Category: Server Core

Last updated by at .

Hyper-V Windows Containers

Windows Server news from Microsoft Build 2017 – It is all about Container!

Microsoft is just running their annual Developer Conference call Build with some interesting news for developers on Azure, Database Servers, Visual Studio, PowerShell, .NET and much more. But Microsoft also had some interesting things to share about the future of Windows Server. In a blog post, Erin Chapple, General Manager Windows Server, shared some information what Microsoft is doing in the Windows server space and about the next first feature release which will be aligned with the Windows 10 Client Operating System and will be released this Fall.

Windows Server is joining the Windows Insider program – Microsoft will start releasing regular Windows Server Insider builds including container images, which will be available to all Windows Insiders.

Container-optimized Nano Server – The Windows Server team has closely partnered with he .NET Team to bring the .NET Core 2.0 work to Windows Containers with an optimized container image based on Nano Server. This will reduce the footprint of the .NET container image by 50 percent, which will also reduce startup time as well as density improvements.

Windows Subsystem for Linux (WSL) on Windows Server – At DockerCon Keynote we demonstrated a Linux container running natively on Windows Server. To enable this, the Windows Server team worked to bring the Windows Subsystem for Linux (WSL), also know as bash on Windows 10, to Windows Server. Together with Hyper-V isolation technology, the WSL will allow users to run Linux Containers on a Windows Server Container Host. The great thing here, there is also a choice on the Linux kernel, which will allow you to run different Linux distributions as containers.

Container Orchestration – Microsoft works with different container orchestration technologies, such as Docker swarm and Kubernetes to bring support for Windows Server Containers.

Container Storage – In Windows Containers you could use locally mounted volumes to store persistent data. As another investment in Containers, Microsoft is adding the ability to map SMB file-based storage directly into a container.

Starting this summer, Microsoft will begin to post early builds of the new Windows Server features, including container-optimized Nano Server images to the Docker Hub, support for Linux containers, Windows Subsystem for Linux (WSL), better orchestration support and SMB storage for containers in the Windows Insider program.

Aligned with the next release of Windows 10, these new features will be delivered as part of our first feature release this Fall. It will be available to customers with Software Assurance who commit to a more frequent release model. For customers who prefer the long-term servicing branch (LTSB) these features will be part of the next major release of Windows Server.



Performance Tuing Guidelines for Windows Server 2016

Microsoft Windows Server 2016 Performance Tuning Guide

Yesterday Microsoft released the official Windows Server 2016 Performance Tuning Guide. The guide provides a collection of technical articles with guidance for IT professionals responsible for deploying, operating and tuning Windows Server 2016 across the most common server workloads. The guide is especially helpful if you deploy roles like, Active Directory, Hyper-V, Storage Spaces Direct, Remote Desktop Servers, Web Servers, Windows Server Containers and Networking features.

It is important that your tuning changes consider the hardware, the workload, the power budgets, and the performance goals of your server. This guide describes each setting and its potential effect to help you make an informed decision about its relevance to your system, workload, performance, and energy usage goals.

You can find the documentation on the new docs.microsoft.com platform, where now all the Windows Server 2016 documentation is available. Here you can find the: Performance Tuning Guidelines for Windows Server 2016

If you are looking for hardware recommendations check out my blog post: My Hardware Recommendations for Windows Server 2016 and you can also check my blog post about Getting started with Windows Server 2016 and System Center 2016



Hyper-V Manager ins Azure Server Management Tools SMT

Manage Hyper-V from Azure Server Management Tools

Microsoft released an updated to the Azure Server Management Tools (SMT) and this improves some of the existing tools such as File Explorer and Device Manager. But the big announcement here is, that you now can manage your Hyper-V Server and Virtual Machines directly from Microsoft Azure from where ever you are. This is one of the great examples of using cloud solutions to extend your on premise environment, By using Management as a Service you basically don’t need to updated anything, you just got this new feature available in the Azure portal and you can start using it.

In this update to the Server Management Tools, Microsoft supports the following VM management functionality:

  • Start/Shutdown/Turn off/Pause/Resume
  • Save State/Delete Saved State
  • Take/Apply & rename checkpoints

You can see the Virtual Machines on which are running on the Hyper-V server

Hyper-V Manager in Azure SMT

You can also do basic management of checkpoints

Hyper-V VM in Azure SMT

If you want to know more about the Server Management Tools (SMT) check out my blog post: Manage Nano Server and Windows Server from Azure using Remote Server Management Tools

 



ExpertsLive

Speaking at ExpertsLive 2016 in Amsterdam

Last year I had the chance to speak for the first time at ExpertsLive.nl in Amsterdam. Today I am proud that I will be speaking at ExpertsLive.nl again this year. Next week I will be presenting in two session about Windows Server 2016 together with Michael Rüefli.

Also check out the Savison blog post about ExpertsLive from Isidora Katanić and me: Empower your knowledge at Experts Live 2016!

