ClydeJohnson_IntroToHyperV_2012DeepDive
advertisement
Welcome! Clyde Johnson President, Boston Area Windows Server User Group www.windowsboston.org Senior Systems Manager with 28 years in HiTech with 16 in IT. MCITP: Enterprise administrator MCSE: NT 4.0, 2000 and 2003 Type 1 Hypervisor based virtualization platform Windows Server 2008 x64 Edition technology ◦ Standard, Enterprise and Datacenter Editions Role on Windows 2008 R2 in both Core and full Version ◦ x64 server with hardware assisted virtualization AMD AMD-V or Intel VT ◦ Hardware enabled Data Execution Prevention (DEP) required AMD (NX no execute bit) Intel (XD execute disable) Note: Enabling these BIOS features requires powering down (not rebooting) the server to take effect Capabilities ◦ ◦ ◦ ◦ ◦ ◦ ◦ ◦ ◦ 32-bit (x86) & 64-bit (x64) VMs Large memory support (64 GB) per VM SMP VMs (up to 4 cores) Integrated cluster support for HA & Quick Migration BitLocker: Seamless, secure data encryption Live Backup: Volume Shadow Service integration Pass-through disk access for VMs Virtual Machine snapshots New hardware sharing architecture (VSP/VSC/VMBus) Disk, networking, input, video ◦ Robust networking: VLANs and NLB ◦ DMTF standard for WMI management interface ◦ Support for Full or Server Core installations Better flexibility ◦ ◦ ◦ ◦ Improved performance ◦ ◦ ◦ ◦ ◦ Live Migration Cluster Shared Volumes Hot Add/remove of Storage Processor compatibility mode for live migration Improved memory management TCP Offload support Virtual Machine Queue (VMQ) Support Improved Networking Second Level Address Translation Greater Scalability ◦ At 64 logical processor support ◦ Enhance Green IT with Core Parking New feature in Windows Server 2008 R2 SP1 Upgrade the Guest Integration Components Higher VM density across all nodes Memory allocated to VMs is dynamically adjusted in real time “Ballooning” makes memory pages nonaccessible to the VM, until they are needed Does not impact Task Scheduler or other memory-monitoring utilities Memory Priority Value is configurable per VM Higher priority for those with higher performance requirements Ensure you have enough free memory on other nodes for failure recovery Goes by several names ◦ ◦ Processor provides two levels of translation ◦ ◦ ◦ Intel calls it Extended Page Tables (EPT) AMD calls it Nested Page Tables (NPT) or Rapid Virtualization Indexing (RVI) Walks the guest OS page tables directly No need to maintain Shadow Page Table No hypervisor code for demand-fill or flush operations Resource savings ◦ ◦ Hypervisor CPU time drops to 2% Roughly 1MB of memory saved per VM Overview ◦ NIC can DMA packets directly into VM memory VM Device buffer gets assigned to one of the queues Avoids packet copies in the VSP Avoids route lookup in the virtual switch (VMQ Queue ID) ◦ Allows the NIC to essentially appear as multiple NICs on the physical host (queues) Benefits ◦ Host no longer has device DMA data in its own buffer resulting in a shorter path length for I/O (performance gain) Jumbo Frame Support ◦ Ethernet frames > 1,500 bytes ◦ Ad hoc standard is ~9k Overview ◦ Enables 6x larger payload per packet Benefits ◦ Improves throughput ◦ Reduce CPU utilization of large file transfers Ensure All Network Segments Have Jumbo Frames Enabled! C:\>Ping.exe –l 9000 <src> Overview ◦ TCP/IP traffic in a VM can be offloaded to a physical NIC on the host computer Benefits ◦ Reduce CPU burden ◦ Networking offload to improve performance ◦ Live Migration is supported with Full TCP Offload Overview ◦ Scheduling virtual machines on a single server for density as opposed to dispersion ◦ This allows “park/sleep” cores by putting them in deep C states Benefits ◦ Enhances Green IT by reducing CPU power consumption Isolation ◦ No sharing of virtualized devices ◦ Separate VMBus instance per vm to the parent ◦ No sharing of memory Each has its own address space ◦ VMs cannot communicate with each other, except through traditional networking ◦ Guests can’t perform DMA attacks because they’re never mapped to physical devices ◦ Guests cannot write to the hypervisor ◦ Parent partition cannot write to the hypervisor Two physical network adapters at minimum ◦ ◦ ◦ ◦ One for management One (or more) for VM networking Dedicated NIC(s) for iSCSI Connect parent to back-end management network Only expose guests to internet traffic Types ◦ Private (between VM’s only ◦ Internal (Host and VM’s) ◦ External (On the network. Limited by the # of NIC’s) Management OS Virtual Machine Switch Routing VLAN Filtering Data Copy Port 2 Port 1 VM1 VM2 TCP/IP TCP/IP VM NIC1 VM NIC2 Miniport Driver VMBus NIC Ethernet Time synchronization Heartbeat Shutdown Key/Value pair exchange Volume Shadow-Copy Service (VSS) Performance wise from fastest to slowest… ◦ Fixed Disk VHDs/Pass Through Disks • Slight performance difference ◦ Dynamically Expanding VHDs • Grow as needed • Do not use for production workloads Pass Through Disks ◦ VM writes directly to a disk/LUN without encapsulation in a VHD ◦ Cons: • You can’t use VM snapshots • Dedicating a disk to a vm ◦ CSV provides a single consistent file name space; All Windows Server 2008 R2 servers