Monday, 31 October 2011

Windows 8 Server Developer Preview

PREVIEW

What's clear is that Windows 8 Server isn't a revolutionary change. Instead, it's an evolution that builds on features introduced in Windows Server 2008, optimising it for private cloud operation and for operation at scale, while retaining the features that small and medium-sized organisations need. It's a balancing act that's a big challenge for Microsoft, and one the company needs to handle carefully if Windows Server is to continue to be successful.
This, of course, is pre-beta code — although it's pretty much beta quality. We did have some minor crashes, with user interface elements restarting and reloading quickly. If you're going to spend some time with the Windows 8 Server developer preview, we wouldn't recommend using it for production purposes, even if its new features are just what you need. With development still underway we expect plenty of changes between now and release, even if they are mostly fit-and-finish user interface tweaks.

No more server GUI?
Perhaps the biggest change is one that should simplify the Windows 8 Server line-up. Instead of a separate UI-less Server Core release, all versions of Windows 8 Server will be able to run in any of three different UI modes. One is the familiar Windows GUI, while another is the UI-less command-line approach that's been used in Server Core; a new third role removes the graphical shell and browser, while still letting you run Server Manager and use Microsoft Management Console snap-ins. Server Core will be the preferred installation for Windows 8 Server, with the shell an optional component that can be added and removed as required. Removing UI components from deployed servers should reduce the attack surface, helping protect your server infrastructure. Microsoft's aim for Windows 8 Server is a server that has just the functions necessary to run your operations — not only reducing security risks, but also reducing the need for patching and for planned downtime.

The key to this change is a massive increase in the number of available PowerShell cmdlets — over 2,300. That means you can use PowerShell to handle almost all system management tasks — both locally and remotely. Server UI is now a thin layer on top of PowerShell commands, with every action triggering PowerShell actions. You can also use management tools to administer several servers at once, with remote PowerShell calls on other machines. There will be a Windows 8 Server version of RSAT (Remote Server Administration Tools) that can be used to manage servers from a desktop PC, while a PowerShell history will allow you to copy cmdlets used by Windows' management tools and then customise them for use in your own management scripts.


The heart of Windows 8 Server is the Server Manager Dashboard, which runs on a standard desktop and gives you a Metro-like way of working with one or many servers

Microsoft is giving Windows 8 Server a new Server Manager, with a very Metro-like look and feel, that incorporates lessons learned from the System Center management tools. Server Manager is now a dashboard that lets you see information from all the servers you manage, quickly colour-coding the views to show you where action is required, with information displayed in role-based tiles. You can use filtering tools in the dashboard to quickly reduce noise (for example temporarily removing alerts from a server that may be down for hardware or software maintenance). The Server Manager lets you quickly add additional servers, using Active Directory or by IP address, automatically updating the server numbers and roles on the dashboard. You can view information using single server views, or aggregate several servers and see all the relevant events in a single view.

There's no Action Pane in the new server manager. That's partly due to changes in screen resolutions, with large wide-screen displays becoming increasingly common. Instead, you interact directly with tiles, with tiles for specific services and the ability to group by server with queries and filters that can be saved and re-used. It's an approach that should simplify working with large server farms, while still making it easy to work with one or two machines in a small office. A new version of the PowerShell scripting environment includes IntelliSense and makes it simpler to build and test your management scripts.

Microsoft has made significant changes to the PowerShell stack, with everything remotable and with no calls to private APIs. More importantly there's also support for long-running operations on tens, hundreds or even thousands of machines. Support for workflow and complex tasks means that PowerShell can be used to handle remote deployments, and for sites working with virtual servers, it'll be possible to use it to work with offline virtual hard disks. If you're using PowerShell to handle deployments, scripts can be exported and used via Windows 8 Server's automation tools.

