what’s new in windows server 2012
DESCRIPTION
Slidedeck used for the Microsoft Windows Bootcamp in Oslo. 2012TRANSCRIPT
What’s new in Windows Server 2012Alex de Jong@[email protected]
Domain Controller cloning, Enhanced Direct Access, Safe Domain controller virtualizationRID pool enhanced Management, Enhanced logging, PowerShell 3.0, PowerShell Workflow, PowerShell history, Kerberos CBAC, Compound identity, Remote FX, IP Address Management, DHCP HADA object recovery GUIiSCSI Target, Windows NIC teaming, virtualization, 32 virtual processors per VM1TB virtual machine memoryNew 64TB VHDX format, RDMA support in SMB, Scale-out file server, Multi-channel SMBVirtual NIC monitor modeStorage PowerShell, Network PowerShell, Multi-Tenancy, Port ACLs / Firewall, Storage metering, Storage SpacesSMI-S support inbox, Virtual NUMA support, CPU metering
This session is about…
Server ManagementDynamic Access ControlHyper-V 3.0
TOP FEATURES OF STORAGE TO MEET CUSTOMER CHALLENGES
StorageEfficiency, performance, and innovation through diverse storage choices
Continuous availability through new features that preserve uptime
Cost efficiency through storage, management, and other capabilities
Offloaded data transfer
6
Transparent failover
7
NFS support
8
iSCSI target
9
Storage management
10
Storage spaces
1
File system improvements
2
Thin provisioning
3
Cluster Shared Volume
4
SMB 3.0 for workloads
5
TOP FEATURES OF WEB AND APPLICATION PLATFORM TO MEET CUSTOMER CHALLENGES
Web and application platformFlexibility through hybrid and symmetrical applications
Increased scalability and elasticity for applications
Enhanced support for open frameworks and open source
Centralized SSL management
6
“Just works” with PHP and node.js
7
Embracing web standards
8
Application symmetry
9
Comming Development Platform
10
Website density and mutlitenancy
1
Application Initialization
2
Dynamic IP Restrictions
3
CPU Throttling
4
NUMA-Aware Scalability
5
TOP FEATURES OF NETWORKING TO MEET CUSTOMER CHALLENGES
NetworkingEasy to connect users to IT resources
Efficient management of datacenters and private clouds
Ability to link your infrastructure with Public Cloud Services
Dynamic Virtual Machine Queue
6
IP Address Management (IPAM)
7
Quality of Service (QoS)
8
BranchCache
9
SMB Direct and Multichannel
10
NIC Teaming
1
Network virtualization
2
DHCP server failover
3
Single Root I/O Virtualization (SR-IOV)
4
Resource Metering
5
TOP FEATURES FOR MANAGEMENT AND AUTOMATION TO MEET CUSTOMER CHALLENGES
Management and automationIncreased management efficiency
Simplified deployment and virtualization
Resilient and simple automation
Windows PowerShell Workflow
6
Windows PowerShell Web Access
7
Windows PowerShell ISE
8
Script Sharing
9
Syntax Simplification and IntelliSense
10
Multiserver management
1
Role and feature deployment
2
Integrated console
3
2,400 cmdlets
4
Disconnected Sessions
5
Easy to switch Windows Server 2012
Server CoreMinimal Server
InterfaceGUI
Desktop Experience
Graphical Management Tools and Infrastructure Server Graphical Shell Desktop ExperienceAdd/remove
Feature
PowerShellInstall-WindowsFeature
Uninstall-WindowsFeatureServer-Gui-Mgmt-Infra Server-Gui-Shell Desktop-Experience
The N x M Problem
IT Pro IT Developer Solution Developer
Storage Exchange DevicesDiskManaged Objects
…
The Solution• Maximizing the value of leveraging the windows management
framework
WMF
IT Pro IT Developer Solution Developer
Storage Exchange DevicesDiskManaged Objects…
The Solution• Maximizing the value of leveraging the windows management
framework
Standard Protocols (WS-Man, REST, HTTP, PSRP)
Standard APIs (MIClient, PowerShell, OData)
Standard Models (CIM Schema, SMI-S)
IT Pro IT Developer Solution Developer
Storage Exchange DevicesDisk Managed Objects
WM
F
PowerShell Investments Themes
Simple and Easy• Enhanced PowerShell_ISE• Intellisense• Simplified syntax• Aliases for OS commands
Deal with a messy world• Robust connections• Integrated workflow• Remote Connect / Disconnect• Scheduling jobs• Remoting enabled by defaultCoverage, coverage,
coverage2400+ cmdletsSupport thriving community
