Finally, Microsoft released Windows Server 2016 and with Windows Server 2016 we also get the first version of Nano Server. I had the opportunity to speak on several different events and conferences about Nano Server, so I tried to create a quick summary of my presentation in this blog post.
Nano Server installation option Just enough OS
Nano Server is a redesign version of Windows Server which is very lightweight, very small footprint and fully remote managed and it is designed to solve some of the datacenter challenges we have today. Nano Server is a headless, 64-bit only deployment option of Windows Server. Microsoft basically removed all components from the base image. Roles and feature are not directly included in the base image and they have to be added while creating a new Nano Server Image or online using PowerShell Package Management. Not even the drivers are included in the base image, since you don’t want the physical drivers in a virtual machines, and you don’t want the virtual drivers on a physical machine This is also the reason why Nano Server does not show up during the installation dialog when you boot the Windows Server 2016 ISO file.
Nano Server Key Scenarios
The first version of Nano Server is designed for the following key scenarios:
- Born-in-the-cloud applications – support for multiple programming languages and runtimes. (e.g. ASP.NET Core, C#, Java, Node.js, Python, etc.) running in containers, virtual machines, or on physical servers.
- Microsoft Cloud Platform infrastructure – support for compute clusters running Hyper-V and storage clusters running Scale-out File Server and Storage Spaces Direct.
- But Microsoft also added some other roles like DNS and IIS to the Nano Server and we can expect more roles and features in the future.
In this version Nano Server will of course not replace Windows Server Core and Windows Server (Full or Server with Desktop Experience), but it will be definitely be they way going forward.
Nano Server Footprint
Nano Server has a very small foot print, The default WIM file has a size around 170 MB and if you create a Nano Server VHD or VHDX file it can be only around 400 MB in size. If you add more roles, features and drivers the size of the image gets bigger, but even if you add more stuff the size will be around 800 MB for an Hyper-V server including the Hyper-V role, Failover Clustering Feature, DCB feature, Physical OEM drivers and additional network adapter and storage controller drivers. If you compare Nano Server to Windows Server you can see some of the following changes:
- 93 percent lower VHD size
- 92 percent fewer critical bulletins
- 80 percent fewer reboots
Nano Server Servicing Improvements
Nano Server Deployment Improvements
This not only reduced deployment time and gives you some operational improvements, it also reduces the attack surface by a lot and this is a huge security improvement.
To achieve these results, Microsoft removed some parts of Windows Server such as:
- GUI stack
- 32 bit support (WOW64)
- MSI support
- RDP
- Some default Server Core components
- Basic OEM Drivers
- and more
Nano Server Management
By removing the User Interface stack, Microsoft made this server to a true headless server, without any login screen or RDP support. By removing the Graphic User Interface, Windows Administrator have to learn new ways how they manage servers, or better use existing ways to manage a Nano Server environment. The answer is simple and is the best practice for managing servers for a long time called Remote Management. Nano Server will offer some advanced remote Management features such as:
- WMI
- PowerShell Remoting
- PowerShell Direct
- PowerShell Desired State Configuration
- RSAT Tools (Server Manager, Hyper-V Manager, Failover Cluster Manager, …)
- System Center and other Management tools
- Server Management Tools (Azure Web-based management tools to replace local inbox management tools)
With that, existing Remote Management Tools, such as Server Manager and other RSAT tools, will continue to work. But Microsoft also improved PowerShell Remoting and introduces the Azure Serivce for Server Management Tools.
Server Management Tools
This service allows you to manage your servers directly from Azure using a web-based HTML5 portal. I personally think that this could also replace Server Manager and allows you to easily manage non-GUI servers such as Windows Server Core and Nano Server.
If you want to know more about the Sever Management Tools, check out my blog post: Manage Nano Server and Windows Server from Azure using Remote Server Management Tools
The Server Management Tools do not only support Nano Server, they also support Windows Server 2016, Windows Server 2012 R2 and Windows Server 2012 with WMF 5.0 and higher.
Remote Manage Nano Server with PowerShell
The simplest way to manage Nano Server is by using PowerShell Remoting using for exmaple the following command.
Enter-PSSession -ComputerName "NanoServer.thomasmaurer.ch" -Credentials (Get-Credentials)
If you are directly on a Hyper-V Server you can also use PowerShell Direct which allows you to directly connect to a Virtual Machine using the Hyper-V VMBus.
Enter-PSSession -VMName "NanoVM01" -Credentials (Get-Credentials)
If you want to know more about Managing Nano Server check out the following blog posts How to Remote Manage your Nano Server using PowerShell or Hyper-V PowerShell Direct.
Manage Nano Server using System Center
Nano Server can also be managed using System Center Virtual Machine Manager and System Center Operations Manager. With SCVMM you can deploy new Hyper-V and Storage Spaces Direct hosts as well as Virtual Machines.
Deploy Nano Server
To deploy Nano Server as a virtual machine or as a physical host you have to create a new Nano Server Image. For this you have basically have two option. The first one is using the built in Nano Server Image Generator PowerShell module and the second option is the Nano Server Image Builder UI wizard.
Nano Server Image Generator PowerShell module
The Nano Server Image Generator PowerShell module allows you to create new Nano Server Images. You can find this on the Windows Server 2016 media in the Nano Server folder. Here is a quick example how to create a new VHDX using the PowerShell module.
