Upload
tranque
View
245
Download
15
Embed Size (px)
Citation preview
70-740: Installation, Storage, and Compute with Windows Server 2016
Chris RhodesIT MasterclassesMicrosoft Certified TrainerMVP
Joe LurieSenior Consultant, MCSMicrosoft Certified Trainer
70-740: Installation, Storage, and Compute with Windows Server 2016Install Windows Servers in host and compute environments (10–15%)Implement storage solutions (10–15%)Implement Hyper-V (20–25%)Implement Windows containers (5–10%)Implement high availability (30–35%)Maintain and monitor server environments (10–15%)
01-Install Windows Servers in host and compute environments
• Determine Windows Server 2016 installation requirements• Determine appropriate Windows Server 2016 editions per workloads• Install Windows Server 2016• Install Windows Server 2016 features and roles• Install and configure Windows Server Core• Manage Windows Server Core installations using Windows PowerShell, command line,
and remote management capabilities• Implement Windows PowerShell Desired State Configuration (DSC) to install and
maintain integrity of installed environments• Perform upgrades and migrations of servers and core workloads from Windows Server
2008 and Windows Server 2012 to Windows Server 2016• Determine the appropriate activation model for server installation, such as • Automatic Virtual Machine Activation (AVMA), Key Management Service (KMS), and
Active Directory-based Activation
Install, upgrade, and mitigate servers and workloads
Windows Server 2016 Essentials edition• Designed for Small Businesses
Windows Server 2016 Standard edition• Designed for physical server environments with little or no virtualization**.
Windows Server 2016 Datacenter edition• Designed for highly virtualized infrastructures, including private cloud and hybrid cloud
environments
Microsoft Hyper‑V Server 2016• Acts as a stand-alone virtualization server for virtual machines
Windows Storage Server 2016 Workgroup edition• Allows 50 users, one processor core, and 32 GB of RAM & supports domain joining.
Windows Storage Server 2016 Standard edition• Supports up to 64 sockets but is licensed on a two‑socket, incrementing basis
Windows Server 2016 OS Editions
• Hardware Requirements
*Server Datacenter supports 640 lCPU, 4Tb RAM, and 64 nodesNote: VM Setup will fail if only 512 MB:To resolve: (1) Allocate > 800 MB RAM or(2a) Use Diskpart.exe create a partition(2b) Run createpagefile command
Windows Server 2016 Installation Requirements
• Additional Recommendations• UEFI 2.3.1c for Secure Boot
Component RequirementProcessor architecture
64-bit
Processor speed 1.4 gigahertz (GHz)RAM 512 MBHard drive space 32 GB
• Installation Types• Clean Installation• Upgrade• Migration
• OS Selection• Standard & Datacenter• Desktop Experience = GUI
• OS Editions• Datacenter, Standard, Essentials,
Multipoint Premium Server,• Storage Server, Hyper-V Server
Windows Server 2016 Installation Requirements
• Determine appropriate usage scenarios and requirements for Nano Server
• Install Nano Server• Implement Roles and Features on Nano
Server, manage and configure Nano Server
• Manage Nano Server remotely using Windows PowerShell
Install and configure Nano Server
• Nano Server: A new headless, 64-bit only, deployment option for Windows Server
• Deep refactoring with cloud emphasis• Cloud fabric & infrastructure (clustering, storage, networking)• Born-in-the-cloud applications (PaaS v2, ASP.NET v5)• VMs & Containers (Hyper-V & Docker)
• Extend the Server Core pattern• Roles & features live outside of Nano Server• No Binaries or metadata in OS image• Standalone packages install like apps• Full driver support• Antimalware
What is a Nano Server
Nano Server
ServerCore
Serverwith a
Desktop Experienc
e
• Description: Super Small Footprint
• Install options: Physical Host, VM Guest, Container OS
• Roles Supported:• Hyper-V• Scale-out File Server• DNS Server• Failover Clustering• IIS (subset)• IIS.NET Core• ASP.NET Core can be installed
Nano Server Installation Options
• Nano Server is an installation option• Like Server Core, but cannot be
selected during Setup• Must be customized with drivers• Located on the Windows Server
media
Getting started
• Nano Server folder has a Packages sub-folder
• Dism /Add-Package /PackagePath:.\packages\<package>
• Dism /Add-Package /PackagePath:.\packages\en-us\<package>
Nano Server Roles and Features
Role or feature Package fileHyper-V role Microsoft-NanoServer-Compute-Package.cabFailover Clustering Microsoft-NanoServer-FailoverCluster-
Package.cabFile Server role and other storage components Microsoft-NanoServer-Storage-Package.cabWindows Defender Antimalware, including a default signature file Microsoft-NanoServer-Defender-Package.cabReverse forwarders for application compatibility, for examplecommon application frameworks such as Ruby, Node.js, etc.
Microsoft-OneCore-ReverseForwarders-Package.cab
• Nano Server roles and features are available on the media and from a package repository
• NanoServerPackage provider for the PackageManagement PowerShell module• Install-PackageProvider
NanoServerPackage• Import-PackageProvider
NanoServerPackage• You can then search for, download,
and install Nano Server roles and features from the repository• Find-NanoServerPackage• Save-NanoServerPackage• Install-NanoServerPackage
Installing Roles/Features from the Package Repository
Convert WIM to VHD1 On Windows 10 or Windows Server 2016, mount the ISO, and, assuming the drive letter for
the mounted image is D:\, run the following:Copy "D:\NanoServer" "C:\NanoServer" -Recurse
2 Generate a VHD from NanoServer.wim by using Convert-WindowsImage.ps1 from TechNet Script Center.C:\Cd \NanoServer. .\Convert-WindowsImage.ps1Convert-WindowsImage –SourcePath C:\NanoServer\NanoServer.wim –VHDPathC:\NanoServer\NanoServer.vhd –VHDFormat VHD -Edition CORESYSTEMSERVER_INSTALL
• Can be used to further specialize Nano Server for your environment
Optional Nano Customizations
• Set Computer Name• Run commands on first
boot, e.g. set a static IP address
• Domain Join• Dual Boot• Enabling Emergency
Management Services (EMS)
• Installing Agents and Tools
Notice the reduction in disk size of the VHD\VHDX, with a Nano server.
