Microsoft Virtualisation & Management Technologies Steve Lamb & Matt McSpirit Microsoft UK .

Microsoft Virtualisation& Management Technologies

Steve Lamb & Matt McSpiritMicrosoft UKhttp://blogs.technet.com/steve_lambhttp://www.mattmcspirit.co.uk

Agenda

• 09:30 Keynote: Virtualisation, System Center & GreenIT• 10:00 Building, Clustering and Managing Hyper-v• 11:00 Break• 11:15 How to manage Microsoft and VMware estates • 12:45 Lunch• 13:30 Delivering Apps Virtually #1 (MDOP, VECD & VDI)• 15:00 Break• 15:15 Delivering Apps Virtually #2 (Terminal Services)• 16:00 Ask the Experts• 16:30 Close

Dependencies Create Complexity

Hardware

OS

Data, User settings

Applications

Separation Creates Flexibility

Virtualisation Solutions...

MANAGEMENT

PROFILEVIRTUALISATION

Document redirectionOffline files

PRESENTATIONVIRTUALISATION

DESKTOPVIRTUALISATION

APPLICATION VIRTUALISATION

SERVERVIRTUALISATION

Virtualisation Solutions...

MANAGEMENT

Building, Clustering & Managing...

Then and now...Virtualisation Feature Virtual Server 2005 R2 Hyper-V

32-bit Virtual Machines Yes Yes

64-bit Virtual Machines No Yes

Multi Processor Virtual Machines No Yes, 4 core VMs

Virtual Machine Memory Support 3.6GB per VM 64GB per VM

Managed by System Center Virtual Machine Manager Yes Yes

Support for Microsoft Clustering Services Yes Yes

Host side backup support (VSS) Yes Yes

Scriptable / Extensible Yes, COM Yes, WMI

User Interface Web Interface MMC 3.0 Interface

More on Hyper-V...• Runs on any Intel-VT or AMD-V system with a “Designed

for Windows” logo• Native x64 Hypervisor• X86 / x64 VMs• Up to 1 TB Parent Support• Up to 64GB VM Memory• Up to 4 CPU VMs• 16 core host support• Pass-through disk access for VMs• New hardware sharing architecture (VSP/VSC)– Disk, networking, input, video

• Robust networking– VLAN support, NAT, Quarantine

Monolithic vs. Microkernelizedmonolithic hypervisor• Simpler than a modern kernel, but

still complex• Contains its own drivers model

microkernelized hypervisor• Simple partitioning functionality• Increase reliability and minimize

TCB• No third-party code• Drivers run within guests

VM 1(“Admin”) VM 3

Any ‘Designed for Windows’ Hardware *

Hypervisor

VM 2(“Child”)

VM 3(“Child”)

Virt.Stack

VM 1(“Parent”)

Hypervisor

VM 2

Some Hardware

microkernelized hypervisor has an inherently secure architecture with minimal attack surface

VMware Hyper-V

Drivers Drivers

Drivers

Drivers

* With Intel-VT or AMD-V CPU technology, these are standard in today‘s servers

Applications Applications Applications

Non-Hypervisor Aware OS

Windows Server 2008, 2003

Windows Kernel VSC

VMBus Emulation VMBus

“Designed for Windows” Server Hardware

Windows Server 2008, x64

Windows Kernel

Xen-Enabled Linux Kernel

Linux VSC

Hypercall Adapter

Parent Partition Child Partitions

VMBus

Hyper-V

VSP

VM Service

WMI Provider

VM Worker Processes

OS

ISV / IHV / OEM

Hyper-V

MS/ XenSource

User Mode

Kernel Mode

Provided by:

Windows Server 2008, x64

Windows KernelWindows

Drivers

Windows Drivers

Hyper-V architecture

The power of Hyper-V• Enlightenment/Para-virtualisation is the key to high

performance• Allows the Guest OS to understand it’s being virtualised

and co-operate to provide the best performance• Hyper-V is designed to utilise the virtualisation capabilities

of Intel-VT and AMD-V enabled processors• Hardware Virtualisation allows high performance

virtualisation of the Windows Guest OS– Server 2008, 2003 SP2, 2000 SP4, XP SP2/SP3, Vista SP1– Certain Xen-Enabled Linux Distributions

• Novell SUSE SLES 10 SP2 & Red Hat Enterprise for now...

