Windows Server 2012 Virtualization: Notes from the Field
Download as PPTX, PDF1 like2,561 views
This document summarizes features of Windows Server 2012 related to virtualization, including: - VM priorities which allow starting the most important VMs first and preempting lower priority VMs. - Enhanced failover clustering which uses memory-aware placement of VMs and live migration instead of quick migration for failback. - Cluster-Aware Updating which orchestrates patching across a failover cluster in a planned and automated way. - System Center Virtual Machine Manager 2012 SP1 which supports VM priorities, anti-affinity rules through availability sets, and cluster management capabilities.
Windows Server 2012 Virtualization: Notes from the Field
- 1. Windows Server 2012 Virtualization: Notes from the Field Didier Van Hoye, Architect http://workinghardinit.wordpress.com Kurt Roggen, Technical Consultant http://trycatch.be/blogs/roggenk
- 2. Agenda • WS 2012 Hyper-V & Failover Clustering • VM Priorities • Maintenance Mode • Failover & Failback • Anti Affinity • Live Migration • Cluster Aware Updating (CAU) • SC 2012 SP1 Virtual Machine Manager • Cluster Management - Availability Sets • Fabric Patching • Maintenance Mode • Service Templates
- 4. WS 2012 Failover Clustering Optimize & automate placement logic Virtual Machine Priority Starting the most important VMs first Ensure the most important VMs are running Preemption to shut down low priority VMs to free up resources for higher priority VMs to start Ideal for infrastructure servers (DCs) or tiered architecture (back-end, middle-tier, customer-facing) Enhanced Failover Placement Each VM placed based on node with best available memory resources Memory requirements evaluated on a per VM basis Non-Uniform Memory Access (NUMA) aware High Medium Low
- 5. Priorities for Roles or Virtual Machine Values: High, Medium, Low Default Priority: Medium Lowest Priority: No Auto Start Starting Roles in Priority order Per Node Placing Roles/VMs in Priority order Cold start Handling node crash Moving Roles/VMs in Priority order Queuing Node Drain High Medium Low No Auto Start
- 6. Virtual Machine Priorities Default Priority: Medium Default “Move Behavior”: Quick migration for Low & below Defined by cluster parameter “MoveTypeThreshold” which defaults to 2000 (Medium or Higher Priority)
- 7. VM Priorities & Live Migration Set all VMs to Live Migrate (instead of Quick Migrate) Not only VM with Medium/High Priorities VM Priority Values 3000 = High 2000 = Medium 1000 = Low 0 = Do not start automatically Using PowerShell Get-ClusterResourceType "Virtual Machine" | Set-ClusterParameter MoveTypeThreshold 1000
- 9. Enhanced Failover Placement • Enhanced memory aware placement of VMs • Check for most available Memory • Failover is determined by Preferred Owners & Possible Owners • Failback of VM now uses Live Migration instead of Quick Migration • Live Migration respects Preferred Owners & Possible Owners • Default Failback action: No Failback
- 10. Anti Affinity ClassNames • Property of ClusterResourceGroup • Identify ClusterGroups that should not be hosted on the same node (where possible) • Impacts VM Placement and Live Migrations • Configurable using PowerShell only • Configurable using SC2012 SP1 VMM using “Availibility Sets” • Serves as basis for “Availibility Sets” in SC2012 SP1 VMM More information: http://msdn.microsoft.com/en-us/library/aa369651(v=vs.85).aspx
- 11. Cluster Node Maintenance Mode Drain all VMs off a node Supports all cluster roles Role-specific features Live migration or quick migration for VMs Uses VM Priority Moves other roles
