hyper v deployment and best practices - thisnetwork · hyper-v deployment and best practices satyen...
Post on 05-Jun-2020
41 Views
Preview:
TRANSCRIPT
Hyper-V Deployment and Best Practices
Satyen Pradhan
Premier Field Engineer
satyenp@microsoft.com
Microsoft (Malaysia)
Session Objectives
Hyper-V Benefits
Server consolidationServer consolidation
Business ContinuityBusiness Continuity FlexibilityFlexibility
UtilizationUtilization
Hyper-V: Production Ready
TAP, RDP & MSIT Hyper-V DeploymentsThousands of Hyper-V VMs in PRODUCTION
Windows Server 2003/2008 Roles:
File, Print, AD, RODC, IIS/Web, TS, Application Services, DHCP, DNS, WSS and
more…
Microsoft Server Products:
SQL, Exchange, HPC, ISA, Sharepoint, Project Server, VSTS, BizTalk,
Configuration Manager, Operations Manager & more…
Hyper-V Stats:Performance Blockers: ZERO
Deployment Blockers: ZERO
Application Compatibility Bugs: ZERO
Scalability Blockers: ZERO
Hyper-V: Production Scalability
Hyper-V Powering Microsoft Internet Properties
TechNet: 100% Hyper-V
http://technet.microsoft.com
~1 million hits a DAY
MSDN: 100% Hyper-V
http://msdn.microsoft.com
~3 million hits a DAY
Microsoft.com: ~50% Hyper-V and growing
http://www.microsoft.com
>1 billion hits a month
Windows Server
2008
VSPVSPWindows
Kernel
Applications Applications Applications
Non-
Hypervisor Aware OS
Windows Server
2003, 2008
Windows
Kernel VSC
VMBusVMBus EmulationEmulation
“Designed for Windows” Server Hardware
Windows hypervisor
Xen-Enabled
Linux Kernel
Linux
VSC
Hypercall Adapter
Parent
PartitionChild Partitions
VM ServiceVM Service
WMI ProviderWMI Provider
VM Worker
Processes
OS
ISV / IHV / OEM
Microsoft Hyper-V
Microsoft / XenSource
User
Mode
Kernel
Mode
Provided by:
Ring -1
IHV
Drivers
VMBusVMBus
VMBus
Applications
Virtualization Requirements
1.1. SchedulerScheduler
2.2. Memory Memory
ManagementManagement
3.3. VM State MachineVM State Machine
4.4. Virtualized DevicesVirtualized Devices
5.5. Storage StackStorage Stack
6.6. Network StackNetwork Stack
7.7. DriversDrivers
8.8. Management APIManagement API
Why not get rid of the parent?No defense in depth
Entire hypervisor running in the most privileged mode of the system
•Scheduler•Memory Management•Storage Stack•Network Stack•VM State Machine•Virtualized Devices•Drivers•Management API
Hardware
Ring -1
UserMode
KernelMode
UserMode
KernelMode
UserMode
KernelMode Ring 0
Ring 3
Virtual
Machine
Virtual
Machine
Virtual
Machine
Micro-kernelized Hypervisor
Defense in depth
Using hardware to protect
Hyper-V doesn’t use ring compression
SchedulerMemory Management
Hardware
VM State MachineVirtualized DevicesManagement API
Ring -1
Storage StackNetwork Stack
Drivers
UserMode
KernelMode
UserMode
KernelMode Ring 0
Ring 3
Parent PartitionVirtual
Machine
Virtual
Machine
HOW TO INSTALL HYPER-V?
