Microsoft's most significant server OS release since Windows 2000 has finally arrived. Windows Server 2012 should be available for download or purchase on September 4. The Windows IT Pro technical team has been playing with this OS for about a year, and it's a feature-packed beast. (I still believe Win2K was a more significant release than Server 2012, simply because the former established Microsoft's position as a credible enterprise server vendor.) The Server 2012 reviewer's guide has more than 200 pages describing new or improved features -- and those are just the most significant ones.
Adding to the anticipation of this release is the fact that all features in Server 2012 will be available in both the Standard and Datacenter editions. This is a windfall for small-to-midsized businesses (SMBs), which have traditionally been left at the door when features that they needed, such as DFS Replication (DFSR), were available only in Enterprise or Datacenter OS editions.
The licensing model also contains fewer editions. Server 2012 basically has three editions. Essentials is designed for small business environments. Standard, which has only two virtual-instance licenses, is for low-density or nonvirtualized environments. Datacenter is by far the most expensive but has unlimited virtual instances. Your decision about which edition to purchase depends on your plans for virtualization. There's also an OEM-only Foundation edition that provides a basic network infrastructure -- Active Directory (AD), remote access, and file and print sharing.
I would add one more product to this list of editions: Microsoft Hyper-V Server 2012, which Windows IT Pro reviewed in the June 2012 issue. Though not a full OS, Hyper-V Server 2012 is one building block that you should consider when determining which Server 2012 edition you need. For more information about the various Server 2012 versions and how they differ, take a look at John Savill's FAQ "What are the versions of Windows Server 2012 and how do they differ?"
Although the new and improved Hyper-V capabilities have been getting the most press, I'd argue that there are actually more improvements to the storage platform than to the hypervisor. And some of these improvements -- for example, Live Storage Migration -- enable cool Hyper-V capabilities such as Shared Nothing Live Migration. Let's look at how businesses of different sizes might take advantage of these new capabilities.
Small business. Small businesses have typically been at the back of the line when Microsoft hands out new OS features. After years of focusing on the high end -- which it continues to do with its cloud computing focus -- the company has added a nice storage feature for small businesses: Storage Spaces.
Every growing small business faces the challenge of how to increase its storage and availability in a linear, cost-effective manner. At the low end, inexpensive DAS inside a server provides a moderate amount of storage at a reasonable price. To expand application-oriented storage beyond what you can cram inside a server, however, you need an external storage array, typically a SAN. You must also use an external array if you want high availability for an application or virtualization host. The problem is that a storage array that gives you the options you need (plus some future flexibility) is easily going to cost something in the five-figure range. That's quite an investment for a small company.
Storage Spaces is designed to fill this gap between DAS and SAN, by providing storage virtualization based on inexpensive Serial ATA (SATA) and Serial Attached SCSI (SAS) disks, in inexpensive configurations. You can take a collection of disks in a Just a Bunch of Disks (JBOD) array (i.e., a configuration with no special RAID capabilities); configure them with Storage Spaces to create virtual disks with spanning, mirroring, or parity; and create volumes from them. And because the Storage Spaces subsystem operates at a lower layer than the OS's disk management layer, all volumes that Storage Spaces create appear as regular volumes to Disk Manager and all applications. This architecture also lets you create Cluster Shared Volumes (and therefore clusters) from JBOD arrays. Published numbers from Microsoft show that disk I/O performance with Storage Spaces is within a few percentage points of native speeds.
Instead of building this arrangement on premises, what about using Software as a Service (SaaS) and Infrastructure as a Service (IaaS) and having little or no on-premises infrastructure? It's definitely an option, but Storages Spaces provides such an inexpensive means for adding and managing capacity and high availability that I think it provides a strong case for remaining on premises for a while.
Another Server 2012 storage feature benefits not just small businesses, but all business: data deduplication. Dedupe, as it's known to IT pros who like to shorten long terms, is a technology that compares stored data at the block level. When it encounters duplicate blocks of data, deduplication replaces the duplicate block with a simple pointer to the reference block, saving space. When enabled, the deduplication process runs as a low-priority background process, and Microsoft predicts savings of anywhere from 2:1 for file shares to 20:1 for virtual disk storage. I saw a demonstration using data dedupe against a 2TB USB drive used to store Virtual Hard Disk (VHD) files, with 95-percent space savings. There isn't much benefit trying to dedupe active virtual disk volumes because they're changing. But you'll get huge benefit out of deduping virtual machine (VM) libraries.