Creating and Installing Nano Server
Remotely Managing Nano ServerRemote
Graphical & Web Tools
• Server Manager• Azure Portal
tools• Task manager• Registry editor• File explorer• Server
configuration• Event viewer• Disk manager• Device & driver
management• Performance• Users & groups
PowerShell Remoting
• Core PowerShell engine, language, and cmdlets
• Windows Server cmdlets (network, storage, etc.)
• PowerShell DSC• Remote file
transfer• Remote script
authoring & debugging
• PowerShell Web Access
VM and Container
Management• Hyper-V
Manager• Hyper-V
cmdlets• PowerShell
Direct over PSRP
• CimSession support
• Docker• SCVMM agent &
console• 3rd party
agents & consoles
Deployment & Monitoring
• DISM online & VHD support
• Unattended setup
• Visual Studio integration
• DSC Local Config Manager
• Setup & boot eventing
• SCOM agent• VSO App
Insights• Azure Op
Insights
Partners & Frameworks
• Chef integration• .NET Core and
CoreCLR• ASP.NET 5• Python, PHP,
Ruby, Node.js• PowerShell
Classes• PS Script
Analyzer• PowerShell
Gallery• PowerShellGet
PowerShell Core
Refactored to run on CoreCLRFull PowerShell language compatibility & remotingInvoke-Command, New-PSSession, Enter-PSSession, etc.
Most core engine componentsSupport for all cmdlet types: C#, Script, and CIMLimited set of cmdlets initially
Server management toolsWeb-based Includes replacements for local-only tools• Task Manager• Registry Editor• Event Viewer• Device Manager• Sconfig• Control Panel• Performance Monitor• Disk Management• Users/Groups Manager• File ExplorerAlso manages Server Core and Server with GUI
• Plan for Windows Server virtualization• Plan for Linux and FreeBSD deployments• Assess virtualization workloads using the Microsoft Assessment and Planning (MAP)
Toolkit • Determine considerations for deploying workloads into virtualized environments• Update images with patches, hotfixes, and drivers• Install roles and features in offline images• Manage and maintain Windows Server Core, Nano Server images, and VHDs using
Windows PowerShell
Create, manage, and maintain images for deployment
• Define the scope of the project• Which servers will be virtualized• Existing servers or new servers only
• Define the workloads that will be virtualized• Many workloads can be virtualized, but some can’t (custom vendor apps, for example)• Use MAP (Microsoft Assessment and Planning) to scan those that can be virtualized to
design the host and guest infrastructure
• Determine backup and fault tolerance needs
• Backup and fault tolerance for hosts and for guest VMs
• Determine networking needs of the guest VMs
• DOCUMENT THE DESIGN
Planning for Windows Server Virtualization
• What is it?• Solutions Accelerator used to scan
networks and servers, for operating systems, hardware and software inventory, Hyper-V and VMWare guests and hosts, etc…
• Features• Discovery• Hardware and software inventory• Virtual Server Consolidation Wizard• Private Cloud Fast-track Wizard
Using MAP Toolkit
• What’s supported?• Both emulation and running within Hyper-V are supported scenarios• Hyper-V offers better performance• With Hyper-V you need Hyper-V specific drivers
• LIS and BIS• Linux Integration Services is added to the Linux kernel (newer versions), provides these
drivers, and is updated with new Linux releases• FreeBSD Integration Services provides these drivers and is built into newer FreeBSD
builds• For older versions of either, download the latest available
Planning for Linux and FreeBSD Deployments
For supported Linux and FreeBSD operating systems and configurations, see https://technet.microsoft.com/en-us/windows-server-docs/compute/hyper-v/supported-linux-and-freebsd-virtual-machines-for-hyper-v-on-windows
• Sector-based images vs. File-based• Sector-based images require you to install the image, update it, re-capture• File-based images can be updated offline
• Basic strategies for updating images• Windows setup: include an answer file with setup to install updated drivers, patches,
etc…• Online servicing: like sector-based, this requires installing the image to a reference
computer, updating it, and re-capturing the OS• Offline servicing: use DISM to mount the image, update the drivers, or install hotfixes,
language packs, or add/remove folders
• When to use online servicing• Installing applications via .exe or .msi files• Installing a feature or component that requires a running Windows service, such
as .NET Framework
Updating Images – Patches, Hotfixes, Drivers, Roles
You plan to install a server that runs Nano Server.You need to ensure that the server can run virtual machines.
Which PowerShell command should you run?