New ways to write Cmdlets: WMI, WorkflowScript Library & Explorer
V3 is a better V2150+ Connect issues fixedOn-the-fly compilation allows PowerShell scripts to run up to 6x fasterStream redirection for Verbose, debug, warning streamsTail support for Get-ContentTab completion for hidden directories
Windows PowerShell 3.0 Features• Windows PowerShell Workflow• .NET Framework 4 support• Add-Member improvements• Computer cmdlets• CSV handling improvements• Get-ChildItem attributes• Get-Command improvements• Get-Content -Tail• Better history support• Security cmdlet fixes• Select-Object optimizations• Select-String improvements• Tee-Object -Append• Disconnected sessions• Idle timeout & server buffering control• Invoke-Command in disconnected
sessions• Disconnected jobs• STA mode by default• Run with PowerShell context menu• Updated console font & branding• Console host start perf improvements• ETW logging and tracing• Module logging• New Group Policy settings• Output redirection for all streams• Dynamic types & formats• Word wrap• Default properties on custom objects
Updatable help systemMethod overload discoveryHelpUri attribute supportHelpFile property on FunctionInfoNew parser built on DLRSimplified Where and ForEachRemoting local variables via $usingArray syntax for scalarsCustom parameter value defaultsGeneric method invocationTypecasting deserialized objectsImproved method overload selectionNew objects from hash tablesOrdered hash tablesTypecasting for parameter values$PSScriptRoot and $PSCommandPathImproved module discovery & importNew module manifest keysPublic abstract syntax treePipeline paging APIsNested pipeline APIsRunspace pool cleanup APIPublic tab completionWindows RT API supportObsolete cmdlet attributeVerb & noun on FunctionInfoWeb & REST cmdletsJSON cmdlets
CIM cmdlet authoring from WMI v2CIM .NET APIsCore CIM cmdletsRuntime script compilationEngine reliability improvementsBetter Get-ChildItem network perfCmdlet definition filesCertificate provider improvementsCredentials for FileSystem providerAlternate NTFS data stream supportMove-Item across drivesRemote module discovery & importRemote session autodisconnect & retryTransport options for remote sessionsRunAs and SharedHost supportScheduled jobsJob integration with Task SchedulerAlternate credential support for jobsSession configuration filesModule autoloadingCommand discovery improvementsSpecial character handlingLiteralPath support for core cmdletsImproved tab completionIntellisenseWindows Management Framework 3.0WinPE supportWindows RT support
Windows PowerShell Web AccessWindows PowerShell Web ServicesXAML-based workflowsScript-based workflowsControl Panel cmdletsUnblock-File cmdletWorkflow helpCmdlet to activity conversionWorkflow persistenceImproved WMI object formattingHeterogeneous object formattingWorkflow loggingWorkflow extensibilityCommon workflow parametersWorkflow execution environmentSnippetsISE Add-onsIntelliSense supportShow-CommandGet-Help -ShowWindowRestart Manager supportScript autosave supportOut-GridView -PassThruXML syntax highlightingBlock selectCollapsible regionsContextual F1 supportScript Explorer
Demo – Server Management
• Server Groups• Monitoring
Demo –Switch UI’s
• Server3 – Server Manager – remove UI and infrastructure, reboot
• Login, Powershell,add-windowsfeature –name user-interfaces-infra –includeallsubfeature
• Shutdown –r –t 0
TOP FEATURES FOR SECURITY & ACCESS
Security and accessProtection of corporate resources
Data access management and protection
Simplified deployment and management of identity infrastructure
Dynamic Access Control
1
Active Directory virtualization
6
Active Directory cloning
7
Kerberos constrained delegation
8
Private virtual LAN (PVLAN)
9
Multitenant security and isolation
10
Classification
2
DirectAccess
3
Simpler deployment of Active Directory
4
Domain Name System Security Extensions
5
Expression based access control• Manage fewer security
groups by using conditional expressionsFlexible access
control lists based on document classification and multiple identities (security groups).