Midmarket. An important Server 2012 capability is the ability to upgrade the file server role, referred to in Microsoft documentation as the Server Message Block (SMB) file server, from its traditional use of simply storing user data at a file level to storing application data at a block level. This change means that you can use Server 2012 file servers not only for user files but also as remote virtual disk storage for Microsoft Hyper-V and SQL Server, as well as for VMware vSphere (through its NFSv3 and NFSv4.1 support). This capability opens up many options for your virtual disk storage and is a key component of Hyper-V Live Storage Migration.
Enterprise. Improvements abound for the enterprise customer. Clusters now scale out to 64 nodes, with as many as 4,000 VMs in a single cluster, thanks to Cluster Shared Volumes version 2. And the enhancements to the file server role that I described let you create highly available, scalable storage for Hyper-V and SQL Server clusters, using SMB file server clustering -- yes, with file servers! You can even use a relatively inexpensive file server cluster as a front end for an expensive Fibre Channel SAN. Doing so lets you scale up the SAN without changing its (expensive) attachments to the rest of the network. I haven't run across performance numbers, but Microsoft has gone to great pains with SMB 3.0 to provide both performance and fault tolerance.
This is a very short list of the many storage improvements in Server 2012, but I wanted to mention one more item. The new OS brings great improvement to a humble yet crucial storage component: Chkdsk. In what I think of as a blinding flash of the obvious, Chkdsk now runs in two phases. The first phase runs online, scanning a volume for errors and flagging them. The second phase runs on reboot and simply corrects the errors. This design change ties Chkdsk repair time to the number of errors on the volume, not the size of the volume. As a result, boot-time Chkdsk error correction on large volumes that used to take many hours now takes only minutes!
The biggest changes around management of Server 2012 can be grouped into two areas: Server Manager and Windows PowerShell. Server Manager has been around since Windows Server 2003, and PowerShell has been around since Windows Server 2008. Both evolutions have been a microcosm of many other technologies that Microsoft has pointed at IT pros. Both started small, and both were soundly ignored and pushed out of the way by the vast majority of systems administrators. (Did anyone not check the Do not show this next time check box for Windows Server 2003 Server Manager?) But as each technology grew in capability -- and, let's be honest, they were increasingly difficult to work around -- we began to use them more often. Both are now central to server management in Server 2012.
Server Manager (which Figure 1 shows) is where you manage all role-related functions and many (but not all) local server management and OS functions. You manage the installed roles in the left pane, add and remove roles on the Manage menu, and perform general management functions on the Tools menu (which is expanded in the figure). One key aspect in this version of Server Manager separates it from previous versions: It's designed to manage multiple servers, or a server role across multiple servers, from one console. See "Getting Around in Windows Server 2012, Part 2: Server Manager" for tips on using Server Manager.
PowerShell pretty much does it all in Server 2012. In Windows Server 2008 R2, PowerShell consists of 456 cmdlets in 10 modules. In Server 2012, PowerShell has more than 2,300 cmdlets in 239 modules -- over five times its predecessor. Although that's a lot of cmdlets to keep track of, it's also much closer to a 1:1 ratio of cmdlet to task. In other words, instead of needing to string several cmdlets together to accomplish a task, you can probably get the job done with one Server 2012 PowerShell cmdlet. With earlier releases, PowerShell support was limited. Previously, you typically needed to use either Windows Shell scripting or VBScript to accomplish many common tasks. The extended PowerShell support promises to eliminate this issue. Further, the new PowerShell Integrated Scripting Environment (ISE) has features such as IntelliSense that help you build scripts more easily.
Every new management console is a shell that runs PowerShell, and you can extract the PowerShell code from many of them to reuse or modify. Active Directory Administrative Center, for example, has a PowerShell history viewer that shows you the underlying PowerShell cmdlets that are used for every GUI task that you execute.
PowerShell adoption remains slow with IT pros, however. Judging from recent experience, I'd say no more than 20 percent of systems administrators are actively using this scripting technology. This will slowly change, as PowerShell continues to supplant other forms of administrative automation.
Arguably, the biggest changes in Server 2012 are found in its improved support for virtualization with Server 2012 Hyper-V. Server 2012 Hyper-V has essentially pulled Microsoft even with (or in some cases ahead of) the virtualization capabilities found in the vSphere platform. Let's dive into some of the important Server 2012 Hyper-V enhancements, beginning with scalability.
Scalability. Raw scalability has long been one of the areas in which vSphere has held a significant edge over Hyper-V. The Server 2012 release changes all that. Server 2012 Hyper-V boasts huge improvements in scalability over the previous version. Table 1 highlights some of the most significant scalability improvements.
