Microsoft offers a ‘feature update’ to Windows 10 every six months, and continues to unify its Windows development and deliver new features. Microsoft’s next major update for Windows 10 is at its last phase of development and is planned for a September release with the Windows 10 Fall Creator Update. In mid-June, Microsoft announced a major change to how it will deliver new releases of Windows Server. Microsoft will now move to a semi-annual cycle. This new release cadence, which is similar to what Microsoft is doing with Windows 10, will allow every company to take advantage of new innovations.
Technology is moving so fast so that sysadmins must be aware of every new feature and update those that are already released. This article will be focused on Hyper-V and especially all the new changes in Windows 10 and Windows Server 2016.
Hyper-V and Windows 10
The next major update to Windows 10 comes with many improvements, including enhanced Hyper-V changes as well. So let’s review these changes and start with one of my favorites.
Quick Create
Quick Create is a single-page wizard that let you create a virtual machine in few seconds. The single-page wizard is quite unlike the traditional ‘next-next-next’ wizard. These traditional wizards offer a lot of options but sometimes you just need to create a basic Virtual Machine quickly for testing an application. Now, you can use the Quick Create option for this sort of job. Open the Hyper-V Manager and click “Quick Create” in the Actions panel.
The Virtual Machine will use these default settings below:
- Generation: 2
- Startup RAM: 2GB
- Dynamic RAM: Enabled
- Virtual Processors: 4
- A NIC connected to the virtual switch
If successful, the results screen should display information with the options to Connect or to Edit settings to customize the virtual machine before you continue.
Dynamic resize for VM Connect
Have you ever wondered why the VMConnect window could not be resized? Well, the enigma is over! You can now resize the display for a session in VMConnect just by dragging the corner of the window. There is just one requirement for dynamic resizing to work: you must be running in enhanced session mode.
Added Checkpoint and Save for Nested Hyper-V
Microsoft had introduced Nested Virtualization. Nested virtualization lets us create Hyper-V virtual machines inside another Hyper-V virtual machine (or Hyper-V host). A common problem was that Hyper-V did not support the virtual hosts being put into a saved state or being saved to a checkpoint. Microsoft has solved this problem in the latest update and we can now take checkpoints and saved states in a Virtual Machine which is acting as a Nested Hyper-V hosts.
Zoom for VMConnect
Here is a gadget, but for some people it can be very useful. Under the View menu in VMConnect, you will find a new Zoom option. You now have the option for adjusting the Zoom Level if you can’t read something in your Virtual Machine. This can be helpful on high-resolution devices. Note that you must disable the “Enhanced Session” option before using the Zoom level option.
Improved Memory Management
Hyper-V used to allocate memory in a conservative manner, which is a good idea but some developers faced out-of-memory errors. In the Creator Update, you can now allocate all the memory to be used. This means that you run the risk of running out of memory on the host, so Hyper-V administrators must be careful.
What’s new in Build 16226 for Windows 10?
You can now use the new VM Sharing feature to share your VMs with ease. In the build called “16226”, you will find a new icon in Virtual Machine Connection (VMConnect) that will let you compress any virtual machines into a “.vmcz” archive. This “.vmcz” file is like a ZIP archive so that you can extract and open it with the file explorer. Let’s check the contents of this archive with PowerShell:
|
1 2 3 4 5 6 |
PS > gci -Path C:\tmp\VMShared.vmcz\*.* -Recurse | Select Fullname FullName -------- C:\tmp\VMShared.vmcz\Virtual Hard Disks\VMShared.vhdx C:\tmp\VMShared.vmcz\Virtual Machines\<VM_ID>.vmcx C:\tmp\VMShared.vmcz\Virtual Machines\<VM_ID>.VMRS |
When the compression is done, you will be able to copy and paste this file on another machine or server. Then, the only thing to do is to double click this file on your destination machine to start the import process. In the background, the utility called “C:\Program Files\Hyper-V\vmimport.exe” will be used. It is a very simple process to export a virtual machine, which can help you to backup a virtual machine!