Centralized access control lists using Central Access Policies.
Expression based access conditions
Country
Department
x 50
x 20
Sensitive
Make that 2000 groups
Expression based access control• Create Central Access
Policies that combine groups and classification
• Apply policies across servers
Flexible access control lists based on document classification and multiple identities (security groups).
Centralized access control lists using Central Access Policies.
Expression based access control
Data classification – identifying data• Classify data based on location
inheritance
• Classify data automatically
• Data Classification Toolkit
Data Classification
Classify your documents using resource properties stored in Active Directory.
Automatically classify documents based on document content.
Central Access Policy – let’s reviewIn Active Directory:• Create resource property
definitions• Configure central policiesOn File Server:• Classify information• Assign central policyAt Runtime:• User access is evaluated
Resource Property
Definitions
Access Policy
Windows Server 2012 Active Directory
Windows Server 2012File Server
Allow/Deny
End User
But wait – there’s more
User claimsUser.Department = Finance
User.Country = US
ACCESS POLICYApplies to: File.Country exists AND File.Department Exists
Allow | Read, Write | if (User.Department == File.Department) AND (User.Country == File.Country)
Device claimsDevice.Department = Finance
Device.Managed = True
File propertiesFile.Department = Finance
File.Country = US
Active Directory
File Server
Let’s reviewNo conditional expressions
Using groups with conditional expressions
Using user claims
FCI CLASSIFY PROTECTDYNAMI
C POLICY PROTEC
TOR
User Extending Dynamic Access Control for AD RMS
Windows Server 2012
DYNAMIC
POLICY MODUL
EDesktop
4
GigaTrust Dynamic Policy for AD RMS Protection
Configure User Claims, Resource Properties, and Central Access Policies.
1
Secure files with Dynamic Access Control policies based on properties and claims.
2
2
FCI invokes Dynamic Policy Protector to RMS protect with Policy and Resource Properties captured in the Issuance License.
3
4AD RMS Use License returned only if Dynamic Policy is satisfied by user claims.
1AD Admin Center
Access Policies
Claims
Properties
Dynamic Access Control
USE LICENSE
3
Claims-Aware Dynamic Access Control
+AD RMS Protection
Legend:
User Claims
Resource Properties
Access Policy
GigaTrust Product Component
GigaTrust Contact: [email protected]
AD RMS
Windows Server 2012static
Central Audit Policy – let’s reviewIn Active Directory:• Create resource property
definitionsIn Group Policy:• Create global audit policyOn File Server:• Classify informationAt Runtime:• User access generates
targeted and contextual events
Event collection system• Collects events to a central
repository• Generates flexible reports
Resource Property
Definitions
Audit Policy
Windows Server 2012 Active Directory
Windows Server 2012File Server
Audit Yes/No
End User
Event collected to central repository for analysis and
reporting
Demo Enable DAC• Server1: AD Adm Ctr – Resource Properties• Laten zien
• Server3: Check properties – ps:> update-fsrmcla…check properties
• Example folder,file classifications, permissions• Central Access Rule example• Central Access Policy example• Gpmc, policy: comp,win,sec,filesystem
(rightclick)
• Server1: AD Adm Ctr – Central Access Rulescreate:
• Central Access Policiescreate: Sales Policy
• GPMC: Create Policycomputer settings – security settings – file server, rightclick, manage Central Access Policies.
