Você está na página 1de 110

70-740: Installation, Storage, and Compute with

Windows Server 2016

Chris Rhodes
IT Masterclasses
Microsoft Certified Trainer
MVP
70-740: Installation, Storage, and Compute with
Windows Server 2016

Install Windows Servers in host and compute environments (10–15%)


Implement storage solutions (10–15%)
Implement Hyper-V (20–25%)
Implement Windows containers (5–10%)
Implement high availability (30–35%)
Maintain and monitor server environments (10–15%)
Install, upgrade, and mitigate servers and workloads
• Determine Windows Server 2016 installation requirements
• Determine appropriate Windows Server 2016 editions per workloads
• Install Windows Server 2016
• Install Windows Server 2016 features and roles
• Install and configure Windows Server Core
• Manage Windows Server Core installations using Windows PowerShell, command line, and remote
management capabilities
• Implement Windows PowerShell Desired State Configuration (DSC) to install and maintain integrity of installed
environments
• Perform upgrades and migrations of servers and core workloads from Windows Server 2008 and Windows
Server 2012 to Windows Server 2016
• Determine the appropriate activation model for server installation, such as
• Automatic Virtual Machine Activation (AVMA), Key Management Service (KMS), and Active Directory-based
Activation
Windows Server 2016 OS Editions
Windows Server 2016 Essentials edition
• Designed for Small Businesses

Windows Server 2016 Standard edition


• Designed for physical server environments with little or no virtualization**.

Windows Server 2016 Datacenter edition


• Designed for highly virtualized infrastructures, including private cloud and hybrid cloud environments

Microsoft Hyper-V Server 2016


• Acts as a stand-alone virtualization server for virtual machines

Windows Storage Server 2016 Workgroup edition


• Allows 50 users, one processor core, and 32 GB of RAM & supports domain joining.

Windows Storage Server 2016 Standard edition


• Supports up to 64 sockets but is licensed on a two-socket, incrementing basis
Windows Server 2016 Installation Requirements
• Hardware Requirements
Component Requirement
Processor architecture 64-bit
Processor speed 1.4 gigahertz (GHz)
RAM 512 MB
Hard drive space 32 GB
*Server Datacenter supports 640 lCPU, 4Tb RAM, and 64 nodes
Note: VM Setup will fail if only 512 MB:
To resolve:
(1) Allocate > 800 MB RAM or
(2a) Use Diskpart.exe create a partition
(2b) Run createpagefile command

• UEFI 2.3.1c for Secure Boot


Windows Server 2016 Installation Requirements
• Installation Types
• Clean Installation
• Upgrade
• Migration
• OS Selection
• Standard & Datacenter
• Desktop Experience = GUI

• OS Editions
• Datacenter, Standard, Essentials, Multipoint
Premium Server,
• Storage Server, Hyper-V Server
Install and configure Nano Server
• Determine appropriate usage scenarios and requirements for Nano Server
• Install Nano Server
• Implement Roles and Features on Nano Server, manage and configure Nano
Server
• Manage Nano Server remotely using Windows PowerShell
What is a Nano Server

• Cloud fabric & infrastructure (clustering, storage, networking)


• Born-in-the-cloud applications (PaaS v2, ASP.NET v5)
• VMs & Containers (Hyper-V & Docker)

• Roles & features live outside of Nano Server


• No Binaries or metadata in OS image
• Standalone packages install like apps
• Full driver support
• Antimalware
Nano Server Installation Options
• Description: Super Small Footprint
• Install options: Physical Host, VM Guest, Container OS
• Roles Supported:
• Hyper-V
• Scale-out File Server
• DNS Server
• Failover Clustering
• IIS (subset)
• IIS.NET Core
• ASP.NET Core can be installed
Getting started

• Like Server Core, but cannot be


selected during Setup
• Must be customized with drivers
• Located on the Windows Server media
Nano Server Roles and Features

Role or feature Package file


Hyper-V role Microsoft-NanoServer-Compute-Package.cab
Failover Clustering Microsoft-NanoServer-FailoverCluster-Package.cab
File Server role and other storage components Microsoft-NanoServer-Storage-Package.cab
Windows Defender Antimalware, including a default signature file Microsoft-NanoServer-Defender-Package.cab
Reverse forwarders for application compatibility, for example Microsoft-OneCore-ReverseForwarders-Package.cab
common application frameworks such as Ruby, Node.js, etc.
Installing Roles/Features from the Package Repository
• Nano Server roles and features are available on
the media and from a package repository
• NanoServerPackage provider for the
PackageManagement PowerShell module

