Transcript Windows Server 2016

70-740: Installation, Storage, and
Compute with Windows Server 2016
•
•
•
•
•
•
Install Windows Servers in host and compute environments (10–15%)
Implement storage solutions (10–15%)
Implement Hyper-V (20–25%)
Implement Windows containers (5–10%)
Implement high availability (30–35%)
Maintain and monitor server environments (10–15%)
Install, upgrade, and mitigate servers and workloads
Windows Server 2016 OS Editions
•
Designed for Small Businesses
•
Designed for physical server environments with little or no virtualization**.
•
Designed for highly virtualized infrastructures, including private cloud and hybrid cloud environments
•
Acts as a stand-alone virtualization server for virtual machines
•
Allows 50 users, one processor core, and 32 GB of RAM & supports domain joining.
•
Supports up to 64 sockets but is licensed on a two-socket, incrementing basis
Windows Server 2016 Installation Requirements
Component
Requirement
Processor architecture
64-bit
Processor speed
1.4 gigahertz (GHz)
RAM
512 MB
Hard drive space
32 GB
*Server Datacenter supports 640 lCPU, 4Tb RAM, and 64 nodes
Allocate > 800 MB RAM or
(2a) Use Diskpart.exe create a partition
(2b) Run createpagefile command
(1)
• UEFI 2.3.1c for Secure Boot
Windows Server 2016 Installation Requirements
• Clean Installation
• Upgrade
• Migration
• Standard & Datacenter
• Desktop Experience = GUI
• Datacenter, Standard, Essentials, Multipoint
Premium Server,
• Storage Server, Hyper-V Server
Install and configure Nano Server
Nano Server Installation Options
•
•
•
•
•
•
•
Hyper-V
Scale-out File Server
DNS Server
Failover Clustering
IIS (subset)
IIS.NET Core
ASP.NET Core can be installed
Role or feature
Package file
Hyper-V role
Microsoft-NanoServer-Compute-Package.cab
Failover Clustering
Microsoft-NanoServer-FailoverCluster-Package.cab
File Server role and other storage components
Microsoft-NanoServer-Storage-Package.cab
Windows Defender Antimalware, including a default signature file
Microsoft-NanoServer-Defender-Package.cab
Reverse forwarders for application compatibility, for example
common application frameworks such as Ruby, Node.js, etc.
Microsoft-OneCore-ReverseForwarders-Package.cab
•
•
•
Nano Server roles and features are available
on the media and from a package repository
NanoServerPackage provider for the
PackageManagement PowerShell module
You can then search for, download, and install
Nano Server roles and features from the
repository
1
On Windows 10 or Windows Server 2016, mount the ISO, and, assuming the drive letter for the mounted image
is D:\, run the following:
Copy "D:\NanoServer" "C:\NanoServer" -Recurse
2
Generate a VHD from NanoServer.wim by using Convert-WindowsImage.ps1 from TechNet Script Center.
C:\
Cd \NanoServer
. .\Convert-WindowsImage.ps1
Convert-WindowsImage –SourcePath C:\NanoServer\NanoServer.wim –VHDPath
C:\NanoServer\NanoServer.vhd –VHDFormat VHD -Edition CORESYSTEMSERVER_INSTALL
Notice the reduction
in disk size of the
VHD\VHDX, with a
Nano server.
•
•
•
•
•
•
•
•
•
•
•
Remote Graphical
& Web Tools
PowerShell
Remoting
VM and Container
Management
Deployment &
Monitoring
Partners &
Frameworks
Server Manager
Azure Portal tools
Task manager
Registry editor
File explorer
Server
configuration
Event viewer
Disk manager
Device & driver
management
Performance
Users & groups
• Core PowerShell
engine, language,
and cmdlets
• Windows Server
cmdlets (network,
storage, etc.)
