Agenda - MS Fest

30.11.2009
Virtualisation
Virtualization, clustering
Kamil Roman
Microsoft Student Partner
MCTS, MCITP
Agenda
Virtualisation
1
30.11.2009
Agenda
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Virtualization overview
Why virtualize
Hyper-V architecture
Hyper-V features
Hyper-V server instalation
Hyper-V server
Server core
Server management via GUI
Hyper-V storage
Hyper-V Networking
Hyper-V clustering
Cluster Shared Volumes
Security considerations
Virtual enviroment management (optional)
SCVMM 2008 (optional)
Virtualisation
Virtualization overview
Virtualisation
2
30.11.2009
Virtualization - definition
•
Virtualization provides posibility to run several systems/apps at one piece of HW
Microsoft Virtualized Infrastructure
Providing the best solutions
Management
Presentation
Virtualization
Desktop
Virtualization
Application
Virtualization
Server
Virtualization
Virtualisation
3
30.11.2009
Why virtualize?
Virtualisation
Usage scenarios
Server consolidation
Provides enviroment
for outdated business
critical applications
Testing, education,
presentations…
Disaster recovery
4
30.11.2009
Server consolidation
Challenges:
• Underutilized hardware
• Excessive power consumption
• Expensive space across data center
or branch office
Solution:
Server consolidation through
virtualization and physical and virtual
machine management
Server Virtualization
Benefits:
• Reduce management cost
• Reduce power and space
consumption
• Increase server utilization
Increase Availability – Disaster recovery
Challenge:
Providing disaster recovery
for business continuity for
operating systems and
applications
Backup
Solution:
Virtualize operating systems
and applications – enabling
easy backup, replication and
moving to available servers
Benefits:
• Cost effective DR solution
• Short recovery times in
case of site failure
• Online backup of the virtual
machine
Server A
Server B
5
30.11.2009
Increase Availability of App-V
Challenge:
Providing disaster recovery
for business continuity for
operating systems and
applications
Solution:
Virtualize operating systems
and applications – enabling
easy backup, replication and
moving to available servers
Backup
Microsoft
System Center
Virtual Application
Server A
Microsoft
System Center Virtual
Application
Server B
Increase Availability – High availability
and migration
Challenge:
Planned and unplanned downtime
affecting server uptime
Solution:
High availability options include host or
guest level failover, or VM Migration for
predicted downtime or load balancing
Data Store
Benefits:
• Virtual machines can be made highly
available at little to no additional cost
• Virtual machines can be Quick or Live
migrated to minimize maintenance
windows or to load balance
Server A
Server B
6
30.11.2009
Microsoft Hyper-V architecture
Virtualisation
•
•
Monolithic hypervisor
– Simpler than a modern kernel, but
still complex
– Contains its own driver model
VM 1
(Admin)
VM 2
VM 3
Microkernelized hypervisor
– Simple partitioning functionality
– Increase reliability and minimize
TCB
– No third-party code
– Drivers run within guests
VM 1
(“Parent”)
Stack
VM 2
(“Child”)
VM 3
(“Child”)
Drivers
Drivers
Drivers
Drivers
Drivers
Drivers
Drivers
Drivers
Drivers
Virtualization
Hypervisor
Drivers
Drivers
Drivers
Hardware
Hypervisor
Hardware
7
30.11.2009
Description:
Hypervisor based virtualization platform
Windows Server 2008 x64 Edition technology
Standard, Enterprise and Datacenter Editions
Standards based
Hardware Requirements
Hardware assisted virtualization
AMD AMD-V or Intel VT
Hardware enabled Data Execution Prevention (DEP)
required
AMD (NX no execute bit)
Intel (XD execute disable)
Provided by:
Architecture
OS
Hyper-V
Parent Partition
ISV / IHV / OEM
Child Partitions
MS/ Citrix
VM
Worker
Processes
Applications
Applications
Applications
WMI Provider
VM Service
Windows Server
2008, x64
Windows
Drivers
User Mode
Windows
Server Server 2008,NonWindows
x64
2008, 2003
Hypervisor
Aware OS
VSP
Windows
Windows Kernel
Kernel
VSC
Linux
VSC
Windows
Drivers Hypercall
Windows
Kernel
VMBus
Xen-Enabled
Linux Kernel
Adapter
VMBus
Emulation
VMBus
Kernel Mode
“Designed Windows
for Windows”
Server Hardware
hypervisor
8
30.11.2009
What is Microsoft Hyper-V Server?
