Tag: Generation 2 VMs

Azure Generation 2 Virtual machine

Generation 2 VM support on Azure – and why should I care?

A couple of days ago Microsoft announced the public preview of Generation 2 virtual machines on Azure. Generation 2 virtual machines support a bunch of new technologies like increased memory, Intel Software Guard Extensions (SGX), and virtual persistent memory (vPMEM), which are not supported on generation 1 VMs. But more on that later.

What are Hyper-V Virtual Machine Generations

Windows Server 2012 R2 Hyper-V introduced the concept of virtual machine generations. Not to be confused with Hyper-V configuration versions. The generation of a virtual machine defines the virtual hardware of a virtual machine and adds some additional and modern functionality. In Hyper-V, there are two virtual machine generations, generation 1 and generation 2. Generation 2 virtual machines support Unified Extensible Firmware Interface (UEFI) firmware instead of BIOS-based firmware. The Hyper-V team also removed a lot of the legacy devices and replaced them with a simplified virtual machine model.

On Windows Server Hyper-V Generation 2 VMs support features and improvements like

  • PXE boot by using a standard network adapter
  • Boot from a SCSI virtual hard disk
  • Boot from a SCSI virtual DVD
  • Secure Boot (enabled by default)
  • UEFI firmware support
  • OS disk > 2 TB
  • improved boot and installation times

However, an important note here, not all of these features are currently available on Azure Generation 2 virtual machines, and not all operating systems are supported in Generation 2 VMs. For example, in Windows7, Windows Server 2008 and Windows Server 2008 R2 and 32-bit Windows systems are not supported. You can find more information about Hyper-V Generation 2 VMs here.

Azure Generation 2 Virtual Machines Overview

Azure Generation 2 Virtual Machines are currently in public preview. To be honest, Generation 2 VMs in Azure aren’t that new, with the public preview of Azure Confidential Computing, we already used Generation 2 VMs. However, now we can start using it for other workloads as well. This means that you can now upload and use your local VHD (not VHDX) files based on Hyper-V Generation 2 virtual machines. Before you had to use Azure Site Recovery to replicate and convert your Hyper-V Generation 2 VMs to Azure Generation 1 VMs.

Azure Generation 1 vs. Generation 2 capabilities

Azure Generation 1 vs Generation 2 VM

Currently, Generation 2 VMs are in public preview, and that means next to not having a service level agreement (SLA), the features which are available can and are limited. If you look at features like ASR or Azure Backup, which are currently not supporting Generation 2 VMs.

CapabilityGeneration 1Generation 2
OS disk > 2 TB
Custom Disk/Image/Swap OS
Virtual machine scale set support
ASR/Backup
Shared Image Gallery
Azure Disk Encryption

You can find more information about Azure Generation 2 virtual machines with an updated list of capabilities on Microsoft Docs.

Hyper-V vs. Azure Generation 2 VMs

There are also differences between Hyper-V Generation 2 VMs and Azure Generation 2 VMs. Not all of the features provided in Hyper-V are currently present in the public preview version on Azure.

FeatureOn-prem Hyper-VAzure
Secure Boot
Shielded VM
vTPM
Virtualization-Based Security (VBS)
VHDX format

Again, you can find an up-to-date list on Microsoft Docs.

Getting started

You can get started using the Generation 2 VMs on the following VM Sizes on Azure Premium Storage and Ultra SSD:

Windows Server Azure Generation 2 Virtual Machine

In public preview, you can now also use the following Azure Marketplace images from the “windowsserver-gen2preview” offer.

  • Windows Server 2019 Datacenter (2019-datacenter-gen2)
  • Windows Server 2016 Datacenter (2016-datacenter-gen2)
  • Windows Server 2012 R2 Datacenter (2012-r2-datacenter-gen2)
  • Windows Server 2012 Datacenter (2012-datacenter-gen2)

Create a virtual machine

You can use the Azure Portal to create a new VM or the Azure CLI using the following commands:

 
az group create --name myGen2ResourceGroupVM --location eastus
az vm create \
--resource-group myGen2ResourceGroupVM \
--name myVM \
--image MicrosoftWindowsServer:windowsserver-gen2preview:2019-datacenter-gen2:latest \
--admin-username thomas \
--admin-password myPassword12

Conclusion

I hope this gives you an overview of the benefits and how you can run Generation 2 VMs on Azure. If you have any questions please let me know in the comments.



Azure Confidential Compute VM Deployment

Protect Workloads with Azure Confidential Computing

A year ago Microsoft announced that they were working on a new technology in Azure to protect and encrypt data in use, called Azure Confidential Computing. If you are moving sensitive data to the cloud, you also want to encrypt it. Today, you can do this for data in transit and data at rest. However, data in use is a challenge. Azure Confidential Computing addresses precisely that scenario and helps you to encrypt data in use. Microsoft was running a private preview program in the last year, and at Microsoft Ignite this year, Microsoft opened up a public preview.