see the same storage Easy setup; Uses NTFS No reformatting SANs Create one big data store No more drive letter problems Existing tools just work Migrate one Machine at a time All servers “see” the same storage Minimal installation option Benefits ◦ Provides essential server functionality ◦ Command Line Interface only, no GUI Shell ◦ Less code results in fewer patches ◦ Low surface area server for targeted roles ◦ More secure and reliable with less management VERY useful for Managing CORE servers Written in Powershell Product Licensing Networking Features DCPromo Tool ISCSI Settings Server Roles and Features User and Group Permissions Share Creation and Deletion Dynamic Firewall settings Display | Screensaver Add & Remove Drivers Proxy settings Windows Updates (Inc. WSUS) Multipath I/O Hyper-V including VM Thumbs Join Domain Computer rename Add/remove programs Services WinRM http://coreconfig.codeplex.com/ Complete logging of all commands executed Do NOT use snapshots in production. Use CoreConfig to help manage your servers Ensure High-Speed Access to Storage Install Multiple Network Interface Cards Dedicate one Network interface to Administration Avoid mixing VM’s that can and cannot use integration Services Configure Antivirus to bypass Hyper-V processes and Directories. Run Anti-Virus within your guests. Rename Virtual switches to be identical on all your Hyper-V. Think of Naming Standards now. Enterprise Edition lets you have 4 Licensed VM’s at no cost. Measuring Processor Usage • Measuring the physical host computer’s (Root Partition) Processor Capacity • Hyper-V Hypervisor Logical Processor(*)\% Total Run Time: The percentage of time spent by the processor in guest and hypervisor code. • Measuring Guest Computer Processor Utilization • \HyperVisor Hyper-V Logical Processors(*)\% Guest Run Time: Measure Memory usage • Measuring Available Memory on the Hyper-V Host Computer: • \Memory\Available MBytes: Available MBytes is the amount of physical memory available to processes running on the computer, in Megabytes. • Same for measuring memory usage in the Virtual machine Heterogeneous Virtualization Management Physical to Virtual Conversion (P2V) Virtual to Virtual Conversion (V2V) ◦ Virtual Server to Hyper-V ◦ VMware to Hyper-V Virtual Machine Library PowerShell Scripting Delegated Administration Virtual Machine Authoring VM Templates/Cloning Failover Cluster Integration • Windows Server 2008 R2 Hyper-V Host Management • Enhanced Support for SAN Transfers • Enhanced Support for Shared Storage • Quick Storage Migration • Maintenance Mode for Hosts • Support for VMware Port Groups for Virtual Switches • Support for Virtual Machine Permissions Assigned in Hyper-V New ◦ ◦ ◦ ◦ ◦ Client Hyper-V (in Windows 8 Consumer preview) Hyper-V Module for Windows Powershell Hyper-V Replica Storage Migration Virtual Fibre Channel Updated ◦ ◦ ◦ ◦ Live Migration of non-clustered VM’s and Multiple instances Significant Scale and resiliency increases. Virtual Hard disk Format (64TB) Virtual Switch. Client requires SLAT processor. Server only requires it if the RemoteFX role is enabled Builtin to the OS and supported Simplified deployment & support Load balancing and failover(LBFO) Aggregate bandwidth Use different model & vendor NICs http://blogs.msdn.com/b/virtual_pc_guy/ Microsoft Virtualization System Center Virtual Machine Manager Hyper-V ◦ Web: http://www.microsoft.com/virtualization ◦ Technet: http://technet.microsoft.com/enus/virtualization/default.aspx ◦ Web: http://www.microsoft.com/scvmm ◦ http://www.microsoft.com/windowsserver2008/en/us/hyperv.asp x Microsoft Application Virtualization (formerly SoftGrid) ◦ Web: http://www.microsoft.com/systemcenter/appv/default.mspx Terminal Services Virtual PC 2007 ◦ Blog: http://blogs.msdn.com/ts/ ◦ Web: www.microsoft.com/terminalserver ◦ Web: http://www.microsoft.com/virtualpc Microsoft Virtualization Home: http://www.microsoft.com/virtualization Windows Server Virtualization Blog Site: http://blogs.technet.com/virtualization/default.aspx Windows Server Virtualization TechNet Site: http://technet2.microsoft.com/windowsserver2008/en/servermanager/virtualization.mspx MSDN & TechNet Powered by Hyper-V http://blogs.technet.com/virtualization/archive/2008/05/20/msdn-and-technet-poweredby-hyper-v.aspx Virtualization Solution Accelerators http://technet.microsoft.com/en-us/solutionaccelerators/cc197910.aspx How to install the Hyper-V role http://www.microsoft.com/windowsserver2008/en/us/hyperv-install.aspx Windows Server 2008 Hyper-V Performance Tuning Guide http://www.microsoft.com/whdc/system/sysperf/Perf_tun_srv.mspx Using Hyper-V & BitLocker White Paper http://www.microsoft.com/downloads/details.aspx?FamilyID=2c3c0615-baf4-4a9c-b6133fda14e84545&DisplayLang=en http://blogs.msdn.com/clustering/ http://forums.technet.microsoft.com/en-US/winserverClustering/threads/ http://blogs.msdn.com/clustering/archive/2009/08/21/9878286.aspx http://www.microsoft.com/windowsserver2008/en/us/clusteringhome.aspx http://www.microsoft.com/windowsserver2008/en/us/clusteringresources.aspx http://technet.microsoft.com/en-us/library/dd443539.aspx
