VIR 315 Whats new in HyperV in Windows

  • Slides: 45
Download presentation
VIR 315 What’s new in Hyper-V in Windows Server 2012 (Part 2) Stu Fox

VIR 315 What’s new in Hyper-V in Windows Server 2012 (Part 2) Stu Fox (@stufox) Technical Specialist, Microsoft NZ

What’s new in Windows Server 2012 Hyper-V Part 2 Networking VM Mobility Disaster Recovery

What’s new in Windows Server 2012 Hyper-V Part 2 Networking VM Mobility Disaster Recovery Linux VM’s

Networking

Networking

How do I ensure network multi-tenancy? IP Address Management is a pain. What if

How do I ensure network multi-tenancy? IP Address Management is a pain. What if VMs are competing for bandwidth? Fully Leverage Network Fabric How do I integrate with existing fabric? Network Metering? Can I dedicate a NIC to a workload?

Tenant 1: Multiple VM Workloads Tenant 2: Multiple VM Workloads Data Center

Tenant 1: Multiple VM Workloads Tenant 2: Multiple VM Workloads Data Center

Tenant 1: Multiple VM Workloads Tenant 2: Multiple VM Workloads Data Center LEARN MORE

Tenant 1: Multiple VM Workloads Tenant 2: Multiple VM Workloads Data Center LEARN MORE

Woodgrove Bank Blue 10. 1. 0. 0/16 Cloud Data Center Contoso Bank Red 10.

Woodgrove Bank Blue 10. 1. 0. 0/16 Cloud Data Center Contoso Bank Red 10. 1. 0. 0/16

Green 10. 1. 1. 31 Blue Red 1 10. 1. 1. 21 10. 1.

Green 10. 1. 1. 31 Blue Red 1 10. 1. 1. 21 10. 1. 1. 11 Red 2 10. 1. 1. 12 Hyper-V Switch Isolated 4, 7 u Community 4, 9 Win 8 Host To Internet (10. 1. 1. 1)

Woodgrove VM Woodgrove network Contoso VM Physical network Physical server Hyper-V Machine Virtualisation •

Woodgrove VM Woodgrove network Contoso VM Physical network Physical server Hyper-V Machine Virtualisation • • Run multiple virtual servers on a physical server Each VM has illusion it is running as a physical server Contoso network Hyper-V Network Virtualisation • • Run multiple virtual networks on a physical network Each virtual network has illusion it is running as a physical fabric

Tenant 1: Multiple VM Workloads Tenant 2: Multiple VM Workloads Data Center LEARN MORE

Tenant 1: Multiple VM Workloads Tenant 2: Multiple VM Workloads Data Center LEARN MORE TEAMING

Tenant 1: Multiple VM Workloads Tenant 2: Multiple VM Workloads Data Center 15 25

Tenant 1: Multiple VM Workloads Tenant 2: Multiple VM Workloads Data Center 15 25 $$ $$$$

Tenant 1: Multiple VM Workloads Tenant 2: Multiple VM Workloads Data Center

Tenant 1: Multiple VM Workloads Tenant 2: Multiple VM Workloads Data Center

Tenant 1: Multiple VM Workloads Tenant 2: Multiple VM Workloads Data Center

Tenant 1: Multiple VM Workloads Tenant 2: Multiple VM Workloads Data Center

VM 1 Root Partition VM 2 VM NIC Host NIC VM NIC BFE Service

VM 1 Root Partition VM 2 VM NIC Host NIC VM NIC BFE Service Firewall Callout Extensible Switch Filtering Engine Extension Protocol Capture Extensions WFP Extensions Filtering Extensions Forwarding Extensions Extension Miniport Physical NIC §§ Forwarding Windows Filtering extensions Filter extensions Platform candirect also (WFP) be traffic, Extensions implemented defining canthe using inspect, Capture extensions can inspect traffic and drop, NDIS destination(s) filtering modify, and APIs of each insert packets using WFP APIs generate new traffic for report purposes §§ Forwarding Windows extensions andcan Firewall capture software and uses traffic WFP for Example: Antivirus VM Do. S Prevention byfilter Broadcom traffic filtering Capture extensions do not modify existing § Example: sflow by in. Mon – NEC Programmable. Flow's v. PFS Open. Flow § Extensible Switch traffic § Examples: § Example: Virtual Firewall by 5 NINE Software – Cisco Nexus 1000 V and UCS

Hyper-V Extensible Virtual Switch

Hyper-V Extensible Virtual Switch

Open, Extensible Virtual Switch Nexus 1000 Support Openflow Support Network Introspection Much more… Advanced

Open, Extensible Virtual Switch Nexus 1000 Support Openflow Support Network Introspection Much more… Advanced Networking ACLs PVLAN …much more… Windows NIC Teaming Network Qo. S Per VNIC bandwidth reservation & limits Network Metering DVMQ SR-IOV Network Support Reduce Latency & CPU Utilization Supports Live Migration

Reduces latency of network path Reduces CPU utilization for processing network traffic Increases throughput

