Posts Tagged Hyper-V

Microsoft Virtualisation Just Got Even Better

We’re all eagerly anticipating Service Pack 1 as everyone does for things, but today the world got shook up with a pre-SP1 announcement that had loads of other “goodies” in it.  There was a webcast (Virtualisation Hour) that announced some cool things…Let’s look at them more in detail:

            • Windows XP Mode no longer requires hardware virtualization technology
            • Microsoft Dynamic Memory will allow customers to adjust memory of a guest virtual machine on demand to maximize server hardware use
            • Microsoft RemoteFX will enable users of virtual desktops and applications to receive a rich 3-D, multimedia experience while accessing information remotely.
            • New roaming use rights improve flexibility
            • Big partnerships with Citrix – http://www.citrixandmicrosoft.com/

So, what’s that really mean?  Microsoft is committed to improving virtualisation for you me and the rest of the world.  They’re also listening to the consumers as above is what people have been asking for.

Looks like the optimised desktop isn’t so far off or so difficult to manage is it?  (More on the optimised desktop in a later blog)

Source: Microsoft Press Pass

Tags: , , , ,

Opinions in IT

The world of Information Technology as we all know is a very big world, and it only is getting larger and more diverse.  As such, it comes with choices – many of them for that matter.  With choice also comes opinion.  According to Merriam Webster the definition of opinion is:

a view, judgment, or appraisal formed in the mind about a particular matter

In most cases what bloggers write about is their personal viewpoints, or opinions on a topic at hand.  They often include facts, however at some point, if it’s IT related, there will be an opinion.  Let’s take a few examples that exist in the IT world today:

  • Browsers (IE v Firefox v Chrome v Opera)
  • Hypervisors (Hyper-V v VMware v VirtualBox)
  • Operating Systems (Windows v Linux v Mac)
  • Software (Exchange v Lotus v Scalix)

Looking at the aforementioned, there is loads of grey area and what defines the opinion of one versus the other really boils down to the project or question at hand.  IE might be best if you need ActiveX.  Mac might be best if you’re doing graphics design…

One of the greatest IT project management posters/comics I’ve come across is:

project-management

Which describes the IT lifecycle perfectly.  What it signifies in a sense is that everyone has a differing opinion.  Said best by Nietzsche:

“One often contradicts an opinion when what is uncongenial is really the tone in which it was conveyed”

And for that reason, IT is one of the most complex fields in the industry.  Everyone is allowed to think what they want and say what they want – it might cause controversy (as my opinion did the other day) – and due to the uncongenial way of reading blog posts, more opinions are formed.  Who is right, it really depends on how you look at it and what the point of the article/opinion was in the first place.  If we all had the same opinion, we’d all be running bland systems with no uniqueness to them whatsoever and IT wouldn’t be fun at all, would it?

So, here’s to another year of opinions, change and choice in the IT field, and just because I’m a Microsoft MVP and most of my day-to-day work is based on Microsoft technologies doesn’t mean that those solutions will be my defacto answer for everything.  What it does mean is that I have a passion for Microsoft technologies and I enjoy sharing that passion with the community, be it at conferences, on my blog, in forums or other various ways.  That said, I’m also got various other non-Microsoft certifications and have installed numerous variants of systems in my years as an IT Pro, henceforth, I’ll share my opinions, taking all of that in to consideration.

Here’s to hearing your opinions 🙂

Tags: , , , , , , , ,

Yet another reason why Hyper-V (or SCVMM) is better than VMware

Today I got called to a client’s site who recently moved from premises A to premises B.  This meant they turned off their VMware ESX 3.0 server for the first time in a while.  When they relocated they couldn’t authenticate nor could they get to their file/print server.  A quick analysis showed a few things:

  • New building = New IP scheme (ugh)
  • Upon logging in to the ESX web portal, the two servers were still off

Noting this, no worries, in the web portal, lets start them up.  Easy and straightforward.  Now, here’s the kicker.  I wanted to remote control the servers via the console or via the VI client (to look at potentially changing IP addresses or find out what the old scheme was and change it to match/overllap the new scheme)…Wrong move.

The server first told me I had a non-supported browser.  I was using IE 8 (as it is standard with Windows 7).  Ok, no problem, as an IT Pro, I’ve also got other options…Firefox 3.5.7…nope not supported either.  Opera?  Guess what, no go.  Ok, so let’s download the VI Client and do it that way.  Downloaded no problem but when starting it, the woes began again:

only on 32 bit

Thanks VMware.  Your client only works on 32 bit architectures.  So that means most IT professionals who have more than 3 GB of memory can’t use your client?  Oh, one other thing, nice UAC prompt:

contact your admin

Program name: Contact: Your local administrator

OK, so my rant now done, why does this upset me?  Well, Hyper-V can be managed:

  • locally on 32 or 64 bit with RSAT
  • remotely with RDP
  • in just about any browser using SCVMM

Yet another reason why I think I’m going to be sticking with Hyper-V.

