O Control5. Storage I/O Control6. SR-IOV
More…7. Hyper-V Resource Pools8. Hyper-V Offloaded Data
Transfer9. GPU Accelerated VM
Video10. ….And…
Hyper-V Network Virtualization
In Review: Session Objectives and Takeaways
Windows Server 2012: The Definitive Cloud OSDesigned for Mission Critical, Scale UpNew Rich Industry Leading Networking
Hyper-V Extensible SwitchHyper-V Network Virtualization
Unparalleled VM MobilityShare Nothing Live Migration
Unlimited VM Replication with Hyper-V Replica
Q & A
Related Content
VIR309: What’s New in Windows Server 2012 Hyper-V Part 2
Hands-on Labs (session codes and titles)
Come by the Windows Server 2012 Hyper-V Booth
Get your Microsoft Private Cloud Certification
Find Me Later At… Twitter: @WSV_GUY
SIA, WSV, and VIR Track Resources
Talk to our Experts at the TLC
#TE(sessioncode)
DOWNLOAD Windows Server 2012 Release Candidate
microsoft.com/windowsserverHands-On Labs
DOWNLOAD Windows Azure
Windowsazure.com/teched
Resources
Connect. Share. Discuss.
http://northamerica.msteched.com
Learning
Microsoft Certification & Training Resources
www.microsoft.com/learning
TechNet
Resources for IT Professionals
http://microsoft.com/technet
Resources for Developers
http://microsoft.com/msdn
Complete an evaluation on CommNet and enter to win!
MS Tag
Scan the Tagto evaluate thissession now onmyTechEd Mobile
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to
be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS
PRESENTATION.