You can see that host scalability has jumped tremendously, with the Server 2012 Hyper-V host now able to support as many as 320 logical processors and 4TB of RAM. This improvement enables far higher levels of server consolidation with Hyper-V than ever before and exceeds the total scalability in vSphere 5. Likewise, Server 2012 Hyper-V supports much more scalable guest VMs. Windows Sever 2008 R2 had a pretty tight cap on VMs, allowing only 4 virtual CPUs (vCPUs). That limit wasn't enough for many workload-intensive systems, such as SQL Server databases, which can be more demanding. The new Hyper-V now supports as many as 64 vCPUs and guests with up to 1TB of RAM -- enough for almost all workloads. Again, you can see that Server 2012 Hyper-V actually exceeds the 32 vCPUs that vSphere allows. Just as important for overall performance is support for guest non-uniform memory access (NUMA). Guest NUMA allows the physical RAM in the host to be aligned to the VM processors, reducing the need to perform memory page lookups and thereby significantly improving VM performance.
Although not technically a part of the virtualization stack, the clustering in Server 2012 has been significantly enhanced as well. Previous versions of Windows Server were limited to 16-node clusters. Server 2012 has blown the roof off that limit by allowing clusters with as many as 64 nodes supporting as many as 4,000 VMs. This lays the foundation for the dynamic data center by vastly expanding the ability to move VMs between hosts, including hosts that are in different geographic locations.
Live migration and Live Storage Migration. Live migration refers to the ability to move running VMs between Hyper-V hosts, whereas Live Storage Migration refers to the ability to move VM storage artifacts, such as VHD files, between Hyper-V hosts, with no downtime. Hyper-V live migration was first introduced with Server 2008 R2. Although it provided a good start, that version of Hyper-V lacked the ability to perform multiple, simultaneous live migrations, leaving it short of what VMware could do. Server 2008 R2 was incapable of Live Storage Migration but did have an option for Quick Storage Migration. (In earlier Hyper-V terminology, quick was a euphemism for the fact that downtime would still occur.) vSphere had VMware Storage vMotion technology, so this was another area in which Hyper-V was playing catch-up. Server 2012 Hyper-V adds the ability to perform Live Storage Migration between Hyper-V hosts, with no VM downtime. With Live Storage Migration, the VHD and configuration files are copied from the source system to the destination storage. All write operations are then mirrored to both the source and destination storage devices. After the source and destination storage locations are in sync, VM access to the VHD and VM files is transferred to the destination, and the source files are deleted. (Live Storage Migration moves a VM's files, not the VM itself.)
Server 2012 Hyper-V supports not only multiple concurrent live migrations but also multiple concurrent Live Storage Migrations. That support essentially brings Windows Server's Hyper-V on par with vSphere 5. In addition, by building on top of the new SMB 3.0 enhancements, Server 2012 Hyper-V supports live migration and Live Storage Migration without the need for a cluster or shared storage. This capability is sometimes referred to as Shared Nothing Live Migration. This migration works in a couple of ways. Server 2012 Hyper-V provides the ability to perform live migrations when the VMs are stored on a network file share, plus you can perform live migrations directly between Hyper-V hosts.
Hyper-V Replica. Live migration protects against planned downtime by letting you move VMs to other hosts and then perform maintenance on the Hyper-V host, with no end-user disruption. Hyper-V Replica technology is included as a part of Server 2012 and can replicate VMs to provide improved business continuity and disaster recovery. Hyper-V Replica asynchronously replicates VMs between hosts and offsite locations and provides failover if a failure occurs in the primary site. Hyper-V Replica can replicate one or more VMs on the Hyper-V host. It doesn't require a SAN or other shared storage solution, making Hyper-V Replica a cost-effective disaster recovery solution.
Hyper-V Replica works between two Windows Server systems, each of which must have Server 2012 and the Hyper-V role installed. Hyper-V Replica works in both clustered and unclustered environments. Replication works in one direction, so if you want to recover automatically back to the primary site, then both ends should be configured as replica servers. Before replication can start, you need to make an initial copy of the VHD of the VMs that you want to replicate. You can enable Hyper-V Replica by using either PowerShell or Hyper-V Manager. Using Hyper-V Manager, right-click the Hyper-V server that you want to act as a replica server, then select the new Replication Configuration Enabled as a Replica server option, which you can see in Figure 2.
The Replication Configuration settings let you enable the Hyper-V server to act as a replica server. You select the authentication method that will be used to connect to the replication target, as well as the authorization and storage that will be used. After you enable replication at the Hyper-V server level, you can specify the VM that will be replicated by right-clicking the VM in Hyper-V Manager and then selecting the Enable Replication option, which in turn runs the Enable Replication Wizard. The Enable Replication Wizard lets you indicate the VHDs that will be replicated, set up the recovery history (which basically instructs the replicated VM to perform snapshots for point-in-time recovery), and choose the initial replication method.
