Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science

Win2012-Overview-PPT

advertisement 
Windows Server 2012 Overview
Omer Palo, Readiness Specialist
October, 2012
Agenda
• Deployment and Management Changes
• Active Directory Domain Services
• Hyper-V
• Remote Desktop Services
• Failover Clusters
• Networking Features
• IIS Features
Deployment and Management
Citrix Confidential - Do Not Distribute
Server Editions
Windows 2008 R2
Windows Server 2012
• Foundation
• Foundation
• Standard
• Essentials
• Web
• HPC
• Standard
• Enterprise
• Enterprise
• Datacenter
• Itanium
Windows 8 Editions
• Windows 8
• Windows 8 Pro
• Windows 8 Enterprise
• Windows RT
Citrix Confidential - Do Not Distribute
Deployment Options
Windows 2008 R2
Windows 2012
• Windows Server Core
• Server Core
• Windows Server Full
• Minimal GUI Server
• Full Server UI
• Desktop Experience
Citrix Confidential - Do Not Distribute
Remote PowerShell
• Remote PowerShell is not new in Windows 2012
• WinRM 2.0 and PowerShell 2.0 could be used for remote PS
execution
• WinRM was not enabled by default
• Windows Server 2012 enables WinRM by default
• It is the preferred management tools.
Citrix Confidential - Do Not Distribute
New Server Manager
Citrix Confidential - Do Not Distribute
Multi-Server Management
• Adding additional
servers
Citrix Confidential - Do Not Distribute
Multi-Server Management: GUI
• Management tools
can be launched on
any server.
Citrix Confidential - Do Not Distribute
Multi-Server Management: PowerShell
Citrix Confidential - Do Not Distribute
New Server Management
• Server Core is the preferred deployment option
• PowerShell and RSAT should be the management tools
• Reducing the attack surface and footprint
• Reliability and less patching
Citrix Confidential - Do Not Distribute
New Features in ADDS
Citrix Confidential - Do Not Distribute
ADDS: Simplified Deployment
• ADDS Server role installation is built on PowerShell
• Prerequisite validation is part of configuration wizard
• Adprep.exe is now part of ADDS Installation
• Configuration options can be exported
ADDS: Functional Levels
• Forest Functional Level
• Windows Server 2012
• Domain Functional Level
• Windows Server 2012
Citrix Confidential - Do Not Distribute
ADDS: No more DCPROMO
• No more
DCPROMO
ADDS: Promoting a DC
Citrix Confidential - Do Not Distribute
ADDS: Forest /Domain Functional Levels
Citrix Confidential - Do Not Distribute
ADDS: Exporting Configuration
• Exporting
Configuration
Citrix Confidential - Do Not Distribute
ADDS: Simplified Management
• Off-Premises Domain Join now supports DirectAccess
Citrix Confidential - Do Not Distribute
ADDS: Dynamic Access Control Lists
• Controlling access with standard ACL is difficult
• New claim-based authorization platform
• Claims can be both user and device based
• Requirements
• Windows Server 2012 domain controller(s)
• Windows Server 2012 file server(s)
• A domain policy enabling clams-policy
• Windows Server 2012 AD Administrative Center
Citrix Confidential - Do Not Distribute
ADDS: Simplified Management
• PowerShell History
Citrix Confidential - Do Not Distribute
ADDS: Simplified Management
• Recycle bin UI
Citrix Confidential - Do Not Distribute
ADDS: Simplified Management
• Password Settings UI
Citrix Confidential - Do Not Distribute
ADDS: Simplified Management
• AD-based Activation
Citrix Confidential - Do Not Distribute
ADDS: Simplified Management
• Service Accounts
• Group Managed Service
Accounts
Citrix Confidential - Do Not Distribute
ADDS: Virtualizing Domain Controllers
• Rolling snapshots back could
cause replication issues
Citrix Confidential - Do Not Distribute
ADDS: Virtualizing Domain Controllers
• VM-Generated IDs provide
safe restore of snapshots
Citrix Confidential - Do Not Distribute
ADDS: Cloning Virtualizing Domain Controllers
Win2012
PDC/GC
vDC1
Clone
vDC2
• Add source to AD group
• Execute Get-ADDClonningApplication
• Execute new-ADDCCloneConfigFile
Citrix Confidential - Do Not Distribute
ADDS: Group Policy
• Remote Group Policy
Update
– Invoke-gpupdate –computer pc1 force
Citrix Confidential - Do Not Distribute
ADDS: Group Policy
• Improved GPresult
Citrix Confidential - Do Not Distribute
ADDS: Group Policy
• Group Policy Infrastructure
Status
• No more GPOtool.exe
Citrix Confidential - Do Not Distribute
ADDS: Group Policy
• What Else?