• PowerShell DSC
• Remote file
transfer
• Remote script
authoring &
debugging
• PowerShell Web
Access
• Hyper-V Manager
• Hyper-V cmdlets
• PowerShell Direct
over PSRP
• CimSession
support
• Docker
• SCVMM agent &
console
• 3rd party agents
& consoles
• DISM online &
VHD support
• Unattended setup
• Visual Studio
integration
• DSC Local Config
Manager
• Setup & boot
eventing
• SCOM agent
• VSO App Insights
• Azure Op Insights
• Chef integration
• .NET Core and
CoreCLR
• ASP.NET 5
• Python, PHP,
Ruby, Node.js
• PowerShell
Classes
• PS Script Analyzer
• PowerShell
Gallery
• PowerShellGet
Refactored to run on CoreCLR
Full PowerShell language compatibility
& remoting
Invoke-Command, New-PSSession, Enter-PSSession, etc.
Most core engine components
Support for all cmdlet types: C#,
Script, and CIM
Limited set of cmdlets initially
Web-based
Includes replacements for
local-only tools
•
•
•
•
•
•
•
•
•
•
Task Manager
Registry Editor
Event Viewer
Device Manager
Sconfig
Control Panel
Performance Monitor
Disk Management
Users/Groups Manager
File Explorer
Also manages Server Core
and Server with GUI
Create, manage, and maintain images for deployment
•
•
Which servers will be virtualized
Existing servers or new servers only
•
•
Many workloads can be virtualized, but some can’t (custom vendor apps, for example)
Use MAP (Microsoft Assessment and Planning) to scan those that can be virtualized to design the host
and guest infrastructure
•
Backup and fault tolerance for hosts and for guest VMs
•
Solutions Accelerator used to scan networks and
servers, for operating systems, hardware and
software inventory, Hyper-V and VMWare guests
and hosts, etc…
•
•
•
•
Discovery
Hardware and software inventory
Virtual Server Consolidation Wizard
Private Cloud Fast-track Wizard
•
•
•
Both emulation and running within Hyper-V are supported scenarios
Hyper-V offers better performance
With Hyper-V you need Hyper-V specific drivers
•
Linux Integration Services is added to the Linux kernel (newer versions), provides these drivers, and is
updated with new Linux releases
FreeBSD Integration Services provides these drivers and is built into newer FreeBSD builds
For older versions of either, download the latest available
•
•
https://technet.microsoft.com/en-us/windows-server-docs/compute/hyper-v/supportedlinux-and-freebsd-virtual-machines-for-hyper-v-on-windows
•
•
Sector-based images require you to install the image, update it, re-capture
File-based images can be updated offline
•
•
Windows setup: include an answer file with setup to install updated drivers, patches, etc…
Online servicing: like sector-based, this requires installing the image to a reference computer, updating it,
and re-capturing the OS
Offline servicing: use DISM to mount the image, update the drivers, or install hotfixes, language packs, or
add/remove folders
•
•
•
Installing applications via .exe or .msi files
Installing a feature or component that requires a running Windows service, such as .NET Framework
A Install-NanoServerPackage Microsoft-NanoServer-DCB-Package
B Install-NanoServerPackage Microsoft-NanoServer-Host-Package
C Install-NanoServerPackage Microsoft-NanoServer-Guest-Package
D Install-NanoServerPackage -Compute
https://technet.microsoft.com/en-us/windows-server-docs/compute/nano-server/getting-started-with-nano-server
Installing Windows Server
Setup.exe includes
Server Core (default) or
with GUI (desktop
experience)
Configure disks and volumes
•
•
•
Standard partition table format since early 1980s
Supports a maximum of four primary partitions per drive
Can Partition a disk up to 2 TB
•
•
•
Successor of the MBR Partition table format
Supports a maximum of 128 partitions per drive
Can partition a disk up to 18 exabytes
Reference Link on GPT disks - https://support.microsoft.com/en-us/kb/302873
•
•
•
•
Basic file system
Partition size limitations
FAT32 to enable larger disks
exFAT developed for flash drives
• Metadata
• Auditing and journaling
• Security (ACLs and encryption)
• Backward compatibility support for NTFS
• Enhanced data verification and error correction
• Support for larger files, directories and volumes
•
Hyper-V, VHD boot, virtualized storage for storage spaces, iSCSI storage
•
•
Disks up to 2TB. Format backwardly compatible
Compatible with Azure VMs
•
•
•
Used in WS2012+
Sizes > 2TB
Can be used for shared storage for VMs
•
Can create volumes, storage spaces, shares, disk deduplication
•
Simple tool, lacks features but OK for basic tasks
•
Command line tool, useful in scripting
•
•
150+ cmdlets for storage
Also useful in scripting and server core
•
•
•
•
Inheritance
Deny vs. allow
Effective access
How ACLs work
Implement server storage
1. Add disks (any type) to a pool
2. Create virtual disks using the pool
3. Virtual disks can be thin provisioned or
use physical space
4. Create volumes and format
•
•
•
•
Local storage on 3+ nodes
Networked nodes present JBOD/SAS
storage to the pool.