<div># Change Working Directory cd C:\NanoServer</div> <div></div> <div># Import Module Import-Module .\NanoServerImageGenerator.psm1</div> <div></div> <div># Create Nano Server Image VHDX New-NanoServerImage -MediaPath .\Files -BasePath .\Base -TargetPath .\Images\NanoVMGA.vhdx -MaxSize 20GB -DeploymentType Guest -Edition Datacenter -ComputerName "Nano01"</div>
Nano Server Image Builder
The Nano Server Image Builder is a UI based wizard to create Nano Server Images in VHDX, VHD, WIM or ISO to install Nano Server on all possible systems.
The Nano Server Image Builder can help you with the following tasks:
- Graphical UI to create Nano Server Images
- Adding drivers
- Choose Windows Server Edition
- Adding roles and features
- Adding drivers
- Adding updates
- Configuration of Network Settings
- Configuration of Domain settings
- Set Remoting Options
- Create an ISO file to boot from DVD or BMC (remote connection like HP ILO)
First download and install the Windows Assessment and Deployment Kit (ADK) and the Nano Server Image Builder.
If you need more information about deploying Nano Server check my blog post about Create a Nano Server using the Nano Server Image Builder and How to create a Nano Server Image using PowerShell.
Nano Server Packages
Roles, Features and Drivers live outside of the basic Nano Server Image have to be added while creating the Nano Server Image or after that using PowerShell Package Management.
You can find and install Windows Packages from the online package repository by using the NanoServerPackage provider of PackageManagement (OneGet) PowerShell module.
# Import PowerShell Module Save-Module -Path “$env:ProgramFiles\WindowsPowerShell\Modules” -Name NanoServerPackage -MinimumVersion 1.0.0.0 Import-PackageProvider NanoServerPackage # Find Nano Server Package Find-NanoServerPackage # Online Install Nano Server Package Install-NanoServerPackage -Name Microsoft-NanoServer-Containers-Package # Offline Install Nano Server Package Install-NanoServerPackage -Name Microsoft-NanoServer-Conainers-Package -culture de-de -RequiredVersion 10.0.14393.0 -ToVHd C:\NanoServer\Images\Nano01.vhdx # Download and save a Nano Server Package Find-NanoServerPackage -Name *containers* -MaximumVersion 10.2 -MinimumVersion 1.0 -Culture de-de | Save-NanoServerPackage -Path C:\NanoServer\Packages # Get Installed Nano Server Packages (online) Get-Package -provider NanoserverPackage # Get Installed Nano Server Packages (offline) Get-Package -provider NanoserverPackage -fromVhd C:\NanoServer\Images\Nano01.vhdx
Troubleshooting Nano Server
Nano Server Recovery Console
When you boot Nano Server you can not really login to Nano Server and browse the file system. What you can do is login to the Nano Server Recovery Console which allows you to do some basic tasks:
- Shows computer info like Name, IP Configuration, OS Version and more
- Reset Networking to DHCP
- Reset basic Windows Firewall rules
- If the Server is a Hyper-V Server you can see the VM running on the system and remove the Virtual Switch
Sysinternals for Nano Server
There is also a Sysinternals version for Nano Server.
Nano Server over a serial port with Emergency Management Services
Emergency Management Services (EMS) lets you perform basic troubleshooting, get network status, and open console sessions (including CMD/PowerShell) by using a terminal emulator over a serial port. This replaces the need for a keyboard and monitor to troubleshoot a server.
You can include this using the following cmdlets
# Debugging using a serial port New-NanoServerImage -MediaPath .\Files -BasePath .\Base -TargetPath .\Images\EnablingEMS.vhdx -EnableEMS -EMSPort 3 -EMSBaudRate 9600 # Debugging over a TCP/IP network New-NanoServerImage -MediaPath .\Files -BasePath .\Base -TargetPath .\Images\EMS.vhdx -DebugMethod Net -DebugRemoteIP 172.21.22.1 -DebugPort 64000
Nano Server Servicing
Windows Server are usually from the Long Term Servicing Branch and have 5 + 5 years of servicing and only get security and quality fixes, no new features. In Windows Server 2016 Server Core and Server with Desktop Experience follow this traditional servicing model. Nano Server on the other hand will be in a new servicing branch called Current Branch for Business (CBB).
- Nano Server will not have an LTSB with Windows Server 2016 and therefore not have 5+5 years of servicing
- Nano Server installations will have to move forward to future CBB releases of Nano Server to continue to be serviced
- Licensing Nano Server will require Software Assurance (SA)
- Installation of new CBBs are always controlled by administrators, no forced upgrades
Nano Server Key Wins
- Easy and fast to deploy
- Lightweight
- Easily integrates with our automated approach
- Reduces attack surface
- Works with existing deployment tools (WDS, SCVMM, SCCM and boot from VHDX)
- Reduces operational overhead
- Highly stable
- Delivers on scale and performance
Conclusion
In my opinion the effort Microsoft does with Nano Server really makes sense and will help Service Providers as well as Enterprise companies to deploy clouds even faster, more secure, more efficient and with less management overhead. Of course it is still early and Nano Server may not fit every case and scenario today, but definitely in the future.
Tags: Azure, Container, Deployment, Hyper-V, Management, Microsoft, Nano Server, Nano Server Image Builder, Packages, PowerShell, Remote Management, Server Management Tools, Storage, System Center, Troubleshooting, Virtual Machine, VMM, Windows Server, Windows Server 2016 Last modified: September 1, 2018
