Embed Size (px)
Citation preview
Futures: Windows Server and System Center in the Datacenter
Daniel Lai (MCITP:Virtualization | MCSE:Private Cloud | VCP:vSphere 5.1 Datacenter Virtualization | VCA:Workforce Mobility , Datacenter Virtualization, Cloud )
Solutions Sales Manager-Cloud Platform & Enterprise Mobility
WW Cloud Platform Tech Ranger
Microsoft
o Our direction for the datacenter
o Spotlight on select capabilities
Agenda
Disclaimer: This presentation contains preliminary information that may be changed substantially prior to final commercial release of the software described herein. The
information contained in this presentation represents the current view of Microsoft Corporation on the issues discussed as of the date of the presentation. Because Microsoft
must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any
information presented after the date of the presentation. This presentation is for informational purposes only.
MICROSOFT MAKES NO WARRANTIES, EXPRESSED, IMPLIED, OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this presentation. Except as expressly
provided in any written license agreement from Microsoft, the furnishing of this information does not give you any license to these patents, trademarks, copyrights, or other
intellectual property.
Microsoft is focused on cloud-optimizing the datacenter and delivering against the Cloud OS vision of a consistent platform across on-premises, hosted, and cloud environments.
Bring cloud design to your datacenter for a resilient, well-managed, and efficient foundation for your business.
Foundation for the
software-defined
datacenter
Scale resources on demand and enable previously-impossible scenarios through hybrid cloud solutions.
Connected and
consistent hybrid cloud
solutions
Achieve new levels of security to protect your virtualized environment and workloads from emerging threats.
Reinvented
infrastructure security
Windows Server System Center Azure Pack Microsoft Azure
Confidently virtualize and manage any workload in a flexible manner with enterprise-grade cloud infrastructure.
Enterprise-
grade
Application
and
workload
focused
Trusted
Improved time-to-value with zero downtime
infrastructure upgrades
Enhanced performance, resilience, and
availability for mission-critical workloads
Deeper investments in Linux as a first-class
citizen on the Microsoft platform
I can consume cloud-first infrastructure innovation from Microsoft faster and more importantly, in a non-disruptive manner.
Faster time-to-value with zero downtime infrastructure upgrades. No requirement for new hardware.
Simplifies upgrade process by supporting mixed
version compatibility between Windows Server
2012 R2 and Windows Server vNext. Customers
will be able to upgrade the cluster one node at a
time (clean install). For mixed mode operations,
cluster functional level can help specify that an
upgraded node should operate in “backward
compatible mode”, resulting in vNext features
being disabled.
Tenant VMs/workloads will see no downtime
during this whole process, even with potential
VM migration amongst nodes. Both file and
block based storage architectures will be
supported.
Upgrade process for file server clusters is very
similar to Hyper-V clusters, except that SMB
sessions move between nodes.
Rolling upgrades of Hyper-V and scale-out file server clusters
Resilience to transient storage/ network failures
Designed for cloud-scale environments (with low-cost hardware), this helps preserve tenant
VM session state in the event of transient storage/ network disruptions for a defined time
period. For storage, the VM will be put into paused-critical status till the underlying file or
block storage recovers. For networking issues, VM will continue to run even when the node
falls out of cluster membership.
Guest cluster availability enhancements
Customers can confidently virtualize critical workloads in guest clusters due to the following
shared VHDX enhancements: online resizing, host-level backups, and Hyper-V Replica
support for recovery.
Effectively control workload performance with industry-leading
Storage QoS
Simple out-of-the-box behavior that mitigates “noisy neighbor” issues. Highly customizable
via policy, this will deliver granular performance guarantees on a per-VM or per-tenant basis,
thereby. Manageable via System Center/ PowerShell. Fully supported on file-server, SMB
3.0, and Storage Spaces architectures.