• Server2: gpupdate /forcefolder security, Central Policy tab, select
Demo: DAC Central Management
Hardware offloading
6
Virtual Fibre Channel
7
Guest NUMA support
8
Runtime memory configuration
9
Hyper-V network switch
10
Hyper-V Network Virtualization
1
TOP FEATURES OF SERVER VIRTUALIZATION TO MEET CUSTOMER CHALLENGES
Server virtualizationComplete virtualization platform
Increased scalability and performance
Elastic and flexible—from the datacenter to the cloud
Shared-nothing live migration
2
Massive scale
3
Cluster enhancements
4
Hyper-V Replica
5
System Resource
Maximum number
Improvement factor
Windows 2008 R2
Windows Server 2012
Host
Logical processors on hardware 64 320 5×
Physical memory 1 TB 4 TB 4×
Virtual processors per host 512 1,024 2×
Virtual machine
Virtual processors per virtual machine
4 64 16×
Memory per virtual machine 64 GB 1 TB 16×
Active virtual machines 384 1,024 2.7×
Virtual disk size 2 TB 64 TB 32×
Cluster
Nodes 16 64 4×
Virtual machines 1,000 4,000 4×
Scale enhancements
Hyper-V Scale ComparisonMassive Scale in the Box
Windows Server 2008 Windows Server 2008 R2
Windows Server 2012
HW Logical Processor Support
16 LPs 64 LPs 320 LPs
Physical Memory Support
1 TB 1 TB 4 TB
Cluster Scale 16 Nodes up to 1000 VMs
16 Nodes up to 1000 VMs
64 Nodes up to 4000 VMs
Virtual Machine Processor Support
Up to 4 VPs Up to 4 VPs Up to 64 VPs
VM Memory Up to 64 GB Up to 64 GB Up to 1 TB
Live Migration Yes, one at a time Yes, one at a time Yes, with no limits. As many as hardware will
allow.
Live Storage Migration
No. Quick Storage Migration via SCVMM
No. Quick Storage Migration via SCVMM
Yes, with no limits. As many as hardware will
allow.
Servers in a Cluster 16 16 64
VP:LP Ratio 8:1 8:1 for Server12:1 for Client (VDI)
No limits. As many as hardware will allow.
Dynamic, High Performance Storage
• Live Storage Migration
• Virtual Fiber Channel
• Support for File Based
Storage on SMB 3.0
• New VHDX Format
• Online MetaOperations
• Live VHD Merge
• Live New Parent
• Native 4K Disk Support
• Offloaded Data Transfer
(ODX)
Offloaded Data Transfer (ODX)
Intelligent Storage Array
Virtual Disk
Virtual Disk
Actual Data Transfer
Offload Read Token Token
Offload Write
Token
Hyper-V ODX Support
• Secure Offload data
transfer
• Fixed VHD/VHDX Creation
• Dynamic VHD/VHDX
Expansion
• VHD/VHDX Merge
• Live Storage Migration
• Just one example…
Average Desktop
ODX0
50
100
150
200
Creation of a 10 GB Fixed Disk
Time (seconds)
<1 Second!
~3 Minutes
Hyper-V Storage No Limits & DynamicWindows Server 2008 Windows Server 2008
R2Windows Server 2012
Live Storage Migration
No. Quick Storage Migration via SCVMM
No. Quick Storage Migration via SCVMM
Yes, with no limits. As many as hardware will
allow.