- 12. Cluster Node Maintenance Mode Workflow – In Depth Cluster Node Maintenance Mode - Automated Node Drain Workload sorted based on Priority VMs queued for live migration (using MaxLiveMigrations) Enhanced memory aware placement of VMs VMs’ live migrated concurrently along with built-in retry logic Node is PAUSED Automated Node Drain completed Cluster Placement Policies (Preferred & Possible Owners, AntiAffinity)
- 14. Cluster Aware Updating (CAU) Update orchestration across all nodes in a cluster CAU ships in box with Windows Server 2012 Not reinventing Windows Updates & patching Previews, applies and reports on updates for a cluster Two modes: Self-updating & Remote-updating Self-updating: Workload reduction through increased automation, Updating itself is resilient Remote-updating scenarios where closer administrator attention is preferred or warranted Extensible Integrate with your patching tools with plug-ins (API) Two inbox plug-ins: Windows Update & hotfix plug-in Per-node pre-update and post-update scripts
- 15. Where Does CAU Fit In? Windows Update Services
- 16. Plug-ins & Supported Update Types CAU ships with two plug-ins 1. Windows Update 1. Installs GDRs* => From Windows Update Or WSUS 2. Hotfix Plug-in 1. Installs QFEs** from a SMB 3.0 file share 2. 3rd party updates such as BIOS & Firmware Updates from a SMB 3.0 File Share
- 17. Cluster Aware Updating Process 1. Scans, downloads and installs applicable updates on each node Windows Update or Hotfix plugin or both 2. Restarts node as necessary 3. One node at a time 4. Repeats for all cluster nodes 5. Customize pre- & post-update behavior with PS scripts 6. Easy manual or scheduled launch Via GUI PowerShell Works for both physical or virtualized clusters Jenny Starts Updating Run Node 64 Resume Node & Failback VMs . . . Node 1 Windows Server failover cluster . . . Windows Update, WSUS, QFE, … Pause Node & Drain VMs CAU
- 18. Remote-Updating Mode CAU Update Coordinator process remotely connects to the cluster User-initiated Updating Run, allowing real time monitoring Rich progress updates Minimal Server Core (no .Net or PS dependency) on nodes CAU Update Coordinator Failover Cluster Node 1 Node 2 Node 3 Node 4
- 19. Node 1 Failover Cluster Self-Updating Mode Leverages a CAU cluster role that is resilient to planned and unplanned failures Requires no real-time user attention Installs updates on a custom schedule CAU Update Coordinator process runs on a clustered node Update Coordinator Node 2 Node 3 Node 4
- 20. Strict ACL Checking (Optional) Kerberos Mutual Authentication (Required) Data integrity checking (Required) SMB Signing or SMB Encryption Privacy with SMB Encryption (Optional) SMB Encryption is new in Windows Server 2012 Hotfixes Folder Structure & Security CAU Hotfix Root Folder CAUHotfix_All <Node Name 1> Extension Rules <MSU> <MSI> <MSP> Folder Rules <MySwUpdateType> Hotfix Config File MySwUpdateType Special software updates . . . Hotfixes applicable to all nodes Hotfixes applicable just to <Node Name 1> Hotfixes applicable just to <Node Name N> <Node Name N> MySwUpdateType Special software updates MySwUpdateType Special software updates
- 21. “Hotfix” Support Internals Rich/extensible Hotfix installation Microsoft QFEs, or third-party driver updates, or even Firmware/BIOS updates… Select hotfix behavior at start. Two key inputs: 1. Root Folder: on an SMB File Share 2. Configuration xml file: defines the Rules System32WindowsPowerShellv1.0ModulesClusterAwareUpdatingDefaultHotfixConfig.xml Configuration Rules are the key to flexibility Easy to specify new Rules hotfix installer name, install options, reboot behavior, return values etc.
- 22. NTFS permissions CAU File Share First you’ll need to do your home work as described in the TechNet article But that doesn’t quite cover it Adjust NTFS Permissions on the CAU Share Give cluster node computer accounts (or an AD group containing them, which makes for easier administration) Read/Execute permission to the location If Not =>they can’t run the DUPs.