The pool can be configured as a CSV for
applications.
Primary use-case: Hyper-V VM storage
•
•
•
•
Simple – data is striped across disks, no resilience
2 way mirror – 2 disks, protects against 1 drive
failing
3 way mirror – 5 disks, protects against 2 drives
failing
Parity – 3 disks min to protect against 1 drive
failing or 7 min to protect against 2 drives failing
•
•
•
Used to connect to iSCSI targets on the network
Can use IP/FQDN/iSNS to locate targets
Remote disks appear as ‘local’ disks in disk tools
•
•
•
•
Installable role service part of the file server role
Presents storage to networked initiators
Secured access using IP white-list and authentication
Uses standard TCP/IP components and commodity Ethernet to
access storage
Cheaper than a fiber-channel SAN
Low-cost software based shared storage solution
•
•
•
•
•
Stretch cluster
Server-to-server
Cluster-to-cluster
Implement data deduplication
A A simple storage layout with 7 physical drives
B A mirror layout with 5 disks
C A parity layout with 5 disks
D A parity layout with 4 disks
Install and configure Hyper-V
•
•
•
64-bit CPU with SLAT
VM Monitor mode extensions
Virtualization support on in BIOS/UEFI
•
Enough RAM for workloads
•
•
•
GUI mode
Server Core
Nano server
•
•
•
•
Windows Vista – Windows 10
Windows Server 2008 – WS2016
Linux
FreeBSD
•
•
•
Hyper-V Manager
PowerShell
RSAT tools
•
Uses PowerShell remoting to a
VM where you would not have
network access to normally.
•
•
•
•
Host running WS2016 Hyper-V
VM running WS2016 or Windows 10 anniversary update
A Hyper-V VM with configuration version 8.0 or greater.
An Intel processor with VT-x and EPT technology
To configure:
1. Create a virtual machine.
2. While the virtual machine is in the OFF state, run the following on the Hyper-V host to enable nested virtualization.
Set-VMProcessor -VMName <VMName> -ExposeVirtualizationExtensions $true
3. Start the virtual machine.
4. Install Hyper-V within the virtual machine, just like you would for a physical server.
Configure virtual machine (VM) settings
•
•
•
•
•
•
•
•
Secure boot
Disks - must boot from IDE disk in Gen1
No IDE disks in Gen2
Legacy NIC Gen1 only (allows PXE)
BIOS vs Firmware
Gen2 is for WS2012+ guest OS
TPM in Gen2
Shielded VMs possible with new hardware
Configure Hyper-V storage
Formats
VHD
• Classic format. Backward compatible
VHDX
• Larger disk size beyond 2TB (64TB)
Pass-through
• Uses physical disks from host exclusively
Types
Fixed
• Uses physical space from day 1 equal to disk
size
Dynamically expanding
• Space is consumed on demand up to max disk
size
Differencing
• Disk chains allow parent-child disk relationships
for speed of deployment
Configure Hyper-V networking
•
•
Used in Gen1 VMs
Limited bandwidth 100Mbps
•
•
Gen1 and Gen2 support
10 Mbps connections
•
•
Legacy network adapter only in Gen1 VMs
Native support in Gen2 Network adapters
•
•
Uses physical NIC in host to allow LAN/Internet
connectivity.