Presenting ExpertsLive

Greatest Server OS Hits; best of Server 2016

In this presentation we will guide you through the highly anticipated innovations including: •Hyper-V 2016 features •Nano Server •Storage Spaces Direct •Storage Replica •Windows Server Containers •And more

The future of your datacenter: Nano Server and Container

Nano Server is the future of Windows Server. With Nano Server Microsoft created the foundation for Windows Server for the next 20 year. In this session you will get an overview about Nano Server and see some great live demos how you can deploy, manage and operate Nano Server as well as creating applications for it. Get a better understanding of Nano Server and see how you deploy, manage and operate it.



Installation Windows Server 2016 VPN

How to Install VPN on Windows Server 2016

This post shows you how you can install a VPN Server on Windows Server 2016 Step-by-Step. It shows you how you can easily setup a VPN server for a small environment or for a hosted server scenario.

This is definitely not a guide for an enterprise deployment, if you are thinking about a enterprise deployment you should definitely have a look at Direct Access.

I already did similar blog posts for Windows Server 2008 R2, Windows Server 2012 and Windows Server 2012 R2.

You can simply follow this step by step guide:

First install the “Remote Access” via Server Manager or Windows PowerShell.

Install Remote Access Role VPN

Select the “DirectAccess and VPN (RAS)” role services and click next.

DirectAccess and VPN (RAS)



5Nine Hyper-V Security Agentless

Secure your Hyper-V environment with 5nine Cloud Security 8.1

In the past years I was building several Hyper-V environments together with Enterprise customers and with service providers. In a lot of cases customer wanted more security in there Cloud and Virtualization environment. Security becoming a even more critical part in your datacenter and with a high virtualization rate, it gets even more critical and complex to manage. Especially when Virtual Machines can move from on cluster to another or from one datacenter to another. 5nine is one of the vendors who has a great solution, for this challenges. A couple of years back I wrote a blog post about 5Nine Cloud Security version 4.0. 5nine Cloud Security is a unified security and compliance solution designed to specifically address every Hyper-V security vulnerability across every virtual resource.

Last week at Microsoft Ignite, Microsoft released Windows Server 2016 and Hyper-V 2016, with that 5nine released 5nine Cloud Security 8.1 which supports Windows Server 2016 and Hyper-V 2016.

5nine Cloud Security has some unique key features to secure your environment.

  • Distributed vFirewall – Secure multi-tenant Hyper-V environment and provide VM isolation
  • Agentless Antimalware Detection – Protect Hyper-V with patent-pending agentless Kaspersky or ThreatTrack antivirus now with Real-Time Malware Detection
  • Enforce security compliance

5Nine Hyper-V Security Agentless

Key features

if you look at it on a security features list, 5nine Cloud Security offers you the following security features:

  • Automatically & Instantly Secure all Virtual Machines, Disks, Networks and Switches
  • Choice of Leading Antivirus Engines
  • Agentless AV – Full Virtual Machine Scans
  • Agentless AV – Real-time HTTP Virus and Malware Detection
  • Hyper-V Optimized Real-time Active Protection Agent
  • Agentless Firewall
    • Granular control over each virtual machine using Hyper-V
    • Extensible Switch, no agent required
    • Configure the Advanced / Full Kernel mode Virtual Firewall for each VM individually
    • MAC Address filtering
    • ARP Rules
    • SPI (stateful packet inspection)
    • Network traffic anomaly analysis
    • Inbound and outbound per VM bandwidth throttling
    • MAC broadcast filtering
    • All filtering events logging with more data (UM logs only contain blocked events)
    • Configure network filtering rules on a per-VM basis
    • Set inbound/outbound traffic limits and bandwidth utilization by virtual machine
  • Agentless Intrusion Detection
  • No need to access Guest OS to manage security
  • Centralized signature management with updates to host only
  • Incremental Fast Scans
  • Offline VM Scanning
  • Avoids Host Scanning Storms
  • Support for Windows Server 2012, 2012 R2 and 2016 Hyper-V
  • Supports any guest OS supported by Windows Hyper-V including Linux
  • Meet the security demands of enterprise, management service providers (MSPs), public sector, and hosting providers who leverage Microsoft’s Hyper-V Server and Cloud Platform
  • Provide the first and only seamless agentless compliance and agentless security solution for the Hyper-V Cloud
  • Deliver multi-layered protection together with integrated, agentless antivirus and intrusion detection capabilities
  • Offer unmatched levels of industry-demanded protection and compliance (including PCI-DSS, HIPAA, and Sarbanes-Oxley)
  • Secure the Cloud environment with anti-virus technology that runs with virtually zero performance impact while simultaneously improving virtual machine density
  • Provide network traffic control between virtual machines
  • Enforce secure multi-tenancy and Virtual Machines Security Groups
  • Provide NVGRE support (Hyper-V Network Virtualization)
  • Support for Microsoft Switch Embedded Teaming
  • PowerShell Module for automation

Integration and offerings

5Nine Hyper-V Security System Center VMM Plugin

5Nine Cloud Security also integrated perfectly in your Microsoft System Center environment using a System Center Virtual Machine Manager plugin.

