Powered by System Center
Posts tagged Windows Server 2012
If you are in some way dealing with Hyper-V in Windows Server 2008 R2 and probably now exploring Windows Server 2012 Hyper-V, you are by no means able to avoid the blogs, whitepapers, books and tweets written by Aidan Finn. In 2010 Aidan asked me to be a technical editor for his Mastering Hyper-V Deployment which I gladly accepted. It was a great step-by-step for implementing Hyper-V R2 and several of the important System Center components. The book was co-authored by Patrick Lownds, Hyper-V MVP and datacenter expert working for HP in London.
About a year later, Aidan approached me again asking if I would be willing to contribute to another book called Microsoft Private Cloud Computing and I did not think about refusing (or should I have). It was my first experience as an author and I wrote up the Fabric chapters of VMM 2012. Aidan laid a nice foundation with his lucid Cloud introduction chapters, Patrick focused on the service management functionality and the VMM Library while Cloud and Datacenter MVP, Damian Flynn wrote a couple of brilliant chapters on private cloud management and integration with App Controller, Service Manager and Orchestrator. It was a fine job we completed in early 2012, the book was published just before the beta of SP1 was announced. We simply didn’t have the opportunity to wait until SP1 was out and digest and explain all the new features that arrived with Windows Server 2012. Fortunately Damian has joined Nigel Cain (who is a Senior Program Manager for Windows Server and System Center) to write a blog series on Technet in eight installments between Jan 2013 until July 2013, just to explain the new Virtual networking technology in VMM 2012 SP1
Another year came and here was Aidan again, asking me to join him on his new venture: the Windows Server 2012 Hyper-V Installation and Configuration Guide. Although I really liked the subject and wanted to go into great depth to learn all this cool stuff, I was simply too busy doing all those great Hyper-V and System Center projects for Inovativ. Our family was also heavily burdened by the unfortunate adventures of one of my sons, which more or less influenced me most of 2012. Writing a book was out of the question.
Convincing as Aidan can be, he said he had his author team complete, again with Damian Flynn and Patrick Lownds plus Michel Luescher, “a virtualization junkie working as a consultant at Microsoft” as he calls himself. The only omission was a technical editor fit for the job. And that’s why he asked me.
I am more than honored to be mentioned quite extensively in the Acknowledgements of the Windows Server 2012 Hyper-V book by each and every author. I really felt like being part of the author team but in the role of both learning, correcting but most of all improving. I remember advising Aidan to split one chapter into two because it was approaching 100 pages, more than twice as much as they had anticipated.
Having been the first reader (and I read the chapters multiple times), I can truly say this is a superb book that anyone interested in the technical secrets of Windows Server 2012 Hyper-V should buy. I can guarantee you will not one day regret having bought this book. There were moments I wanted to cry out how good these chapters were, thrilled by the sheer excellence of the product and the very talented explanatory writing in the 600 pages of this Must-have-Hyper-V-version-3 book.
The book can be pre-ordered now and will be published on March 25th. The European release will be April 5th. See the Windows Server 2012 Hyper-V Book Release FAQ.
I will not wait till my free copy arrives (Sybex, hope you are reading this) as I have already pre-ordered it myself, but wouldn’t mind a few extra copies to give away.
As you can see from the screenshot, only a few tickets are left for the Hyper-V.nu event on April 16th, 2013. The event will be presented in Dutch which is unfortunate for several of our followers in the neighboring countries who wanted to attend. I hope to convince my fellow speakers to present in English again so the last 15 tickets could have been easily sold by now. The event is free by the way.
If you already know you cannot make it, please return your tickets!
For Windows Server 2012 clusters it was still very difficult to find a complete list of hotfixes. In the past there were blogs and other locations for Windows Server 2008 R2 Hyper-V and clusters, but not always authorized by Microsoft. This could cause a trust issue for customers who don’t want to rely on some blog.
As MVP’s we have also expressed a wish to see an official list which is maintained by Microsoft. It is great to see our request is honored so quickly and you can now find the Windows Server 2012 Cluster hotfixes
Here is a message from John Marlin, Senior Support Escalation Engineer Microsoft Enterprise Platforms Support:
In a previous blog, it was discussed on where you can get a list of the Failover Clustering and Hyper-V hotfixes for Windows Server 2008 R2.
In this blog, we give the links to newly released hotfixes for Failover Clustering and Hyper-V so you know what hotfixes are out there. There are two Wiki pages that will make life easier for you when looking for hotfixes for Windows Server 2012 Clustering and Hyper-V.
These Wiki pages are updated on a regular basis. You can setup an RSS Subscription to the Wiki page so you can the updated Wiki page in your favorite RSS app or Outlook.