– Local Group Policy Option for
WinRT Devices (BYOD)
– Group Policy Client Service Idle
State
– Group Policy Settings /
Preferences Support for IE10
– Increased Size of Registry.pol
Citrix Confidential - Do Not Distribute
ADDS: Other Notable Changes
• Global RID space per domain is now 2 billion
• Deferred Index Creation
• Forest administrators can now decide when to build db indexes following
schema updates
• Kerberos Enhancements
• Constrained Delegations across domains
• Flexible Authentication Secure Tunneling (Kerberos Armoring)
• AD DS Claims in AD FS
• AD FS v2.1 can populate SAML tokens from Kerberos Ticket directly
Citrix Confidential - Do Not Distribute
Hyper-V
Citrix Confidential - Do Not Distribute
Hyper-V: Scalability Comparison
System
Resource
Hyper-v (2008 R2)
Hyper-v 2012
Imp. Factor
Host
Logical Processors
64
320
5x
Physical Memory
1TB
4TB
4x
vCPU per Host
512
2048
4x
Active VMs per Host
384
1024
2.7x
vCPU per VM
4
64
16x
Memory per VM
64GB
1TB
16x
Guest NUMA
No
Yes
-
Maximum Nodes
16
64
4x
Maximum VMs per Cluster
1000
4000
4x
VM
Cluster
Hyper-V: Scalability Comparison
Host
VM
Cluster
Resource
Hyper-v
XenServer 6.1
vSphere /ESXi
vSphere Ent.
Logical Processors
320
160
160
160
Physical Memory
4TB
1TB
32GB
2TB
vCPU per Host
2048
900
2048
2048
Active VMs per Host
1024
150 / 50
512
512
vCPU per VM
64
16
8
32
Memory per VM
1TB
128GB
32GB
1TB
Guest NUMA
Yes
Host Only
Yes
Yes
Maximum Nodes
64
16
N/A
32
Maximum VMs per
Cluster
4000
800-960
N/A
3000
Citrix Confidential - Do Not Distribute
Hyper-V: Client Hyper-V
• Windows 8 Pro supports Hyper-V
• Minimum 4 GB RAM required
• Storage Live Migration is supported
• No guest VM license is provided
• Unsupported features:
•
•
•
•
•
RemoteFX
Live Migration
Hyper-V Replica
SR-IOV
Syntetic Fiber Channel
Citrix Confidential - Do Not Distribute
Hyper-V: Live Migrations
• Can utilize higher network bandwidth up 10 gigabits
• Multiple simultaneous migrations
• Clustered or standalone Hyper-v Servers (Shared Nothing
Live migration)
• VMs can be stored on shared, local or SMB storage
Citrix Confidential - Do Not Distribute
Hyper-V: Live Migration Requirements
• Processor on Hyper-V servers must be from same vendor
• Physical disks are not supported
• Cluster Live Migrations require cluster service and CSV
configured
• SMB live migrations require permissions on SMB shares
• Shared Nothing Live Migrations require Kerberos or
CredSSP
Citrix Confidential - Do Not Distribute
Hyper-V: Live Migration Process (shared nothing LM)
1. If Kerberos will be used, configure constrained delegation
in AD
•
CIFS and Microsoft Virtual System Migration Service
2. if CredSSP will be used login to source server
•
Migration will fail if initiated from destination server
3. Configure Live Migration option Hyper-V Servers
4. Perform the live migration
Citrix Confidential - Do Not Distribute
Hyper-V Replica
• Allows mission critical workloads to be replicated across
clusters, storage systems and sites
Production Site
Hyper1
DR Site
VM1
VM1
Hyper2
Citrix Confidential - Do Not Distribute
Hyper-V Replica
• Hyper-V replica
configuration options on
replica server
Citrix Confidential - Do Not Distribute
Hyper-V Replica
• Don’t forget the Windows
Firewall rules!