Reduces latency of network path Reduces CPU utilization for processing network traffic Increases throughput Root Partition Virtual Machine Hyper-V Switch Routing VLAN Filtering Data Copy Virtual NIC VMBUS Virtual Function Supports Live Migration Physical. SR-IOV NIC Physical NIC Network SR-IOV Network. I/Opathwithout with SR-IOV

SR-IOV Enabling & Live Migration Turn On IOV § § Enable IOV (VM NIC

SR-IOV Enabling & Live Migration Turn On IOV § § Enable IOV (VM NIC Property) Virtual Function is “Assigned” Team automatically created Traffic flows through VF § Software path is not used Live Migration Post Migration § § Break Team Remove VF from VM Migrate as normal Reassign Virtual Function § Assuming resources are available Virtual Machine Network Stack Software NIC“TEAM” VM has connectivity even if Software Switch (IOV Mode) Virtual Function Physical SR-IOV NIC Physical NIC § § Switch not in IOV mode IOV physical NIC not present Different NIC vendor Different NIC firmware Software Switch (IOV Mode) Virtual Function SR-IOV Physical NIC

Dynamic Virtual Machine Queue (VMQ) is a feature available to computers running Windows Server

Dynamic Virtual Machine Queue (VMQ) is a feature available to computers running Windows Server 2008 R 2 with the Hyper-V server role installed, that have VMQ-capable network hardware. VMQ uses hardware packet filtering to deliver packet data from an external virtual machine network directly to virtual machines, which reduces the overhead of routing packets and copying them from the management operating system to the virtual machine. IPsec Task Offload: Microsoft expects deployment of Internet Protocol security (IPsec) to increase significantly in the coming years. The large demands placed on the CPU by the IPsec integrity and encryption algorithms can reduce the performance of your network connections. IPsec Task Offload is a technology built into the Windows operating system that moves this workload from the main computer's CPU to a dedicated processor on the network adapter. SR-IOV is a specification that allows a PCIe device to appear to be multiple separate physical PCIe devices. The SR-IOV specification was created and is maintained by the PCI SIG, with the idea that a standard specification will help promote interoperability. SR-IOV works by introducing the idea of physical functions (PFs) and virtual functions (VFs). Physical functions (PFs) are full-featured PCIe functions; virtual functions (VFs) are “lightweight” functions that lack configuration resources.

Port ACL & Qo. S

Port ACL & Qo. S

Windows Server 2008 R 2 Windows Server 2012 Yes, via partners Windows NIC Teaming

Windows Server 2008 R 2 Windows Server 2012 Yes, via partners Windows NIC Teaming in box. VLAN Tagging Yes Yes MAC Spoofing Protection No Yes, with R 2 SP 1 Yes ARP Spoofing Protection No Yes, with R 2 SP 1 Yes SR-IOV Networking No No Yes Network Qo. S No No Yes Network Metering No No Yes Network Monitor Modes No No Yes IPsec Task Offload No No Yes VM Trunk Mode No No Yes NIC Teaming

VM Mobility

VM Mobility

Don’t provide new features that preclude Live Migration. I want to be able to

Don’t provide new features that preclude Live Migration. I want to be able to securely move any part of a VM anywhere at anytime. No Limits. No Downtime Servicing SAN Upgrades/Migrations When VMs migrate, move the historical data with the VM Fully Leverage hardware to speed migrations

Concurrent Migration: Limited Only By Hardware Resources

Concurrent Migration: Limited Only By Hardware Resources

Hyper-V Virtual Machine 1 VHD Stack 3 2 5 VHD Source Device VHD 4

Hyper-V Virtual Machine 1 VHD Stack 3 2 5 VHD Source Device VHD 4 Destination Device

demo VM Mobility Name Title Group

demo VM Mobility Name Title Group

LEARN MORE

LEARN MORE

Disaster Recovery

Disaster Recovery

36

36

Disaster Recovery Challenges Cost Complexity Inflexibility Initial Replication Distance Requirements 37

Disaster Recovery Challenges Cost Complexity Inflexibility Initial Replication Distance Requirements 37

LEARN MORE

LEARN MORE

demo Hyper-V Replica

demo Hyper-V Replica

Replication Provider Hyper-V Replica Storage Based Replication Microsoft Cost • • Net. App, HP,

Replication Provider Hyper-V Replica Storage Based Replication Microsoft Cost • • Net. App, HP, Fujitsu, IBM, Hitachi, Falcon. Stor, 3 Par, EMC, LSI, Compellent, Equal. Logic and more… • • Management Flexible Storage Options Available Unlimited VM Replication included • • High end replicating storage Additional replication software • • LEARN MORE Performance VM Granularity Open APIs provide extensibility, interoperability and prevent vendor lock-in • • LUN-VM Layout Coordination with storage team • • • 5 minutes RPOs Application Level Consistency File Level Consistency Synchronous Replication High Data Volumes

Linux & BSD VM’s

Linux & BSD VM’s

http: //technet. microsoft. com/library/hh 831531. aspx https: //github. com/Free. BSDon. Hyper. V/freebsd/wiki/Build-the-kernel-with-the-Hyper. V-drivers

http: //technet. microsoft. com/library/hh 831531. aspx https: //github. com/Free. BSDon. Hyper. V/freebsd/wiki/Build-the-kernel-with-the-Hyper. V-drivers