VMs on File Storage No No Yes, SMB 3.0
Guest Fiber Channel No No Yes
Virtual Disk Format VHD up to 2 TB VHD up to 2 TB VHD up to 2 TBVHDX up to 64 TB
VM Guest Clustering Yes, via iSCSI Yes, via iSCSI Yes, via iSCSI or FC
Native 4k Disk Support
No No Yes
Live VHD Merge No, offline. No, offline. Yes
Live New Parent No No Yes
Secure Offloaded Data Transfer (ODX)
No No Yes
Availability Enhancements
• Windows NIC Teaming
• Continuously Available File Server (SMB) storage
• CSV 2.0 Integration with Storage Arrays for Replication &
HW snapshots out of the box
• Guest Clustering via Fiber Channel for HA
• Support for Concurrent Live/Live Storage Migrations
• Major Failover Cluster Enhancements…
Scale, Management, Policy & StorageFailover cluster
• Support for 64 nodes &
4000 VMs in a Cluster
• Cluster Aware Updating
• Cluster Shared Volumes
2.0
• VM Failover Prioritization
• Anti-Affinity VM Rules
• Cluster Wide Task Scheduling
• Inbox Live Migration Queuing
• SMB Support
• Hyper-V App Monitoring
• Guest Clustering via Fiber
Channel…
Guest Fiber Channel Architecture
• Up to four virtual HBAs assigned to each VM
• WWNs assigned to each VM
• Doesn’t require re-zoning
• NPIV utilized to surface VM ports
on the host
• Works with Live Migration
NPIV port(s)
Complete Redundancy In the Box
Disaster Recovery• Hyper-V Replica for Asynchronous Replication• CSV 2.0 Integration with Storage Arrays for Synchronous
Replication
Application/Service Failover
• Non-Cluster Aware Apps: Hyper-V App Monitoring• VM Guest Cluster: iSCSI, Fiber Channel• VM Guest Teaming of SR-IOV NICs
I/O Redundancy• Network Load Balancing & Failover via Windows NIC Teaming• Storage Multi-Path IO (MPIO)• Multi-Channel SMB
Physical Node Redundancy
• Live Migration for Planned Downtime• Failover Cluster for Unplanned Downtime
Hardware Fault • Windows Hardware Error Architecture (WHEA)/RAS
Manageability ComparisonWindows Server 2008 Windows Server 2008
R2Windows Server 2012
Hyper-V PowerShell No No Yes
Network PowerShell No No Yes
Storage PowerShell No No Yes
SCONFIG No Yes Yes
Enable/Disable Shell No(Server Core @ OS
Setup)
No(Server Core @ OS
Setup)
Yes, MinShell
VMConnect Support for RemoteFX
N/A No Yes
What is Microsoft Hyper-V Server?
• Enterprise-class, Microsoft hypervisor• Local Command Line
Interface• Does not include guest OS
licenses
• Standalone Hyper-V• Free ISO download from
Microsoft.com website • Designed for remote
management• Contains all Hyper-V
features
Great Reasons to use Hyper-V Server
• Linux VM Consolidation
• VDI platform
• Hoster virtualization platform
Microsoft Hyper-V Server 2008 R2 SP1->2012 MS Hyper-V Server 2008 R2 SP1 Microsoft Hyper-V Server 2012
Release Date: August 2011 Coming Soon
Cost: Free Download from:www.microsoft.com/hvs
Free Download from:www.microsoft.com/hvs
Physical Processor Support: Up to 8 processors(no core limitations)
Up to 64 processors(no core limitations)
Physical Memory Support: Up to 1 TB per server Up to 4 TB per server
Virtual Processors Up to 4 per VM Up to 64 per VM
Virtual Machine Memory Support: 64 GB of memory per VM(no memory tax)
1 TB of memory per VM(no memory tax)
Live Migration/High Availability: Yes Yes
Live Storage Migration: No Yes
Shared Nothing Live Migration: No Yes
RemoteFX: Yes More monitors, more resolutions
Storage Spaces: No Yes
VMs on File Based Storage No YesCustomer Driven: More Features, Scale, Availability, Mobility in every
release.
VMware ESXi 5.0 vs MS Hyper-V Server 2012
• Scale• Limited to 4 vCPUs in VM• Host RAM limited to 32 GB
• No Enterprise level features• No vMotion• No Storage vMotion• No High Availability• No Extensible Switch• No VM Replication
Microsoft Hyper-V Server 2012
• Scale• Up to 64 VPs per VM• Up to 4 TB of memory per Host RAM• Up to 1 TB of memory per VM
• Enterprise level features included• Shared Nothing Live Migration• Live Storage Migration• High Availability via Clustering• Hyper-V Replica (Unlimited VM
Replication)• Storage Spaces• …much more…
VMware ESXi 5.0 (Free Version)