Microsoft Hyper-V Server 2008
(HVS)
Windows Server 2008 Hyper-V
(Windows Role)
Microsoft Hyper-V Server
Hyper-V
Parent
Partition
Windows
or Linux
Windows
or Linux
Windows
Parent
Partition
Windows
or Linux
Windows
or Linux
Windows hypervisor
Windows hypervisor
Hardware
Hardware
Contains Windows hypervisor
and other components,
including base kernel and
driver technologies.
Available as a role in Server
Core or full installation of
Windows Server 2008
Hyper-V Features
Virtualisation
9
30.11.2009
Windows Server Hyper-V
• Features
•
•
•
•
•
•
•
•
•
•
64-bit system with W2K8 64bit
32-bit and 64-bit virtual machines
Multiprocessing (4) in virtual machines
Snapshotting, VSS support
Clustering
Improved sources management of CPU and I/O
Offline .VHD manipulation
Group policy objects integration
Windows Server Core Hyper-V role
Simple transition from Virtual Server
Virtualisation
Windows Server 2008 R2 – Hyper-V
•
•
•
•
•
•
•
High Availability & Live Migration
Cluster Shared Volumes with I/O Redirection
64 GB RAM & 4vCPUs (per VM)
Core Parking & Processor Compatibility Mode
Thin Provisioned VHDs
Boot from VHD
Networking Improvements
• NIC Teaming, Jumbo Frames & TCP Offload
• Virtualised I/O
Virtualisation
10
30.11.2009
Hyper-V 2.0 Features
•
Logical Processor Support
•
Hot Add/Remove Storage
•
Second Level Translation (SLAT)
• Support for 64 logical processors on host computer
• Add and remove VHD disks to a running VM without requiring a reboot
• Leverage new processor features to improve performance and reduce load on
Windows Hypervisor
•
VM Chimney (TCP Offload Support)
• TCP/IP Traffic in a VM can be offloaded to a physical NIC on the host computer
(disabled by default)
•
Processor Compatibility Mode
• Allows live migration across different CPU versions within the same processor
family (i.e. Intel-to-Intel and AMD-to-AMD).
• Does NOT enable cross platform from Intel to AMD or vice versa.
• Configure compatibility on a per-VM basis.
• Abstracts the VM down to the lowest common denominator in terms of
instruction sets available to the VM.
Virtualisation
New Processor Feature Support
Virtualisation
11
30.11.2009
64 Logical Processor Support
• Overview
• Provides Hyper-V the ability to utilizes up to 64 of
the logical processor pool presented to Windows
Server 2008 R2
• Benefits
– Significantly increase host
server density
– Easily provide multiple processors
per virtual machine
Virtualisation
Processor Compatibility Mode
• Overview
•
Allows live migration across different CPU versions within the same processor family (i.e.
Intel-to-Intel and AMD-to-AMD)
•
Configure compatibility on a per-VM basis
•
Abstracts the VM down to the lowest common denominator in terms of instruction sets
available to the VM.