NOTE: Yes, I know there are ways around installing the 32 bit client on a 64 bit OS, but I didn’t want to, nor did I have the time, to pull apart the installer with an MSI builder and have it bypass the OS checks.  That’s not my job and that’s not why customers pay VMware loads of money for their software – OH, payment…that’s right Hyper-V is FREE too and it has this functionality in built 🙂

Tags: , , , , , ,

InformationWeek and Virtualisation – Take it with a grain of salt

DISCLAIMER: Yes, I’m a Microsoft MVP, MCT, MCITP, CCNA and hold various other certifications, however when I write articles I will take the view that there might be a better technology out there than Microsoft, but I will ensure I write articles with the proper facts being portrayed and not try to put a “media” spin on things.

OK, now that’s over, let’s look at what has got me revving.  A bloke called Elias Khnaser has written an article for Information Week entitled “9 Reasons Enterprises Shouldn’t Switch to Hyper-V”.  He didn’t put a disclaimer at the top, but Elias works for a company called Artemis Technology and if you go to their “Partner” page, Artemis is a VMware Enterprise Partner and they consider this their one of their “Spotlights” compared to their Microsoft Gold Partner status which is just listed as a valued partner.  (UPDATE: since writing this article, the logo has changed to include their areas of expertise and has been fixed, however at the time of writing the logo was “warped” and furthermore if you moused over it, the description about the partner was set to “information to come”, whereas all of the other valued parnters seemd to have descriptions).

Anyways, let’s look at the article…

1. Breadth of OS Support….:

Hyper-V, however, supports only Windows and SuSE Linux

Hmm:

http://www.microsoft.com/windowsserver2008/en/us/hyperv-supported-guest-os.aspx

Microsoft support more than just Windows OS’s and SUSE.  Here’s another page I’d like to steer Elias to:

http://boincstats.com/stats/host_os_stats.php?pr=bo&st=0

OK, so it’s a piece of software, but what does it say? Yep, that says of the top 15 OS’s 12 are Microsoft’s, so why support such a breadth of OS’s if there’s no need to…Anyways, I digress.  Let’s carry on:

2. Memory Management

In this article it goes in to Memory management and talks about how Microsoft just say throw more memory at the situation whereas he states VMware can overcommit and utilise more memory…Interesting, in contrast to this article:

Performance Tuning Best Practices for ESX Server 3

That white paper clearly states:

Avoid frequent memory reclamation.  Make sure the host has more physical memory than the total amount of memory that will be used by ESX plus the sum of the working set sizes that will be used by all the virtual machines running at any one time.  (Note: ESX does, however, allow some memory overcommitment without impacting performance by using the memory management mechanisms described in “Resource Management Best Practices” on page 12 [of this document].

key word of course is *some*, yet everyone knows you never overcommit memory in a production environment (thanks to my friend Mitch Garvis for the heads up on this one – A Brief Discussion of Security with Regard to Resource Over-Commitment in VMware)

3. Security

Well, don’t get me started on this one as VMware has a kernel infrastructure that means if you inject one malous driver in to the Hypervisor layer it can (and will) affect EVERY VM you have.  Hyper-V does it differently.  Here’s a reference for the differences:

http://4sysops.com/archives/the-difference-between-the-microsofts-hyper-v-and-the-vmwares-esx-hypervisor/

Biggest difference is microkernalised hypervisors versus monolothic hypervisors.

4. Live Migration

Well, lets look at this one.  In order to do it with VMware, it’s not as straight forward (oh wait, it’s not mentioned in this review of *one* paragraph) as it seems either.

5. Priority Restart

Seems as though the spin on this paragraph is going down the clustered route not a priority restart route.  He mentions Exchange, IIS, SQL all of which, you don’t want a VM infrastructure to *move*.  You want them highly available via clustering, not a VM management utility or tool…

6. Fault Tolerance

Not sure where this one is heading, but again it seems like he’s letting VMware control the applications, something any good system administrator (see third party software and reliability).

7. Hot Adds

All I need to say is CSV and I don’t mean comma separated values.

8. Third Party Vendor Support

Please list some…Furthermore, I’d ask why (and 9 is maturity) if VMware is so much better, do they need third party products to make their product good?  Hyper-V has SCVMM R2 and that’s all you need, period.