A Install-NanoServerPackage Microsoft-NanoServer-DCB-PackageB Install-NanoServerPackage Microsoft-NanoServer-Host-PackageC Install-NanoServerPackage Microsoft-NanoServer-Guest-PackageD Install-NanoServerPackage -Compute https://technet.microsoft.com/en-us/windows-server-docs/compute/nano-server/getting-started-with-nano-server
Practice Question
Installing Windows Server
Tip #1Nano ServerNano ServerNano ServerNano ServerNano Server
Tip #2Manage Core and Nano with tools like PowerShell, djoin.exe, DISM…
MAP Toolkit
Tip #3Server virtualization using Hyper-V or Azure. Use MAP Toolkit to assess the needs and plan the virtualization strategy
Setup.exe includes Server Core (default) or with GUI (desktop
experience)
02-Implement Storage Solutions
• Configure sector sizes appropriate for various workloads• Configure GUID partition table (GPT) disks• Create VHD and VHDX files using Server Manager or Windows PowerShell Storage
module cmdlets• Mount virtual hard disks• Determine when to use NTFS and ReFS file systems• Configure NFS and SMB shares using Server Manager, configure SMB share and session
settings using Windows PowerShell• Configure SMB server and SMB client configuration settings using Windows PowerShell• Configure file and folder permissions
Configure disks and volumes
• MBR• Standard partition table format since early 1980s• Supports a maximum of four primary partitions per drive• Can Partition a disk up to 2 TB
• GPT• Successor of the MBR Partition table format• Supports a maximum of 128 partitions per drive• Can partition a disk up to 18 exabytes
• Use MBR for disks smaller than 2 TB• Use GPT for disks larger than 2 TB
Determine the Partition Table Format
Reference Link on GPT disks - https://support.microsoft.com/en-us/kb/302873
On-DiskStorageEngine
• FAT provides:• Basic file system• Partition size limitations• FAT32 to enable larger disks• exFAT developed for flash drives
• NTFS provides:• Metadata• Auditing and journaling• Security (ACLs and encryption)
• ReFS provides:• Backward compatibility support for NTFS• Enhanced data verification and error
correction• Support for larger files, directories and
volumes
When to use NTFS and ReFS file systems
NTFSInheritedEngine in
UpperLayer
On-DiskStorageEngine
NTFSUpper
Layer API Engine
ReFS File System
NTFS File System
Use cases for VHD(x)• Hyper-V, VHD boot, virtualized storage for storage spaces, iSCSI storage
VHD format• Disks up to 2TB. Format backwardly compatible• Compatible with Azure VMs
VHDX format• Used in WS2012+• Sizes > 2TB• Can be used for shared storage for VMs
New-VHD or Disk Management or Diskpart Create VDisk
Virtual Hard Disks
Server Manager• Can create volumes, storage spaces, shares, disk deduplicationDisk management• Simple tool, lacks features but OK for basic tasksDiskpart• Command line tool, useful in scriptingPowerShell• 150+ cmdlets for storage• Also useful in scripting and server core
Exam Tip: Know the limitations/features of each. E.g. which tool(s) can create a storage space?
Disk management tools
• Inheritance• Deny vs. allow• Effective access• How ACLs work
NTFS / ReFS Permissions
• Configure storage pools• Implement simple, mirror, and parity storage layout options for disks or enclosures• Expand storage pools• Configure Tiered Storage; configure iSCSI target and initiator• Configure iSNS• Configure Datacenter Bridging (DCB)• Configure Multi-Path IO (MPIO)• Determine usage scenarios for Storage Replica• Implement Storage Replica for server-to-server, cluster-to-cluster, and stretch cluster
scenarios
Implement server storage
Software defined storage1. Add disks (any type) to a pool2. Create virtual disks using the pool3. Virtual disks can be thin
provisioned or use physical space4. Create volumes and format
Virtual disks can now be ‘enclosure aware’ to store data on separate JBOD enclosures for resilience.
Storage spaces direct• Local storage on 3+ nodes• Networked nodes present
JBOD/SAS storage to the pool.• The pool can be configured as a
CSV for applications.• Primary use-case: Hyper-V VM
storage
Storage Pools
RAID configurations now moved into Storage SpacesOptions:• Simple – data is striped across disks, no
resilience• 2 way mirror – 2 disks, protects against
1 drive failing• 3 way mirror – 5 disks, protects against
2 drives failing• Parity – 3 disks min to protect against 1
drive failing or 7 min to protect against 2 drives failing
Disk Layouts
Built-in: iSCSI Initiator• Used to connect to iSCSI targets on the network• Can use IP/FQDN/iSNS to locate targets• Remote disks appear as ‘local’ disks in disk tools
iSCSI Target• Installable role service part of the file server role• Presents storage to networked initiators• Secured access using IP white-list and authentication• Uses standard TCP/IP components and commodity
Ethernet to access storage• Cheaper than a fiber-channel SAN• Low-cost software based shared storage solution
iSCSI Components
Allows storage-agnostic replication between clusters or servers.
Software-based disk volume replication technology.Uses SMB 3.0 over TCP/IP or RDMA.
Storage Replica offers both synchronous and asynchronous replication.
Supports SAS JBODs, Storage Spaces Direct, fibre channel SAN, shared VHDX, iSCSI Target, or local SAS/SCSI/SATA storage.
Storage Replica supports three scenarios:• Stretch cluster• Server-to-server• Cluster-to-cluster
Storage Replica
• Implement and configure deduplication
• determine appropriate usage scenarios for deduplication
• monitor deduplication• implement a backup and restore
solution with deduplication
Implement data deduplication
Add-WindowsFeature -Name FS-Data-Deduplication
Ddpeval.exe from \Windows\System32 to estimate gains
Configured per volume in Server ManagerUsage scenarios: VDI or general purposeEnable-DedupVolume –Volume VolumeLetter –UsageType StorageType
Runs on a schedule against files of minimum age and over, default 3 days old.
Configuring Deduplication
You plan to create a storage pool on a Windows Server 2016 that will provide storage for an application named App1. You need to ensure that App1 can still function if the server suffers two disk failures.
How should you prepare the virtual disk for App1?
A A simple storage layout with 7 physical drivesB A mirror layout with 5 disksC A parity layout with 5 disksD A parity layout with 4 disks
Practice Question
03-Implement Hyper-V
• Determine hardware and compatibility requirements for installing Hyper-V• Install Hyper-V• Install management tools• Upgrade from existing versions of Hyper-V• Delegate virtual machine management• Perform remote management of Hyper-V hosts• Configure virtual machines using Windows PowerShell Direct• Implement nested virtualization
Install and configure Hyper-V
Hardware• 64-bit CPU with SLAT• VM Monitor mode extensions• Virtualization support on in BIOS/UEFIIntel-VT/AMD-VDEP enabled• Enough RAM for workloads
• Other features require other hardware such as TPM for shielded VMs, and UEFI 2.3.1c for secure boot & measured boot
• Tip: Run Systeminfo.exe to validate hardware
Hyper-V requirementsSoftwareWindows Server 2016 in:• GUI mode• Server Core• Nano server
Guest OS support:• Windows Vista – Windows 10• Windows Server 2008 – WS2016• Linux• FreeBSD
Tools• Hyper-V Manager• PowerShell• RSAT toolsPowerShell Direct• Uses PowerShell remoting
to a VM where you would not have network access to normally.