• You can then search for, download, and install


Nano Server roles and features from the
repository
Convert WIM to VHD
On Windows 10 or Windows Server 2016, mount the ISO, and, assuming the drive letter for the mounted image
1 is D:\, run the following:
Copy "D:\NanoServer" "C:\NanoServer" -Recurse
Generate a VHD from NanoServer.wim by using Convert-WindowsImage.ps1 from TechNet Script Center.
2 C:\
Cd \NanoServer
. .\Convert-WindowsImage.ps1
Convert-WindowsImage –SourcePath C:\NanoServer\NanoServer.wim –VHDPath
C:\NanoServer\NanoServer.vhd –VHDFormat VHD -Edition CORESYSTEMSERVER_INSTALL
Optional Nano Customizations
Remotely Managing Nano Server
Remote Graphical & PowerShell VM and Container Deployment & Partners &
Web Tools Remoting Management Monitoring Frameworks
• Server Manager • Core PowerShell • Hyper-V Manager • DISM online & • Chef integration
• Azure Portal tools engine, language, • Hyper-V cmdlets VHD support • .NET Core and
• Task manager and cmdlets • PowerShell Direct • Unattended setup CoreCLR
• Registry editor • Windows Server over PSRP • Visual Studio • ASP.NET 5
cmdlets (network, • CimSession integration • Python, PHP, Ruby,
• File explorer
storage, etc.) support • DSC Local Config Node.js
• Server
• PowerShell DSC • Docker Manager • PowerShell
configuration
• Remote file • SCVMM agent & • Setup & boot Classes
• Event viewer
transfer console eventing • PS Script Analyzer
• Disk manager
• Remote script • 3rd party agents & • SCOM agent • PowerShell Gallery
• Device & driver authoring &
management consoles • VSO App Insights • PowerShellGet
debugging
• Performance • Azure Op Insights
• PowerShell Web
• Users & groups Access
PowerShell Core
Refactored to run on CoreCLR
Full PowerShell language compatibility
& remoting
Invoke-Command, New-PSSession, Enter-PSSession, etc.

Most core engine components


Support for all cmdlet types: C#, Script,
and CIM
Limited set of cmdlets initially
Server management tools
Web-based
Includes replacements for
local-only tools
• Task Manager
• Registry Editor
• Event Viewer
• Device Manager
• Sconfig
• Control Panel
• Performance Monitor
• Disk Management
• Users/Groups Manager
• File Explorer
Also manages Server Core
and Server with GUI
Create, manage, and maintain images for deployment
• Plan for Windows Server virtualization
• Plan for Linux and FreeBSD deployments
• Assess virtualization workloads using the Microsoft Assessment and Planning (MAP) Toolkit
• Determine considerations for deploying workloads into virtualized environments
• Update images with patches, hotfixes, and drivers
• Install roles and features in offline images
• Manage and maintain Windows Server Core, Nano Server images, and VHDs using Windows PowerShell
Planning for Windows Server Virtualization
• Define the scope of the project
• Which servers will be virtualized
• Existing servers or new servers only
• Define the workloads that will be virtualized
• Many workloads can be virtualized, but some can’t (custom vendor apps, for example)
• Use MAP (Microsoft Assessment and Planning) to scan those that can be virtualized to design the host and
guest infrastructure
• Determine backup and fault tolerance needs
• Backup and fault tolerance for hosts and for guest VMs
• Determine networking needs of the guest VMs
• DOCUMENT THE DESIGN
Using MAP Toolkit
• What is it?
• Solutions Accelerator used to scan networks and
servers, for operating systems, hardware and
software inventory, Hyper-V and VMWare guests and
hosts, etc…
• Features
• Discovery
• Hardware and software inventory
• Virtual Server Consolidation Wizard
• Private Cloud Fast-track Wizard
Planning for Linux and FreeBSD Deployments
• What’s supported?
• Both emulation and running within Hyper-V are supported scenarios
• Hyper-V offers better performance
• With Hyper-V you need Hyper-V specific drivers
• LIS and BIS
• Linux Integration Services is added to the Linux kernel (newer versions), provides these drivers, and is updated
with new Linux releases
• FreeBSD Integration Services provides these drivers and is built into newer FreeBSD builds
• For older versions of either, download the latest available

https://technet.microsoft.com/en-us/windows-server-docs/compute/hyper-v/supported-linux-
and-freebsd-virtual-machines-for-hyper-v-on-windows
Updating Images – Patches, Hotfixes, Drivers, Roles
• Sector-based images vs. File-based
• Sector-based images require you to install the image, update it, re-capture
• File-based images can be updated offline

• Basic strategies for updating images


• Windows setup: include an answer file with setup to install updated drivers, patches, etc…
• Online servicing: like sector-based, this requires installing the image to a reference computer, updating it, and
re-capturing the OS
• Offline servicing: use DISM to mount the image, update the drivers, or install hotfixes, language packs, or
add/remove folders

• When to use online servicing


• Installing applications via .exe or .msi files
• Installing a feature or component that requires a running Windows service, such as .NET Framework
Practice Question
You plan to install a server that runs Nano Server.
You need to ensure that the server can run virtual machines.

Which PowerShell command should you run?

