Microsoft blijft Technical Previews uitbrengen van Windows Server 2016 met splinternieuwe mogelijkheden. In de laatste Technical Preview, TP3, zitten allerlei nieuwe dingen, zoals Docker integratie en Windows Server Containers, maar ook verbeteringen van zaken die in vorige versies zijn geïntroduceerd. Daarnaast zitten er nieuwe beveiligings-features in, zoals Shielded VM's, die de inhoud van virtuele machines beschermt in een multitenant omgeving.
Computerworld selecteert hier de beste Engelstalige verhalen uit ons internationale IDG-netwerk.
The TP2 release debuted Nano Server and a number of Hyper-V, networking, and storage features. It introduced a new Windows Server role named Host Guardian Service, which flags trusted Hyper-V hosts, and included a Windows Server Antimalware feature not found in previous previews. Forthcoming Technical Previews will bring more new features, notably Hyper-V Containers.
But while the hits keep coming and the complete picture of Windows Server 2016 is still forming, it's not too soon to weigh in on some of our favorites. We'll update this list as more Technical Previews, and eventually beta versions, arrive. In the meantime, here are the Windows Server 2016 features we like the most.
Technical Preview 3 provides the first look at Windows Server Containers and includes everything you need to get started testing this technology on Windows. Installation requires only two commands in an elevated PowerShell window:
wget -uri https://aka.ms/setupcontainers -OutFile C:\ContainerSetup.ps1
It's important to note at this point that Microsoft supports two different container models: Windows Server Containers and Hyper-V Containers. Windows Server Containers use the standard Docker concepts, running each container as an application on top of the host OS. Hyper-V Containers will be completely isolated virtual machines, incorporating their own copy of the Windows kernel, but more lightweight than traditional VMs. Hyper-V Containers will make it possible to do nested virtualization within Hyper-V. New PowerShell cmdlets provide an alternative to Docker commands to manage your containers (see Figure 1).
Container images are built against a specific operating system. This means you'll need a Linux virtual machine to run a Linux container image on Windows. Windows Server Containers will be an embedded feature of Windows Server 2016 and work with the Docker ecosystem out of the box. Microsoft is using GitHub for posting Windows versions of the different Docker components and encourages participation from the developer community.
Figure 1: You can manage Windows Server Containers (and Hyper-V Containers when they arrive) through native Docker commands or through PowerShell (shown).
Refactoring is the process of analyzing an existing code base with an eye toward simplification. Nano is the end result of Microsoft refactoring the core pieces of Windows Server to its minimally functional state. It's so minimal, in fact, that it doesn't have any direct user interface besides the new Emergency Management console. A Nano instance is managed remotely using Windows PowerShell, or other tools, to include the process of adding new roles.
A Nano instance consumes not much more than 512MB of disk space and less than 256MB of memory, depending on your configuration. This will make a huge difference for all virtual machines built on top of Nano, which will function as an infrastructure host installed on bare metal and as a guest OS running as a virtualized machine. New in Technical Preview 3 is an Emergency Management Console that allows you to view and fix networking issues directly from the Nano Server console. Nano Azure VM instances can be created with a Microsoft-supplied PowerShell script and now support running ASP.Net v5 applications using CoreCLR.
Microsoft has supported replication in the world of Hyper-V, but it has been limited up to this point to asynchronous replication of virtual hard disks. That changes with Windows Server 2016, as you now have the ability to replicate entire volumes at the block level. Further, you can choose between synchronous and asynchronous replication.
This feature, called Storage Replica, is primarily aimed at disaster recovery scenarios where a "hot" backup is needed for a quick fail-over in case of a major catastrophe. Both server-to-server and cluster-to-cluster replication are supported.
Storage Spaces Direct
Both Windows 8 and Windows Server 2012 shipped with Storage Spaces, which provides similar functionality to RAID but in software. Windows Server 2012 R2 added the ability to build a highly available storage cluster based on the same Storage Spaces technology and Microsoft clustering. The one big requirement for this high-availability cluster is making all storage accessible to participating nodes through an external JBOD array. The JBOD array must also contain SAS drives for their multi-initiator support.
Windows Server 2016 Technical Preview 2 takes Storage Spaces a step further, with the ability to build a highly available storage system using only directly attached disks on each node. Resiliency across nodes uses the network and the SMB3 protocol. This new feature, called Storage Spaces Direct, also takes advantage of new hardware like NVMe SSDs, while still supporting older SATA-based hardware. A minimum of four nodes must be available to create a cluster with Storage Spaces Direct.
ReFS as primary file system
The Resilient File System (ReFS) is another feature that was introduced with Windows 8 and Windows Server 2012. Designed from the beginning to be more resistant to corruption than its predecessor, ReFS brings many advantages to the NTFS on-disk format. Microsoft has elevated both the usefulness and the importance of ReFS in Windows Server 2016 TP2 by making it the preferred file system for Hyper-V workloads.