Hyper-V cluster
Node 1
Storage resilience
Node 2
VHD
Virtualize any workload/application with confidence
Software-defined compute: enterprise grade
Deploy and manage Linux as a first-class citizen
Software-defined compute: Heterogeneous integration
Broad support and Increased utilization
Run Red Hat, SUSE, OpenSUSE, CentOS, Ubuntu, Debian and Oracle Linux, with full support. Run Windows and Linux side-by-side, driving up utilization and reducing hardware costs.
Enhanced networking and storage
Highest levels of networking performance in Linux guests with virtual Receive Side Scaling (vRSS) support. Hot-add and online-resize of storage for enhanced administration flexibility.
Better protection
Better-than-physical backup support for virtualized Linux guests on Hyper-V.
Simplified management
Single experience for managing, monitoring, and operating the infrastructure.
Enable flexible workload placement and mobility by transforming networks into a pooled and
automated resource that’s controlled by software.
Application
and
workload
focused
Extensible
and
standards-
based
Built-in
New network controller for centralized configuration and management of physical and virtual networks
New software load balancer and other virtualized network functions (NFV) for greater flexibility and efficiency
Greater performance, reliability, and interoperability with standards-based virtual networking
As an enterprise or service provider, I can use Microsoft SDN in multi-hypervisor and multi-vendor networking environments, including a combination of physical and virtual.
Cloud-scale reliability & performance with enhanced physical/virtual interoperability
Reliable, high performance
networking
Use of native hardware offloads to drive high
network throughput with minimal CPU utilization.
RDMA aware-NICs are used with Hyper-V
Network Virtualization (data path) to drive native
hardware performance. This host-based RDMA
approach has been validated in the Azure
networking architecture. We’re working with our
partner ecosystem to ensure high quality, reliable
NIC drivers are delivered.
Software-defined networking: Network virtualization platform enhancements
Enhanced physical/ virtual
integration
Support for VXLAN-based encapsulation for
virtual network traffic and VXLAN-based
hardware gateways, thereby enabling broader
interoperability across virtual and physical
networking architectures.
Service chaining in the virtual network – i.e.
ability to “insert” virtual network appliances/
services (such as gateways) to bridge across
subnets within a single virtual network.
Centralized management across virtual/physical networks, including virtualized network functions (NFV) Centralized control and
automated configuration
Proven in Azure datacenters, this serves as
central point of automation/ control for
virtual and physical network configuration,
thereby lighting up host-networking
features like RDMA support.
Controller deployment
Will ship in Windows Server vNext with
System Center (VMM) enabled
provisioning. Network controller will need
to run on a vNext host. Supported
migration path for existing virtual networks.
Network health
Controller enables centralized network
monitoring and diagnostics.
Software-defined networking: Network controller and software load balancer
Extensible, standardized
APIs
Network controller will expose
northbound REST APIs and a range of
industry-accepted southbound APIs,
for management services integration
and physical/virtual integration
respectively.
Software load balancer
Low cost, cloud-scale load balancing
for multi-tenant environments that has
been battletested in Azure. General
purpose load balancing for web traffic,
East-West traffic and load-balanced
infrastructure services. Can be
deployed using a System Center
(VMM) service template.
SDN Conceptual Model
Deliver high-speed, resilient, enterprise-class network storage at a fraction of the cost of traditional storage
New storage virtualization solution that spans distributed direct-attached disks for resilient and cost-effective storage
Greater efficiency and resource utilization improvements including improved de-duplication, tiering, and storage QoS
New synchronous or asynchronous storage replication for any Windows Server volume
Flexible
High
performance
Low cost
I can create and deploy file-based storage without shared disks or specialized storage infrastructure, and easily scale its capacity
Virtualize storage assets distributed across different devices with Storage Spaces enhancements
Distributed storage pooling
Pool direct-attached disks at scale across servers
for cost-efficient, reliable storage which can be
expanded granularly at your own pace.
Reliable storage
Benefit from resiliency to disk, enclosure, server
and chassis failures. Storage can failover among
nodes transparently – without impacting
availability
Software-defined storage: storage spaces
Scalable solution
Automatically pool up disks across nodes.