A Install-NanoServerPackage Microsoft-NanoServer-DCB-Package
B Install-NanoServerPackage Microsoft-NanoServer-Host-Package
C Install-NanoServerPackage Microsoft-NanoServer-Guest-Package
D Install-NanoServerPackage -Compute

https://technet.microsoft.com/en-us/windows-server-docs/compute/nano-server/getting-started-with-nano-server
Installing Windows Server

Setup.exe includes Server MAP Toolkit


Tip #1 Core (default) or with GUI
Nano Server
Nano Server
(desktop experience)
Nano Server
Nano Server
Nano Server

Tip #2 Tip #3
Manage Core and Nano Server virtualization using Hyper-V
or Azure. Use MAP Toolkit to assess
with tools like PowerShell, the needs and plan the
djoin.exe, DISM… virtualization strategy
Configure disks and volumes
• Configure sector sizes appropriate for various workloads
• Configure GUID partition table (GPT) disks
• Create VHD and VHDX files using Server Manager or Windows PowerShell Storage module cmdlets
• Mount virtual hard disks
• Determine when to use NTFS and ReFS file systems
• Configure NFS and SMB shares using Server Manager, configure SMB share and session settings using Windows
PowerShell
• Configure SMB server and SMB client configuration settings using Windows PowerShell
• Configure file and folder permissions
Determine the Partition Table Format
• MBR
• Standard partition table format since early 1980s
• Supports a maximum of four primary partitions per drive
• Can Partition a disk up to 2 TB
• GPT
• Successor of the MBR Partition table format
• Supports a maximum of 128 partitions per drive
• Can partition a disk up to 18 exabytes

• Use MBR for disks smaller than 2 TB


• Use GPT for disks larger than 2 TB

Reference Link on GPT disks - https://support.microsoft.com/en-us/kb/302873


When to use NTFS and ReFS file systems
• FAT provides:
• Basic file system
• Partition size limitations
• FAT32 to enable larger disks
• exFAT developed for flash drives
• NTFS provides:
• Metadata
• Auditing and journaling
• Security (ACLs and encryption)
• ReFS provides:
• Backward compatibility support for NTFS
• Enhanced data verification and error correction
• Support for larger files, directories and volumes
Virtual Hard Disks
Use cases for VHD(x)
• Hyper-V, VHD boot, virtualized storage for storage spaces, iSCSI storage

VHD format
• Disks up to 2TB. Format backwardly compatible
• Compatible with Azure VMs
VHDX format
• Used in WS2012+
• Sizes > 2TB
• Can be used for shared storage for VMs

New-VHD or Disk Management or Diskpart Create VDisk


Disk management tools
Server Manager
• Can create volumes, storage spaces, shares, disk deduplication
Disk management
• Simple tool, lacks features but OK for basic tasks
Diskpart
• Command line tool, useful in scripting
PowerShell
• 150+ cmdlets for storage
• Also useful in scripting and server core

Exam Tip: Know the limitations/features of each. E.g. which tool(s) can create a storage space?
NTFS / ReFS Permissions
• Inheritance
• Deny vs. allow
• Effective access
• How ACLs work
Implement server storage
• Configure storage pools
• Implement simple, mirror, and parity storage layout options for disks or enclosures
• Expand storage pools
• Configure Tiered Storage; configure iSCSI target and initiator
• Configure iSNS
• Configure Datacenter Bridging (DCB)
• Configure Multi-Path IO (MPIO)
• Determine usage scenarios for Storage Replica
• Implement Storage Replica for server-to-server, cluster-to-cluster, and stretch cluster scenarios
Storage
Software defined storage
Pools
1. Add disks (any type) to a pool
2. Create virtual disks using the pool
3. Virtual disks can be thin provisioned or use
physical space
4. Create volumes and format

Virtual disks can now be ‘enclosure aware’ to


store data on separate JBOD enclosures for
resilience.

Storage spaces direct


• Local storage on 3+ nodes
• Networked nodes present JBOD/SAS storage
to the pool.
• The pool can be configured as a CSV for
applications.
Disk Layouts
RAID configurations now moved into Storage Spaces
Options:
• Simple – data is striped across disks, no resilience
• 2 way mirror – 2 disks, protects against 1 drive failing
• 3 way mirror – 5 disks, protects against 2 drives
failing
• Parity – 3 disks min to protect against 1 drive failing
or 7 min to protect against 2 drives failing
iSCSI Components
Built-in: iSCSI Initiator
• Used to connect to iSCSI targets on the network
• Can use IP/FQDN/iSNS to locate targets
• Remote disks appear as ‘local’ disks in disk tools

iSCSI Target
• Installable role service part of the file server role
• Presents storage to networked initiators
• Secured access using IP white-list and authentication
• Uses standard TCP/IP components and commodity Ethernet to access storage
• Cheaper than a fiber-channel SAN
• Low-cost software based shared storage solution
Storage Replica
Allows storage-agnostic replication between clusters or servers.

Software-based disk volume replication technology.


Uses SMB 3.0 over TCP/IP or RDMA.

Storage Replica offers both synchronous and asynchronous replication.

Supports SAS JBODs, Storage Spaces Direct, fibre channel SAN, shared VHDX,
iSCSI Target, or local SAS/SCSI/SATA storage.