• The future of virtualisation is Enlightenment/Para-virtualisation with hardware virtualisation assist

Hyper-V Storage Options

Server Virtualisation Licensing• By assigning a copy of

WS 03/08 Enterprise:– 4 free running Instances– Cumulative...

• The same process with WS 03/08 Datacenter:– Unlimited running

instances• Virtualisation Agnostic

Virtualisation Management• Depends on Scale:– Smaller - Hyper-V Manager– Mid-Market/Enterprise – SCVMM

• Virtualisation Management is one part of a much bigger picture...

Demo• My demo environment ->• System Center Virtual

Machine Manager 2008

Virtualisation Solutions...

MANAGEMENT

Performance & Resource Optimisation (PRO)

• Workload and application aware resource optimisation

• Extensible through the Operations Manager 2007 MP framework

• Create policies that VMM acts upon tips automatically or manually

• Minimise downtime and accelerating time to resolution.

• Enables partners to deliver value add to our mutual customers

Server Management Suite EnterpriseFull Application and Server Management (P&V)

System Center Pricing & Licensing• Virtual machine management is a key

component of server management• Introducing the System Center

Enterprise Server Management License

• Provides comprehensive management for physical & virtual Windows Server & Storage environments, & includes:

– System Center Virtual Machine Manager 2007*– System Center Operations Manager 2007 Enterprise

Edition– System Center Data Protection Manager 2007

Enterprise Edition– System Center Configuration Manager 2007– Unlimited Virtualisation Rights

System Center Scenario• By assigning an SMSE to the

Physical box, it can be:– Patched/Updated (SCCM)– Monitored (SCOM)– Backed Up (SCDPM)– VMM Host (SCVMM)– VMM Server (SCVMM)

• Retails @ $1200• SMSE grants unlimited

virtualisation rights...• Virtualisation Agnostic

Lunch• 45 minutes...

Delivering Apps Virtually #1...

Desktop Virtualisation: Overview

NetworkClient

Server Client

Server-Based Virtualisation (VDI)

Client-Based Virtualisation

LAN Attached Clients Mobile / Outside Perimeter

Microsoft VDI

Citrix XenDesktop / Quest VAS

Demo• Windows Fundamentals for Legacy PCs– “Windows Fundamentals for Legacy PCs ("WinFLP") is a thin

client operating system from Microsoft, based on Windows XP Embedded, but optimized for older, less powerful hardware. It was released on July 8, 2006. Windows Fundamentals for Legacy PCs is not a full-fledged general purpose operating system. It includes only certain functionality for local workloads such as security, management, document viewing related tasks and the .NET Framework. It is designed to work as a client-server solution with RDP clients or other third party clients such as Citrix ICA.”

• XenDesktop

Licensing VDI –>Vista Enterprise Centralised Desktop

http://ladylicensing.spaces.live.com/

Desktop Virtualisation: Overview

NetworkClient

Server Client

Server-Based Virtualisation (VDI)

Client-Based Virtualisation

LAN Attached Clients Mobile / Outside Perimeter

Break

• 15 minutes...

Delivering Apps Virtually #2...

TS Core Enhancements• Vista: better together

– Previous versions: 2 TS clients– Now: 1 integrated client

• Network Level Authentication & Server Authentication

• Display Improvements• Plug and Play device Redirection Framework• Single Sign-On

Demo• Terminal Services RemoteApp Manager• Terminal Services RemoteApp Deployment• Terminal Services Web Access• Sharepoint 3.0 SP1 Integration

• Allows secure seamless connection without VPN• Tunnels RDP over HTTPS - same as Outlook• Place TS behind multiple firewalls without opening

multiple firewall ports other than 443

• Provides Policy Control over:– Who can access what & optionally enforce smart card use and restrict

device redirection

• Allows access to:• Terminal Server Remote Desktops and Programs, Client and Server