VM NIC must use IP address relevant to physical subnet
•
Connectivity between VMs and host only on the same
switch
•
Connectivity between VMs only on the same switch
New-VMSwitch -Name “NATSwitch” -SwitchType NAT NATSubnetAddress 172.16.1.0/24
Bandwidth Management
VLAN ID
SR-IOV
VMQ
•
•
Combine network adapters into a team with up to 8 network adapters.
All of the network adapters in a team must be identical with the same firmware version and driver. SET is automatically
enabled when multiple network adapters are used.
•
Configurable on host, always starts 00-15-5D
•
Know when you would – NLB, Nested VMs
•
If a VM uses NLB or similar services that use a common MAC address
•
Protects leakage of packets from a VM acting as a DHCP server
•
Suppresses router advertisements from VMs configured as routers
VM Name
Installation
type
VM Configuration version
Network configuration
Server1
Server with GUI
7.0
Internal network switch
Server2
Server Core
8.0
External network switch
Server3
Nano Server
8.0
NAT switch
Server4
Server Core
8.0
MAC address spoofing configured
A Server1 and Server2
B Server2 and Server3
C Server1 and Server 3
D Server3 and Server 4
https://msdn.microsoft.com/en-us/virtualization/hyperv_on_windows/user_guide/nesting
Hyper-V Networking
SR-IOV
VMQ
NIC Teaming
Deploy Windows containers
Containers
= Operating system virtualization
Container
Container
Container
Windows Server containers
Maximum speed and density
Container
Container
Container
Applications
Kernel
Traditional virtual machines = hardware virtualization
VM
VM
VM
Hyper-V containers
Isolation plus performance
Container
Container
Container
Native support for the Docker in-host daemon.
Documentation is sparse as of Sept 2016. Expect more in the future!
Docker.exe
•
Docker engine that sits on Windows Server 2016
•
Can be installed on WS2016 or Nano Server
•
Configured with c:\ProgramData\docker\config\daemon.json
DockerD.exe
•
Used to register Docker as a Windows service
•
c:\Windows\System32\dockerd.exe –-register-service
•
Start-Service Docker
Download Docker from https://aka.ms/tp5/dockerd
Installation steps (too many to write!)
Manage Windows containers
A Create a Generation 2 Virtual Machine
B Create a Nano Server instance
C Create a Windows Server Container
D Create a Hyper-V Container
Containers
New feature!
Implement high availability and disaster recovery options
in Hyper-V
Implementing High Availability (HA)
•
•
•
•
High availability
Continuous availability
Business continuity
Disaster recovery
•
•
•
•
Configure Hyper-V replica and Hyper-V movement in clustered environment
Fail-over clustering
Storage spaces direct (SSD)
Network Load Balancing (NLB)
High Availability with Hyper-V
• Host clustering
• Guest clustering
• Network load balancing
• Move VMs between physical hosts without
shutting down first
• Clustered non-clustered
Option
Details
Host clustering
• VM’s are highly available
• Applications in guest do not need to
be cluster aware
Guest Clustering
• VM are failover cluster nodes
• VM applications must be clusteraware
• Requires iSCSI or Fibre Channel
interface
NLB
• Virtual machines are NLB cluster
nodes
• Used for web-based applications
Implement failover clustering
Implementing Failover Clustering
• A cluster is a group of computers or storage devices that work together as a single organized system
• A Failover Cluster is a group of independent computers that work together to increase the availability
of applications or services
• Each node has full connectivity and communication with all other nodes and is aware when another
node leaves or joins the cluster
• Each node is connected to a network where client computers can access the cluster and through
iSCSI connection to shared storage
• Each node is aware of the services or applications that are running locally and the resources running
on the other nodes in the cluster
• Cluster Operating System Rolling Upgrade
Failover Clustering – Terminology and Types
Term
Node
Description
A Windows Server 2016 computer that is part of a failover cluster, and
has the failover clustering feature installed.