Storage Replica supports three scenarios:


• Stretch cluster
• Server-to-server
• Cluster-to-cluster
Implement data deduplication
• Implement and configure deduplication
• determine appropriate usage scenarios for
deduplication
• monitor deduplication
• implement a backup and restore solution
with deduplication
Configuring
Deduplication
Add-WindowsFeature -Name FS-Data-Deduplication

Ddpeval.exe from \Windows\System32 to estimate gains

Configured per volume in Server Manager


Usage scenarios: VDI or general purpose
Enable-DedupVolume –Volume VolumeLetter –
UsageType StorageType

Runs on a schedule against files of minimum age and over,


default 3 days old.
Practice Question
You plan to create a storage pool on a Windows Server 2016 that will provide storage for an application named App1.

You need to ensure that App1 can still function if the server suffers two disk failures.

How should you prepare the virtual disk for App1?

A A simple storage layout with 7 physical drives


B A mirror layout with 5 disks
C A parity layout with 5 disks
D A parity layout with 4 disks
03-Implement Hyper-V
Install and configure Hyper-V
• Determine hardware and compatibility requirements for installing Hyper-V
• Install Hyper-V
• Install management tools
• Upgrade from existing versions of Hyper-V
• Delegate virtual machine management
• Perform remote management of Hyper-V hosts
• Configure virtual machines using Windows PowerShell Direct
• Implement nested virtualization
Hyper-V requirements
Hardware
• 64-bit CPU with SLAT
• VM Monitor mode extensions • GUI mode
• Virtualization support on in BIOS/UEFI • Server Core
Intel-VT/AMD-V • Nano server
DEP enabled
• Enough RAM for workloads
• Windows Vista – Windows 10
• Other features require other hardware such as TPM for • Windows Server 2008 – WS2016
shielded VMs, and UEFI 2.3.1c for secure boot & measured
boot • Linux
• FreeBSD
• Tip: Run Systeminfo.exe to validate hardware
Tools
Virtual Machine Management
• Hyper-V Manager
• PowerShell
• RSAT tools
PowerShell Direct
• Uses PowerShell remoting to a VM
where you would not have network
access to normally.
Nested
New feature in WS2016
virtualization
Requires:
• Host running WS2016 Hyper-V
• VM running WS2016 or Windows 10 anniversary update
• A Hyper-V VM with configuration version 8.0 or greater.
• An Intel processor with VT-x and EPT technology

To configure:
1. Create a virtual machine.
2. While the virtual machine is in the OFF state, run the following on the Hyper-V host to enable nested virtualization.
Set-VMProcessor -VMName <VMName> -ExposeVirtualizationExtensions $true

3. Start the virtual machine.


4. Install Hyper-V within the virtual machine, just like you would for a physical server.
Configure virtual machine (VM) settings
• Add or remove memory in running a VM
• Configure dynamic memory
• Configure Non-Uniform Memory Access (NUMA) support
• Configure smart paging
• Configure Resource Metering, manage Integration Services
• Create and configure Generation 1 and 2 VMs and determine appropriate usage scenarios
• Implement enhanced session mode, create Linux and FreeBSD VMs, install and configure Linux Integration Services
(LIS)
• Install and configure FreeBSD Integration Services (BIS)
• Implement Secure Boot for Windows and Linux environments, move and convert VMs from previous versions of
Hyper-V to Windows Server 2016 Hyper-V, export and import VMs, implement Discrete Device Assignment (DDA)
VM Settings
What can be changed (and live)
Gen1 and Gen2 differences

NUMA spanning
Dynamic memory
CPU(s)
Integration services (and when to configure them)
Smart paging and other paths

Tip: Be sure to explore all options


Gen1 & Gen2 Support
Hardware differences
• Secure boot
• Disks - must boot from IDE disk in Gen1
• No IDE disks in Gen2
• Legacy NIC Gen1 only (allows PXE)
• BIOS vs Firmware
• Gen2 is for WS2012+ guest OS
• TPM in Gen2
• Shielded VMs possible with new hardware presented
Configure Hyper-V storage
• Create VHDs and VHDX files using Hyper-V Manager
• Create shared VHDX files
• Configure differencing disks
• Modify virtual hard disks
• Configure pass-through disks
• Resize a virtual hard disk, manage checkpoints
• Implement production checkpoints
• Implement a virtual Fibre Channel adapter
• Configure storage Quality of Service (QoS)
Types
Formats
of disk
VHD
• Classic format. Backward compatible
VHDX
• Larger disk size beyond 2TB (64TB)
Pass-through
• Uses physical disks from host exclusively

Types
Fixed
• Uses physical space from day 1 equal to disk size
Dynamically expanding
• Space is consumed on demand up to max disk size
Differencing
• Disk chains allow parent-child disk relationships for
speed of deployment
Shared VHDX files
Allows for sharing of a VHDX file to >1 VM
Example: data disk that multiple VMs can
simultaneously access to read/write to