Hyper-V and Windows Server 2016
Let’s see the new Hyper-V features on Windows Server 2016.
Host resource protection
Hyper-V should prevent virtual machines from consuming too many resources and impacting other virtual machines but there are a number of situations in which a virtual machine can consume more hardware resources. In this case, the performance of the host and other VMs will be impacted. A new feature has been introduced in order to avoid excessive activities. This feature must be enabled with PowerShell:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 |
PS > Set-VMProcessor -EnableHostResourceProtection $true –VMName DC1 PS > Get-VMProcessor -VMName DC1 | fl * VMCheckpointId : 00000000-0000-0000-0000-000000000000 VMCheckpointName : ResourcePoolName : Primordial Count : 2 CompatibilityForMigrationEnabled : False CompatibilityForOlderOperatingSystemsEnabled : False HwThreadCountPerCore : 1 ExposeVirtualizationExtensions : False Maximum : 100 Reserve : 0 RelativeWeight : 100 MaximumCountPerNumaNode : 4 MaximumCountPerNumaSocket : 1 EnableHostResourceProtection : True OperationalStatus : {} StatusDescription : {} |
Linux Secure Boot
Linux operating systems running on generation 2 virtual machines can now boot with the ‘Secure Boot’ option enabled. ‘Secure Boot’ ensures that an operating system’s loading utility has not been tampered with. This is an effective preventive measure against malicious code being injected into a computer’s startup cycle ahead of the operating system. Below are the compatible versions:
- Ubuntu 14.04 and later
- SUSE Linux Enterprise Server 12 and later
- Red Hat Enterprise Linux 7.0 and later
- CentOS 7.0 and later
Shut down the Virtual machine and open the properties. Select the “Enable Secure Boot” checkbox from the Security tab:
Of course, you can enable the Secure Boot with Windows PowerShell:
|
1 |
PS > Set-VMFirmware ubuntu -SecureBootTemplate MicrosoftUEFICertificateAuthority |
You can get the name of the templates with the following command:
|
1 2 3 4 |
PS > Get-VMHost | select SecureBootTemplates SecureBootTemplates ------------------- {MicrosoftWindows, MicrosoftUEFICertificateAuthority, OpenSourceShieldedVM} |
Nested virtualization
Creating a virtual machine within a virtual machine was previously just a theoretical concept. With Windows Server 2016, you can run Hyper-V virtual machines inside another Hyper-V virtual machine. You will need a processor with Intel VT-x in order to use Nested Virtualization. Below is a screenshot from Ben Armstrong’s Virtualization Blog: https://blogs.msdn.microsoft.com/virtual_pc_guy/2015/10/13/nested-virtualization-in-windows-10-build-10565/.
Production checkpoints
Microsoft introduced a new ‘Production Checkpoints’ feature in Windows Server 2016. Production Checkpoints are based on backup technologies inside the virtual machine instead of creating a saved state. For Windows guest OSs, the Volume Snapshot Service is used; and it ensures data on disk is in an application-consistent state via a VSS snapshot, the same state as if a backup had been taken. In Hyper-V 2016, Production checkpoints are set by default. Standard checkpoints are set only if production checkpoints cannot be created. Standard Checkpoints capture the state, data, and hardware configuration of a running virtual machine.
Rolling Hyper-V Cluster upgrade
First, note that Hyper-V on Windows 10 doesn’t support failover clustering. A picture is worth a thousand words, so let’s start by the following screenshots (https://docs.microsoft.com/en-us/windows-server/failover-clustering/cluster-operating-system-rolling-upgrade):
With these screenshots, you will probably understand this new feature better! You can now easily upgrade your nodes without any downtime! You just have to pause one node, evicted the node from the cluster, upgrade it to 2016 and re-add it to the cluster. Do that for each node and your cluster will be upgraded smoothly. The big advantages are that you don’t need to create a new cluster because you can upgrade your existing cluster and the cluster does not need to be stopped or restarted.