Integrated technology
Compatible with other existing Windows Server
storage capabilities, such as deduplication,
volume replication and encryption. Unified
storage management available through System
Center and standards-based protocols.
I can replicate Windows Server storage resources synchronously or asynchronously between sites, regardless of the underlying storage hardware
Synchronous and asynchronous storage replication independent of the underlying hardware
Reliable replication
Works with any Windows Server volume
Block-level, host-based volume replication over
the SMB protocol
Can be deployed as a synchronous stretch
cluster across sites or as a cluster-to-cluster
data mirror for disaster recovery
Comprehensive approach
Storage replication combines with many other
capabilities to provide a comprehensive
storage solution, including File and Storage
Services, Storage Spaces, Storage Replication,
Failover Clustering, Transparent Failover, and
Data Deduplication
Software-defined storage: replication
Flexible solution
Storage replication is hardware agnostic and
supports commodity storage and networking
technologies
Manageable through familiar tools, Windows
PowerShell, and SMAPI-based WMI management
I can control and monitor storage performance to meet the needs of differing workloads and customers
Quality of service guarantees and limits for storage performance
Simple to use
Out-of-the-box QoS automatically limits
“noisy neighbors” so you can build diverse,
high density deployments with confidence
Customizable
Configurable settings to guarantee
performance per VM, service, or tenant
Centralized policies, including IOPs
reservations to guarantee minimums or limit
maximums
Aggregated metrics include IOPs and latency
Software-defined storage: QoS
Integrated management
Can be managed and monitored with System
Center Virtual Machine Manager and Operations
Manager
Windows PowerShell can be used to manually
define policies or tag virtual machines
Comprehensively monitor diverse environments and workloads to deliver higher levels of infrastructure and application resiliency.
Enterprise grade for confidence
Continued focus on enterprise grade monitoring,
scalability and reliability. Simpler upgrading from
previous 2012 based versions. Support for SQL
Server 2014. New and enhanced management
packs for Microsoft workloads and 3rd party
solutions, delivery more intuitive experiences.
Foundation for the software-defined datacenter: monitoring
Enhanced open source software
management
Ensuring LAMP stack monitoring is integrated
into the platform and has similar experience to
current Windows based monitoring. Monitor
Apache HTTP Server and MySQL Databases
running on managed Linux computers with new
Microsoft management packs and OMI
providers.
I can provide flexibility of IT but still maintain a high degree of predictability and control.
Drive predictability and governance through processes.
Rich automation and workflow
consistency
Consolidating to PowerShell Workflow based
orchestrator solution for both Service and
Tenant administration across on-premises and
Microsoft Azure. Graphical authoring tool for
PowerShell based runbooks providing seamless
skills transfer from existing solution. Extend
your workflow across clouds with Azure
Automation
Seamless migration and support
Migration support for existing Orchestrator
runbooks and integration packs to PowerShell
based environment. Simple framework for
development of PowerShell based Integration
Packs.
: workflow
Governance through integrated
service management
Continued investments to improve stability,
scalability, usability and performance. Service
Catalog items to include support for PowerShell
based runbooks. Extending governance for
hybrid scenarios across on-premises and cloud
environments.
Greater usability
Enhanced modern web portal experience for
both automation and service management
ensures easier design, deployment and
management of workflows and processes.
Integrated gallery of Microsoft, partner and 3rd
party PowerShell based workflow solutions to
drive value faster across on-premises and cloud.
I can automatically protect my data offsite - efficiently, and with familiar tools.
Protect your on-premises and cloud investments
Integrated solution
Scalability, deployment, and management
enhancements for DPM ensuring greater
reliability and consistency. VM backup
improvements including Synthetic FC, CSV and
SOFS support.
DPM is integrated with Azure Backup for easy
offsite data protection, and the Azure
Management Portal for sign-up and billing.