• Does NOT enable cross platform from Intel to AMD or vice versa
Benefits
Greater flexibility within
clusters
Enables migration across a
broader ranger of Hyper-V
host hardware
Virtualisation
12
30.11.2009
VM Memory Management
• Today, processors provide one level of
address translation, but hypervisor
needs to manage two
Guest OS defines
GVA-to-GPA
mappings
Guest Virtual
Address
Guest Virtual
Address
Guest Physical
Address
Hypervisor
defines GPA-toSPA mappings
System Physical
Address
System Physical
Address
Shadow page
tables combine
these mappings
because the
processor knows
how to perform
only one level of
translation
Virtualisation
Shadow Page Tables
• Hypervisor maintains a Shadow Page Table
• Combines two layers of translation into a
single page table
• Demand-filled when Child OS touches a page
• Flushed any time the Child OS modifies
its page tables
• Shadow Page Table overhead
• Fills and flushes invoke the hypervisor
• Can account for up to 10% of total CPU time
• Consumes roughly 1MB of memory per VM
Virtualisation
13
30.11.2009
Second Level Address Translation (SLAT)
• Goes by several names
• Intel calls it Extended Page Tables (EPT)
• AMD calls it Nested Page Tables (NPT) or
Rapid Virtualization Indexing (RVI)
• Processor provides two levels of translation
• Walks the guest OS page tables directly
• No need to maintain Shadow Page Table
• No hypervisor code for demand-fill or flush operations
• Resource savings
• Hypervisor CPU time drops to 2%
• Roughly 1MB of memory saved per VM
Virtualisation
Side by Side Comparison
x64 Only &
Hypervisor Based
Product Type
Physical Sockets
Physical Core Support
Physical Memory
VM Migration
Administrative UI
Hyper-V Server 2008
Hyper-V Server
2008 R2
WS2008 EE / DC
Hyper-V R2
Yes
Yes
Yes
Standalone Product
Standalone Product
Operating System
Up to 4
Up to 8
Up to 8 (EE) | Up to 64 (DC)
24 (with QFE)
64
64
32GB
1TB
1TB
None
Failover + Quick & Live
Failover + Quick & Live
CMD Line, Text –Based
Config Utility, Remote GUI
Management
CMD Line, Text –Based
Config Utility, Remote GUI
Management
CMD Line, Local GUI
(Hyper-V Manager MMC),
Remote GUI Management
Management
SCVMM Managed?
Existing Management Tools
Yes (SCVMM 2008 & R2)
Yes (SCVMM 2008 R2)
Yes (SCVMM 2008 R2)
Free Windows Guests?
0
0
4 (EE) | Unlimited (DC)
Number of running VM
Guests
192 (or as many as physical
resources allow)
384 VMs (1 vCPU) or up to
512 vCPUs
384 VMs (1 vCPU) or up to
512 vCPUs
Storage
Guest OS Support
DAS: SATA, eSATA, PATA, SAS, SCSI, USB, Firewire, SANs: iSCSI, FC, FCoE
Windows Server: 2008 R2, 2008, 2003 SP2, 2000 SP4 / Novell SUSE SLES 10 SP1 / SP2
Virtualisation
Windows Client: 7, Vista SP1, XP SP2/SP3
14
30.11.2009
Virtualisation Support – KB957006
Microsoft Application Virtualization (App-V)
Microsoft Operations Manager (MOM) 2005
Microsoft BizTalk Server
Microsoft Search Server
Microsoft Commerce Server
Windows SBS / EBS 2008
Microsoft Dynamics AX, CRM, GP, NAV
Microsoft SQL Server 2005, 2008
Microsoft Exchange Server
Microsoft System Center Configuration Manager
Microsoft Forefront Client Security
Microsoft System Center Data Protection Manager
Microsoft Intelligent Application Gateway (IAG)
Microsoft System Center Essentials
Microsoft Forefront Security for Exchange (FSE)
Microsoft System Center Operations Manager
Microsoft Forefront Security for SharePoint (FSP)
Microsoft System Center Virtual Machine Manager
Microsoft Host Integration Server
Microsoft Systems Management Server (SMS)
Microsoft Internet Security and Acceleration (ISA)
Microsoft Visual Studio Team System
Microsoft Office Communications Server R2
Microsoft Windows HPC Server 2008
Microsoft Office Groove Server
Windows Server 2003 Web Edition
Microsoft Office PerformancePoint Server
Microsoft Windows Server Update Services (WSUS)
Microsoft Office Project Server
Windows Web Server 2008
Microsoft Office SharePoint Server and WSS
Virtualisation
Hyper-V server instalation
Virtualisation
15
30.11.2009
16
30.11.2009
17
30.11.2009
18
30.11.2009
19
30.11.2009
20
30.11.2009
Microsoft Hyper-V Server R1/R2
Virtualisation
21
30.11.2009
Microsoft Hyper-V Server 2008
• Simplified, optimized and free
• Provides basic virtualization capabilities
• Great stand-alone hypervisor-based virtualization product
• Streamlined
• Micro-kernelized hypervisor
• Easily integrates into existing infrastructure
• Active Directory integration
• Leverage existing management tools (e.g,: System Center
Virtual Machine Manager 2008)
• Leverage existing support tools & processes
• Leverage existing IT Pro skill-set and knowledge
Virtualisation
HVconfig
Automatic startup at login
Easy setup utility for server configuration
Localized in 11 languages
22
30.11.2009
Manage Remotely…
Microsoft Hyper-V Server V2
New features
•
•
•
Live Migration
High Availability
New Processor Support
• Second Level Address
Translation
• Core Parking
•
Networking Enhancements
• TCP/IP Offload Support
• VMQ & Jumbo Frame Support
•
•
•
Hot Add/Remove virtual storage
Enhancements to HVCONFIG
Enhanced scalability
Virtualisation
23
30.11.2009
Hyper-V Server 2008 R2
Virtualisation
Server Core
Virtualisation
24
30.11.2009
Without GUI
Provides only basic server roles and features
More secure solution (“reduced attack surface”)
Server Core reduces total number of patches ~60%
Provides several windows server roles from W2008:
AD, AD LDS, DHCP, DNS, File, Print, WMS, IIS, Hyper-V
Offers additional functionality via selected functions:
WINS, Failover Clustering, Backup, Multipath IO, Removable
Storage Management, Bitlocker Drive Encryption, SNMP,
Telnet Client
Doesn‘t allow:
Shell, CLR, GUI, apps like IE, Windows Mail, Windows Media
Player, etc.