SERVER CORE
Windows Server Core
Windows Server Core
ENABLING HYPER-V WITH
SERVER CORE
Step-by-step instructions…
Installing Hyper-V Role on CoreInstall Windows Server 2008, select a Server Core installation
option
Set Admin Password
net user administrator <new_password>
shutdown /r /t 0
Rename Computernetdom renamecomputer %computername% /newname:<new_computername>
shutdown /r /t 0
Join Domain
netdom join %computername% /domain:<domain> /userd:<username> /passwordd:*
enter password when prompted
shutdown /r /t 0
Add domain account to local admin group
net localgroup administrators /add <domain_account>
logoff
Add Hyper-V Roleocsetup Microsoft-Hyper-V
Restart when prompted
Enabling Remote DesktopOPTIONAL
cscript \windows\system32\scregedit.wsf /ar 0
cscript \windows\system32\scregedit.wsf /cs 0
HYPER-V NETWORKING
Hyper-V Networking
• Two physical network adapters at minimum
• One for management
• One (or more) for VM networking
• Dedicated NIC(s) for iSCSI
• Connect parent to back-end management network
• Only expose guests to internet traffic
Hyper-V Network Configurations
Example 1:Physical Server has 4 network adapters
NIC 1: Assigned to parent partition for management
NICs 2/3/4: Assigned to virtual switches for virtual machine networking
Storage is non-iSCSI such as:Direct attach
SAS or Fibre Channel
Hyper-V Setup & Networking 1
Hyper-V Setup & Networking 2
Hyper-V Setup & Networking 3
Hyper-V Network Configurations
Example 2:Server has 4 physical network adapters
NIC 1: Assigned to parent partition for management
NIC 2: Assigned to parent partition for iSCSI
NICs 3/4: Assigned to virtual switches for virtual machine networking
Hyper-V Setup, Networking & iSCSI
Networking: Parent Partition
Networking: Virtual Switches
HYPER-V & STORAGE…
Step by Step Instructions
Hyper-V Storage...Performance wise from fastest to slowest…
Fixed Disk VHDs/Pass Through DisksAbout the same in terms of performance
Dynamically Expanding VHDsGrow as needed
Pass Through DisksPro: VM writes directly to a disk/LUN without encapsulation in a VHD
Cons:
You can’t use VM snapshots
Pro/Con: Dedicating a disk to a vm
Use Fixed Disk VHDs or Pass Through Disks in Production!Use Fixed Disk VHDs or Pass Through Disks in Production!
VM Setting No Pass Through
Computer Management: Disk
Taking a disk offline
Disk is offline…
Pass Through Configured
BEST PRACTICES & TIPS AND
TRICKS
Deployment Considerations
Minimize risk to the Parent Partition
Use Server Core
Don’t run arbitrary apps, no web surfing
Run your apps and services in guests
Moving VMs from Virtual Server to Hyper-V
FIRST: Uninstall the VM Additions
Two physical network adapters at minimum
One for management (use a VLAN too)
One (or more) for vm networking
Dedicated NIC(s) for iSCSI
Only expose guests to internet traffic
Cluster Production Systems
Best Practices for Physical Servers
Avoid Overloading the Server
Ensure High Speed access to Storage
Avoid Mixing Virtual Machines that can and
cannot use Integration Services
Avoid Storing System Files on Drives used for
Hyper-V Storage
Monitor Performance to Optimize and Manage
Server Loading
Best Practices for Configuring Virtual Machines
Install Integration Services
Uninstall VMAdditions and Compact the VHDs
Set Display for Best Performance
To ensure the hardware acceleration is set to full
Configure Fixed-Size VHDs
The file system is less likely to fragment and better space management
Use SCSI Virtual Adapter for Data Drives
Allocate CPU Resources Based on Anticipated Usage
Consider using Pass-Through Disks
Configure Domain Controllers to Optimize Performance
Never save state or pause and do not take snapshots
Windows Server 2003 Cluster
Creation
Cluster Hyper-V Servers
Don't forget the ICs!Emulated vs. VSC
Anti-Virus & More…
Anti-VirusParent partition
• Run AV software and exclude .vhd
• Configure Anti-Virus to Bypass Hyper-V Processes and Directories
Child partitionsRun AV software within each VM
Use .isos
Great performance; Can be mounted and unmounted remotely
Physical DVD can’t be shared across multiple vms
Having them in SCVMM Library fast & convenient
Protects Data While a System is Offline
Entire Windows Volume is Encrypted (Hibernation and Page Files)
Delivers Umbrella Protection to Applications (On Encrypted Volume)
Ensures Boot Process Integrity
Automatically Locks System when Tampering Occurs
Simplifies Equipment Recycling
One Step Data Wipe – Deleting Access Keys Renders Disk Drive Useless
Mitigating Against External Threats…
Very Real Threat of Data Theft When a System is Stolen, Lost,or Otherwise Compromised (Hacker Tools Exist!)