Service or
A service that can be moved between cluster nodes (for example, a
application
clustered file server can run on either node).
Shared storage External storage that is accessible to all cluster nodes.
Quorum
The number of elements that must be online for a cluster to continue
to run. The quorum is determined when cluster nodes vote.
Witness
A server that is participating in cluster voting when the number of
nodes is even.
Failover
The process of moving cluster resources from the first node to the
second node, as a result of node failure or administrator’s action.
Failback
The process of moving cluster resources back from the second node
to the first node, as a result of the first node going online again or an
administrator’s action. If the service or application fails over from
Node1 to Node2, when Node1 is again available, the service or
application will fail back to Node1.
Clients
Computers that connect to the failover cluster and are not aware
which node the service is running on.
Node Location
Single Site
Description
All nodes located in a single data center
Multi-site
Stretch-clusters deployed, where nodes are spread across datacenters.
This may include brick and mortor or Azure
Cluster type
Active-Active
Description
Multiple nodes run cluster application resources and accept client
connections
One node runs the cluster applications, while the other nodes are
passive and do not accept client connections. If the active node fails,
one or more of the remaining nodes become active and accept client
connections
Active-Passive
The Software-Defined Datacenter—Drilling Down
SSD SSD SSD
Shared Storage Options for Failover Clustering
•
Lowest-cost option
•
Transmits SCSI commands over IP Networks. Inexpensive, Acceptable Performance
•
Use Shared VHDs as VM guest-clustering storage. Use CSV or SOFS cluster
•
Utilizes shared Server Message Block (SMB) as the shared location for some failover cluster roles
Creating a Failover Cluster
Some workflow PowerShell only
Full provisioning and management
Intended for smaller scale
Synchronous replication
Increase resilience
Complete solution
Streamlined management
Implement Storage Spaces Direct
•
•
•
•
•
•
•
•
•
•
•
•
Manage failover clustering
Manage VM movement in clustered nodes
Perform a Live Migration
• The Failover Cluster Management console
• The VMM Admin Console
• WMI for Windows PowerShell Script
1.
2.
3.
4.
Migration Setup
Guest-memory transfer
State transfer
Cleanup
• Machines placed in
saved state
• Causes downtime
Exam Tip: In Windows Server 2016, you can perform a virtual machine Live Migration by using server
message block (SMB) 3.0 as a transport.
• VM is placed in saved state causing downtime while memory is copied
• Migrate VMs without any downtime, also Shared Nothing Live Migration is possible
• Migrate VM storage to the same host, another host, or an SMB share
• A very time consuming procedure. But much simpler to import with Server 2016
• Protected Network setting is enabled for all virtual network adapters.
• Save the virtual machine state
• Turn off the virtual machine
• Shutdown the quest operating system
• Failover cluster placed in pause state
• If Server 2008 or Earlier > Quick Migration
• If Server 2012 or later > Live Migration
Implement Network Load Balancing (NLB)
• Allows clients to address the application
using the NLB cluster address.
• Adding or removing nodes from a NLB cluster
•
•
•
•
•
is known as convergence.
NLB can only detect server failure
Use NlbCluster
Use NlbClusterNode
Can have up to 32 Nodes
Unicast vs Multicast vs IGMP multicast
• Unicast vs. Multicast
• Port rules
• Affinity settings
A Perform a live migration
B Perform a quick migration
C Export and Import VM1
D Perform a storage migration
Maintain Server Installations
Windows Server Update Services (WSUS)
Phase 1:
Assess
• Downloads and distributes updates to clients
and servers
• WSUS client can be a desktop OS or server OS
• Single server or multiple single servers (isolated
locations)
• Larger hierarchy with upstream server and one
or more downstream servers
• Disconnected: receives updates from
removable media
Phase 4:
Deploy
Phase 2:
Identify
Phase 3:
Evaluate
and plan
WSUS Administration
• Used to download and approve updates
• Can organize clients into groups for patch
deployment by department, or pilot testing,
etc.
