What's New in Windows Server 2012 Hyper-V, Part 2 Jeff Woolsey Windows Server & Cloud Microsoft Corporation VIR309
Windows Server 2012 Networking
How do I ensure network multi-tenancy? IP Address Management is a pain. What if VMs are competing for bandwidth? Fully Leverage Network Fabric How do I integrate with existing fabric? Network Metering? Can I dedicate a NIC to a workload?
Tenant 2: Multiple VM Workloads Data Center Tenant 1: Multiple VM Workloads
Tenant 2: Multiple VM Workloads Data Center Tenant 1: Multiple VM Workloads LEARN MORE
Cloud Data Center Woodgrove Bank Blue /16 Contoso Bank Red /16
u u Win 8 Host Blue Red To Internet ( ) Hyper-V Switch Red Green Isolated 4, 7 Isolated Community 4, 9 Community
Physical network Physical server Woodgrove VMContoso VM Woodgrove networkContoso network Hyper-V Machine Virtualization Run multiple virtual servers on a physical server Each VM has illusion it is running as a physical server Hyper-V Network Virtualization Run multiple virtual networks on a physical network Each virtual network has illusion it is running as a physical fabric LEARN MORE
Tenant 2: Multiple VM Workloads Data Center Tenant 1: Multiple VM Workloads TEAMING LEARN MORE
Tenant 2: Multiple VM Workloads Data Center Tenant 1: Multiple VM Workloads $$ $$$$
Tenant 2: Multiple VM Workloads Data Center Tenant 1: Multiple VM Workloads
Tenant 2: Multiple VM Workloads Data Center Tenant 1: Multiple VM Workloads LEARN MORE
Physical NIC Root Partition Extensible Switch Extension Protocol Extension Miniport Capture Extensions WFP Extensions Filtering Extensions Forwarding Extensions Host NIC VM NIC VM1 VM NIC VM2 Capture extensions can inspect traffic and generate new traffic for report purposes Capture extensions do not modify existing Extensible Switch traffic Example: sflow by inMon Windows Filter Platform (WFP) Extensions can inspect, drop, modify, and insert packets using WFP APIs Windows Antivirus and Firewall software uses WFP for traffic filtering Example: Virtual Firewall by 5NINE Software Filtering extensions can also be implemented using NDIS filtering APIs Example: VM DoS Prevention by Broadcom Forwarding extensions direct traffic, defining the destination(s) of each packet Forwarding extensions can capture and filter traffic Examples: – Cisco Nexus 1000V and UCS – NEC ProgrammableFlow's vPFS OpenFlow Capture Extensions WFP Extensions Filtering Extensions Forwarding Extensions Filtering Engine BFE Service Firewall Callout LEARN MORE
Dynamic Virtual Machine Queue (VMQ) is a feature available to computers running Windows Server 2008 R2 with the Hyper-V server role installed, that have VMQ-capable network hardware. VMQ uses hardware packet filtering to deliver packet data from an external virtual machine network directly to virtual machines, which reduces the overhead of routing packets and copying them from the management operating system to the virtual machine.