Virtual Machine Management
New feature in WS2016Requires:• Host running WS2016 Hyper-V• VM running WS2016 or Windows 10 anniversary update• A Hyper-V VM with configuration version 8.0 or greater.• An Intel processor with VT-x and EPT technology
To configure:1. Create a virtual machine. 2. While the virtual machine is in the OFF state, run the following on the Hyper-V host to enable
nested virtualization.
Set-VMProcessor -VMName <VMName> -ExposeVirtualizationExtensions $true
3. Start the virtual machine.4. Install Hyper-V within the virtual machine, just like you would for a physical server.
Nested virtualization
• Add or remove memory in running a VM• Configure dynamic memory• Configure Non-Uniform Memory Access (NUMA) support• Configure smart paging• Configure Resource Metering, manage Integration Services• Create and configure Generation 1 and 2 VMs and determine appropriate usage
scenarios• Implement enhanced session mode, create Linux and FreeBSD VMs, install and
configure Linux Integration Services (LIS)• Install and configure FreeBSD Integration Services (BIS)• Implement Secure Boot for Windows and Linux environments, move and convert VMs
from previous versions of Hyper-V to Windows Server 2016 Hyper-V, export and import VMs, implement Discrete Device Assignment (DDA)
Configure virtual machine (VM) settings
What can be changed (and live)Gen1 and Gen2 differences
NUMA spanningDynamic memoryCPU(s)Integration services (and when to configure them)Smart paging and other paths
Tip: Be sure to explore all options
VM Settings
Hardware differences• Secure boot• Disks - must boot from IDE disk in Gen1• No IDE disks in Gen2• Legacy NIC Gen1 only (allows PXE)• BIOS vs Firmware• Gen2 is for WS2012+ guest OS• TPM in Gen2• Shielded VMs possible with new hardware presented
Gen1 & Gen2 Support
• Create VHDs and VHDX files using Hyper-V Manager• Create shared VHDX files• Configure differencing disks• Modify virtual hard disks• Configure pass-through disks• Resize a virtual hard disk, manage checkpoints• Implement production checkpoints• Implement a virtual Fibre Channel adapter• Configure storage Quality of Service (QoS)
Configure Hyper-V storage
FormatsVHD• Classic format. Backward compatibleVHDX• Larger disk size beyond 2TB (64TB)Pass-through• Uses physical disks from host
exclusively
TypesFixed• Uses physical space from day 1 equal
to disk sizeDynamically expanding• Space is consumed on demand up to
max disk sizeDifferencing• Disk chains allow parent-child disk
relationships for speed of deployment
Types of disk
Allows for sharing of a VHDX file to >1 VMExample: data disk that multiple VMs can simultaneously access to read/write to
Allows data for services/applications to exist once in inexpensive storageRequires hosting on shared storage
Primary use case: Guest-based VM clusters
Host-level backups can leverage access to the VHDX file
Configure access through the SCSI controller on a VM
Shared VHDX files
• Add and remove virtual network interface cards (vNICs)• Configure Hyper-V virtual switches, optimize network performance• Configure MAC addresses, configure network isolation, configure synthetic and legacy
virtual network adapters• Configure NIC teaming in VMs• Configure virtual machine queue (VMQ)• Enable Remote Direct Memory Access (RDMA) on network adapters bound to a Hyper-V
virtual switch using Switch Embedded Teaming (SET)• Configure Bandwidth Management
Configure Hyper-V networking
Legacy Network adapter• Used in Gen1 VMs• Limited bandwidth 100MbpsNetwork adapter• Gen1 and Gen2 support• 10 Mbps connections
PXE Support for VMs• Legacy network adapter only in Gen1 VMs• Native support in Gen2 Network adapters
Add and remove virtual network interface cards (vNICs)
External• Uses physical NIC in host to allow LAN/Internet
connectivity.• VM NIC must use IP address relevant to
physical subnetInternal• Connectivity between VMs and host only on
the same switchPrivate• Connectivity between VMs only on the same
switch
New NAT switch in WS2016New-VMSwitch -Name “NATSwitch” -SwitchType NAT -NATSubnetAddress 172.16.1.0/24
Configure Hyper-V virtual switches, optimize network performance
Bandwidth ManagementVLAN IDSR-IOVVMQ
Configurable in VM or host
New 2016 host feature:Switch-embedded teaming (SET) - a new way to implement network teaming that is compatible with RDMA and VMQ.• Combine network adapters into a team with up to 8 network adapters. • All of the network adapters in a team must be identical with the same firmware version and
driver. SET is automatically enabled when multiple network adapters are used.
To create a virtual switch with SET, use the following Windows PowerShell command:
NIC teaming
MAC addresses assigned from a pool• Configurable on host, always starts 00-15-5DYou can assign static MAC• Know when you would – NLB, Nested VMsWhen to use spoofing?• If a VM uses NLB or similar services that use a common MAC address
DHCP Guard• Protects leakage of packets from a VM acting as a DHCP serverRouter Guard• Suppresses router advertisements from VMs configured as routersPort Mirroring and more!
Configure NIC settings
You plan to deploy a Hyper-V based nested virtualization solution onto a number of servers. The nested servers need access to the Internet. You have the following virtual machines (VMs) available.You need to identify which servers from the following table can be used for this purpose.
Which servers should you identify?