Windows Server Core
• Windows Server frequently
deployed for a single role
•
Must deploy and service the entire
OS in earlier Windows Server
releases
• Server Core a new minimal
installation option
•
•
Provides essential server
functionality
Command Line Interface only, no
GUI Shell
• Benefits
• Fundamentally improves
availability
• Less code results in fewer patches
and reduced servicing burden
• Low surface area server for
targeted roles
• More secure and reliable with less
management
Virtualisation
25
30.11.2009
Server Core Desktop
Virtualisation
Hyper-V instalation
Server core role scenario
•
•
Windows Server 2008 instalation wizard
Choose Server Core installation
Virtualisation
26
30.11.2009
Hyper-V role instalation
•
•
ocsetup Microsoft-Hyper-V
Restart needed
Virtualisation
Hyper-V management
Virtualisation
27
30.11.2009
Windows Server 2008 management
Server Manager
Prvotní konfigurace
Instalace produktu
Hosts
Virtual Machines
Actions ->
VM Details
Virtualisation
28
30.11.2009
Hosts
Virtual Machines
Actions ->
VM Details
Virtualisation
Hyper-V Storage
Virtualisation
29
30.11.2009
• Virtual HDD types and their performance
– Dynamically Expanding VHDs
• Minimal size, grows as needed, low performance
– Fixed Disk VHDs/Pass Through Disks
• Fixed size, High performance
• Pass Through Disks
– Pros: VM directly access drive/LUN – not using VHD
– Cons:
• Snapshots cannot be used within VM
– Neutral: Disk is dedicated to one VM (can be bypassed via RAID)
Recommendation: Use Fixed Disk VHDs or Pass Through Disks in product enviroment!
Virtual machine configuration
VHD configuration
Virtualisation
30
30.11.2009
Server management
Disks configuration
Virtualisation
Switch disk to offline
Virtualisation
31
30.11.2009
Disk is offline…
Virtualisation
Pass Through Disk configuration
Virtualisation
32
30.11.2009
Thin Provisioning
Guest OS needs to see 100GB
but may only consume % of that
VM VHD
With Fixed VHDs, a 100GB VHD
would consume 100GB on SAN
With Dynamic VHDs, the physical
space consumed is only equal to
that consumed by Guest OS
Virtualisation
Hot Add/Remove Storage
• Overview
• Add and remove VHD and pass-through disks to a
running VM without requiring a reboot.