9. Maturity

Sure Hyper-V hasn’t been around long, but you have to admit, it’s gaining ground on VMware at a very fast pace now that the R2 version is out and the “kinks” have begun to be ironed out…

Morale is,  it seems this story has a load of FUD in it and that proper research wasn’t done in order to make it impartial.  Next time an article like this is written, maybe it should be prefaced with the caveat the author is a VMware addict or seems to be trying to have it out for Microsoft Hyper-V, for whatever reason that might be.

Tags: , ,

Booting Hyper-V R2 off a USB stick

hvs-r2-logo

A while ago Microsoft announced Hyper-V Server R2 would support booting off of a USB flash device.  There is now detailed documentation on how to set this up. 

    http://technet.microsoft.com/en-us/library/ee731893(WS.10).aspx

    What that means is you can now boot VHD’s from a USB device 🙂

    Even better if you don’t want to do the step-by-step you can download a tool from MSDN Code Library:

    http://code.msdn.microsoft.com/BootHVSR2FromUSB

    What is it though, that the tool does:

    1.Install the Windows Automated Installation Kit (WAIK)

2.Reads the Hyper-V WIM

3.Formats your USB flash device

  1. 4.Select your USB flash device as your target disk

      1. 5.Creates a blank VHD

    1. 6.Installs

    2. Why do this? In the TechNet article it says:

    … The scenario described in this document is only supported for original equipment manufacturers (OEM) …

    … A Hyper-V Server UFD can provide virtualization capability for servers that ship with no local hard disks, and it offers the same functionality and flexibility as a Hyper-V Server installation on a physical hard-drive …

      The idea here is that OEMs / System Builders that want to make diskless Hyper-V servers (where the virtual machines are stored on some form of central storage) can do so by sticking some cheap flash storage on the disk.

      Some notes to be aware of include:

      • This is only supported for Microsoft Hyper-V Server 2008 R2.  Not for Windows Server 2008 R2.

      • It is recommended that your USB flash disk be at least 8GB in size, and that you only fill your disk up to 75% to get the best performance / life span (the tool defaults to creating a 6000MB virtual hard disk).  You can change the size of the virtual hard disk using the File menu.

      While you can move the USB device from system to system and *most* things will work:

        • This is not supported (if you read the whole TechNet article you will see that this is only supported if you are using a USB device that is “hard-wired” to the system).

        • The virtual network switches will get disconnected whenever you move to a new system.

        • To reduce wear-and-tear on your flash device, the page file is disabled by this tool.  This means that you should not try and allocate every last megabyte in the system to virtual machines.  Try to leave some room for processes in the parent partition.

        Enough reading, eh?  Go Enjoy!

        Tags: , , , ,

        Networking Security in a Virtual World

        17856_lg When you think about a virtual switch, do you envision a black or dark-blue box that consumes 1U or 2U at the top of server racks? That ever-present device from Cisco, 3Com or Juniper creates the networking fabric within which your IT infrastructure communicates. Built into its network hardware is a mature Internetwork Operating System that enables the complex routing, switching and access control that users have come to expect from production networks.

        Yet any vision of a virtual switch that exactly mirrors a physical one is only fantasy with today’s technology. The virtual switches within virtualization platforms such Microsoft’s Hyper-V might resemble their real-world counterparts, but virtual switches today provide only a subset of the capabilities of physical servers.

        That lack of functionality can be a problem for organizations that make assumptions about virtual network security. Simply put, virtual networks are not physical networks, and they need special attention to be secured properly. First and foremost, Hyper-V’s virtual switches are "Learning Layer 2" devices, which means they route their packets based on Media Access Control addresses. It also means that Hyper-V’s switches don’t understand and can’t process the more-advanced IP-based routing and access-control features commonly found in today’s Layer 3 switches. In essence, an access control list (ACL) can’t be applied to an internal Hyper-V virtual switch using current technology.

        Hyper-V’s virtual switches are also limited because they lack support for third-party monitoring and enforcement of virtual network traffic. Once traffic leaves a physical network and enters Hyper-V’s internal virtual realm, it disappears from any external intrusion prevention or detection systems.

        Thus, a Hyper-V networking environment requires a few workarounds to duplicate the high levels of security found in some physical servers. First, network ACLs that restrict traffic to Hyper-V hosts will need to be designed with the recognition that they’ll be limited to the boundary of the physical network infrastructure. Conversations between individual virtual machines (VMs) on the same host won’t respect those network-based ACLs. Each virtual machine will need its own installation of an operating system-level firewall and intrusion-detection software if those components are required by your security policy.