5nine Cloud Security also offers a Windows Azure Pack Resource Provider to offer self-service to your tenants. Azure Pack (WAP) Extension is the only Security as a Service (SECaaS) solution to protect your datacenter, your customers, and their clouds as a free add-on to 5nine Cloud Security. It is the only way to enable tenants to easily manage their own Windows and Linux security policies through the Azure Pack self-service portal. Now hosting and service providers can secure multi-tenant environments and virtual machines in private, hosted or hybrid scenarios, while giving users the ability to easily configure firewalls, intrusion detection, and more.

Architecture

The installation and the management is so easy, you don’t really need any documentation. That’s how a security product should work, it should not make your environment even more complex it should help you to keep your environment secure without adding extra complexity to it. Is used 5nine for several customer environments.

  • The Management Service – This would be your 5nine management server which needs a SQL database (minimum MS SQL Express) and all Hyper-V Hosts are connected to this management server.
  • The Host Management Service – which is basically the software and agent running on the Hyper-V host itself.
  • The Management Console – The console where you can configure everything. The console is simply connected to the management server.
  • The Virtual Machine Manager Plugin – This is a plugin in VMM which allows you to manage rules directly from your System Center Virtual Machine Manager Console
  • Azure Pack Extension – Resource Provider installed on the WAP Tenant and WAP Admin servers

Impressions

5nine host service

5nine is a very light weight solution for the Hyper-V host with not a lot of overhead. On the Hyper-V host you have only two service running and the Hyper-V switch extensions.

5nine-switch-extension

 

Conclusion

Overall I think 5Nine Cloud Security is a must have solution to protect your Hyper-V environment, if you want to do more serious centralized managed security. Especially with the release of 5nine Cloud Security 8.1 directly with the release of Windows Server 2016, 5nine shows how great their development and integration in Hyper-V really is. It always supports the latest features of Hyper-V solve real world needs.

If you need more information, want to buy 5nine Cloud Security or if you need someone to help you integrated 5nine Cloud Security in your environment, feel free to contact me.

 

 



Thomas Maurer Speaking

Speaking at IT/Dev Connections in Las Vegas

Today I am really proud to announce that I will be able to speak at IT/Dev Connections Conference in Las Vegas from 10-13 October 2016. Widely recognized for the depth and objectivity of its content, IT/Dev Connections training sessions teach developers and IT professionals the skills they need to do their jobs better. Its speakers include the most knowledgeable and accomplished developers, technology experts, and strategists in the industry. Covering everything from Microsoft’s roadmap and strategy to detailed best practices, these hands-on experts take attendees through the entire planning and implementation process, providing specific guidance across all perspectives.

ITDev Connections

In two break out sessions I will talk about new features in Windows Server 2016 and the Microsoft Cloud. I will also deliver a half-day pre conference workshop about Windows Server 2016, so you can learn all you need to know about the up coming Windows Server release.

Workshop

Workshop: Windows Server 2016 - Get Ready for the Next Generation of Windows Server

Monday, October 10, 2016: 8:00 AM – 12:00 PM – Windows Server 2016 is an upcoming server operating system from Microsoft developed concurrently with Windows 10 and as part of the Windows NT family of operating systems.Windows Server 2016 will be released between September 26 to 30, 2016 at Microsoft’s Ignite conference. While Ignite will provide high level overviews, Thomas Maurer (Microsoft MVP) will use this workshop at IT/Dev Connections 2016 to give you the very first chance to get instruction on how to actually use all the highly anticipated innovations and secret improvements in Windows Server 2016 including: Hyper-V 2016 Nano Server Storage Spaces Direct Storage Replica Windows Server Containers …And more!

Breakout Sessions:

Nano Server - The Future of Windows Server

Tuesday, October 11, 2016: 1:15 PM – 2:30 PM – Nano Server is the future of Windows Server. With Nano Server Microsoft created the foundation for Windows Server for the next 20 year. In this session you will get an overview about Nano Server and see some great live demos how you can deploy, manage and operate Nano Server as well as creating applications for it. Get a better understanding of Nano Server and see how you deploy, manage and operate it.

The best of Windows Server 2016: The New Foundation of your Datacenter

Wednesday, October 12, 2016: 3:00 PM – 4:15 PM – Join this session for the Best of Windows Server 2016 — The New Foundation of your Datacenter. You’ll be one of the first to know about new, exciting improvements that are coming in Windows Server 2016 and how they’ll improve your day-to-day job. In this hour-long presentation Thomas Maurer (Microsoft MVP) will guide you through the highly anticipated innovations including: •Hyper-V 2016 features •Nano Server •Storage Spaces Direct •Storage Replica •Windows Server Containers •And more!

I am really looking forward to IT/Dev Connections and hopefully see you there!