A Server1 and Server2B Server2 and Server3C Server1 and Server 3D Server3 and Server 4
https://msdn.microsoft.com/en-us/virtualization/hyperv_on_windows/user_guide/nesting
Practice Question
VM Name Installation type
VM Configuration version
Network configuration
Server1 Server with GUI
7.0 Internal network switch
Server2 Server Core 8.0 External network switchServer3 Nano Server 8.0 NAT switchServer4 Server Core 8.0 MAC address spoofing configured
Hyper-V Networking
Tip #1Know the difference between virtual switch types
Tip #2Understand the hardware and advanced NIC settings
NAT Switches
Tip #3Know how to implement NIC teaming in a Virtual Machine
SR-IOVVMQ
NIC Teaming
04-Implement Windows Containers
• Determine installation requirements and appropriate scenarios for Windows containers• Install and configure Windows Server container host in physical or virtualized
environments• Install and configure Windows Server container host to Windows Server Core or Nano
Server in a physical or virtualized environment• Install Docker on Windows Server and Nano Server• Configure Docker daemon start-up options, configure Windows PowerShell for use with
containers• Install a base operating system, tag an image• Uninstall an operating system image• Create Windows Server containers• Create Hyper-V containers
Deploy Windows containers
What is a container?Containers
Traditional virtual machines = hardware virtualization
VM VM VMApplication
OS
Hardware
Hardware
OS
OS Applications
Kernel
= Operating system virtualizationContain
erContain
erContain
er
Windows Server containersMaximum speed and density
Container Container Container
Kernel
Hyper-V containersIsolation plus performance
Hyper-V
Container
Kernel
Container
Kernel
Container
Kernel
Windows Server 2016 supports two different types of containers:Windows Server containers• Provide app isolation through process and namespace isolation technology.
Containers share the OS kernel with the host.• Provides fast startup experience• Does not provide complete isolation of the containers.• Host can run on GUI/Core/NanoHyper-V Containers• each container runs in a virtual machine (VM). • the OS kernel of the container host does not share with the Hyper-V
containers.• Can use nested virtualization (see Hyper-V section)• Requires Intel VT-x extensions (only)
Containers overview
New-NanoServerImage -MediaPath $WindowsMedia -BasePath c:\nano –TargetPathORC:\nano\NanoContainer.vhdx -GuestDrivers -ReverseForwarders -Compute –Containers
Install-WindowsFeature ContainersNew-NetNat -Name ContainerNat -InternalIPInterfaceAddressPrefix "172.16.0.0/12“ORNew-VMSwitch -Name Virtual Switch Name -SwitchType Type
Get-VMNetworkAdapter -VMName Container Host VM | Set-VMNetworkAdapter -MacAddressSpoofing On
Installing support
Docker ContainersNative support for the Docker in-host daemon.Documentation is sparse as of Sept 2016. Expect more in the future!
Docker.exe• Docker engine that sits on Windows Server 2016• Can be installed on WS2016 or Nano Server• Configured with c:\ProgramData\docker\config\daemon.json
DockerD.exe• Used to register Docker as a Windows service • c:\Windows\System32\dockerd.exe –-register-service• Start-Service Docker
Download Docker from https://aka.ms/tp5/dockerdInstallation steps (too many to write!)
• containers using Windows PowerShell• manage container networking• manage container data volumes• manage Resource Control• create new container images using Dockerfile• manage container images using DockerHub repository for public and private scenarios• manage container images using Microsoft Azure
Manage Windows containers
Provide networking support for containers• Network switches• NAT switches
• Understand dockerfile settings
Docker documentation online on www.docker.comContainers in Azure as well as WS2016
Managing Containers
Your company is developing an application named App1 that will run on Windows Server 2016. App1 is very resource intensive.You plan to deploy App1 onto a new Windows Server 2016 server.
You need to ensure that App1 does not interfere with other applications running on the same server.
How should you deploy App1?
A Create a Generation 2 Virtual MachineB Create a Nano Server instanceC Create a Windows Server ContainerD Create a Hyper-V Container
Practice Question
Containers
Tip #1Find out more and experiment
Tip #2Learn Docker technologies, and use their website to learn more and keep up to date
Configuration of containers
Tip #3Understand when to deploy a container, a VM, or a physical machine
New feature!
05-Implement High Availability
• Implement Hyper-V Replica• Implement Live Migration, implement Shared Nothing Live Migration• Configure CredSSP or Kerberos authentication protocol for Live Migration• Implement storage migration
Implement high availability and disaster recovery options in Hyper-V
• Levels of Availability• High availability• Continuous availability• Business continuity• Disaster recovery
• Many pieces to high availability• Configure Hyper-V replica and Hyper-V movement in clustered environment• Fail-over clustering• Storage spaces direct (SSD)• Network Load Balancing (NLB)
Implementing High Availability (HA)
• What options are available?• Host clustering• Guest clustering• Network load balancing
• Live Migration• Move VMs between physical hosts
without shutting down first• Clustered non-clustered
High Availability with Hyper-VOption DetailsHost clustering
• VM’s are highly available• Applications in guest do not
need to be cluster awareGuest Clustering
• VM are failover cluster nodes• VM applications must be
cluster-aware• Requires iSCSI or Fibre Channel
interfaceNLB • Virtual machines are NLB
cluster nodes• Used for web-based
applications
• Implement Workgroup, Single, and Multi Domain clusters • Configure quorum• Configure cluster networking• Restore single node or cluster configuration• Configure cluster storage; implement Cluster-Aware Updating• Implement Cluster Operating System Rolling Upgrade• Configure and optimize clustered shared volumes (CSVs)• Configure clusters without network names; implement Scale-Out File Server (SoFS)• Determine different scenarios for the use of SoFS versus clustered File Server• Determine usage scenarios for implementing guest clustering• Implement a Clustered Storage Spaces solution using Shared SAS storage enclosures• Implement Storage Replica• Implement Cloud Witness; implement VM resiliency• Implement shared VHDX as a storage solution for guest clusters
Implement failover clustering
• What is it?• A cluster is a group of computers or storage devices that work together as a single
organized system• A Failover Cluster is a group of independent computers that work together to
increase the availability of applications or services
• Properties of a Failover Cluster• Each node has full connectivity and communication with all other nodes and is
aware when another node leaves or joins the cluster• Each node is connected to a network where client computers can access the cluster
and through iSCSI connection to shared storage• Each node is aware of the services or applications that are running locally and the
resources running on the other nodes in the cluster
• What’s new in Server 2016?• Cluster Operating System Rolling Upgrade
Implementing Failover Clustering
• Terminology:
Failover Clustering – Terminology and Types
Term DescriptionNode A Windows Server 2016 computer that is part of a failover
cluster, and has the failover clustering feature installed.Service or application
A service that can be moved between cluster nodes (for example, a clustered file server can run on either node).
