microsoft virtualisation & management technologies steve lamb & matt mcspirit microsoft uk
TRANSCRIPT
Microsoft Virtualisation& Management Technologies
Steve Lamb & Matt McSpiritMicrosoft UKhttp://blogs.technet.com/steve_lambhttp://www.mattmcspirit.co.uk
Agenda
• 09:30 Keynote: Virtualisation, System Center & GreenIT• 10:00 Building, Clustering and Managing Hyper-v• 11:00 Break• 11:15 How to manage Microsoft and VMware estates • 12:45 Lunch• 13:30 Delivering Apps Virtually #1 (MDOP, VECD & VDI)• 15:00 Break• 15:15 Delivering Apps Virtually #2 (Terminal Services)• 16:00 Ask the Experts• 16:30 Close
Dependencies Create Complexity
Hardware
OS
Data, User settings
Applications
Separation Creates Flexibility
Virtualisation Solutions...
MANAGEMENT
PROFILEVIRTUALISATION
Document redirectionOffline files
PRESENTATIONVIRTUALISATION
DESKTOPVIRTUALISATION
APPLICATION VIRTUALISATION
SERVERVIRTUALISATION
Then and now...Virtualisation Feature Virtual Server 2005 R2 Hyper-V
32-bit Virtual Machines Yes Yes
64-bit Virtual Machines No Yes
Multi Processor Virtual Machines No Yes, 4 core VMs
Virtual Machine Memory Support 3.6GB per VM 64GB per VM
Managed by System Center Virtual Machine Manager Yes Yes
Support for Microsoft Clustering Services Yes Yes
Host side backup support (VSS) Yes Yes
Scriptable / Extensible Yes, COM Yes, WMI
User Interface Web Interface MMC 3.0 Interface
More on Hyper-V...• Runs on any Intel-VT or AMD-V system with a “Designed
for Windows” logo• Native x64 Hypervisor• X86 / x64 VMs• Up to 1 TB Parent Support• Up to 64GB VM Memory• Up to 4 CPU VMs• 16 core host support• Pass-through disk access for VMs• New hardware sharing architecture (VSP/VSC)– Disk, networking, input, video
• Robust networking– VLAN support, NAT, Quarantine
Monolithic vs. Microkernelizedmonolithic hypervisor• Simpler than a modern kernel, but
still complex• Contains its own drivers model
microkernelized hypervisor• Simple partitioning functionality• Increase reliability and minimize
TCB• No third-party code• Drivers run within guests
VM 1(“Admin”) VM 3
Any ‘Designed for Windows’ Hardware *
Hypervisor
VM 2(“Child”)
VM 3(“Child”)
Virt.Stack
VM 1(“Parent”)
Hypervisor
VM 2
Some Hardware
microkernelized hypervisor has an inherently secure architecture with minimal attack surface
VMware Hyper-V
Drivers Drivers
Drivers
Drivers
* With Intel-VT or AMD-V CPU technology, these are standard in today‘s servers
Applications Applications Applications
Non-Hypervisor Aware OS
Windows Server 2008, 2003
Windows Kernel VSC
VMBus Emulation VMBus
“Designed for Windows” Server Hardware
Windows Server 2008, x64
Windows Kernel
Xen-Enabled Linux Kernel
Linux VSC
Hypercall Adapter
Parent Partition Child Partitions
VMBus
Hyper-V
VSP
VM Service
WMI Provider
VM Worker Processes
OS
ISV / IHV / OEM
Hyper-V
MS/ XenSource
User Mode
Kernel Mode
Provided by:
Windows Server 2008, x64
Windows KernelWindows
Drivers
Windows Drivers
Hyper-V architecture
The power of Hyper-V• Enlightenment/Para-virtualisation is the key to high
performance• Allows the Guest OS to understand it’s being virtualised
and co-operate to provide the best performance• Hyper-V is designed to utilise the virtualisation capabilities
of Intel-VT and AMD-V enabled processors• Hardware Virtualisation allows high performance
virtualisation of the Windows Guest OS– Server 2008, 2003 SP2, 2000 SP4, XP SP2/SP3, Vista SP1– Certain Xen-Enabled Linux Distributions
• Novell SUSE SLES 10 SP2 & Red Hat Enterprise for now...