Open, Extensible Virtual Switch Nexus 1000 Support Openflow Support Network Introspection Much more… Advanced Networking ACLs PVLAN …much more… Windows NIC Teaming Network QoS Per VNIC bandwidth reservation & limits Network Metering DVMQ SR-IOV Network Support Reduce Latency & CPU Utilization Supports Live Migration
Network I/O path with SR-IOV Network I/O path without SR-IOV Physical NIC Root Partition Hyper-V Switch Routing VLAN Filtering Data Copy Routing VLAN Filtering Data Copy Virtual Machine Virtual NIC SR-IOV Physical NIC Virtual Function
Virtual Machine Network Stack Software NIC Enable IOV (VM NIC Property) Virtual Function is “Assigned” Team automatically created Traffic flows through VF Turn On IOV Break Team Reassign Virtual Function Assuming resources are available Migrate as normal Live MigrationPost Migration Remove VF from VM VM has connectivity even if Switch not in IOV mode IOV physical NIC not present Different NIC vendor Different NIC firmware SR-IOV Enabling & Live Migration SR-IOV Physical NIC Physical NIC Software Switch (IOV Mode) “TEAM”“TEAM” Software NIC Virtual Function SR-IOV Physical NIC Software Switch (IOV Mode) “TEAM”“TEAM” Virtual Function Software path is not used
IPsec Task Offload: Microsoft expects deployment of Internet Protocol security (IPsec) to increase significantly in the coming years. The large demands placed on the CPU by the IPsec integrity and encryption algorithms can reduce the performance of your network connections. IPsec Task Offload is a technology built into the Windows operating system that moves this workload from the main computer's CPU to a dedicated processor on the network adapter. SR-IOV is a specification that allows a PCIe device to appear to be multiple separate physical PCIe devices. The SR-IOV specification was created and is maintained by the PCI SIG, with the idea that a standard specification will help promote interoperability. SR-IOV works by introducing the idea of physical functions (PFs) and virtual functions (VFs). Physical functions (PFs) are full-featured PCIe functions; virtual functions (VFs) are “lightweight” functions that lack configuration resources. Dynamic Virtual Machine Queue (VMQ) is a feature available to computers running Windows Server 2008 R2 with the Hyper-V server role installed, that have VMQ-capable network hardware. VMQ uses hardware packet filtering to deliver packet data from an external virtual machine network directly to virtual machines, which reduces the overhead of routing packets and copying them from the management operating system to the virtual machine.
Windows Server 2008Windows Server 2008 R2Windows Server 2012 NIC TeamingYes, via partners Windows NIC Teaming in box. VLAN TaggingYes MAC Spoofing ProtectionNoYes, with R2 SP1Yes ARP Spoofing ProtectionNoYes, with R2 SP1Yes SR-IOV NetworkingNo Yes Network QoSNo Yes Network MeteringNo Yes Network Monitor ModesNo Yes IPsec Task OffloadNo Yes VM Trunk ModeNo Yes
Complete VM Mobility
Don’t provide new features that preclude Live Migration. I want to be able to securely move any part of a VM anywhere at anytime. No Limits. No Downtime Servicing SAN Upgrades/Migrations When VMs migrate, move the historical data with the VM Fully Leverage hardware to speed migrations
Concurrent Migration: Limited Only By Hardware Resources
Hyper-V Virtual Machine Source Device Destination Device VHD VHD Stack
demo Name Title Group VM Mobility
LEARN MORE
Disaster Recovery
34
Disaster Recovery Challenges Cost Complexity Inflexibility Initial Replication Distance Requirements 35
LEARN MORE
demo Hyper-V Replica
Replication Provider CostManagementPerformance Hyper-V Replica Microsoft Flexible Storage Options Available Unlimited VM Replication included VM Granularity Open APIs provide extensibility, interoperability and prevent vendor lock-in 5 minutes RPOs Application Level Consistency File Level Consistency Storage Based Replication NetApp, HP, Fujitsu, IBM, Hitachi, FalconStor, 3Par, EMC, LSI, Compellent, EqualLogic and more… High end replicating storage Additional replication software LUN-VM Layout Coordination with storage team Synchronous Replication High Data Volumes LEARN MORE
Hyper-V 2012 & Linux Guests
Why Windows Server 2012 Hyper-V for Private Cloud?
Most Feature Rich, All Server Editions include: 1. Hyper-V Extensible Virtual Switch 2. Hyper-V Replica 3. Live Storage Migration 4. Network I/O Control 5. Storage I/O Control 6. SR-IOV More… 7. Hyper-V Resource Pools 8. Hyper-V Offloaded Data Transfer 9. GPU Accelerated VM Video 10. ….And… Hyper-V Network Virtualization
VIR309: What’s New in Windows Server 2012 Hyper-V Part 2 Hands-on Labs (session codes and titles) Come by the Windows Server 2012 Hyper-V Booth Get your Microsoft Private Cloud Certification Find Me Later At…
Talk to our Experts at the TLC #TE(sessioncode) DOWNLOAD Windows Server 2012 Release Candidate microsoft.com/windowsserver Hands-On Labs DOWNLOAD Windows Azure Windowsazure.com/ teched
Connect. Share. Discuss. Learning Microsoft Certification & Training Resources TechNet Resources for IT Professionals Resources for Developers
Required Slide Complete an evaluation on CommNet and enter to win!
Scan the Tag to evaluate this session now on myTechEd Mobile