When you configure Live Migration settings on a Windows Server 2012 Hyper-V host then you have two options for authentication of Live Migration sessions:
- Use Credential Security Support Provider (CredSSP)
- Use Kerberos
Kerberos is my recommendation to customers. This is more secure than CredSSP. However the Kerberos option requires constrained delegation. If you do not configure constrained delegation, Live Migration of a virtual machine is not possible and you will receive a message that the source server does not have enough permissions to migrate the virtual machine to another host.
Yesterday I was at a customer location and I would like to configure constrained delegation so that I can use Kerberos as the authentication protocol for Live Migration.
I opened Active Directory Users and Computers and browsed to the computer objects representing the Hyper-V hosts. I went into the properties of the computer object and selected the ‘Delegation’ tab (just like the screenshot below).
When I would add the service Microsoft Virtual System Migration Service this option was not available in the list of services.
So I start a discussion with the guy who had installed the servers and asked him how he did the installation of the Hyper-V role. Then he told me that he had enabled the Hyper-V role while the servers were not joined to Active Directory….. Tadaaa that’s the reason why the service Microsoft Virtual System Migration Service was not available!!
To solve this you had to register the Service Principal Name for this service. To do so you had to open a Command Prompt or a PowerShell prompt and run the following commands:
- setspn -S "Microsoft Virtual System Migration Services\Servername" Servername
- setspn -S "Microsoft Virtual System Migration Services\Servername.fqdn" Servername
After running those commands you will see the ‘Microsoft Virtual System Migration Service” in the list of services that you can add for delegation using Kerberos.
Lesson learned: first join the Hyper-V server to Active Directory and after the server is joined you can enable the Hyper-V role.
Today I received news that EMC has released its latest version of the VNX Operating System which covers NAS and Block functionality (VNX OE 32/8) and Maintenance Release 1 (MR1). If you are an EMC customer, this important release is now available for download:
For Windows Server 2012 Hyper-V customers this is especially very good news because VNX now supports SMB 3.0 and ODX (Offloaded Data Transfer), apart from some VAAI performance enhancements which are of course more interesting for the other guys. ODX is very similar to Block XCOPY in vSphere.
EMC is probably the first vendor offering SMB 3.0 support in its storage array. Several vendors are still working on adding SMB 3.0 and ODX support so this is important news for acceptance of Microsoft storage technology and Windows Server 2012 Hyper-V. NetApp SMB 3.0 support is targeted at ONTAP 8.2.
The software can be downloaded from PowerLink or http://support.emc.com.
Just in time for a new project for a Dutch municipality, involving HP c7000, HP ProLiant BL460c Gen8, HP StoreVirtual 4000 Storage and Windows Server 2012 Hyper-V, HP released a new firmware ISO and a new HP ProLiant Service Pack. With version 2013.02.0 (19 Feb 2013) HP adds Windows Server 2012 support for the following HP ProLiant servers:
- HP ProLiant BL460c G6 Server .
- HP ProLiant DL380 G6 Server
- HP ProLiant DL360 G6 Server
- HP ProLiant ML350 G6 Server
Click on picture for link to PDF.
Additionally a number of new HP ProLiant network adapters are now supported:
HP Ethernet 1Gb 4-port 366FLR Adapter
HP Ethernet 10Gb 2-port 560M Adapter
HP Ethernet 10Gb 2-port 560FLR SFP+ Adapter
HP Ethernet 10Gb 2-port 530T Adapter
Download HP ProLiant Service Pack 2013.02.0
[UPDATE 1/15/2013]: See problems reported after installing this hotfix at end of this forum post. I have opened a line with the product team to find out what is going on
[UPDATE 2/15/2013]: We are now exactly 1 month after I warned you to be very careful with installing http://support.microsoft.com/kb/2799728/en-us as it caused a severe memory leak. If you have followed the forum post mentioned above, you will have gathered that Microsoft has worked feverishly to get on top of the problem. Mike Jacquet who has been very communicative about this issue, has today confirmed that a fix is now code complete, has been fully tested and is only waiting for the KB article to be written.
The memory leak was caused by a fault found in the CSV filter driver (CSVFLT.sys). When the fix arrives (any time now), you can simple install it whether you have applied the hotfix mentioned in this blog or not. The original kb article will be superseded by this one.
[UPDATE 2/17/2013]: The hotfix is available from http://support.microsoft.com/kb/2813630/en-us
[UPDATE 2/18/2013]: If you are still seeing a problem, take a look at this (which is an excerpt from the forum post mentioned above:
“Cluster Shared Volume ‘Volume2′ (‘ClusterStorage Volume 2′) is no longer available on this node because of ‘STATUS_CLUSTER_CSV_AUTO_PAUSE_ERROR(c0130021)’. All I/O will temporarily be queued until a path to the volume is reestablished.