Extensible Virtual Switch. To better support multitenancy and to allow more flexible enterprise deployments, Server 2012 Hyper-V provides an all new Extensible Virtual Switch. The Extensible Virtual Switch provides tenant isolation and traffic shaping, as well as enabling third parties to develop custom plug-ins for it. Earlier versions of Hyper-V supported internal, external, and private networks. The Extensible Virtual Switch provides a much greater degree of flexibility. You can create multiple virtual switches and you can create and connect multiple virtual network adapters to those switches. (Each virtual switch can be connected to only one physical network adapter.) The Extensible Virtual Switch supports three types of third-party extensions:
- capturing extensions, which allow the Extensible Virtual Switch to capture and monitor network traffic but don't allow any modification of network traffic
- filtering extensions, which allow the Extensible Virtual Switch to capture, inspect, and optionally drop network packets
- forwarding extensions, which allow the Extensible Virtual Switch to modify the routing information in network packets
More Hyper-V enhancements. There are so many improvements in Server 2012 Hyper-V that I can't cover them all in one article. In addition to the major enhancements already discussed, there are many other important enhancements:
- Resource metering. Server 2012 Hyper-V adds the ability to track how virtual resources are being used. Resource-consumption information can be used for chargeback or to plan for the internal allocation of private cloud resources. Collected metrics include average CPU usage per VM, average memory usage per VM, maximum memory usage per VM, and total incoming and outgoing network traffic.
- Hyper-V module for PowerShell. The Hyper-V module for PowerShell lets you perform all the Hyper-V management tasks from PowerShell. This module includes more than 160 cmdlets, allowing you to manage Hyper-V servers, VMs, and VHDs.
- Virtual Fibre Channel. New Virtual Fibre Channel support lets you connect VMs directly to Fibre Channel storage. The Virtual Fibre Channel virtualizes host bus adapter (HBA) ports in the Hyper-V host and exposes them to the guest VMs. You can assign as many as four Virtual Fibre Channel adapters per VM.
- New VHDX disk format. Server 2012 Hyper-V adds a new VHD format called VHDX, which supports as much as 64TB of storage. Previously, Hyper-V VHDs were limited to 16GB. The new VHDX format also provides protection from corruption that stems from power failures and prevents performance degradation on some large-sector physical disks.
- Single root I/O virtualization (SR-IOV). SR-IOV lets you assign a physical network adapter that supports SR-IOV directly to a VM. Providing a VM with direct connectivity to a physical network adapter can maximize the network performance that's available to the VM.
- Microsoft RemoteFX. First introduced with Server 2008 R2, RemoteFX allows advanced graphics to be rendered on the Hyper-V host and delivered to the client via RDP. Server 2012 Hyper-V enables the use of multiple host graphics processing units (GPUs) and software-based GPUs. Multiple VMs can share a GPU on the host.
For a quick overview of the different Server 2012 Hyper-V components, you might want to check out Microsoft's Windows Server 2012 Hyper-V Component Architecture poster.
Windows Server 2012 Networking
Networking is one of those IT infrastructure underpinnings that doesn't always get a lot of attention but that's vital for implementing many higher-order capabilities, such as file sharing, application serving, virtualization, and the cloud. Networking is especially important in today's connected public and private cloud scenarios. Server 2012 has several important new networking features and enhancements.
Built-in NIC teaming. Although there are many networking enhancements in Server 2012, one of the most important is support for built-in NIC teaming. NIC teaming allows multiple network adapters to work together as a unit so that they can provide protection against failure, as well as improved network performance. NIC teaming was built into vSphere; earlier versions of Windows Server had limited support for NIC teaming, restricting it to specialized network adapters from specific vendors. Plus, Microsoft wasn't completely behind this earlier NIC teaming implementation. If you ran into network problems, one of the first things Microsoft support would have you do was to turn off NIC teaming. With Server 2012, Microsoft fully supports the feature -- and even better, the feature works across multiple network adapters from different vendors.
To create a new NIC team, you use Server Manager to create a new management group that includes the Server 2012 system on which you want to create the NIC team. To configure NIC teaming, right-click a server in the group and select Configure NIC Teaming from the context menu. Then from the Teams pane, select New Task. This will display the New team window, which you can see in Figure 3. To create a new NIC team, provide the NIC team with a name and then select the network adaptors that will be included in the NIC team. Do so by selecting the check boxes to the left of the desired network adapters.