Shared storage
External storage that is accessible to all cluster nodes.
Quorum The number of elements that must be online for a cluster to continue to run. The quorum is determined when cluster nodes vote.
Witness A server that is participating in cluster voting when the number of nodes is even.
Failover The process of moving cluster resources from the first node to the second node, as a result of node failure or administrator’s action.
Failback The process of moving cluster resources back from the second node to the first node, as a result of the first node going online again or an administrator’s action. If the service or application fails over from Node1 to Node2, when Node1 is again available, the service or application will fail back to Node1.
Clients Computers that connect to the failover cluster and are not aware which node the service is running on.
• Node Locations:Node Location Description
Single Site All nodes located in a single data centerMulti-site Stretch-clusters deployed, where nodes are spread across
datacenters. This may include brick and mortor or Azure
• Types:Cluster type DescriptionActive-Active Multiple nodes run cluster application resources and accept
client connectionsActive-Passive One node runs the cluster applications, while the other
nodes are passive and do not accept client connections. If the active node fails, one or more of the remaining nodes become active and accept client connections
The Software-Defined Datacenter—Drilling Down
Disk Enclosures (JBODs)SSD SSD SSD
Hyper-V Cluster (Compute)
SMB3 over RDMA
Scale-Out File Server (SOFS) Cluster
Storage Spaces (SDS)
Compute Cluster• Virtualized workloads generate I/O
to the connected file shares• Typically additional I/O from
replicationand backup operations
Scale-Out File Server Cluster• The storage head node, which
connects clients to the underlying storage
• SOFS & Clustering provide continuous availability, while SDS provides fault-tolerant storage using commodity JBODs and disksPhysical Storage
• Shared SAS Disk Enclosures w/ bunchof HDDs and SSDs
• Each SOFS node is physically connectedto each JBOD through SAS cables
Block protocol fabricLow latency network with FCManagement of LUNs Data deduplicationRAID resiliency groupsPooling of disksHigh availability
Copy offload, snapshotsStorage tieringPersistent write-back cache Scale upStorage QoS ReplicationFirmware updates
Traditional SANFile protocol fabricLow latency with SMB3Direct Management of shares Data deduplicationFlexible resiliency optionsPooling of disksContinuous availabilitySMB copy offload, snapshots
Performance with tiering Persistent write-back cacheAutomatic scale-out rebalancingStorage QoSStorage ReplicaRolling cluster upgradesStorage Spaces DirectAzure-consistent storage
Microsoft SDS
NEWIN R2
NEW IN2016
Storage choice: Traditional SAN or Microsoft SDS
Hyper-V compute nodes
FC/SAS disk shelf
SAN/NAS FC/iSCSI fabric (block)
Hyper-V compute nodes
Shared SAS JBOD or DAS
Scale-Out File Server with Storage Spaces
SMB3 fabric (file)
Shared serial attached SCSI (SAS)• Lowest-cost option
iSCSI• Transmits SCSI commands over IP Networks. Inexpensive, Acceptable Performance
Fibre Channel• Better performance than iSCSI SANs, but more expensive
Shared virtual hard disk• Use Shared VHDs as VM guest-clustering storage. Use CSV or SOFS cluster
Scale-Out File Server• Utilizes shared Server Message Block (SMB) as the shared location for some failover
cluster roles
Shared Storage Options for Failover Clustering
• Install the failover clustering feature• Verify the configuration• Install the role on the cluster nodes• Create a clustered role by using the snap-in• Configure the cluster role• Test failover
Creating a Failover Cluster
In-Box Management Failover ClusteringSome workflow PowerShell only
GUI (Failover Cluster Manager/Hyper-V Manager/Server
Manager)PowerShell
Full provisioning and management
Intended for smaller scale
Storage Replica Protection of key data and workloads
Synchronous replicationStorage agnostic mirroring of data in physical sites with crash-consistent volumes ensuring zero data loss at the volume level.Increase resilienceUnlocks new scenarios for metro-distance cluster-to-cluster
disaster recovery and stretch failover clusters for automated high availability.Complete solutionEnd-to-end for storage and clustering, including Hyper-V, Storage Replica, storage spaces, cluster, Scale-Out File Server, SMB3, deduplication, Resilient File System (ReFS), NTFS,and Windows PowerShell.Streamlined managementGraphical management for individual nodes and clusters through Failover Cluster Manager and Azure Site Recovery.