• Hot-add/remove disk applies to VHDs and passthrough disks attached to the virtual SCSI
controller
• Benefits
• Enables storage growth in VMs without downtime
• Enables additional datacenter backup scenarios
• Enables new SQL/Exchange scenarios
Virtualisation
33
30.11.2009
Hyper-V Networking
Virtualisation
Hyper-V networking
• Parent partition is also
virtualized
• Use servers with at least
two NICs
• One for management
• One or more NICs for virtual
machines
• Dedicated NIC(s) for iSCSI
Virtualisation
34
30.11.2009
Hyper-V – network configuration
• Example:
•
•
•
•
Physical server with 4 NICs
NIC 1: Dedicated for parent partition management
NIC 2: Dedicated for parent partition for iSCSI
NICs 3/4: Used for virtual machines
communication
Virtualisation
Hyper-V instalation
Network configuration
Virtualisation
35
30.11.2009
Hyper-V instalation
Network configuration and iSCSI
Virtualisation
Networking
• TCP Offload support
• Overview
• TCP/IP traffic in a VM can be offloaded to a
physical NIC on the host computer
• Benefits
• Reduce CPU burden
• Networking offload to improve performance
• Live Migration is supported with Full TCP Offload
Virtualisation
36
30.11.2009
Networking
• Jumbo Frame Support
• Ethernet frames >
1,500 bytes
• Ad hoc standard is ~9k
• Overview
• Enables 6x larger
payload per packet
• Benefits
• Improves throughput
• Reduce CPU utilization
of large file transfers
Virtualisation
Hyper-V clustering
Virtualisation
37
30.11.2009
Outage is improper, but it affects
only one server
Outage is critical, because it
affects more servers
Virtualisation
Fast move of virtual machine to some other physical server
Automatic failover to other physical servers (hardware outage)
Virtualisation
38
30.11.2009
VHDs
Save state of virtual
machine
Move storage connection
to other physical server
Virtual Machine
restoration
Virtualisation
Ethernet
(3 + 1)
Physical server needs
maintenance
Virtual machines move to
other physical servers
(standby)
VHD
Virtualisation
39
30.11.2009
Ethernet
(3 + 1)
Power failure
Virtual machines
automaticly restarts at
some other node of cluster
If there is not enough
sources (memory), will
automaticly move to next
node
VHD
Virtualisation
Live Migration
• #1 Customer Request
• Moving a virtual machine from one server to
another without loss of service
• Enables new dynamic scenarios
• Load balancing VMs via policy
Virtualisation
40
30.11.2009
Quick Migration vs. Live Migration
1.
b)
(Windows Server 2008 Hyper-V)
(Windows Server 2008 R2 Hyper-V)
1.
Create VM on the target
Write VM memory to shared storage
Move storage connectivity from source
host to target host via Ethernet
b)
2.
b)
Take VM memory from shared storage
and restore on Target
Run
b)
3.
Create VM on the target
Copy memory pages from the source to
the target via Ethernet
Final state transfer
a)
Restore state & Run
a)
VM State/Memory Transfer
a)
Move virtual machine
a)
3.
Live Migration
Save state
a)
2.
Quick Migration
Pause virtual machine
Move storage connectivity from source
host to target host via Ethernet
Un-pause & Run
Host 2
Host 1
Host 1
Host
2
Virtualisation
Live Migration
1.
Create VM on target server
Copy memory pages from the source to the target via Ethernet
3. Final state transfer
2.
a)
b)
4.
Pause virtual machine
Move storage connectivity from source host to target host via Ethernet
Run new VM on source; Delete VM on target
Host 1
Host 2
Blue = Storage
Yellow = Networking
Shared Storage
41
30.11.2009
Live Migration
• Live Migration via Cluster Manager
• In box UI
• Live Migration via Virtual Machine Manager
• Orchestrate migrations via policy
• Moving from Quick to Live Migration:
•
•
•
•
•
Guest OS limitations?:
Changes to VMs needed?:
Changes to Storage infrastructure:
Changes to Network Infrastructure:
Update to Windows Server 2008 R2
Hyper-V:
Yes
No
No
No
No
Virtualisation
Live Migration Memory Internals
• Worker process on source host creates “dirty
bitmap” of memory pages
• Iterates over pages, sending them to
target worker process
• Registers for modify-notifications on pages to
detect subsequent changes
• Source VM still active and can be modifying memory
• Repeats over newly modified pages
• Stops iterating when one of the following:
• All pages sent
• Makes 10 passes
Virtualisation
42
30.11.2009
State
Configuration
Live Migration Operation
Virtualisation
High Availability (Unplanned)
SAN
.VHDs
.VHDs
.VHDs
.VHDs
1. 2 Windows Server 2008 R2 (Ent / DC) Hyper-V Nodes in a Failover
Cluster. Each Node has 2 VMs running. VMs are stored on the SAN.