Allows data for services/applications to exist once in


inexpensive storage
Requires hosting on shared storage

Primary use case: Guest-based VM clusters

Host-level backups can leverage access to the VHDX


file

Configure access through the SCSI controller on a VM


Configure Hyper-V networking
• Add and remove virtual network interface cards (vNICs)
• Configure Hyper-V virtual switches, optimize network performance
• Configure MAC addresses, configure network isolation, configure synthetic and legacy virtual network adapters
• Configure NIC teaming in VMs
• Configure virtual machine queue (VMQ)
• Enable Remote Direct Memory Access (RDMA) on network adapters bound to a Hyper-V virtual switch using
Switch Embedded Teaming (SET)
• Configure Bandwidth Management
Add and remove virtual network interface cards (vNICs)
Legacy Network adapter
• Used in Gen1 VMs
• Limited bandwidth 100Mbps
Network adapter
• Gen1 and Gen2 support
• 10 Mbps connections

PXE Support for VMs


• Legacy network adapter only in Gen1 VMs
• Native support in Gen2 Network adapters
Configure Hyper-V virtual switches, optimize
network performance

External
• Uses physical NIC in host to allow LAN/Internet connectivity.
• VM NIC must use IP address relevant to physical subnet
Internal
• Connectivity between VMs and host only on the same switch
Private
• Connectivity between VMs only on the same switch

New NAT switch in WS2016


New-VMSwitch -Name “NATSwitch” -SwitchType NAT - Bandwidth Management
NATSubnetAddress 172.16.1.0/24 VLAN ID
SR-IOV
VMQ
NIC teaming
Configurable in VM or host

New 2016 host feature:


Switch-embedded teaming (SET) - a new way to implement network teaming that is compatible with RDMA and VMQ.
• Combine network adapters into a team with up to 8 network adapters.
• All of the network adapters in a team must be identical with the same firmware version and driver. SET is automatically enabled
when multiple network adapters are used.

To create a virtual switch with SET, use the following Windows PowerShell command:
Configure NIC settings
MAC addresses assigned from a pool
• Configurable on host, always starts 00-15-5D
You can assign static MAC
• Know when you would – NLB, Nested VMs
When to use spoofing?
• If a VM uses NLB or similar services that use a common MAC address

DHCP Guard
• Protects leakage of packets from a VM acting as a DHCP server
Router Guard
• Suppresses router advertisements from VMs configured as routers
Port Mirroring and more!
Practice Question
You plan to deploy a Hyper-V based nested virtualization solution onto a number of servers. The nested servers need access to the
Internet. You have the following virtual machines (VMs) available.
You need to identify which servers from the following table can be used for this purpose.

VM Name Installation type VM Configuration version Network configuration


Server1 Server with GUI 7.0 Internal network switch
Server2 Server Core 8.0 External network switch
Server3 Nano Server 8.0 NAT switch
Server4 Server Core 8.0 MAC address spoofing configured

Which servers should you identify?

A Server1 and Server2


B Server2 and Server3
C Server1 and Server 3
D Server3 and Server 4
Hyper-V Networking

SR-IOV
Tip #1 VMQ NAT Switches
Know the difference between
virtual switch types
NIC Teaming

Tip #2 Tip #3
Understand the hardware Know how to implement
and advanced NIC settings NIC teaming in a Virtual
Machine
04-Implement Windows Containers
Deploy Windows containers
• Determine installation requirements and appropriate scenarios for Windows containers
• Install and configure Windows Server container host in physical or virtualized environments
• Install and configure Windows Server container host to Windows Server Core or Nano Server in a physical or
virtualized environment
• Install Docker on Windows Server and Nano Server
• Configure Docker daemon start-up options, configure Windows PowerShell for use with containers
• Install a base operating system, tag an image
• Uninstall an operating system image
• Create Windows Server containers
• Create Hyper-V containers
What is a container?
Containers = Operating system virtualization Windows Server containers
Maximum speed and density
Container Container Container

Container Container Container

Applications

Kernel

Traditional virtual machines = hardware virtualization Hyper-V containers


Isolation plus performance
Container Container Container
VM VM VM
Containers overview
Windows Server 2016 supports two different types of containers:
Windows Server containers
• Provide app isolation through process and namespace isolation technology. Containers share the OS
kernel with the host.
• Provides fast startup experience
• Does not provide complete isolation of the containers.
• Host can run on GUI/Core/Nano
Hyper-V Containers
• each container runs in a virtual machine (VM).
• the OS kernel of the container host does not share with the Hyper-V containers.
• Can use nested virtualization (see Hyper-V section)
• Requires Intel VT-x extensions (only)
Installing support
New-NanoServerImage -MediaPath $WindowsMedia -BasePath c:\nano –TargetPath
OR
C:\nano\NanoContainer.vhdx -GuestDrivers -ReverseForwarders -Compute –Containers

Install-WindowsFeature Containers
New-NetNat -Name ContainerNat -InternalIPInterfaceAddressPrefix "172.16.0.0/12“
OR
New-VMSwitch -Name Virtual Switch Name -SwitchType Type

Get-VMNetworkAdapter -VMName Container Host VM | Set-VMNetworkAdapter -MacAddressSpoofing On


Docker Containers
Native support for the Docker in-host daemon.
Documentation is sparse as of Sept 2016. Expect more in the future!