Stretch cluster and cluster-to-cluster
Site 1 Site 2
• Determine scenario requirements for implementing Storage Spaces Direct
• enable Storage Spaces direct using Windows PowerShell
• implement a disaggregated Storage Spaces Direct scenario in a cluster
• implement a hyper-converged Storage Spaces Direct scenario in a cluster
Implement Storage Spaces Direct
Windows Server 2016—new architectureConverged (disaggregated) architecture with Storage Spaces Direct
Architecture allows for scaling Hyper-V clusters (compute) and Scale-Out File Server cluster (storage) independently
File shares provide storage for Hyper-V hosts, accessed over SMB 3.x. Highest performance delivered via SMB Direct (RDMA) and SMB Multichannel. Supports 56 GB+ speeds
2
Industry standard x86 servers, with local SSD and HDD. Servers are connected together with 10GBE. SATA and NVMe drives supported• Build Windows Server cluster• Enable Storage Spaces Direct• Create storage pool• Create Storage Spaces from pool• Create Scale-Out File Server• Create Continuously Available file shares
on the Spaces• Optimize for Storage Spaces Direct
1
SMB storage fabric
Hyper-V cluster
Storage Spaces Direct with Scale-Out File Server 1
2
Reliability, scalability, flexibility • Fault tolerance to disk, enclosure, node failures• Scale pools to large number of drives• Simple and fine grained expansion• Fast VM creation and efficient VM snapshots
Use cases• Hyper-V IaaS storage• Storage for backup and replication targets• Hyper-converged (compute and storage together)• Converged (compute and storage separate)
Cloud design points and management• Standard servers with local storage• New device types such as SATA and NVMe SSD• Prescriptive hardware configurations• Deploy, manage, and monitor with SC VMM, OpsMgr, and PS
Storage Spaces DirectSoftware-defined storage using industry standard servers with local storage
SMB storage fabric
Hyper-V cluster
Storage Spaces Direct with Scale-Out File Server
Windows Server 2016—new architectureHyper-converged storage and compute with Storage Spaces Direct
Hyper-converged stack
Hyper-V virtual machines
Cluster share volumes ReFS file system
Storage spaces
Storage pools
Software storage bus
C:\Cluster storage
SMB network
Industry standard x86 servers, with local SSD and HDD. Servers are connected together with 10GBE. SATA and NVMe drives supported• Build Hyper-V cluster• Enable Storage Spaces Direct• Create storage pool• Create Storage Spaces from pool• Create Cluster Shared Volumes• Optimize for Storage Spaces Direct
1
Compute and storage resources scaleand are managed together. Typically smallto medium sized scale-out deployments
2
• Configure role-specific settings, including continuously available shares
• configure VM monitoring• configure failover and preference settings• implement stretch and site-aware failover
clusters• enable and configure node fairness
Manage failover clustering
Failover clusteringIntegrated solution, enhanced in Windows Server 2016VM compute resiliency: Provides resiliency to transient failures such as a temporary network outage,or a non-responding node.In the event of node isolation, VMs will continueto run, even if a node falls out of cluster membership.This is configurable based on your requirements—default set to 4 minutes.VM storage resiliency: Preserves tenant virtual machine session state in the event of transient storage disruption.VM stack is quickly and intelligently notified on failureof the underlying block or file based storage infrastructure.VM is quickly moved to a PausedCritical state.VM waits for storage to recover and session state retained on recovery.
Shared storage
Hyper-V Cluster
Failover clusteringIntegrated solution, enhanced in Windows Server 2016Node quarantine: Unhealthy nodes are quarantined and are no longer allowed to join the cluster.This capability prevents unhealthy nodes from negatively affecting other nodes and the overall cluster.Node is quarantined if it unexpectedly leavesthe cluster three times within an hour.Once a node is placed in quarantine, VMsare live migrated from the cluster node,without downtime to the VM.
Shared storage
Hyper-V Cluster
Guest clustering with Shared VHDXNot bound to underlying storage topologyFlexible and secure: Shared VHDX removes need to present the physical underlying storage to a guest OS.NEW Shared VHDX supports online resize.Streamlined VM shared storage: Shared VHDX files can be presented to multiple VMs simultaneously, as shared storage.The VM sees shared virtual SAS diskthat it can use for clustering at the guest OSand application level.Utilizes SCSI-3 persistent reservations.Shared VHDX can reside on a Cluster Shared Volume (CSV) on block storage, or on SMBfile-based storage.NEW Protected: Shared VHDX supportsHyper-V Replica and host-level backup.
CSV onblock storage
SMB Sharefile-based storage
Guestcluster
SharedVHDX files
Guestcluster
SharedVHDX files
Hyper-Vhost clusters
• Perform a live migration• Perform a quick migration• Perform a storage migration• Import, export, and copy VMs• Configure VM network health protection• Configure drain on shutdown
Manage VM movement in clustered nodes
Requires:• The Failover Cluster Management
console• The VMM Admin Console• WMI for Windows PowerShell Script
Perform a Live Migration
Live Migration Process1. Migration Setup2. Guest-memory transfer3. State transfer4. Cleanup
Exam Tip: In Windows Server 2016, you can perform a virtual machine Live Migration by using server message block (SMB) 3.0 as a transport.
Quick Migration• Machines placed in
saved state• Causes downtime
VS
• Quick Migration• VM is placed in saved state causing downtime while memory is copied
• Live Migration• Migrate VMs without any downtime, also Shared Nothing Live Migration
is possible• Storage Migration• Migrate VM storage to the same host, another host, or an SMB share
• Exporting and Importing VM• A very time consuming procedure. But much simpler to import with
Server 2016
Moving VMs in clustered nodes (comparison)
• Available in Server 2012 R2 and Server 2016
• Cluster resource checks availability of VM resources
• Controlled individually on each virtual network adapter• Protected Network setting is enabled for all virtual network adapters.
Understand Network Health Protection
When a host shuts down• Save the virtual machine state• Turn off the virtual machine• Shutdown the quest operating
system
During a drain on shutdown• Failover cluster placed in pause
state• If Server 2008 or Earlier > Quick
Migration• If Server 2012 or later > Live
Migration
• Install NLB nodes• configure NLB prerequisites• configure affinity• configure port rules• configure cluster operation mode• upgrade an NLB cluster
Implement Network Load Balancing (NLB)
What is it?• Allows clients to address the
application using the NLB cluster address.
Know what and how NLB works
NLB Facts for Server 2016• Adding or removing nodes from a NLB
cluster is known as convergence.• NLB can only detect server failure• Use NlbCluster• Use NlbClusterNode• Can have up to 32 Nodes• Unicast vs Multicast vs IGMP multicast
• Stateful applications• Key workloads – web applications• Consider session state – by default in-
process in IIS• Unicast vs. Multicast• Port rules• Affinity settings
NLB Considerations
You have two host servers that run Hyper-V named Server1 and Server2.You plan to move a virtual machine named VM1 that runs a LOB application, from Server1 to Server2.You need to minimize the downtime taken to move VM1.
What should you do?