2. Node 1 Fails, and also brings down 2 VMs
3. Failover Clustering in Windows Server 2008 R2 ensures that VMs restart
on Node 2 of the Hyper-V Cluster
Virtualisation
43
30.11.2009
Live Migration (Planned)
SAN
.VHDs
.VHDs
.VHDs
.VHDs
1. 2 Windows Server 2008 R2 (Ent / DC) Hyper-V Nodes in a Failover Cluster.
Each Node has 2 VMs running. VMs are stored on the SAN.
2. We decide we’d like to migrate a running VM from Node 1 to Node 2
3. Live Migration in Windows Server 2008 R2 (Ent/DC) ensures that VMs are
migrated with no downtime
Virtualisation
SQL
Exchange
Virtualisation
44
30.11.2009
Cluster Shared Volumes
Virtualisation
Migration & Storage
• Windows Server 2008 R2 Hyper-V
• NEW Cluster Shared Volume (CSV)
• CSV provides a single consistent file name space;
All Windows Server 2008 R2 servers see
the same storage
• Easy setup; Uses NTFS
• No reformatting SANs
• Create one big data store
• No more drive letter problems
• Existing tools just work
Virtualisation
45
30.11.2009
Cluster Shared Volumes
• All servers “see” the same storage
Clustering & Storage
•
Windows Server 2008 R2 Failover Clustering
– NEW Cluster Shared Volume (CSV)
• Implemented as a mini-filter
• Required for Live Migration
•
CSV provides a single consistent file name space; All Windows Server 2008 R2
servers see the same storage
–
–
–
–
–
–
–
–
Easy setup; Uses NTFS
No reformatting SANs
Create one big data store
Less drive letters needed
Existing tools just work
Improves Hyper-V Live Migration times
Simplifies SAN/VM management
Improved Fault Tolerance
Concurrent
access to a
single file
system
SAN
Single
Volume
VHD
VHD
VHD
Single LUN for all hosts and performance enhancement for storage switchover
46
30.11.2009
Cluster Shared Volumes
• Cluster Shared Volumes (CSV)
• Enabling multiple nodes to concurrently access a
single ‘truly’ shared LUN
• Provides VM’s complete transparency with respect
to which nodes actually own a LUN
• Guest VMs can be moved without requiring any
drive ownership changes
• No dismounting and remounting of volumes is
required
Virtualisation
Cluster Shared Volumes
SAN
C:\ClusterStorage\Volume1
C:\ClusterStorage\Volume2
C:\ClusterStorage\Volume3
C:\ClusterStorage\Volume4
1.
2.
3.
4.
LUN1
LUN2
LUN3
LUN4
C:\ClusterStorage\Volume1
C:\ClusterStorage\Volume2
C:\ClusterStorage\Volume3
C:\ClusterStorage\Volume4
We’ve set up a WS2008 R2 Cluster, and created 4 LUNs on the SAN.
We’ve made the LUNs available to the Cluster
In Failover Clustering MMC, we mark the LUNs as CSV’s.
Each Node in our Cluster then has a Consistent Namespace for accessing the
LUNs. We can now drop as many VMs on each CSV as we like.
Virtualisation
47
30.11.2009
Cluster Shared Volumes
Distributed file access
coordinated through a
node
VM performing
direct I/O
Volume
mounted on
one node
SAN
LUN 5
VHD
VHD
VHD
Virtualisation
CSV Stats
CSV
Max Volume Size
256 TB
Min Volume Size
1 MB
Max # Partitions
128
LUN Concatenation
Hardware LUN Expansion
Data Migration
Seamless
Supported Hardware
Commodity
Storage Type
FC, iSCSI, NAS, SAS
Multi-path Support
Industry Standard
iSCSI Initiator Support
Industry Standard
Write I/O Performance
Fast!!
Metadata Updates
Fast!!
Max Number of LUNS’s
2,000+
Directory Structure
Unrestricted
Max # of Files per Volume
4+ Billion
LUN Presentation
Flexible Storage Model
Price
Free!
Virtualisation
48
30.11.2009
Security considerations
Virtualisation
Virtualization
“Virtualization without good management
is more dangerous than not using
virtualization in the first place.”