Reliable offsite data protection
Providing convenient, automated offsite data
protection with integrated Azure Backup.
Reducing the need to secure and protect
onsite backup media, by encrypted and storing
data safely away from your premises, including
geo-replication for additional protection.
Hybrid Cloud-Business continuity: Data Protection Manager and Azure Backup
Efficient backup and recovery
Optimizing on-premises VM and first-party
application backup & recovery focuses on where
your IT investments are today. New
deduplication of replicated storage for supported
sources reduces storage overhead. Extended
DPM reach with SharePoint 2013 and SQL Server
AlwaysOn support. Configurable Azure Backup
data retention policies, data compression and
data transfer throttling makes backups flexible
and efficient.
Protect your cloud investments
Introducing efficient back-up and restore for
Azure IaaS VMs including application consistent
recovery points support.
Microsoft Azure
Orchestrated disaster recovery to a second site or directly to Azure
Hybrid Cloud-Business continuity: Azure Site Recovery
Communication and Replication
Microsoft Azure Site Recovery
Communication Channel
Replication channel: Hyper-V Replica
Primary Site
Windows Server
Recovery Site
Windows Server
Microsoft Azure Site Recovery
Primary Site
Windows Server
Key functionality includes: Automated VM protection and replication
Remote health monitoring
Customizable recovery plans
No-impact recovery plan testing
Orchestrated recovery when needed
Collect, combine, correlate and visualize your infrastructure data
Log management
Separate the signal from the noise with simple,
powerful log management tools. Collect and
search across multiple machine data sources
from multiple systems to easily identify the root
cause of operational issues.
Capacity planning
Get deep visibility into your datacenter capacity,
pinpoint capacity shortages, investigate “what-if”
scenarios, identify stale and over-allocated VMs,
and plan your future compute and storage needs
for your infrastructure.
Hybrid Cloud-Infrastructure and application insights: Azure Operational Insights
Update assessment
Identify missing system updates across all of
your servers whether they are running in your
data center or in a public cloud. Now you can
know which of your servers have the latest
updates, and which need them.
Malware status
Pinpoint servers that are infected by malware or
are at an increased risk of infection. With simple
out-of-the-box dashboards, you can quickly
assess which servers need your immediate
attention.
I can identify potential infrastructure issues, pinpoint problems, and manage capacity through robust analytics.
I can comprehensively manage and monitor my physical, virtual, and cloud infrastructure
Deliver higher levels of infrastructure and application resiliency.
Cloud and workload management
New and enhanced hybrid workload and cloud
management packs including hybrid applications,
Azure and Office365. Monitor your Azure
computer, network and storage allocations
ensuring expected quality of service for your
cloud infrastructure.
Consistent workflow
New PowerShell Workflow across on-premises
and Microsoft Azure enables consistency
orchestration across clouds. Single design
environment provides a create once deploy
anyway capability. Expose workflow capabilities
to both Service Admins and Tenant
administration.
Traditional Virtualized
Private Cloud Public Cloud
I can rapidly apply customization to my application, traveling with it to any cloud.
Managing configuration and environment data for software services with Desired Stage Configuration
Establish and control a
consistent environment
Specify configuration as code such that the
configuration will travel with the application
throughout development, test and production
deployment environments.
Deep control
Configure roles, features, file, services, users
and even registry items. Update only the
changes without deploying entire updates. Fix
configurations which have drifted away from
desired states. Immediately discover the actual
configuration on any given node.
Hybrid Cloud-Infrastructure and application insights: Configuration Management
Configuration library for multiple
services
Support a library of standard and custom
configurations for both Windows and Linux
environments. Apply them on-premises or
across clouds through the development or
deployment process.
Built on PowerShell
DSC provides a set of Windows PowerShell
language extensions, new Windows PowerShell
cmdlets, and resources that you can use to
declaratively specify how you want your software
environment to be configured.
Cloud OS consistency gives me the confidence to move between clouds.