Shielded virtual machines
Data protection is a fundamental requirement for every virtualization platform. If a virtual machine file can be copied or moved offsite, then the virtual machine can be run on any other system. To avoid this security issue, Windows Server brings a new feature which is called Shielded VMs. It allows you to restrict access to Hyper-V guests so that they cannot be accessed by Hyper-V administrators. It means that Hyper-V administrator cannot access a Shielded VM content, unless this administrator has explicit permission to do so. Shielded VMs work with TPM module by providing the strongest possible protection.
Start order priority for clustered virtual machines
Windows Server 2016 brings a new feature called “VM Start Order”. This feature lets you make dependencies between virtual machines. It means that for example, you can set the following order:
- Start the Domain Controller
- Start the Database servers
- And finally, start the Web Servers
You will need to configure your “ClusterGroupSet”. A set is a group of virtual machine with the same role that you can, of course, configure with PowerShell. You must import the Failover Clusters PowerShell module.
|
1 2 3 4 5 6 7 8 9 10 |
PS > Get-Command *clustergroupset* CommandType Name Version Source ----------- ---- ------- ------ Function Add-ClusterGroupSetDependency 2.0.0.0 FailoverClusters Function Get-ClusterGroupSet 2.0.0.0 FailoverClusters Function Get-ClusterGroupSetDependency 2.0.0.0 FailoverClusters Function New-ClusterGroupSet 2.0.0.0 FailoverClusters Function Remove-ClusterGroupSet 2.0.0.0 FailoverClusters Function Remove-ClusterGroupSetDependency 2.0.0.0 FailoverClusters Function Set-ClusterGroupSet 2.0.0.0 FailoverClusters |
Windows Containers
Containers do not contain any operating system, so they take up fewer resources than virtual machines on the physical host. Containers simply share the host operating system, including the kernel and libraries, so they don’t need to boot a full OS.
Microsoft includes two different types of container. The first type is based on the Windows Server Core image and is called a Windows Server Container. The second one is called a Hyper-V Container and is based on the Windows Nano Server image. Hyper-V Containers expand on the isolation that is provided by Windows Server Containers by running each container in a highly-optimized virtual machine, so that they provide a full secure isolation. You can get more details from this series: https://www.red-gate.com/simple-talk/sysadmin/virtualization/working-windows-containers-docker-basics/
Windows PowerShell Direct
PowerShell Direct is a new feature that let you to manage your VMs whether or not you have network connectivity, just as long as your virtual machines are located on your Hyper-V host. Since Windows PowerShell version 5, Microsoft has implemented a new way to directly manage your virtual machines without network connectivity. This feature will use the VMBus which is installed with Hyper-V Integration Services. PowerShell Direct relies on the VMBus concept, a Hyper-V internal mechanism that provides a communication channel between the host and the VM. Basically, this is the same syntax as a PowerShell session:
|
1 |
PS > Enter-PSSession -VMName <VM_Name> -Credential $cred |
You can get more details from this article: https://www.red-gate.com/simple-talk/sysadmin/powershell/managing-hyper-v-vms-using-powershell-direct/
Windows PowerShell Module
Finally, don’t forget that you can manage your Hyper-V hosts with the Windows PowerShell Hyper-V module. The module is updated on a regular basis. You can find more information about Hyper-V cmdlets from this article: https://www.red-gate.com/simple-talk/sysadmin/powershell/hyper-v-powershell-basics/
Conclusion
Some changes in Windows 10 ‘Fall Creator Update’ are more exciting than others, and we are all interested in different things depending our needs, but two things stand out for many of us:
- Microsoft has improved its hypervisor in every major update both in Windows 10 and Windows Server
- Hyper-V has now become a major player in the virtualization market
The use of Hyper-V in Windows 10 works very well, and usefully, in demo, test, and training environments. It allows you to run a complex deployment that allows to perform a range of tasks such as testing clusters, storage spaces direct and Windows Containers. Most of the limitations are now to do with memory and storage.
Some of these new changes will be covered in future articles on Simple-Talk.
Load comments