What is Azure Confidential Computing

Azure Confidential Computing together with Intel SGX technology, addresses the following threads:

  • Malicious insiders with administrative privilege or direct access to hardware on which it is being processed
  • Hackers and malware that exploit bugs in the operating system, application, or hypervisor
  • Third parties accessing it without their consent

There are ways to secure data at rest and in transit, but you need to protect your data from threats as it’s being processed. Now you can. Confidential computing adds new data security capabilities using trusted execution environments (TEEs) or encryption mechanisms to protect your data while in use. TEEs are hardware or software implementations that safeguard data being processed from access outside the TEE. The hardware provides a protected container by securing a portion of the processor and memory. Only authorized code is permitted to run and to access data, so code and data are protected against viewing and modification from outside of TEE.



VMM 2012 R2 Update Rollup 6 Azure IaaS Management

Generation 2 Virtual Machine in Service Templates and Managing Azure IaaS VMs in VMM with UR6

Microsoft just announced System Center 2012 R2 Virtual Machine Manager Update Rollup 6 with some highly requested features. Two of them are support for VMM Service Templates with Generation 2 Virtual Machines and managing Microsoft Azure IaaS Virtual Machines directly from the Virtual Machine Manager Console.

If you want to know more checkout that video:



Windows Server 2012 R2

What’s new in Windows Server 2012 R2 Hyper-V

Today Microsoft announced the new features which are coming in Windows Server 2012 R2 which will be the next version of Windows Server at Microsoft TechEd North America. By the way just to show you how great Windows Server 2012 was and how great it scaled, Windows Azure uses the same Hyper-V virtualization service built-into Windows Server 2012 and this means complete virtual machine compatibility between on premise Hyper-V and Windows Azure IaaS. This blog post shows what’s new in Windows Server 2012 R2 Hyper-V.

Here the next version names:

  • Windows Server 2012 R2
  • System Center 2012 R2
  • Windows 8.1

Now Microsoft announced a lot of new features especially for Hyper-V, and here are some of them:

  • Shared VHDX – a VHDX can now be shared between two Virtual Machine by using the virtual SCSI controller. This is created if you need shared storage for guest clustering inside virtual machines instead of using iSCSI or virtual fiber channel.
  • Live Migration Compression – Live Migration traffic will be compressed by the Hyper-V host before it’s sent over the wire. Which does reduce Live Migration time dramatically, up to 50% faster.
  • Live Migration over SMB Direct (RDMA) – Live Migration can use leverage SMB 3.0 and this means it can also make use of SMB Direct or RDMA which allows you to do live migration even faster.
  • Storage Quality of Service (QoS) – Limit storage IOPS per virtual machine
  • Live Virtual Machine Cloning / Exporting – You can now live clone a virtual machines without downtime and also export a running virtual machine.
  • Linux Guest OS support enhancements – Support for live backups of linux virtual machines and dynamic memory support for Linux guests.
  • Hyper-V Replica 2.0 – Hyper-V replica can now replicate not just two one other host, this replica can also replicate to a third Hyper-V host and the replication time was changed to three different settings (every 30 secs, every 5 minutes or every 15 minutes). Hyper-V Replica also got some background scalability and performance improvements.
  • Windows Azure Compatibility – As I already mentioned Windows Azure is running Windows Server 2012 Hyper-V which means that Hyper-V virtual machines on-premise are also capable to run in Windows Azure
  • Online resizing of VHDX – You can expand and shrink VHDX files during the virtual machine is running.
  • Automatic Guest Activation – zero touch activation of virtual machines. Virtual machines automaticly get activated if the Hyper-V hosts is an activated Datacenter edition.
  • VM Connect using RDP or enhanced VM interaction – This uses Remote Desktop over the VMBus, which allows you to use full remote desktop capabilities (Shared clipboard, audio redirection, folder redirection, smartcards, USB pass-through enhanced login and more…)
  • Generation 2 virtual machines – Gen2 VMs are legacy free and based on UEFI. So this means no more emulated devices, boot from virtual SCSI controllers or synthetic network adapters (PXE boot >100MBit) and enables UEFI secure boot as a standard. Supported guest operating systems: 64-bit versions of Windows 8, Windows Server 2012, Windows 8.1 and Windows Server 2012 R2.
  • Zero-downtime upgrade (Cross version live Migration) – Live migrate virtual machines from Windows Server 2012 to Windows Server 2012 R2 (this also includes shared-nothing live migration).
  • Hyper-V Recovery Manager – I already mentioned the new service called Hyper-V Recovery Manager in Windows Azure which allows you to run a orchestrator failover of your virtual machines using Hyper-V Replica.
  • Deduplication – Deduplication of VDI Virtual Machines

There are a lot of other cool features in Windows Server 2012 R2 which add other great value to Hyper-V and your Private cloud. I will cover them in some other blog posts in the next days.