– TOM BITTMAN, GARTNER VP AND ANALYST, 9 MAY, 2007
Virtualization Will Drive Major Change in IT Infrastructure and Operations in the Next Three Years, Tom Bittman, May 8, 2007
Virtualisation
49
30.11.2009
Platform Security
• Isolation
• No sharing of virtualized devices
• Separate VMBus per vm to the parent
• No sharing of memory
• Each has its own address space
• VMs cannot communicate with each other, except
through traditional networking
• Guests can’t perform DMA attacks because
they’re never mapped to physical devices
• Guests cannot write to the hypervisor
• Parent partition cannot write to the hypervisor
Virtualisation
Virtual enviroment management
Virtualisation
50
30.11.2009
•
Windows Server 2008 x64 Edition
EE/DTC
– Server Core instalace
•
Quad procesor/Quad core (16
cores)
– AMD-V nebo Intel VT
•
Paměť
– 2 GB per core minimum (32 GB)
– 4 GB per core (64 GB)
•
Diskové úložiště
– 4 Gb Fibre Channel, i-SCSI
Síťování
– 1 Gb/E NIC pro
management/cluster/heartbeat/
migrace
– 1 čtyřportový Gb/E PCI-E pro
virtuální stroje
Krok 1: Stavba Active Directory
Domain
Controller
Ethernet
•
Virtualisation
51
30.11.2009
Krok 2: Stavba virt. farmy
Domain
Controller
Ethernet
Virtualization Farm
Virtualisation
Krok 3: Konfigurace úložiště
Domain
Controller
Virtualization Farm
Ethernet
SAN
Fibre Channel
Switch
Virtualisation
52
30.11.2009
Krok 4: Instalace WS08 OS
Pomocí System Center Configuration Manager
Domain
Controller
System Center
Configuration Manager
Virtualization Farm
Ethernet
SAN
Fibre Channel
Switch
Virtualisation
Krok 5: Správa virt. infrastruktury Pomocí
System Center Virtual Machine Manager
Domain
Controller
System Center
Configuration Manager
Virtualization Farm
SAN
Ethernet
System Center
Virtual Machine Manager
Fibre Channel
Switch
Virtualisation
53
30.11.2009
Krok 6: Monitorování zdraví
Pomocí System Center Operations Manager
Domain
Controller
System Center
Configuration Manager
Virtualization Farm 1
(14 + 2 Servers)
SAN
Ethernet
System Center
Virtual Machine Manager
Fibre Channel
Switch
System Center
Operations Manager
Virtualisation
Krok 7: Zálohování
Pomocí System Center Data Protection Manager
Domain
Controller
System Center
Configuration Manager
Virtualization Farm
Replikace
SAN
Ethernet
System Center
Virtual Machine Manager
WAN
Fibre Channel
Switch
System Center
Operations Manager
System Center
Data Protection Manager
Virtualisation
54
30.11.2009
Jednotlivé kroky podrobněji
Předpoklad: kroky 1 – 4 dokončeny
Vybudování Active Directory
Vybudování virtualizační farmy
Konfigurace úložiště
Instalace Windows Server 2008 OS pomocí System Center
Configuration Manager
Virtualisation
Stavba clusteru Hyper-V serverů
Virtualisation
55
30.11.2009
Krok 5: Správa virt. infrastruktury
Pomocí System Center Virtual Machine Manager
Domain
Controller
System Center
Configuration Manager
Virtualization Farm
SAN
Ethernet
System Center
Virtual Machine Manager
Fibre Channel
Switch
Virtualisation
System Center VMM 2008
• Centralizovaná správa fyzického prostředí (hosts)
• Centralizovaná správa a nasazení virtuálních strojů
• Microsoft Virtual Server
• Hyper-V
• VMware ESX (Virtual Center)
• Rychlá konverze P2V a V2V
• Performance and Resource
Optmization (PRO) of VMs
• Centrální knihovna
• Delegovaná správa virtuálních strojů
• Plně skriptovatelné prostředí pomocí PowerShell
Virtualisation
56
30.11.2009
SCVMM 2008: Architektura
Windows®
PowerShell
Konzola pro
správu
Knihovna
Web-based
provisioning
Fyzické servery
pro virtualizaci
Konverze: P2V a V2V