Docker.exe
• Docker engine that sits on Windows Server 2016
• Can be installed on WS2016 or Nano Server
• Configured with c:\ProgramData\docker\config\daemon.json

DockerD.exe
• Used to register Docker as a Windows service
• c:\Windows\System32\dockerd.exe –-register-service
• Start-Service Docker

Download Docker from https://aka.ms/tp5/dockerd


Installation steps (too many to write!)
Manage Windows
• containers using Windows PowerShell
containers
• manage container networking
• manage container data volumes
• manage Resource Control
• create new container images using Dockerfile
• manage container images using DockerHub repository for public and private scenarios
• manage container images using Microsoft Azure
Managing Containers
Provide networking support for containers
• Network switches
• NAT switches

• Understand dockerfile settings

Docker documentation online on www.docker.com


Containers in Azure as well as WS2016
Practice Question
Your company is developing an application named App1 that will run on Windows Server 2016. App1 is very resource
intensive.You plan to deploy App1 onto a new Windows Server 2016 server.

You need to ensure that App1 does not interfere with other applications running on the same server.

How should you deploy App1?

A Create a Generation 2 Virtual Machine


B Create a Nano Server instance
C Create a Windows Server Container
D Create a Hyper-V Container
Containers

New feature! Configuration of


Tip #1 containers
Find out more and experiment

Tip #2 Tip #3
Learn Docker technologies, Understand when to deploy a
container, a VM, or a physical
and use their website to machine
learn more and keep up to
date
05-Implement High Availability
Implement high availability and disaster recovery
options in Hyper-V
• Implement Hyper-V Replica
• Implement Live Migration, implement Shared Nothing Live Migration
• Configure CredSSP or Kerberos authentication protocol for Live Migration
• Implement storage migration
Implementing High Availability (HA)
• Levels of Availability
• High availability
• Continuous availability
• Business continuity
• Disaster recovery
• Many pieces to high availability
• Configure Hyper-V replica and Hyper-V movement in clustered environment
• Fail-over clustering
• Storage spaces direct (SSD)
• Network Load Balancing (NLB)
High Availability with Hyper-V
• What options are available?
Option Details
• Host clustering Host clustering • VM’s are highly available
• Applications in guest do not need to
• Guest clustering
be cluster aware
• Network load balancing
Guest Clustering • VM are failover cluster nodes
• Live Migration • VM applications must be cluster-aware
• Move VMs between physical hosts without • Requires iSCSI or Fibre Channel
shutting down first interface
• Clustered non-clustered NLB • Virtual machines are NLB cluster
nodes
• Used for web-based applications
Implement failover clustering
• Implement Workgroup, Single, and Multi Domain clusters
• Configure quorum
• Configure cluster networking
• Restore single node or cluster configuration
• Configure cluster storage; implement Cluster-Aware Updating
• Implement Cluster Operating System Rolling Upgrade
• Configure and optimize clustered shared volumes (CSVs)
• Configure clusters without network names; implement Scale-Out File Server (SoFS)
• Determine different scenarios for the use of SoFS versus clustered File Server
• Determine usage scenarios for implementing guest clustering
• Implement a Clustered Storage Spaces solution using Shared SAS storage enclosures
• Implement Storage Replica
• Implement Cloud Witness; implement VM resiliency
• Implement shared VHDX as a storage solution for guest clusters
Implementing Failover Clustering
• What is it?
• A cluster is a group of computers or storage devices that work together as a single organized system
• A Failover Cluster is a group of independent computers that work together to increase the availability of
applications or services
• Properties of a Failover Cluster
• Each node has full connectivity and communication with all other nodes and is aware when another node
leaves or joins the cluster
• Each node is connected to a network where client computers can access the cluster and through iSCSI
connection to shared storage
• Each node is aware of the services or applications that are running locally and the resources running on
the other nodes in the cluster
• What’s new in Server 2016?
• Cluster Operating System Rolling Upgrade
Failover Clustering – Terminology and Types
• Terminology:

Term Description Node Location Description


Node A Windows Server 2016 computer that is part of a failover cluster, and has Single Site All nodes located in a single data center
the failover clustering feature installed. Multi-site Stretch-clusters deployed, where nodes are spread across datacenters. This
Service or A service that can be moved between cluster nodes (for example, a may include brick and mortor or Azure
application clustered file server can run on either node).
Shared storage External storage that is accessible to all cluster nodes.
Quorum The number of elements that must be online for a cluster to continue to
run. The quorum is determined when cluster nodes vote.
Witness A server that is participating in cluster voting when the number of nodes is
even.
Failover The process of moving cluster resources from the first node to the second
node, as a result of node failure or administrator’s action.
Failback The process of moving cluster resources back from the second node to the Cluster type Description
first node, as a result of the first node going online again or an Active-Active Multiple nodes run cluster application resources and accept client
administrator’s action. If the service or application fails over from Node1 to connections
Node2, when Node1 is again available, the service or application will fail Active-Passive One node runs the cluster applications, while the other nodes are passive
back to Node1. and do not accept client connections. If the active node fails, one or more
Clients Computers that connect to the failover cluster and are not aware which of the remaining nodes become active and accept client connections
node the service is running on.
The Software-Defined Datacenter—Drilling Down

