Professional Documents
Culture Documents
Server Virtualization With Windows Server Hyper-V and System Center
Server Virtualization With Windows Server Hyper-V and System Center
20409B
Server Virtualization with Windows Server
Hyper-V® and System Center
ii Server Virtualization with Windows Server Hyper-V® and System Center
Information in this document, including URL and other Internet Web site references, is subject to change
without notice. Unless otherwise noted, the example companies, organizations, products, domain names,
e-mail addresses, logos, people, places, and events depicted herein are fictitious, and no association with
any real company, organization, product, domain name, e-mail address, logo, person, place or event is
intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the
user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in
or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical,
photocopying, recording, or otherwise), or for any purpose, without the express written permission of
Microsoft Corporation.
Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property
rights covering subject matter in this document. Except as expressly provided in any written license
agreement from Microsoft, the furnishing of this document does not give you any license to these
patents, trademarks, copyrights, or other intellectual property.
The names of manufacturers, products, or URLs are provided for informational purposes only and
Microsoft makes no representations and warranties, either expressed, implied, or statutory, regarding
these manufacturers or the use of the products with any Microsoft technologies. The inclusion of a
manufacturer or product does not imply endorsement of Microsoft of the manufacturer or product. Links
may be provided to third party sites. Such sites are not under the control of Microsoft and Microsoft is not
responsible for the contents of any linked site or any link contained in a linked site, or any changes or
updates to such sites. Microsoft is not responsible for webcasting or any other form of transmission
received from any linked site. Microsoft is providing these links to you only as a convenience, and the
inclusion of any link does not imply endorsement of Microsoft of the site or the products contained
therein.
Released: 02/2014
MICROSOFT LICENSE TERMS
MICROSOFT INSTRUCTOR-LED COURSEWARE
These license terms are an agreement between Microsoft Corporation (or based on where you live, one of its
affiliates) and you. Please read them. They apply to your use of the content accompanying this agreement which
includes the media on which you received it, if any. These license terms also apply to Trainer Content and any
updates and supplements for the Licensed Content unless other terms accompany those items. If so, those terms
apply.
BY ACCESSING, DOWNLOADING OR USING THE LICENSED CONTENT, YOU ACCEPT THESE TERMS.
IF YOU DO NOT ACCEPT THEM, DO NOT ACCESS, DOWNLOAD OR USE THE LICENSED CONTENT.
If you comply with these license terms, you have the rights below for each license you acquir
1. DEFINITIONS.
a. “Authorized Learning Center” means a Microsoft IT Academy Program Member, Microsoft Learning
Competency Member, or such other entity as Microsoft may designate from time to time.
b. “Authorized Training Session” means the instructor-led training class using Microsoft Instructor-Led
Courseware conducted by a Trainer at or through an Authorized Learning Center.
c. “Classroom Device” means one (1) dedicated, secure computer that an Authorized Learning Cente
or controls that is located at an Authorized Learning Center’s training facilities that meets or exceeds the
hardware level specified for the particular Microsoft Instructor-Led Courseware.
d. “End User” means an individual who is (i) duly enrolled in and attending an Authorized Training Session
or Private Training Session, (ii) an employee of a MPN Member, or (iii) a Microsoft full-time employee.
e. “Licensed Content” means the content accompanying this agreement which may include the Micro
Instructor-Led Courseware or Trainer Content.
f. “Microsoft Certified Trainer” or “MCT” means an individual who is (i) engaged to teach a training s
to End Users on behalf of an Authorized Learning Center or MPN Member, and (ii) currently certified as a
Microsoft Certified Trainer under the Microsoft Certification Program.
g. “Microsoft Instructor-Led Courseware” means the Microsoft-branded instructor-led training course that
educates IT professionals and developers on Microsoft technologies. A Microsoft Instructor-Led
Courseware title may be branded as MOC, Microsoft Dynamics or Microsoft Business Group courseware.
h. “Microsoft IT Academy Program Member” means an active member of the Microsoft IT Academy
Program.
i. “Microsoft Learning Competency Member” means an active member of the Microsoft Partner Network
program in good standing that currently holds the Learning Competency status.
j. “MOC” means the “Official Microsoft Learning Product” instructor-led courseware known as Microsoft
Official Course that educates IT professionals and developers on Microsoft technologies.
k. “MPN Member” means an active Microsoft Partner Network program member in good standing.
l. “Personal Device” means one (1) personal computer, device, workstation or other digital electronic
that you personally own or control that meets or exceeds the hardware level specified for the particular
Microsoft Instructor-Led Courseware.
m. “Private Training Session” means the instructor-led training classes provided by MPN Members for
corporate customers to teach a predefined learning objective using Microsoft Instructor-Led Courseware.