Citrix Confidential - Do Not Distribute
Hyper-V Replica
• Enabling VM
replication
Citrix Confidential - Do Not Distribute
Hyper-V Replica
• Replica enabled
VM
Citrix Confidential - Do Not Distribute
Hyper-V Replica
• IP settings on
replica enabled VM
Citrix Confidential - Do Not Distribute
Hyper-V: Dynamic Memory
• Startup memory and
memory weight are the
visible features
Citrix Confidential - Do Not Distribute
Hyper-V: Dynamic Memory
• Smart Paging utilizes disk space as memory for VMs in case
of:
• VM is being restarted
• There is not enough physical memory on server
• No memory can be reclaimed from running VMs
• The use of paging file is temporary for about 10 minutes
• Memory over subscription relies on Windows Memory
Manager, not Hyper-V
Citrix Confidential - Do Not Distribute
Hyper-V: SR-IOV Support
• What is SR-IOV?
• It’s a technology that allows multiple operating systems to share PCI
Express devices
• VMs can be directly attached to fiber or Ethernet based HBA
• Bypassing hypervisor, VMs leverage the hardware directly
Citrix Confidential - Do Not Distribute
Hyper-V: SMB 3.0 File Share
• Hyper-V can utilize SMB 3.0 based shares for storage
• Advantage of SMB based shared storage
• Flexible
• Easier management
• Cheaper!!
Citrix Confidential - Do Not Distribute
Hyper-V: SMB 3.0 File Shares
SMB Server/Cluster
Hyper-V Cluster
VM
\\Server1\share
Share
VM
Server1
Citrix Confidential - Do Not Distribute
Hyper-V: SMB 3.0 File Shares Requirements
• Windows Server 2012 computer(s) with File and Storage
Services
• Windows Server 2012 Hyper-V Server Role
• A common Active Directory structure.
Citrix Confidential - Do Not Distribute
Hyper-V: Resource Metering
• A solution to help provide charge back and billing options
• Network Metering
• Provides fine grained metering capable of differentiating internet and intranet
traffic
• VM Metrics
• Average CPU and memory usage over a period of time
• Minimum and maximum memory usage
• Disk space
• Total incoming / outgoing per virtual NIC
Citrix Confidential - Do Not Distribute
Hyper-V: Virtual Fiber Channel
• Enables direct fiber channel storage access from VMs
Citrix Confidential - Do Not Distribute
Hyper-V: VHDX Disk Format
• New VHDX formats allows 64 TB virtual disks
Citrix Confidential - Do Not Distribute
Hyper-V: VHDX Disk Format
• Protection against data corruption due to power failures
• Logging updates to VHDX metadata structures
• Ability to store custom metadata
• Support for Trim functions
• Requires physical disk access and Trim capable hardware
Citrix Confidential - Do Not Distribute
Hyper-V: Virtual NUMA
• What is NUMA?