One of the key features of WMI (Windows Management Instrumentation) in Windows 8 Server is support for standards. Instead of working with custom interfaces, PowerShell will use standards to communicate with applications and hardware — for example using SMI-S (Storage Management Initiative - Specification) to work with storage arrays from multiple vendors. Microsoft has also made it easier to write WMI-providers, so that third parties can add their own tools for use with PowerShell — including task-oriented abstractions that simplify handling complex actions. PowerShell cmdlets in Windows 8 Server can be used to work with REST and JSON interfaces, simplifying interactions with web services.

Powering the private cloud: Hyper-V v3
With Microsoft describing Windows 8 Server as a 'cloud-ready OS', the Windows hypervisor is increasingly important. Intended for both on-premises and hosted private clouds, Hyper-V v3 adds native PowerShell support, making it easier to automate virtualised machines, with tools for handling a range of different workloads and for providing continuous availability. Certainly the new Hyper-V is looking impressive. According to Microsoft it can run on machines with up to 160 logical processors (cores and threads), with up to 2TB of physical memory, and with each hosted VM having up to 32 virtual processors and up to 512GB of memory. There's no longer a ratio between logical and virtual processors, and you can run as many VMs as your hardware will support. There are also tools that optimise for NUMA (Non-Uniform Memory Access) architectures, making virtual machines more efficient on large and powerful servers.

Hyper-V's NUMA support is important. Non-uniform memory access architectures partition cores and memory into nodes, using memory locations relative to processors to reduce latency. High-performance applications can detect this, and optimise for performance. With the current generation of hypervisors there's no relationship between VMs and NUMA, so performance can be reduced. Using Hyper-V v3's Guest NUMA mode there's a mapping between the physical arrangement of processors and memory and VMs, so applications can detect that they're running on NUMA systems and optimise appropriately. The result is impressive, with almost linear scaling as additional virtual processors and memory are added to a virtual machine.

Private clouds must be stable, and must be able to adapt to hardware failures and continue running until maintenance downtime can be arranged. Hyper-V v3 adds support for WHEA, the Windows Hardware Error Architecture. This detects errors in memory, and handles them to ensure that applications continue running. With multiple VMs on a single server, a WHEA event will suspend all the VMs and determine if the error can be isolated to a single VM; if it can be, WHEA will terminate that VM, mark the memory page as bad, and restart the affected VM while resuming the paused VMs.

That means that a memory fault won't take down an entire server, just the one affected VM. Similarly, predictive failure analysis will use the error count features of ECC memory to mark pages that are showing signs of failure, taking them offline and warning system administrators.

Microsoft has also improved Hyper-V's storage support, with tools for handling scalable virtual disks and metering storage use, plus a new VHDX virtual disk format. Hyper-V will now support virtual fibre channel connections using SMB, along with tools that allow you to merge VHDs and to create parent disks without any downtime. VHDX virtual disks can be larger than 2TB (there's currently a 16TB limit) and have better performance, as well as using logs to reduce the risk of corruption. If you're using a SAN you can offload data transfer to the SAN, significantly reducing network and CPU load for large data transfers and live migrations. Other new storage features mean that cluster volumes can be encrypted using BitLocker, making it easier to secure data in hosted private clouds.

Although WHEA support makes individual VMs more reliable, there's also improved support for clusters. You can use this to build continuously available file servers, using fibre channel for high availability. There's support for more than 32 nodes and over 4,000 VMs in a cluster, with live migration and failover clustering, and I/O redundancy — including network load balancing and multichannel SMB. You're going to need this type of technology to build a large-scale private cloud, and it's not suitable for everyone.

On a smaller scale, Hyper-V can also handle disaster recovery, with asynchronous replication to a remote site. It's easy to set up a Hyper-V replica — all you need do is send a snapshot on a disk to a remote site and then start up replication — so you're ready to go a lot more quickly than if you had to upload a complete copy of your server to a recovery site. It's a very flexible approach, with support for active-passive failover, as well as active-active links between two sites, and for using hosted sites or branch offices as shared recovery sites. There are no limits; you can have replicas of as many VMs as you want. You can speed things up still further by using a separate virtual disk for page files, which don't need to be replicated to recovery sites. Failover to a recovery site will automatically inject the correct IP address settings into a new VM as well as updating your DNS, so you can be up and running on a new network.