• Intuitivní a jednoduchý nástroj:
–
–
–
–
–
–
Základní součást VMM
Forma průvodce
Volume Shadow Copy
Změna konfigurace úložiště, paměti, CPU
Zachová nastavení sítě i adresu MAC
Lze automatizovat pomocí PowerShell
• Podporované platformy:
– Windows XP, Windows Vista, Windows Server 2000,
Windows Server 2003, Windows Server 2008
57
30.11.2009
Snadná správa cluster
VMM 2008 detekuje Hyper-V cluster
prostředí
Snadné přidání clusteru, uzlu, odebrání,…
Cluster reserve
Specifikace počtu uzlů clusteru, při jejichž
nedostupnosti ještě bude cluster schopný
běžet ostatní
virtuální stroje
Umístění virtuálního
stroje na cluster
Krok 6: Monitorování zdraví
Pomocí System Center Operations Manager
Domain
Controller
System Center
Configuration Manager
Virtualization Farm 1
(14 + 2 Servers)
SAN
Ethernet
System Center
Virtual Machine Manager
Fibre Channel
Switch
System Center
Operations Manager
Virtualisation
58
30.11.2009
System Center OpsMgr 2007
• Proaktivní správa IT služeb
• Integrované monitorování distribuovaných aplikací,
pohled koncového uživate, podpora infrastruktury
End-to-End Service Management
•
•
Zkrácení doby řešení problému
•
•
Zjednodušení a zefektivnění správy IT prostředí
Modularizované
znalosti
Zvýšení efektivity
operační správy
Management packs obsahují Microsoft expertízu pro
správu aplikací, serverů a klientů
Bezpečnost založená na rolích, infrastruktura
monitorující sama sebe, vylepšená škálovatelnost
IT dodává služby; ne servery
Aplikace pro objednávání
Objednávková
služba
přes web
Middleware
Klienti
Web Server
Databáze
Fyzická síť
59
30.11.2009
Performance and Resource
Optimization
Historie o výkonnosti stroje z SCOM
Informace o výkonu fyzických i virtuálních strojů
Předefinovaná pravidla
Každá zátěž (SQL, Exchange, IIS…) má svá specifika
Všechny platformy
60
30.11.2009
Microsoft Virtualization
Dynamická infrastruktura
Problém:
Reagovat na požadavky
Nevyužité systémy
Řešení:
Adaptivní a odolné
datacentrum
Web Farm
61
30.11.2009
PRO Management Pack
Custom PRO Enabled MP
Structure
Diagnostic
Tasks
Recovery
Tasks
Monitors
PRO Library MP
Hyper-V Host
PRO Target
Hyper-V Host
Knowledge
Target
VMware Host
PRO Target
VMware Host
Virtual Machine
PRO Target
Virtual Machine
Custom
PRO Target
Hardware/Software
Component
62
30.11.2009
Konsolidace
Fyzické
Výkonostní
data servery
sepro
konvertují na
se sbírají
Fyzické
stroje
virtuální
stroje
určení
kandidátů
odcházejí
do
pro
virtualizaci
důchodu
:-)
Fyzická
infrastruktura
Reporty kandidátů
na konsolidaci
Virtual
Machine
Výkonostní umístění
data se
Inteligentní
Manager
se
sbírají
na agent
fyzických
virtuálních
strojů na
nainstaluje
na
serverech
optimální fyzický
fyzické servery
stroj
Servery pro
virtualizaci
Krok 7: Zálohování
Pomocí System Center Data Protection Manager
Domain
Controller
System Center
Configuration Manager
Virtualization Farm
Replikace
SAN
Ethernet
System Center
Virtual Machine Manager
WAN
Fibre Channel
Switch
System Center
Operations Manager
System Center
Data Protection Manager
Virtualisation
63
30.11.2009
Řešení pro zálohování na disková pole a pásky
Disk-to-Disk
Disk-to-Tape
Disk-to-Disk-to-Tape
Snadná správa (průvodci)
Možnost obnovy koncovým uživatelem
Spolupráce s ostatními produkty System Center, výhodné
licencování
System center virtual machine
manager 2008
Virtualisation
64
30.11.2009
65
30.11.2009
66
30.11.2009
67
30.11.2009
68
30.11.2009
Summary
Virtualisation
Virtualisation
Virtualization, clustering
Kamil Roman
Microsoft Student Partner
MCTS, MCITP
[email protected]
69