• Non-Unified Memory Access allows applications to utilize memory in an efficient
way on multi-processor systems
• The topology of memory configuration is passed on to VMs
• Virtual workloads that can be optimized with NUMA can take
advantage (i.e. SQL Server)
Citrix Confidential - Do Not Distribute
Hyper-V: Virtual Switch
• Is an extensible, managed L2 switch providing network
access to VMs
• Can provide tenant isolation, traffic shaping, policing and
IDS/IDP solutions
• Provides built-in support for NDIS filter drivers
Citrix Confidential - Do Not Distribute
Hyper-V: Virtual Switch
• Built-in features
• ARP /ND poisoning protection
• DHCP guard protection
• Port ACLs
• Trunk mode to VM
• Network traffic monitoring
• VLANs
• Bandwidth and burst limits
• ENC (Explicit Congestion Notification)
Citrix Confidential - Do Not Distribute
Remote Desktop Services
Citrix Confidential - Do Not Distribute
RDS: Unified Management
• Overhauled
Management
RDS: Session Virtualization Deployment
RDS: RemoteApp
• RemoteApp
Properties
Citrix Confidential - Do Not Distribute
RDS: Resource Access
• Web based access
to RemoteApps and
Desktops
Citrix Confidential - Do Not Distribute
RDS: Resource Access
• E-mail or URL-based
discovery
Citrix Confidential - Do Not Distribute
RDS: Resource Access
• Users can access
remote resources
from start screen
Citrix Confidential - Do Not Distribute
RDS: Resource Access
• Remote resource
management
Citrix Confidential - Do Not Distribute
RDS: Desktop Virtualization Deployment
Citrix Confidential - Do Not Distribute
RDS: Creating VDI Collection
Citrix Confidential - Do Not Distribute
RDS: Accessing Virtual Desktops
• Virtual Desktops are
available in Start
Screen
Citrix Confidential - Do Not Distribute
RDS: RDP Improvements
• Automatic Network Detection
• UDP Transport
• Forward Error Correction
• Fallback to TCP
• Native UDP Support for
RemoteFX
Citrix Confidential - Do Not Distribute
RDP: RemoteFX Improvements
• WAN Optimization
• Multi-Touch Support
• Media Streaming
• Adaptive Graphics
• DirectX 11 Support
Citrix Confidential - Do Not Distribute
Failover Clustering
Citrix Confidential - Do Not Distribute
Failover Clusters: Scalability
Windows 2008 R2
Windows Server 2012
• Up to 16 nodes
• Up to 64 nodes
• 1000 VMs per cluster
• 8000 VMs per cluster
• 1024 VMs per host
Failover Clusters: CSV
Metadata
• Support for BitLocker
• VSS based file backup
• SMB Multichannel and SMB Direct
• Integration with Storage Spaces
• Ability to scan and repair online
Shared
Storage
volumes
Citrix Confidential - Do Not Distribute
Failover Clusters: Scale-Out File Servers
Citrix Confidential - Do Not Distribute
Failover Clusters: Resilient File System
• Scalability
• Availability
• Compatibility
• Proactive Error identification
Citrix Confidential - Do Not Distribute
Failover Clusters: Cluster Aware Updates
• Updates the cluster
with little or no down
time
Citrix Confidential - Do Not Distribute
Failover Clusters: Other New Features
• Virtual Machine Monitoring
• Active Directory Integration
• Cluster Upgrade and Migration
• Task Scheduler Integration
• Windows PowerShell Support
Citrix Confidential - Do Not Distribute
Networking
Citrix Confidential - Do Not Distribute
Networking: NIC Teaming
• Up to 32 NICs can be
bundled
Networking: NIC Teaming
NIC Teaming Modes
Load Balancing Modes
• LACP
• Address Hash
• Static Teaming
• Hyper-V Port
• Switch Independent
Citrix Confidential - Do Not Distribute
Networking: DHCP Server
• DHCP Replication
and Failover
Citrix Confidential - Do Not Distribute
Networking: DHCP Server
• DHCP Policies
–
–
–
–
Vendor Class
MAC Address
Client Identifier
Relay Agent Information
Citrix Confidential - Do Not Distribute
Networking: DNS
• DNS Server
• DNSSEC related updates
• PowerShell management support
• DNS Client
• LLMNR are not sent via mobile or VPN connections
• NETBIOS queries are not send to mobile broadband interfaces
• LLMNR and NETBIOS queries are sent in parallels
• Asynchronous DNS cache
Citrix Confidential - Do Not Distribute
Networking: BranchCache
• What is BranchCache
• Automatic Hosted Cache
Discovery
• File Server integration
• Multiple Hosted Cache
Server
Citrix Confidential - Do Not Distribute
Networking: DirectAccess
• What is DirectAccess?