Remote Desktop

• When should TS Gateway be used in place of VPN?• When no local copy of data is required & when bandwidth or application

characteristics makes VPN experience poor

Role: Terminal Services Gateway

Terminal Services Gateway

internet perimeter internal

TS Gateway

TS Web Access

Client

XP/Vista

TerminalServer

Policies

1 Client tries to connect to Terminal Servers

1

2 External firewall strips HTTP & passes RDP to TS Gateway

2

3 TS Gateway authenticates user / checks health

3

4 Connection Complete – access to Machines/TS/Web Access

4

Terminal Services Easy Print

1 User opens Microsoft Word running via Terminal Services2 User wants to print the document to the local printer3 TS Easy Print utilizes the client side print drivers, and the full print UI appears4 The document prints to the local printer

1 2

3

4

Terminal Services Easy Print• NO PRINT DRIVER INSTALLATION ON TERMINAL SERVER

REQUIRED FOR TS EASY PRINT• Guaranteed printer installation in TS session• TS Printer are scoped per session & all printer properties

available in TS session• TS Policy to redirect ONLY default client printer• Works transparently between, say, X86 Client and X64 TS• Client Requirements:

– On Client - XP SP3 + .NET 3.0 SP1, Vista SP1 (Includes .NET 3.0 SP1), IHV Printer Driver

– In Future: Native XPS Printers = No IHV Drivers

Provided by

Microsoft

ISV

RDPTS Easy Print XPS

Driver

XPSSpoolFile

XPS

WPF AppWin32 App

GDI to XPSConversion

Module

TS Easy Print - Server Side

.NETFramework 3.0 SP1

Print Processor

GDI Printer Driver

TS Client (MSTSC)TS Easy

PrintPlug-in

EMFSpoolFile

XPSSpoolFile

XPS Printer Driver

RDP

Provided by

Microsoft

IHV

TS Easy Print - Client Side

XPS to GDIConversion

Module

• Resolution up to 4096x2048 & span multiple monitors• PnP Device Redirection Framework• Windows Presentation Foundation (WPF)• 32-bit Color & new RDP compression• Display Data Prioritization

Experience

• NAP Integration• Network Authentication• Single Sign-on for domain joined Vista clients• Ability to block pre RDP6 client• Per session & direct attached device isolation

Security

• Per User CAL Tracking, Per Device CAL revocation• Spooler scalability improvements• Debug Logging available in all builds• New Session Broker capability (Farm Capability), Session Drain• Single Unified Win32 & Active X Client – serviced via Windows Update

Manageability

• Investments in Windows and TS to eliminate potential attack vectors• Faster Login & Logoff • Profile corruption scenarios addressed• Leverage UAC for improved application compatibility

Platform

and to finish...Microsoft delivers end-to-end Virtualization solutions…

…System Center provides the tools for integrated Infrastructure Management

"Virtualization without good management is more dangerous than not using virtualization in the first place" Thomas Bittman, Gartner

Resources

• Matt’s blog – http://www.mattmcspirit.co.uk• Steve’s blog - http://blogs.technet.com/steve_lamb• MS Virtualisation –

http://microsoft.com/virtualisation• System Center -

http://www.microsoft.com/systemcenter• VECD -

http://www.microsoft.com/virtualization/solution-product-vecd.mspx

More Resources...• MDOP -

http://www.microsoft.com/windows/products/windowsvista/enterprise/benefits/tools.mspx

• Terminal Services - http://www.microsoft.com/windowsserver2008/en/us/presentation-terminal.aspx

• Evaluate WS2008 - http://www.microsoft.com/windowsserver2008/en/us/try-it.aspx

• VDI Demo - http://www.microsoft.com/windows/products/windowsvista/enterprise/vecddemo/default.html

Even More Resources...• Virtualisation Blog -

http://blogs.technet.com/virtualization/• Windows Server Blog -

http://blogs.technet.com/windowsserver/• TS Blog - http://blogs.msdn.com/ts/• Perf Tuning for WS2008 -

http://www.microsoft.com/whdc/system/sysperf/Perf_tun_srv.mspx

• System Center Blog - http://blogs.technet.com/systemcenter/

Ask the Experts...?

?

© 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Server and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation.

Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS

PRESENTATION.