STATUS_CLUSTER_CSV_AUTO_PAUSE_ERROR is generated when csvfs filter attempts to retrieve the Copy On Write bitmap for a snapshot volume that has been cleaned up. This error is most likely occurring on large scale hyper-v deployments and is one of the issues we discover after fixing other scale out problems addressed in the V2 fix. Due to ongoing long haul testing required to be done, we did not want to hold up V2 of the fix that we just released, so the Windows group will release a more compressive V3 patch a little later to address that and other issues found during large scale testing.
For any customers still experiencing the same symptoms as outlined in KB2813630 after installing the fix, please check binary versions on all nodes.
File name File version File size Date
====== ========= ====== ====
Csvflt.sys 6.2.9200.20626 205,824 06-Feb-2013
Clussvc.exe 6.2.9200.20623 7,217,152 07-Feb-2013
Ntfs.sys 6.2.9200.20623 1,933,544 07-Feb-2013
If Binaries are correct on all nodes, please open a support case so we can investigate the issue further.”
In this two-part blog article we will take a look at 5Nine Security Manager for Windows Server 2012 Hyper-V. In the first part I will give a global overview and take a look at the installation of this product. In the second part we will take a look at the configuration of this interesting solution. So here we go….
In the ‘classic’ world of physical machines there’s in most cases a lot of attention for a secure server environment. People make their environment as secure as possible with firewalls, intrusion detection systems and anti-virus/ anti-malware protection. These products are working very well in the classic physical server environments.
However the world of IT is changing and virtualization of servers and devices has become common. Although we are using virtualization techniques for a couple of years now we are still using the security solution in the classic way by installing anti-virus/ anti-mallware agents in the virtual machine and try to controll VM traffic through a physical firewall.
These classic ways of securing the IT infrastructure are not efficient and cause unnecessary load inside the virtual machines. This can be fixed smarter, don’t you think so?
In Windows Server 2012 Hyper-V Microsoft introduced the extensible virtual switch. The Hyper-V virtual switch is a software-based layer-2 network switch. With built-in support for Network Device Interface Specification (NDIS) filter drivers and Windows Filtering Platform (WFP) callout drivers, the Hyper-V virtual switch enables independent software vendors to create extensible plug-ins (known as Virtual Switch Extensions) that can provide enhanced networking and security capabilities.
EMC announced SMB 3.0 support in their EMC VNXe series! As we can read in the published whitepaper the VNXe series now support the SMB 3.0 protocol that was introduced with Windows 8 and Windows Server 2012.
As of VNXe Operating Environment version 2.4 the SMB 3.0 protocol is enabled by default.
For all the details see this published whitepaper: http://www.emc.com/collateral/white-papers/h11383-vnxe-introduction-wp.pdf
I encountered a pesky issue recently. Before I get into the details, first a quick overview of the setup. A Windows Server 2012 cluster consisting of two cluster nodes. The cluster nodes are brand new HP DL 360 G8p servers with 256Gb Memory and two six-core processors. Networking is based on 10Gb Emulex NICs for converged fabric connected to a HP Procurve 5406zl. The storage for the cluster has two members, an Equallogic 4100E and an Equallogic 4100XV. The ISCSI traffic is on a dedicated network with separate 1Gb NICs in the cluster nodes.
When I connected to a cluster node the response in the RDP session sometimes had a little delay. Typing in PowerShell for example felt like watching a movie with the audio out of sync from time to time. The first time I thought the lack of sleep was taking its toll. But after experiencing a couple of delays I concluded that I had some troubleshooting to do.
After bypassing the Remote Desktop Gateway that I connected through, I singled out one cluster node having the issue. I looked at the event log, but came up empty handed. My next thought made me look at the networking infrastructure. I checked that both servers had the correct and identical NIC firmware and drivers. I also verified that the switch had the latest firmware applied. I compared the complete converged fabric configuration on both servers. All parts checked out fine. I looked at the task manager and the processor utilization was close to idle.
The next thing to rule out was the NIC hardware. Since only one of the two servers was subject to the issue I decided to swap the 10Gb NICs between the servers. After this swap the issue seemed to have disappeared. I did not experience the issue on the other server.
I am unable to let go of an issue without a proper technical explanation and since the NIC hardware swap seemed to make the issue disappear I run a diagnostic test on both servers. All green checkmarks. Suddenly the delay appeared again on the same server where I experienced the issue before. We can now rule out the NIC hardware.