SMB3 over RDMA

Storage Spaces (SDS)

SSD SSD SSD


Storage choice: Traditional SAN or Microsoft SDS
Shared Storage Options for Failover Clustering
Shared serial attached SCSI (SAS)
• Lowest-cost option
iSCSI
• Transmits SCSI commands over IP Networks. Inexpensive, Acceptable Performance
Fibre Channel
• Better performance than iSCSI SANs, but more expensive
Shared virtual hard disk
• Use Shared VHDs as VM guest-clustering storage. Use CSV or SOFS cluster
Scale-Out File Server
• Utilizes shared Server Message Block (SMB) as the shared location for some failover cluster roles
Creating a Failover Cluster
• Install the failover clustering feature
• Verify the configuration
• Install the role on the cluster nodes
• Create a clustered role by using the snap-in
• Configure the cluster role
• Test failover
In-Box Management Failover Clustering

Some workflow PowerShell only Full provisioning and management

Intended for smaller scale


Storage Replica

Synchronous replication

Increase resilience

Complete solution

Streamlined management
Implement Storage Spaces Direct
• Determine scenario requirements for implementing Storage
Spaces Direct
• enable Storage Spaces direct using Windows PowerShell
• implement a disaggregated Storage Spaces Direct scenario in
a cluster
• implement a hyper-converged Storage Spaces Direct scenario
in a cluster
Windows Server 2016—new architecture
Storage Spaces Direct











Windows Server 2016—new architecture
Manage failover clustering
• Configure role-specific settings, including continuously
available shares
• configure VM monitoring
• configure failover and preference settings
• implement stretch and site-aware failover clusters
• enable and configure node fairness
Failover clustering
Failover clustering
Guest clustering with Shared VHDX
Manage VM movement in clustered nodes
• Perform a live migration
• Perform a quick migration
• Perform a storage migration
• Import, export, and copy VMs
• Configure VM network health protection
• Configure drain on shutdown
Perform a Live Migration
Requires:
• The Failover Cluster Management console
• The VMM Admin Console
• WMI for Windows PowerShell Script

1. Migration Setup • Machines placed in saved


2. Guest-memory transfer state
3. State transfer • Causes downtime
4. Cleanup

Exam Tip: In Windows Server 2016, you can perform a virtual machine Live Migration by using server
message block (SMB) 3.0 as a transport.
Moving VMs in clustered nodes (comparison)
• Quick Migration
• VM is placed in saved state causing downtime while memory is copied
• Live Migration
• Migrate VMs without any downtime, also Shared Nothing Live Migration is possible
• Storage Migration
• Migrate VM storage to the same host, another host, or an SMB share
• Exporting and Importing VM
• A very time consuming procedure. But much simpler to import with Server 2016
Understand Network Health Protection
• Available in Server 2012 R2 and Server 2016
• Cluster resource checks availability of VM resources
• Controlled individually on each virtual network adapter
• Protected Network setting is enabled for all virtual network adapters.

• Save the virtual machine state • Failover cluster placed in pause state
• Turn off the virtual machine • If Server 2008 or Earlier > Quick Migration
• Shutdown the quest operating system • If Server 2012 or later > Live Migration
Implement Network Load Balancing (NLB)
• Install NLB nodes
• configure NLB prerequisites
• configure affinity
• configure port rules
• configure cluster operation mode
• upgrade an NLB cluster
Know what and how NLB works
What is it?
• Allows clients to address the application
using the NLB cluster address.

• Adding or removing nodes from a NLB cluster is


known as convergence.
• NLB can only detect server failure
• Use NlbCluster
• Use NlbClusterNode
• Can have up to 32 Nodes
• Unicast vs Multicast vs IGMP multicast
NLB Considerations
• Stateful applications
• Key workloads – web applications
• Consider session state – by default in-process in IIS
• Unicast vs. Multicast
• Port rules
• Affinity settings
Practice Question
You have two host servers that run Hyper-V named Server1 and Server2.
You plan to move a virtual machine named VM1 that runs a LOB application, from Server1 to Server2.
You need to minimize the downtime taken to move VM1.

What should you do?

A Perform a live migration


B Perform a quick migration
C Export and Import VM1
D Perform a storage migration
06-Maintain and Monitor Server Environments
Maintain Server Installations
• Implement Windows Server Update Services
(WSUS) solutions
• Configure WSUS groups
• Manage patch management in mixed
environments
• Integrate Windows Defender with WSUS and
Windows Update
• Perform backup and restore operations using
Windows Server Backup
• Determine backup strategies for different
Windows Server roles and workloads,
including Hyper-V Host, Hyper-V Guests,
Active Directory, File Servers, and Web
Servers using Windows Server 2016 native
tools and solutions
Windows Server Update Services (WSUS)
• What is it?
• Downloads and distributes updates to clients and Phase 1:
servers Assess
• WSUS client can be a desktop OS or server OS
• Deployment Options
• Single server or multiple single servers (isolated Phase 4: Phase 2:
locations) Deploy Identify
• Larger hierarchy with upstream server and one or
more downstream servers
• Disconnected: receives updates from removable
media Phase 3:
Evaluate
and plan
WSUS Administration Cmdlet
Add-WsusComputer
Description
Adds a specified client computer to a specified target