Migrating VMs is a lot easier, too — all you need is some Ethernet — and you can move the history of your VM workload with the VM. Once you've moved a VM you can use the same PowerShell to script and batch moves for multiple VMs, with support for high- and low-priority VMs. Shared-nothing live migration simplifies setting up new servers, and helps smaller businesses build a virtual infrastructure more quickly.

At a lower level, there's support for multiple tenancy on Hyper-V's network switch, with tools for handling NIC teaming and for managing quality of service — as well as supporting private VLANs and networking access controls. The switch is now extensible, with the ability for third parties to add new functions — either as listeners, or for working with the network traffic directly. It's easy to imagine extensions to the Hyper-V network switch that add data loss prevention features, or enhanced intrusion detection. There are three types of extension, capture, filtering and forwarding, and there will be a Windows Logo programme to certify third-party extensions.

Windows 8 Server networking
Treating Windows 8 Server as the building block for cloud services has meant significant changes to the way it handles networking, focusing on handling multi-tenancy. Designing networks that work for separate isolated systems running on the same physical infrastructure is very different from traditional networks, but the techniques and tools work well for both approaches.

One change is the introduction of DHCP Guard, which blocks virtual machines from exposing services to other VMs on other virtual networks. Isolation is important if you're creating a multi-tenant network, as is performance, and there are now tools that control the traffic sent by virtual machines. You can define both minimum and maximum bandwidth guarantees, allowing you to offer a level of performance that can be exceeded if (and only if) there is spare capacity on the network. As these controls are managed by the Hyper-V network switch, you can use them on any and all VMs, with just a PowerShell cmdlet — making sure you manage your SLAs.

Virtual networks in Windows 8 Server mean that you can have multiple VMs on a physical server, operating as if they're on different hardware, giving the illusion of running on a dedicated network. This makes your services much more portable, making it possible to move from on-premises to the cloud without changing any network settings — even if you need to split functions between your datacentre and the cloud.

You can use Windows 8 Server's NIC teaming features to bundle up network cards into single networking functions, with faster connections, reduced congestion and the ability to failover for load-balancing or for hardware issues. It's vendor-agnostic too, so you can team network resources from different vendors, using either PowerShell or Server Manager.

Of course, this all means changes at a low level in the networking stack, and an increased reliance on DNS and DHCP. Windows 8 Server adds tools for handling DHCP failover, with pairs of DHCP servers for active-active and active-passive failover. You're likely to use them in active-active mode, as this also means you get load-balancing. DNS security is improved, with support for DNSSEC, which lets you use encryption to ensure data integrity and authority, with signed zones deployed to all your DNS servers.

Windows 8 Server also adds new tools for IP address management. A new console, the IP Address Management (IPAM) Center, lets you manage all the IP addresses in an organisation. It's a complex tool, but then managing IP addresses is complex — especially if you're managing a global organisation with many hundreds of address ranges, and with both dynamic and static IP addresses (plus IPv4 and IPv6). The IPAM Center will scan your network, loading dynamic and static addresses, whereupon you can sort and tag your data. It's an extensible tagging model, so you can add your own tags — for example, indicating which building and which floor have which IP address ranges. You can get reports on utilisation, so you can see whether ranges need to be consolidated or have extra addresses added, as well as planning future address assignments.
Windows 8 isn't just a new version of the familiar desktop client — it's also a new version of Microsoft's server software. And as with the Windows desktop, Microsoft's BUILD conference has seen the release of a developer preview of Windows 8 Server, focusing on what Bill Laing, head of Microsoft's Server and Cloud Division, calls "optimising your IT for the cloud". We spent some time before BUILD in Redmond talking with the Windows Server development team and looking at many of the next release's key new features.

No comments:

Post a Comment

Note: only a member of this blog may post a comment.