A Perform a live migrationB Perform a quick migrationC Export and Import VM1D Perform a storage migration
Practice Question
06-Maintain and Monitor Server Environments
• Implement Windows Server Update Services (WSUS) solutions
• Configure WSUS groups• Manage patch management in
mixed environments• Integrate Windows Defender with
WSUS and Windows Update• Perform backup and restore
operations using Windows Server Backup
• Determine backup strategies for different Windows Server roles and workloads, including Hyper-V Host, Hyper-V Guests, Active Directory, File Servers, and Web Servers using Windows Server 2016 native tools and solutions
Maintain Server Installations
• What is it?• Downloads and distributes updates to
clients and servers• WSUS client can be a desktop OS or
server OS
• Deployment Options• Single server or multiple single servers
(isolated locations)• Larger hierarchy with upstream server
and one or more downstream servers• Disconnected: receives updates from
removable media
Windows Server Update Services (WSUS) Phase
1: Assess
Phase 2:
Identify
Phase 3:
Evaluate and plan
Phase 4:
DeployPatch
management
• WSUS Admin Console• Used to download and approve
updates• Can organize clients into groups for
patch deployment by department, or pilot testing, etc.
• Generate reports
• PowerShell• Cmdlets included with Server 2016• Include commands for managing the
server
WSUS AdministrationCmdlet DescriptionAdd-WsusComputer Adds a specified client computer to a
specified target group.Add-WsusDynamicCategory Adds a dynamic category to a WSUS
server.Approve-WsusUpdate Approves an update to be applied to
clients.Deny-WsusUpdate Declines the update for deployment.Get-WsusClassification Gets the list of all WSUS classifications
currently available in the system.Get-WsusComputer Gets the WSUS computer object that
represents the client computer.Get-WsusDynamicCategory Gets dynamic categories on a WSUS
server.Get-WsusProduct Gets the list of all products currently
available on WSUS by category.Get-WsusServer Gets the value of the WSUS update server
object.Get-WsusUpdate Gets the WSUS update object with details
about the update.Invoke-WsusServerCleanup Performs the process of cleanup on a
specified WSUS server.Remove-WsusDynamicCategory Removes a dynamic category from a
WSUS server.Set-WsusClassification Sets whether the classifications of updates
that WSUS synchronizes are enabled or disabled.
Set-WsusDynamicCategory Sets the synchronization status of a dynamic category.
Set-WsusProduct Sets whether the product representing the category of updates that needs to be synchronized is enabled or disabled.
Set-WsusServerSynchronization Sets whether the WSUS server synchronizes from Microsoft Update or from an upstream server, and if it uses the upstream server’s properties.
• What are WSUS groups?• Used to download updates to specific sets of computers• All computers are members of the “All Computers” and “Unassigned Computers”
groups by default• Create customer computer groups for pilot computers, or specific departments, etc.• In Server 2016, computers may be members of multiple groups and nested groups
• WSUS in mixed environments• Mixed WSUS versions in use• Features on upstream server that are not available on downstream server will not
replicate (nested groups or multiple group memberships, for example)
• Integrating with Windows Defender• Include Windows Defender and Definition Updates in the Products and
Classifications Sync options
WSUS Patch Management
• What is it?• Used to perform full server backup or selected volumes• Can backup/restore individual files or folders, system state, individual VM’s on Hyper-
V host• Can perform a bare-metal restore without first installing an OS
• Backup Scenarios• Hyper-V hosts and guests• Install on host to perform host-level backup• Install on guest to perform an in-guest backup
• Active Directory• Cannot restore from a backup that is older than 180 days. Consider this when creating backup schedule
• Files servers• Web servers
Windows Server Backup
• Monitor workloads using Performance Monitor
• Configure Data Collector Sets• Determine appropriate CPU, memory,
disk, and networking counters for storage and compute workloads
• Configure alerts• Monitor workloads using Resource
Monitor
Monitor Server Installations
• What is it?• Used to collect, analyze, and interpret
performance-related data• Create baseline data during multiple
use-cases• Helps with trend analysis, capacity
planning, understanding bottlenecks and slow-downs
• Key hardware components• Processor• Memory• Network• Disk
Performance Monitor
• What is it?• Include performance counters, event
trases, and system configuration information
• Can collect in real-time or schedule data collection, for example Run for 10 minutes each hour from 8-5
• Can analyze historical data
• How to create• Create from template• Create from existing performance
monitor data• Manually add data collectors
• What’s an alert?• Configure an action to occur if a DSC
hits the min or max limits
Data Collector Sets
• What is it?• Provides real-time information on
server’s performance• Similar to Task Manager, but shows
historical data as well
• How to open• From Task Manager• From Start menu
• How to use• Expand each element for detailed
information on how each process is using server resources
Resource Monitor
You plan to deploy a new web site to your web server tomorrow.You plan to monitor the amount of requests to the web site during the first hour of it going into production.You need to ensure that you can discuss the results in a meeting at the end of the day.
How should you collect the information for the meeting?
A Load settings into Resource MonitorB Use Performance monitor to create a report view.C Use Performance monitor to start the system data collector setD Use Performance monitor to create a user-defined data collector set
Practice Question
Monitor and maintain servers
Tip #1Understand server patching from the Admin console and the PowerShell commands
Tip #2Windows Server back-up can back-up hyper-v hosts and/or guests
Monitoring Tools built-in
Tip #3There are many tools to use for monitoring, from Perf Mon, to Resource, Mon, to Task Manager
Host-level backup--
In-Guest back-up
70-740: Installation, Storage, and Compute with Windows Server 2016Install Windows Servers in host and compute environments (10–15%)Implement storage solutions (10–15%)Implement Hyper-V (20–25%)Implement Windows containers (5–10%)Implement high availability (30–35%)Maintain and monitor server environments (10–15%)
From your PC or Tablet visit MyIgnite at http://myignite.microsoft.com
From your phone download and use the Ignite Mobile App by scanning the QR code above or visiting https://aka.ms/ignite.mobileapp
Please evaluate this sessionYour feedback is important to us!
© 2016 Microsoft Corporation. All rights reserved.