These classes are not advertised or promoted to the general public and class attendance is restrict
individuals employed by or contracted by the corporate customer.
n. “Trainer” means (i) an academically accredited educator engaged by a Microsoft IT Academy Prog
Member to teach an Authorized Training Session, and/or (ii) a MCT.
o. “Trainer Content” means the trainer version of the Microsoft Instructor-Led Courseware and additi
supplemental content designated solely for Trainers’ use to teach a training session using the Micr t
Instructor-Led Courseware. Trainer Content may include Microsoft PowerPoint presentations, trainer
preparation guide, train the trainer materials, Microsoft One Note packs, classroom setup guide and Pre-
release course feedback form. To clarify, Trainer Content does not include any software, virtual hard
disks or virtual machines.
2. USE RIGHTS. The Licensed Content is licensed not sold. The Licensed Content is licensed on a on y
per user basis, such that you must acquire a license for each individual that accesses or uses the L ensed
Content.
2.1 Below are five separate sets of use rights. Only one set of rights apply to you.
2.2 Separation of Components. The Licensed Content is licensed as a single unit and you may not
separate their components and install them on different devices.
2.3 Redistribution of Licensed Content. Except as expressly provided in the use rights above, y
not distribute any Licensed Content or any portion thereof (including any permitted modifications) to any
third parties without the express written permission of Microsoft.
2.4 Third Party Notices. The Licensed Content may include third party code tent that Microsoft, not the
third party, licenses to you under this agreement. Notices, if any, for the third party code ntent are inc
for your information only.
2.5 Additional Terms. Some Licensed Content may contain components with additional terms,
conditions, and licenses regarding its use. Any non-conflicting terms in those conditions and licenses also
apply to your use of that respective component and supplements the terms described in this agreeme t.
a. Pre-Release Licensed Content. This Licensed Content subject matter is on the Pre-release version of
the Microsoft technology. The technology may not work the way a final version of the technology will
and we may change the technology for the final version. We also may not release a final version.
Licensed Content based on the final version of the technology may not contain the same information as
the Licensed Content based on the Pre-release version. Microsoft is under no obligation to provide you
with any further content, including any Licensed Content based on the final version of the technology.
b. Feedback. If you agree to give feedback about the Licensed Content to Microsoft, either directly or
through its third party designee, you give to Microsoft without charge, the right to use, share and
commercialize your feedback in any way and for any purpose. You also give to third parties, without
charge, any patent rights needed for their products, technologies and services to use or interface with
any specific parts of a Microsoft technology, Microsoft product, or service that includes the feedba
You will not give feedback that is subject to a license that requires Microsoft to license its technology,
technologies, or products to third parties because we include your feedback in them. These rights
survive this agreement.
c. Pre-release Term. If you are an Microsoft IT Academy Program Member, Microsoft Learning
Competency Member, MPN Member or Trainer, you will cease using all copies of the Licensed Con on
the Pre-release technology upon (i) the date which Microsoft informs you is the end date for using
Licensed Content on the Pre-release technology, or (ii) sixty (60) days after the commercial releas e
technology that is the subject of the Licensed Content, whichever is earliest (“Pre-release term”).
Upon expiration or termination of the Pre-release term, you will irretrievably delete and destroy all
of the Licensed Content in your possession or under your control.
4. SCOPE OF LICENSE. The Licensed Content is licensed, not sold. This agreement only gives you some
rights to use the Licensed Content. Microsoft reserves all other rights. Unless applicable law gives yo ore
rights despite this limitation, you may use the Licensed Content only as expressly permitted in this
agreement. In doing so, you must comply with any technical limitations in the Licensed Content that only
allows you to use it in certain ways. Except as expressly permitted in this agreement, you may not:
• access or allow any individual to access the Licensed Content if they have not acquired a valid license
for the Licensed Content,
• alter, remove or obscure any copyright or other protective notices (including watermarks), branding
or identifications contained in the Licensed Content,
• modify or create a derivative work of any Licensed Content,
• publicly display, or make the Licensed Content available for others to access or use,
• copy, print, install, sell, publish, transmit, lend, adapt, reuse, link to or post, make available or
distribute the Licensed Content to any third party,
• work around any technical limitations in the Licensed Content, or
• reverse engineer, decompile, remove or otherwise thwart any protections or disassemble the
Licensed Content except and only to the extent that applicable law expressly permits, despite this
limitation.
5. RESERVATION OF RIGHTS AND OWNERSHIP. Microsoft reserves all rights not expressly grant o
you in this agreement. The Licensed Content is protected by copyright and other intellectual property laws
and treaties. Microsoft or its suppliers own the title, copyright, and other intellectual property rights
Licensed Content.
6. EXPORT RESTRICTIONS. The Licensed Content is subject to United States export laws and regula s.
You must comply with all domestic and international export laws and regulations that apply to the Licensed
Content. These laws include restrictions on destinations, end users and end use. For additional information,
see www.microsoft.com/exporting.
7. SUPPORT SERVICES. Because the Licensed Content is “as is”, we may not provide support service it.
8. TERMINATION. Without prejudice to any other rights, Microsoft may terminate this agreement if y
to comply with the terms and conditions of this agreement. Upon termination of this agreement for any
reason, you will immediately stop all use of and delete and destroy all copies of the Licensed Conten
your possession or under your control.