Decommissioned Systems are not Guaranteed Clean
BitLocker Drive Encryption Support in Windows Server 2008
Addresses Leading External Threats by Combining Drive Level Encryptionwith Boot Process Integrity Validation
Leverages Trusted Platform Model (TPM) Technology (Hardware Module)
Integrates with Enterprise Ecosystem Maintaining Keys in Active Directory
BitLockerBitLocker--Persistent ProtectionPersistent Protection
Online Resources
Hyper-V WMI APIhttp://msdn2.microsoft.com/en-us/library/cc136992(VS.85).aspx
Virtual Hard Disk Specification OSP:http://www.microsoft.com/technet/virtualserver/downloads/vhdspec.mspx
MSDN & TechNet Powered by Hyper-Vhttp://blogs.technet.com/virtualization/archive/2008/05/20/msdn-and-technet-powered-by-hyper-v.aspx
Virtualization Solution Acceleratorshttp://technet.microsoft.com/en-us/solutionaccelerators/cc197910.aspx
How to install the Hyper-V rolehttp://www.microsoft.com/windowsserver2008/en/us/hyperv-install.aspx
Windows Server 2008 Hyper-V Performance Tuning Guidehttp://www.microsoft.com/whdc/system/sysperf/Perf_tun_srv.mspx
Using Hyper-V & BitLocker White Paperhttp://www.microsoft.com/downloads/details.aspx?FamilyID=2c3c0615-baf4-4a9c-b613-3fda14e84545&DisplayLang=en
Q & A
Have You Visited the Windows Client
TechCenter website?
www.technet.com/windows
Windows Client TechCenter provides IT professionals with the
right resources, at the right technical level, at the right point in
your technology adoption and management processes
Special Start.NET PromotionSpecial Start.NET Promotion
RM50 DISCOUNT + a FREE GIFTRM50 DISCOUNT + a FREE GIFT
for selected Start.NET Workshopsfor selected Start.NET Workshops
�� Windows Presentation FoundationWindows Presentation Foundation
�� Silverlight 2.0Silverlight 2.0
�� SQL Server 2008SQL Server 2008
�� SharePointSharePoint
•• Limited to the first 50 delegates who registeredLimited to the first 50 delegates who registered..
Register today!Register today!
Housekeeping AnnouncementHousekeeping Announcement
Please complete the evaluation form and return it to the Please complete the evaluation form and return it to the Registration Counter in return for a Windows 7 Beta DVD. Registration Counter in return for a Windows 7 Beta DVD. Here is where you can get the product key Here is where you can get the product key : : http://technet.microsoft.com/evalcenter/dd353205.aspxhttp://technet.microsoft.com/evalcenter/dd353205.aspx
Please complete the TechNet MSDN Quiz Sheet and return Please complete the TechNet MSDN Quiz Sheet and return it to the Redemption Counter in return for a mystery giftit to the Redemption Counter in return for a mystery gift
Print out the TechCenter Homepage and redeem your gift Print out the TechCenter Homepage and redeem your gift at the Redemption Counter at the Redemption Counter
Visit the Partners & MS Learning counters at the foyer for great promotional offers
© 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other
countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to
changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of
this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
top related