• WSUS Admin Console Add-WsusDynamicCategory


group.
Adds a dynamic category to a WSUS server.
Approve-WsusUpdate Approves an update to be applied to clients.
• Used to download and approve updates Deny-WsusUpdate Declines the update for deployment.
• Can organize clients into groups for patch Get-WsusClassification Gets the list of all WSUS classifications currently
available in the system.
deployment by department, or pilot testing, etc. Get-WsusComputer Gets the WSUS computer object that represents the
• Generate reports Get-WsusDynamicCategory
client computer.
Gets dynamic categories on a WSUS server.

• PowerShell
Get-WsusProduct Gets the list of all products currently available on
WSUS by category.
Get-WsusServer Gets the value of the WSUS update server object.
• Cmdlets included with Server 2016 Get-WsusUpdate Gets the WSUS update object with details about the
update.
• Include commands for managing the server Invoke-WsusServerCleanup Performs the process of cleanup on a specified WSUS
server.
Remove-WsusDynamicCategory Removes a dynamic category from a WSUS server.
Set-WsusClassification Sets whether the classifications of updates that
WSUS synchronizes are enabled or disabled.
Set-WsusDynamicCategory Sets the synchronization status of a dynamic
category.
Set-WsusProduct Sets whether the product representing the category
of updates that needs to be synchronized is enabled
or disabled.
Set-WsusServerSynchronization Sets whether the WSUS server synchronizes from
Microsoft Update or from an upstream server, and if
it uses the upstream server’s properties.
WSUS Patch Management
• What are WSUS groups?
• Used to download updates to specific sets of computers
• All computers are members of the “All Computers” and “Unassigned Computers” groups by default
• Create customer computer groups for pilot computers, or specific departments, etc.
• In Server 2016, computers may be members of multiple groups and nested groups
• WSUS in mixed environments
• Mixed WSUS versions in use
• Features on upstream server that are not available on downstream server will not replicate (nested groups
or multiple group memberships, for example)
• Integrating with Windows Defender
• Include Windows Defender and Definition Updates in the Products and Classifications Sync options
Windows Server Backup
• What is it?
• Used to perform full server backup or selected volumes
• Can backup/restore individual files or folders, system state, individual VM’s on Hyper-V host
• Can perform a bare-metal restore without first installing an OS
• Backup Scenarios
• Hyper-V hosts and guests
• Install on host to perform host-level backup
• Install on guest to perform an in-guest backup
• Active Directory
• Cannot restore from a backup that is older than 180 days. Consider this when creating backup schedule
• Files servers
• Web servers

Monitor Server Installations
Monitor workloads using Performance Monitor
• Configure Data Collector Sets
• Determine appropriate CPU, memory, disk, and networking
counters for storage and compute workloads
• Configure alerts
• Monitor workloads using Resource Monitor
Performance Monitor
• What is it?
• Used to collect, analyze, and interpret
performance-related data
• Create baseline data during multiple use-cases
• Helps with trend analysis, capacity planning,
understanding bottlenecks and slow-downs
• Key hardware components
• Processor
• Memory
• Network
• Disk
Data Collector Sets
• What is it?
• Include performance counters, event trases, and
system configuration information
• Can collect in real-time or schedule data
collection, for example Run for 10 minutes each
hour from 8-5
• Can analyze historical data
• How to create
• Create from template
• Create from existing performance monitor data
• Manually add data collectors
• What’s an alert?
• Configure an action to occur if a DSC hits the min
or max limits
Resource Monitor
• What is it?
• Provides real-time information on server’s
performance
• Similar to Task Manager, but shows historical data
as well
• How to open
• From Task Manager
• From Start menu
• How to use
• Expand each element for detailed information on
how each process is using server resources
Practice Question
You plan to deploy a new web site to your web server tomorrow.
You plan to monitor the amount of requests to the web site during the first hour of it going into production.
You need to ensure that you can discuss the results in a meeting at the end of the day.

How should you collect the information for the meeting?

A Load settings into Resource Monitor


B Use Performance monitor to create a report view.
C Use Performance monitor to start the system data collector set
D Use Performance monitor to create a user-defined data collector set
Monitor and maintain servers

Host-level backup Monitoring


Tip #1 --
Tools built-
Understand server patching from
the Admin console and the
In-Guest back-up
PowerShell commands in

Tip #2 Tip #3
Windows Server back-up There are many tools to use
can back-up hyper-v hosts for monitoring, from Perf
and/or guests Mon, to Resource, Mon, to
Task Manager
70-740: Installation, Storage, and Compute with
Windows Server 2016

Install Windows Servers in host and compute environments (10–15%)


Implement storage solutions (10–15%)
Implement Hyper-V (20–25%)
Implement Windows containers (5–10%)
Implement high availability (30–35%)
Maintain and monitor server environments (10–15%)