• The future of virtualisation is Enlightenment/Para-virtualisation with hardware virtualisation assist
Server Virtualisation Licensing• By assigning a copy of
WS 03/08 Enterprise:– 4 free running Instances– Cumulative...
• The same process with WS 03/08 Datacenter:– Unlimited running
instances• Virtualisation Agnostic
Virtualisation Management• Depends on Scale:– Smaller - Hyper-V Manager– Mid-Market/Enterprise – SCVMM
• Virtualisation Management is one part of a much bigger picture...
Performance & Resource Optimisation (PRO)
• Workload and application aware resource optimisation
• Extensible through the Operations Manager 2007 MP framework
• Create policies that VMM acts upon tips automatically or manually
• Minimise downtime and accelerating time to resolution.
• Enables partners to deliver value add to our mutual customers
Server Management Suite EnterpriseFull Application and Server Management (P&V)
System Center Pricing & Licensing• Virtual machine management is a key
component of server management• Introducing the System Center
Enterprise Server Management License
• Provides comprehensive management for physical & virtual Windows Server & Storage environments, & includes:
– System Center Virtual Machine Manager 2007*– System Center Operations Manager 2007 Enterprise
Edition– System Center Data Protection Manager 2007
Enterprise Edition– System Center Configuration Manager 2007– Unlimited Virtualisation Rights
System Center Scenario• By assigning an SMSE to the
Physical box, it can be:– Patched/Updated (SCCM)– Monitored (SCOM)– Backed Up (SCDPM)– VMM Host (SCVMM)– VMM Server (SCVMM)
• Retails @ $1200• SMSE grants unlimited
virtualisation rights...• Virtualisation Agnostic
Desktop Virtualisation: Overview
NetworkClient
Server Client
Server-Based Virtualisation (VDI)
Client-Based Virtualisation
LAN Attached Clients Mobile / Outside Perimeter
Demo• Windows Fundamentals for Legacy PCs– “Windows Fundamentals for Legacy PCs ("WinFLP") is a thin
client operating system from Microsoft, based on Windows XP Embedded, but optimized for older, less powerful hardware. It was released on July 8, 2006. Windows Fundamentals for Legacy PCs is not a full-fledged general purpose operating system. It includes only certain functionality for local workloads such as security, management, document viewing related tasks and the .NET Framework. It is designed to work as a client-server solution with RDP clients or other third party clients such as Citrix ICA.”
• XenDesktop
Desktop Virtualisation: Overview
NetworkClient
Server Client
Server-Based Virtualisation (VDI)
Client-Based Virtualisation
LAN Attached Clients Mobile / Outside Perimeter
TS Core Enhancements• Vista: better together
– Previous versions: 2 TS clients– Now: 1 integrated client
• Network Level Authentication & Server Authentication
• Display Improvements• Plug and Play device Redirection Framework• Single Sign-On
Demo• Terminal Services RemoteApp Manager• Terminal Services RemoteApp Deployment• Terminal Services Web Access• Sharepoint 3.0 SP1 Integration
• Allows secure seamless connection without VPN• Tunnels RDP over HTTPS - same as Outlook• Place TS behind multiple firewalls without opening
multiple firewall ports other than 443
• Provides Policy Control over:– Who can access what & optionally enforce smart card use and restrict
device redirection
• Allows access to:• Terminal Server Remote Desktops and Programs, Client and Server
Remote Desktop
• When should TS Gateway be used in place of VPN?• When no local copy of data is required & when bandwidth or application
characteristics makes VPN experience poor
Role: Terminal Services Gateway
Terminal Services Gateway
internet perimeter internal
TS Gateway
TS Web Access
Client
XP/Vista