- 23. NTFS permissions Log File DUPs allows logging with /L switch Locally (per node) or to central share Must use another share than the CAU Share: Need to give the computer accounts (or an AD group containing them, which makes for easier administration) write permission to the location You’re not allowed to do that for other then specific accounts as described on TechNet The log can grow quite large if used a lot Keep an eye on it For clarities sake use different log per cluster or folder type
- 24. CAU Hotfix plug-in in action
- 25. Cluster Management Using SCVMM 2012 SP1
- 26. VMM 2012 SP1: Cluster Management • Supports “Possible/Preferred Owner” • Supports of “Availability Sets” (Anti-Affinity) • Supports VM Priority • Supports CSV2 • Supports 64 cluster nodes, 4000 VM’s/cluster, 1024 VMs/node
- 27. Possible Owners & Preferred Owners
- 28. VM Priority
- 29. VMM 2012 SP1 support for Anti-Affinity = VMM ‘Availability Sets’ Availability Set = configurable anti-affinity rules for VMs Ensures VMs are placed on different hosts for better availability VMM Placement algorithm offers suggestions based on availability sets Works across: Standalone (non-clustered) Hyper-V hosts* Hyper-V clusters* Xen Server hosts VMware hosts
- 31. Availability Sets & VMM Services VMM Services can leverage ‘Availability Sets’ Availability sets – configured at the machine tier level Ensures that VM instances of a machine tier are placed on different hosts. SSUs can request availability sets for their VMs Simple checkbox experience Available from the VMM Service Template Designer
- 33. Fabric Patching Using SCVMM 2012 SP1
- 34. Update Management Feature of VMM 2012 Keeps Windows Fabric Servers up-to-date • Limited to VMM managed infrastructure servers (HV, LIB, WSUS, WDS) Enable Feature Manage Baselines Scan Servers Remediate Servers Manage Exemptions
- 35. Remediating Hyper-V Cluster Orchestrated workflow Put a node in maintenance mode Evacuates the node using Live Migration User can override this to save state the VMs on the node Install missing updates based on baselines assigned Take the node out of maintenance mode Go to next node and repeat Supports WS2008, WS2008 R2, WS2012 Hyper-V clusters Automatable using PowerShell
- 36. VMM Services & Service Templates
- 37. Scale out & health policy Scale out & health policy Scale out & health policy Service template (Multi-tier applications) IIS HW profile OS profile App profile Application server HW profile OS profile App profile SQL HW profile OS profile App profile Web tier Application tier Data tier Standardize Application Deployment using Service Templates Compute Storage Network Web (IIS) Web Deploy App (Server App-V) Data (SQL) DAC Packs Custom Scripts
- 38. Create Service Template with Service Designer Use the ribbon for contextual actions within the Service Template Designer. Use the designer canvas to build your service template from Virtual Machine Templates, Logical Networks and Load Balancers. Set service-related properties such as cost center, description, release version.
- 39. Preview pane shows view of your service deployment. Settings allow you to set deployment specific variables. Ribbon bar for deploy activity or to check deployment ratings. Deploy Service Through Deployment Preview
- 40. Why Use Services? Standardized deployments (in dynamic way – multiple environments) Manage multi-tier applications across multiple servers as a single unit Scale out based on demand Composibility of OS and Applications, allows users to manage fewer OS images Automation using # GCEs (Generic Command Execution ~ scripts)
- 41. Generic Command Execution (GCE) Execute custom scripts within Service instance VMs Can specify run as account, script restart behavior, logging properties Script parameters can leverage configurable service settings Multiple entry points available Application level Pre/post install, pre/post uninstall, pre/post service, save/restore state Application Profile level Pre/post install, Pre/post uninstall Pre/post install supports multiple, ordered scripts (SP1)
- 42. SC 2012 SP1 VMM: Services Service Deployment Support for Service deployment to untrusted domains and workgroups Support for Service deployment to disconnected VMs Application Host “Web Application Host” for deploying MS Web Deploy packages to existing web servers (virtual, physical, farm, clustered) SQL Server 2012 Complete installation of prepared SQL 2012 instances Linux Guest support Supporting Linux Operating Systems for unattended deployment
- 43. In-VM/Guest Agent SP1 Changes Requires .NET 4.0 Agent installation will take care of this (can sysprep as well) For Server Core, requires Windows Server 2008 R2 SP1 or above Deployed via ISO All service instance VMs have a guest agent installed Decoupled from VMM server Supports Service deployment to untrusted domains and workgroups Supports Service deployment to disconnected VMs
- 44. Service Template Explorer An add-in for your VMM Console, that allows you to discover, download and import pre-configured service templates directly to your VMM infrastructure Service Templates available (soon) Windows Server 2008 R2 SP1 / Windows Server 2012 ADDS Domain Controller DNS, DHCP Web Server (IIS) File Server * THIS IS BETA AT THE MOMENT AND MIGHT CHANGE TILL RTM
- 45. Service Template Explorer Experience