DNS security. DNS Security Extensions (DNSSEC) is a set of extensions to the DNS protocol. These extensions add a level of security to the DNS information that's stored on the servers. DNSSEC was first added to Server 2008 R2; Server 2012 enhances the DNSSEC implementation. Some major improvements in this OS include support for dynamic updates in DNSSEC signed zones, support for updated DNSSEC standards such as NSEC3 and RSA/Secure Hash Algorithm-2 (SHA-2), and automated trust-anchor distribution using AD. DNSSEC is configured by using either PowerShell or the updated DNS Manager.
Quality of Service. Server 2008 R2 supported a limited Quality of Service (QoS) implementation that let you control the maximum bandwidth used. Server 2012 expands the reach of QoS by adding the ability to set a minimum bandwidth. Although the previous maximum could prevent a given service or application from consuming all the available bandwidth, it couldn't truly ensure that there would be adequate network bandwidth for other applications. That's exactly what the new minimum bandwidth settings allow. When network bandwidth is available, each service can take as much bandwidth as it needs. However, when the network is congested, the new minimum bandwidth setting makes sure that capacity is reserved for each service so that all services can consume only their share. This lets you better meet service level agreements (SLAs) by ensuring that each service always has a given amount of network bandwidth available. Server 2012 enforces minimum bandwidths by using the new network packet scheduler or by using network adapters that provide support for Data Center Bridging (DCB). The network scheduler is preferable when many traffic flows require minimum bandwidth levels. The DCB method is preferable for few traffic flows, iSCSI traffic, or other traffic that originates outside the server.
iSCSI target and diskless network boot from iSCSI. One feature that comes to Server 2012 from Windows Storage Server is the ability to act as an iSCSI target. The iSCSI target capability essentially allows Server 2012 to act as an iSCSI SAN. Although this capability is no replacement for a full-blown iSCSI SAN, it can be a handy addition for SMBs looking to augment their storage capabilities or to improve their availability by using technologies such as failover clustering and live migration.
Closely related is the ability to boot from an iSCSI target. This capability lets you boot networked systems from centrally stored VHD images. Doing so can make central management of images easier and lets you save disk space by booting multiple systems from differencing disks that are built from the same shared image.
Dynamic Host Configuration Protocol server failover. Dynamic Host Configuration Protocol (DHCP) servers can be a single point of failure on a network because of the critical nature of the service that they provide. If the DHCP server is unavailable, then the network client can't obtain new IP addresses to connect to network resources. Server 2012 adds support for the new DHCP Failover protocol, which lets DHCP servers fail over without the need for failover clustering. The DHCP Failover protocol allows two DHCP servers to synchronize their IP address leases; if one of the servers becomes unavailable, the other assumes the job of handing out addresses for the subnet. You can also use the protocol to set up load balancing between the two DHCP servers.
Other networking enhancements. Server 2012 includes a host of other important networking improvements:
- Microsoft IIS CPU throttling. This feature lets you set limits on the amount of CPU resources that a given website can consume.
- WebSockets. Support for WebSockets is added to Internet Information Services (IIS) 8 in Server 2012. WebSockets is an open industry standard protocol that allows web servers to push messages to a client rather than waiting for the client to make requests from the server.
- Dynamic IP Restrictions. A new IIS 8 improvement, Dynamic IP Restrictions lets you set up filters in Server 2012 to dynamically block server access for IP addresses that exceed a specified number of requests within a given time. You can also configure the response that the server gives when a specific address is blocked.
- FTP logon attempt restrictions. Another IIS 8 improvement, FTP logon attempt restrictions let you block access to the FTP server for a given time period following invalid logon attempts.
- Improved DirectAccess. First introduced with Server 2008 R2, DirectAccess provides an always-on alternative to remote VPN access. Server 2012 makes it much easier to deploy DirectAccess. In addition, the feature can coexist with VPN implementations and can be installed on Server Core.
- Enhanced BranchCache. Also a part of Server 2008 R2, BranchCache improves the file server performance of a remote site by allowing the site to locally cache requested content. Server 2012 brings several improvements to BranchCache, including the ability to deduplicate and encrypt the cached data.
Take a Look
Server 2012 is quite possibly the most important release of Windows Server since Win2K. Server 2012 fully embraces the goals of scripted multiserver management while enhancing the built-in Hyper-V virtualization support to equal or exceed the standards set by vSphere. Server 2012 promises to transform the way that businesses manage their Windows IT infrastructure. You can check it out for yourself by downloading the Windows Server 2012 Release Candidate.