• Generate reports
• Cmdlets included with Server 2016
• Include commands for managing the server
Cmdlet
Add-WsusComputer
Add-WsusDynamicCategory
Approve-WsusUpdate
Deny-WsusUpdate
Get-WsusClassification
Get-WsusComputer
Get-WsusDynamicCategory
Get-WsusProduct
Get-WsusServer
Get-WsusUpdate
Invoke-WsusServerCleanup
Remove-WsusDynamicCategory
Set-WsusClassification
Set-WsusDynamicCategory
Set-WsusProduct
Set-WsusServerSynchronization
Description
Adds a specified client computer to a specified
target group.
Adds a dynamic category to a WSUS server.
Approves an update to be applied to clients.
Declines the update for deployment.
Gets the list of all WSUS classifications currently
available in the system.
Gets the WSUS computer object that represents
the client computer.
Gets dynamic categories on a WSUS server.
Gets the list of all products currently available on
WSUS by category.
Gets the value of the WSUS update server object.
Gets the WSUS update object with details about
the update.
Performs the process of cleanup on a specified
WSUS server.
Removes a dynamic category from a WSUS
server.
Sets whether the classifications of updates that
WSUS synchronizes are enabled or disabled.
Sets the synchronization status of a dynamic
category.
Sets whether the product representing the
category of updates that needs to be
synchronized is enabled or disabled.
Sets whether the WSUS server synchronizes from
Microsoft Update or from an upstream server,
and if it uses the upstream server’s properties.
WSUS Patch Management
•
•
•
•
Used to download updates to specific sets of computers
All computers are members of the “All Computers” and “Unassigned Computers” groups by default
Create customer computer groups for pilot computers, or specific departments, etc.
In Server 2016, computers may be members of multiple groups and nested groups
• Mixed WSUS versions in use
• Features on upstream server that are not available on downstream server will not replicate (nested
groups or multiple group memberships, for example)
• Include Windows Defender and Definition Updates in the Products and Classifications Sync options
Windows Server Backup
• Used to perform full server backup or selected volumes
• Can backup/restore individual files or folders, system state, individual VM’s on Hyper-V host
• Can perform a bare-metal restore without first installing an OS
• Hyper-V hosts and guests
• Install on host to perform host-level backup
• Install on guest to perform an in-guest backup
• Active Directory
• Cannot restore from a backup that is older than 180 days. Consider this when creating backup schedule
• Files servers
• Web servers
Monitor Server Installations
Performance Monitor
• Used to collect, analyze, and interpret
performance-related data
• Create baseline data during multiple use-cases
• Helps with trend analysis, capacity planning,
understanding bottlenecks and slow-downs
•
•
•
•
Processor
Memory
Network
Disk
Data Collector Sets
• Include performance counters, event trases,
and system configuration information
• Can collect in real-time or schedule data
collection, for example Run for 10 minutes each
hour from 8-5
• Can analyze historical data
• Create from template
• Create from existing performance monitor data
• Manually add data collectors
• Configure an action to occur if a DSC hits the
min or max limits
Resource Monitor
• Provides real-time information on server’s
performance
• Similar to Task Manager, but shows historical
data as well
• From Task Manager
• From Start menu
• Expand each element for detailed information
on how each process is using server resources
A Load settings into Resource Monitor
B Use Performance monitor to create a report view.
C Use Performance monitor to start the system data collector set
D Use Performance monitor to create a user-defined data collector set
Monitor and maintain servers
Host-level backup
-In-Guest back-up
70-740: Installation, Storage, and
Compute with Windows Server 2016
•
•
•
•
•
•
Install Windows Servers in host and compute environments (10–15%)
Implement storage solutions (10–15%)
Implement Hyper-V (20–25%)
Implement Windows containers (5–10%)
Implement high availability (30–35%)
Maintain and monitor server environments (10–15%)
http://myignite.microsoft.com
https://aka.ms/ignite.mobileapp