        Microsoft’s guidance for Hyper-V security also strongly recommends that a dedicated network adapter be used for connecting the host’s primary partition (its "management OS") to the network. This protects the primary partition’s OS from traffic that is sent along the interface used by virtual machines. From a security perspective, virtual machine traffic is always considered to be at a lower trust level than the primary partition because protecting the primary partition is critical to ensuring that VMs stay operational. Environments with very high security requirements may consider restricting primary partition management traffic not only to its own network interface but also to its own protected subnet.

        Microsoft has strengthened security in Windows Server 2008 R2 with the introduction of a new setting in virtual switch management. In R2, the Hyper-V Virtual Network Manager includes a new check box marked "Allow management operating system to share this network adapter." This check box further ensures that management OS traffic is isolated from virtual machine traffic. By leaving this check box blank, created virtual networks are not exposed to the primary partition.

        Environments that need high availability with Hyper-V will also require some form of shared storage between cluster nodes. For many, this involves implementing an iSCSI-based storage-area network for the storage of Hyper-V VMs. It is a best practice to always separate iSCSI network traffic from production network traffic. At the same time, iSCSI traffic should generally be placed into its own subnet to prevent denial-of-service conditions during periods of overuse as well as to further isolate the different types of traffic from each other.

        Many people seek to improve system-availability metrics through network interface teaming. To that end, Microsoft itself does not support the teaming of interfaces for high availability. This has often been panned in the media as a major limitation in Hyper-V for production environments. However, note that Microsoft has never supported interface teaming — even in physical environments. Notwithstanding, vendors such as Dell and Hewlett-Packard have for years developed their own set of teaming drivers, many of which will function in a Hyper-V environment. Obviously, you’ll need to verify the level of support that the OEM for such drivers will provide.

        In short, the move to virtualization atop Hyper-V is much easier when there are plenty of network interfaces on Hyper-V hosts. It is not unheard-of to see Hyper-V hosts with up to 10 network interfaces as organizations use dual four-port network cards in addition to the typical dual network interfaces built into today’s server motherboards. Having this many network interfaces ensures that enough are available for redundant production networking, storage and management, as well as a few left over for any "interesting" network configurations that may be needed down the road.

        Networking can be a hidden danger, but there’s a danger too in how your virtual machines colocate atop Hyper-V hosts. Particularly problematic in clustered environments where VMs can live migrate around for failover and load balancing, VM colocation can be a security as well as a compliance problem or your IT environment.

        Tags: ,

        IPGs Updated for Virtualization (Hyper-V and SCVMM 2008 R2)

        The Infrastructure Planning and Design team has released two updated virtualization guides: Windows Server Virtualization and System Center Virtual Machine Manager.
        These guides, updated to reflect the features and functionalities of Windows Server® 2008 R2 and System Center Virtual Machine Manager 2008 R2, outline the critical infrastructure design elements that are crucial to a successful implementation of these virtualization products.

        The Infrastructure Planning and Design Guide for Windows Server Virtualization takes the reader through the process of designing components, layout, and connectivity in a logical, sequential order. Identification of the Hyper-V™ server hosts required is presented in easy-to-follow steps, helping the reader to design and plan virtual server datacenters.

        The Infrastructure Planning and Design Guide for Microsoft System Center Virtual Machine Manager assists readers in the design and implementation of SCVMM architecture, thus enabling centralized administration of physical and virtual machines. Identification of the VMM server instances required is one of the simple, seven-step design processes presented in this guide.

        Download the IPD Guides for Virtualization at http://technet.microsoft.com/en-us/solutionaccelerators/ee395429.aspx

        Tags: , , ,

        TechEd – Hyper-V

        Here, Erdal and I take Springboard to talk with the Hyper-V team about what’s new, what Hyper-V is and also about how Springboard is involved with Hyper-V.

        Tags: , , ,

        How Microsoft Does IT – Deploying Virtual Machines using Hyper-V

        Microsoft IT virtually deploys more than 80% of new servers using Windows Server 2008 Hyper-V. To ensure optimal performance, Microsoft IT has developed configuration best practices, based on the application workloads or services being provided by the virtual machines.

        Tags: , , , ,

        Building a Hyper-V SQL 2008 Cluster

        The guys over at SQL Server Troubleshooting have come up with a brilliant article on how to install SQL 2008 on Hyper-V clustered.  If you use SQL and want to virtualise, I’d suggest shooting over and checking it out…Definitely worth a read:

        How to build a virtual SQL Server 2008 clustered environment with Hyper-V

        Tags: , ,