• DirectAccess and RRAS Coexistence
• No PKI Prerequisite
• DirectAccess Server Behind NAT
• Manage-out to Clients
• Multisite Support
• Server Core and Windows Server
Essentials Support
Citrix Confidential - Do Not Distribute
Networking: IPAM Server
• IP Address Management for Address Space Management
• IPAM Discovery
• IPAM Address Space Management
• IPAM Multi Server Management and Monitoring
• IPAM Auditing
• IPAM Architecture
• Distributed
• Centralized
Citrix Confidential - Do Not Distribute
Networking: IPAM Server
• IPAM Requirements
• Windows 2008 DNS, DHCP DCs only
• Servers must be domain members
• Supports only Windows Internal Database
• Single IPAM Server can support:
• 150 DHCP Servers and 500 DNS Servers
• 6000 DHCP Scopes and 150 DNS zones
Citrix Confidential - Do Not Distribute
Networking: IPAM Server
• IPAM
Manager
Citrix Confidential - Do Not Distribute
Networking: IPAM server
• Step 2:
Provisioning
Citrix Confidential - Do Not Distribute
Networking: IPAM Server
• Step 3:
Discovery
Citrix Confidential - Do Not Distribute
Networking: IPAM Server
• Default IP tasks
Task Name
Description
Frequency
DiscoveryTask
Discovers DHCP and DNS Servers
1 day
AddressUtilizationCollectionTask
Collects space data from DHCPs
2 hours
AuditTask
Collects IP lease audit logs
1 day
ConfigurationTask
Collects Configuration information
6 hours
ServerAvailabilityTask
Verifies status of DHCP and DNS Servers
Citrix Confidential - Do Not Distribute
Networking: IPAM Server
• Management
Interface
Citrix Confidential - Do Not Distribute
Internet Information Services
Citrix Confidential - Do Not Distribute
IIS8: Centralized SSL Certificates
\\Server\share
• Web Servers can access
SSL certificates from a
common shared folder
Load Balanced Web Servers
Citrix Confidential - Do Not Distribute
IIS: Centralized SSL Certificates
• We need to install
the required
component first
Citrix Confidential - Do Not Distribute
IIS: Centralized SSL Certificates
• Enabling centralized
Store
Citrix Confidential - Do Not Distribute
IIS: Centralized SSL Certificates
• Creating a web site with
central certificate store
Citrix Confidential - Do Not Distribute
IIS: CPU Throttling on Application Pools
• Dynamically limiting CPU
usage of application Pools
–
–
–
–
NoAction
KillW3wp
Throttle
ThrottleUnderLoad
Citrix Confidential - Do Not Distribute
IIS: Dynamic IP Address Restriction
• IP/Domain based
restrictions can be
dynamically applied
Citrix Confidential - Do Not Distribute
IIS: Dynamic IP Address Restriction
• IP Restrictions Proxy
Mode
Citrix Confidential - Do Not Distribute
IIS: Server Name Indication
• Host Header
Support for
SSL binding
Citrix Confidential - Do Not Distribute
IIS: Other New Features
• FTP Logon Attempt Restrictions
• Application Initialization
• Multicore scaling on NUMA Hardware
Citrix Confidential - Do Not Distribute
What About Our Products
• Citrix Receiver
• Already in Windows Store
• VDI-in-a-Box
• Virtual Desktop OS
• Hypervisor
• Everything else
• Project Excalibur
• Q1 / Q2 time frame
Citrix Confidential - Do Not Distribute
Questions?
Citrix Confidential - Do Not Distribute
Related documents
Academic Lab - Expectations for Teachers
Academic Lab - Expectations for Teachers
UPM v4.1_Final_edited_bullet_internal
UPM v4.1_Final_edited_bullet_internal
Citrix Server Reboot Schedule
Citrix Server Reboot Schedule
Citrix ShareFile-Managed Storage Zones
Citrix ShareFile-Managed Storage Zones
NtregaBusinessPlanExpress 1.1 MB
NtregaBusinessPlanExpress 1.1 MB
Download
advertisement