Self-service provisioning and management of Cloud OS consistent IT services
Cloud innovation delivered on-
premises
Microsoft Azure technology built for the cloud,
brought on-premises. Enables hosters and
enterprises to deliver Azure-consistent services
on top of their on-premises investments.
A cloud-speed release approach and servicing
model for the Azure Pack ensures the highest
levels Cloud OS consistency including
interfaces, tooling, scripts, and application
models.
Hybrid Cloud-Delivering cloud consistency with Azure Pack
Consistent resource model
New resource provider model delivers IaaS and
PaaS services on-premises, based on the Azure
Resource Manager model, for greater platform
symmetry.
Azure management portal
New on-premises Azure management portal
delivers the most effective user experience for
managing and delivering services from your
datacenter.
Customer
Service Provider Microsoft
Consistent Platform
ONE
I can be assured that secrets vital to the security and integrity of the operating system, both for the host and the guests, are highly protected from access by administrators.
Harden the fabric against threats while protecting and isolating guest workloads.
Core operating system security
Windows Server has built-in breach hardening
capabilities which enhance the security of both
virtualization hosts and the guest workloads.
These include secure and measured boot, code
flow guard, and Hyper-V code integrity.
Virtual secure mode
Virtual secure mode leverages platform
virtualization extensions to enable a secure
execution environment and protected store
which can protect platform security assets, such
as authenticated user credentials, encryption
keys, and code integrity checks, from
unauthorized access and tampering—even
from users with administrative privileges.
Fabric guardian
Identify legitimate hosts and certify them as
members of a fabric hardened against security
threats. Verify the identity of physical servers to
ensure only trusted hosts can run your virtual
machines which require high levels of security
and guest encryption.
Shielded guests
Leverage virtualized trusted platform module
(vTPM) support to encrypt virtual machines,
including their applications and data. A service
which controls the distribution of keys enables
trusted hosts to unlock encrypted virtual
machines allowing them to run.
I can deploy a just-in-time/just enough administration system in my environment to control and monitor administrator privileges on my key servers.
Reduce the risk of abuse by limiting administration rights to just the right amount needed, when they are needed.
Security-Control and monitor administrator privileges
Just in time administration
Define policies to grant administrators the
rights and privileges they need, when they
need them and for a specific period of time.
Maintain your current investments in Active
Directory while controlling and monitoring
administrative activities.
Just in time administration
delegation
Enable delegation of just in time administration
to various entities (e.g., the Finance
department) in your company so they can
implement and control their own just in time
policies.
Just enough administration
Reduce the risk of security breaches by
replacing administrator accounts with normal
user accounts. Enable role-based server
administration that provides elevated privileges
for designated users, allowing them to perform
only specific tasks.
Just enough administration
logging
Detailed logging of all operations performed
during an administration session is available to
be used for forensic analysis and audits which
can greatly increase your ability to detect
security breaches.
I can more easily detect and respond to security breaches by collecting and correlating unusual activity in my environment.
Detect and respond to today’s cyber threats more quickly and with greater accuracy.
Security-Respond to threats faster
Cloud-based analytics engine
Leverage an efficient Azure-based analytics
engine and pre-defined intelligence packages
to gain deep forensic capabilities aggregated
across your environment without the need to
create a big data analysis infrastructure.
Native antimalware
An antimalware agent is now included as a
component of the operating system.
Configuration is performed using the Desired
State Configuration and reporting can be done
through the collection and analysis of event
logs.
Data collection and correlation
Attach assurance analytics services to your
environment to manage operational risk
through intrusion detection, detection of
desired configuration policy violations,
antimalware and patch status, and logging
actions.
Analytics and search platform
Improve your response to security threats with
deep forensic capabilities across your
environment. In addition to the ready-made
intelligence packages, you can perform ad hoc
forensic and exploration of the data to expose
anomalous events indicative of breaches or
attempts to compromise security.
vNext in Action
http://aka.ms/MDC206
Session Evaluation