TerminalServer
Policies
1 Client tries to connect to Terminal Servers
1
2 External firewall strips HTTP & passes RDP to TS Gateway
2
3 TS Gateway authenticates user / checks health
3
4 Connection Complete – access to Machines/TS/Web Access
4
Terminal Services Easy Print
1 User opens Microsoft Word running via Terminal Services2 User wants to print the document to the local printer3 TS Easy Print utilizes the client side print drivers, and the full print UI appears4 The document prints to the local printer
1 2
3
4
Terminal Services Easy Print• NO PRINT DRIVER INSTALLATION ON TERMINAL SERVER
REQUIRED FOR TS EASY PRINT• Guaranteed printer installation in TS session• TS Printer are scoped per session & all printer properties
available in TS session• TS Policy to redirect ONLY default client printer• Works transparently between, say, X86 Client and X64 TS• Client Requirements:
– On Client - XP SP3 + .NET 3.0 SP1, Vista SP1 (Includes .NET 3.0 SP1), IHV Printer Driver
– In Future: Native XPS Printers = No IHV Drivers
Provided by
Microsoft
ISV
RDPTS Easy Print XPS
Driver
XPSSpoolFile
XPS
WPF AppWin32 App
GDI to XPSConversion
Module
TS Easy Print - Server Side
.NETFramework 3.0 SP1
Print Processor
GDI Printer Driver
TS Client (MSTSC)TS Easy
PrintPlug-in
EMFSpoolFile
XPSSpoolFile
XPS Printer Driver
RDP
Provided by
Microsoft
IHV
TS Easy Print - Client Side
XPS to GDIConversion
Module
• Resolution up to 4096x2048 & span multiple monitors• PnP Device Redirection Framework• Windows Presentation Foundation (WPF)• 32-bit Color & new RDP compression• Display Data Prioritization
Experience
• NAP Integration• Network Authentication• Single Sign-on for domain joined Vista clients• Ability to block pre RDP6 client• Per session & direct attached device isolation
Security
• Per User CAL Tracking, Per Device CAL revocation• Spooler scalability improvements• Debug Logging available in all builds• New Session Broker capability (Farm Capability), Session Drain• Single Unified Win32 & Active X Client – serviced via Windows Update
Manageability
• Investments in Windows and TS to eliminate potential attack vectors• Faster Login & Logoff • Profile corruption scenarios addressed• Leverage UAC for improved application compatibility
Platform
and to finish...Microsoft delivers end-to-end Virtualization solutions…
…System Center provides the tools for integrated Infrastructure Management
"Virtualization without good management is more dangerous than not using virtualization in the first place" Thomas Bittman, Gartner
Resources
• Matt’s blog – http://www.mattmcspirit.co.uk• Steve’s blog - http://blogs.technet.com/steve_lamb• MS Virtualisation –
http://microsoft.com/virtualisation• System Center -
http://www.microsoft.com/systemcenter• VECD -
http://www.microsoft.com/virtualization/solution-product-vecd.mspx
More Resources...• MDOP -
http://www.microsoft.com/windows/products/windowsvista/enterprise/benefits/tools.mspx
• Terminal Services - http://www.microsoft.com/windowsserver2008/en/us/presentation-terminal.aspx
• Evaluate WS2008 - http://www.microsoft.com/windowsserver2008/en/us/try-it.aspx
• VDI Demo - http://www.microsoft.com/windows/products/windowsvista/enterprise/vecddemo/default.html
Even More Resources...• Virtualisation Blog -
http://blogs.technet.com/virtualization/• Windows Server Blog -
http://blogs.technet.com/windowsserver/• TS Blog - http://blogs.msdn.com/ts/• Perf Tuning for WS2008 -
http://www.microsoft.com/whdc/system/sysperf/Perf_tun_srv.mspx
• System Center Blog - http://blogs.technet.com/systemcenter/
© 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Server and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation.
Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS
PRESENTATION.