This has huge performance implications for Hyper-V. For starters, you should see new virtual machines with a fixed-size VHDX created almost as fast as you hit return. The same advantages apply to creating checkpoint files and to merging VHDX files created when you make a backup. These capabilities resemble what ODX (Offload Data Transfers) can do on larger storage appliances. One point you need to keep in mind is that ReFS allocates the storage for these operations without initializing it, meaning there could be residual data left over from previous files.
Hyper-V rolling upgrades
Upgrading to a new operating system presents significant challenges on many fronts. In previous versions of Windows Server, it was not possible to upgrade a cluster without taking it down. This can be a significant issue for production systems, which typically run continuously. Often the workaround was to stand up a new cluster running the updated operating system, then live-migrate the workloads from the old cluster. Naturally, this required totally new hardware to accomplish.
Windows Server 2016 supports rolling cluster upgrades from Windows Server 2012 R2, meaning you can perform these upgrades without taking down the cluster or migrating to new hardware. The process is similar in that individual nodes in the cluster must have all active roles moved or evicted to another node in order to upgrade the host operating system. The difference is that all members of the cluster will continue to operate at the Windows Server 2012 R2 functional level (and support migrations between old and upgraded hosts) until all hosts are running the new operating system and you explicitly upgrade the cluster functional level (by issuing a PowerShell command).
Rolling cluster upgrades should reduce the effort needed and hopefully make the process of upgrading less painful for production environments.
Hyper-V hot add NICs and memory
Previous versions of Hyper-V did not allow you to add a network interface or more memory to a running virtual machine. Because downtime is always bad but change is sometimes good, Microsoft now allows you to make some critical machine configuration changes without taking the virtual machine offline. The two most important changes involve networking and memory.
Figure 2 shows the hardware settings dialog for a virtual machine named Windows Server 2016 TP2 with the virtual machine running. Notice that the Network Adapter entry in the Add Hardware dialog is no longer grayed out. This allows an administrator to add network adapters while the VM is running. Similarly, VMs with fixed amounts of memory can now have memory added. Previous versions of Hyper-V supported dynamic memory allocation (that is, the VM would consume only what it needed up to the amount provisioned) but did not allow a VM with a fixed amount of memory to be modified while running.
Figure 2: In Windows Server 2016 Hyper-V, you can add NICs or memory to virtual machine while it's running.
Convergence is the buzzword here with new features coming to help enterprises and hosting providers merge traffic from multiple tenants to reduce the number of network interfaces. This can reduce the required number of network ports by as much as half in some cases. Another new capability is called Packet Direct, which focuses on increasing efficiency across workloads to include everything from small packets to large data transfers.
Technical Preview 3 includes a new server role called Network Controller, which provides a central point for monitoring and managing network infrastructure and services. Other enhancements supporting the software-defined network capabilities include an L4 load balancer, enhanced gateways for connecting to Azure and other remote sites, and a converged network fabric supporting both RDMA and tenant traffic.
Storage QoS updates
Storage Quality of Service (Storage QoS) was introduced with Hyper-V in Windows Server 2012 R2, making it possible to place limits on the amount of IO that individual VMs could consume. The initial release of this feature was limited to placing QoS limits at the Hyper-V host level. As a result, the current version of Storage QoS works well in a small environment, but can present a challenge when you need to balance IOs across multiple hosts.
Windows Server 2016 allows you to centrally manage Storage QoS policies for groups of virtual machines and enforce those policies at the cluster level. This could come into play in the case where multiple VMs make up a service and should be managed together. PowerShell cmdlets have been added in support of these new features, including Get-StorageQosFlow, which provides a number of options to monitor the performance related to Storage QoS; Get-StorageQosPolicy, which will retrieve the current policy settings; and New-StorageQosPolicy, which creates a new policy.
PowerShell continues to receive updates with each new release of the operating system. Windows Server 2016 will see a significant number of new PowerShell cmdlets focused on specific functionality. You can even use PowerShell commands to check each new release to see the differences. The PowerShell cmdlet Get-Command returns a list of commands that can be sent to a file for further processing. Microsoft's Jose Barreto posted instructions on his blog for exactly this.
New cmdlets of interest include 21 DNS-related commands, 11 for Windows Defender, 36 for Hyper-V, 17 for IIS administration, and 141 commands related to the Network Controller, to name a few. The other big push for PowerShell in this release relates to Desired State Configuration (DSC). Microsoft has done a lot of work to make DSC the tool for initially configuring and maintaining not only Windows Server, but also Linux servers. When you throw in the new package manager service, OneGet, you have tons of new PowerShell-driven possibilities.
As increasing numbers of workloads move to virtualized instances in the cloud, it becomes important to reduce the footprint of each instance, to increase the security around them, and to bring more automation to the mix. It also makes sense to provide more advanced networking and storage functionality in software. In Windows Server 2016, Microsoft is pushing ahead on all of these fronts all at once.