9. LINKS TO THIRD PARTY SITES. You may link to third party sites through the use of the Licensed
Content. The third party sites are not under the control of Microsoft, and Microsoft is not responsible for
the contents of any third party sites, any links contained in third party sites, or any changes or upda
third party sites. Microsoft is not responsible for webcasting or any other form of transmission recei
from any third party sites. Microsoft is providing these links to third party sites to you only as a
convenience, and the inclusion of any link does not imply an endorsement by Microsoft of the third party
site.
10. ENTIRE AGREEMENT. This agreement, and any additional terms for the Trainer Content, updates and
supplements are the entire agreement for the Licensed Content, updates and supplements.
12. LEGAL EFFECT. This agreement describes certain legal rights. You may have other rights under the
of your country. You may also have rights with respect to the party from whom you acquired the Lic sed
Content. This agreement does not change your rights under the laws of your country if the laws of your
country do not permit it to do so.
13. DISCLAIMER OF WARRANTY. THE LICENSED CONTENT IS LICENSED "AS-IS" AND "AS
AVAILABLE." YOU BEAR THE RISK OF USING IT. MICROSOFT AND ITS RESPECTIVE
AFFILIATES GIVES NO EXPRESS WARRANTIES, GUARANTEES, OR CONDITIONS. YOU MA
HAVE ADDITIONAL CONSUMER RIGHTS UNDER YOUR LOCAL LAWS WHICH THIS AGREEMENT
CANNOT CHANGE. TO THE EXTENT PERMITTED UNDER YOUR LOCAL LAWS, MICROSOFT AND
ITS RESPECTIVE AFFILIATES EXCLUDES ANY IMPLIED WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT.
14. LIMITATION ON AND EXCLUSION OF REMEDIES AND DAMAGES. YOU CAN RECOVER FROM
MICROSOFT, ITS RESPECTIVE AFFILIATES AND ITS SUPPLIERS ONLY DIRECT DAMAGES UP
TO US$5.00. YOU CANNOT RECOVER ANY OTHER DAMAGES, INCLUDING CONSEQUENTIAL,
LOST PROFITS, SPECIAL, INDIRECT OR INCIDENTAL DAMAGES.
It also applies even if Microsoft knew or should have known about the possibility of the damages. The
above limitation or exclusion may not apply to you because your country may not allow the exclusio or
limitation of incidental, consequential or other damages.
Please note: As this Licensed Content is distributed in Quebec, Canada, some of the clauses in this
agreement are provided below in French.
Remarque : Ce le contenu sous licence étant distribué au Québec, Canada, certaines des clauses
dans ce contrat sont fournies ci-dessous en français.
EXONÉRATION DE GARANTIE. Le contenu sous licence visé par une licence est offert « tel quel ». Toute
utilisation de ce contenu sous licence est à votre seule risque et péril. Microsoft n’accorde aucune autre garantie
expresse. Vous pouvez bénéficier de droits additionnels en vertu du droit local sur la protection dues
consommateurs, que ce contrat ne peut modifier. La ou elles sont permises par le droit locale, les garanties
implicites de qualité marchande, d’adéquation à un usage particulier et d’absence de contrefaçon sont exclues.
EFFET JURIDIQUE. Le présent contrat décrit certains droits juridiques. Vous pourriez avoir d’autres droits
prévus par les lois de votre pays. Le présent contrat ne modifie pas les droits que vous confèrent les lois de votre
pays si celles-ci ne le permettent pas.
Acknowledgments
Microsoft Learning wants to acknowledge and thank the following for their contribution toward
developing this title. Their effort at various stages in the development has ensured that you have a good
classroom experience.
Contents
Module 1: Evaluating the Environment for Virtualization
Lesson 1: Overview of Microsoft Virtualization 1-2
Lesson 2: Overview of System Center 2012 R2 Components 1-9
Lesson 3: Evaluating the Current Environment for Virtualization 1-16
Lesson 4: Extending Virtualization to the Cloud Environment 1-25
Lab: Evaluating the Environment for Virtualization 1-29
Module 10: Configuring and Managing the Microsoft System Center 2012 R2
Virtual Machine Manager Library and Library Objects
Lesson 1: Overview of the Virtual Machine Manager Library 10-2
Lesson 2: Working with Profiles and Templates 10-9
Lab: Configuring and Managing the Microsoft System Center 2012 R2
Virtual Machine Manager Library and Library Objects 10-23
Server Virtualization with Windows Server Hyper-V® and System Center xv
Course Description
This course will provide you with the knowledge and skills necessary to create, maintain, monitor, and
protect a virtualization infrastructure. You will learn about creating and managing virtual machines,
managing virtual machine networks, and providing high availability for a Windows Server® 2012 R2
Hyper-V® environment. This course also will describe how to create and manage virtual machines, clouds,
and services by using Microsoft® System Center 2012 R2 Virtual Machine Manager (VMM).
Audience
This course is intended for IT professionals who design, implement, manage, and maintain virtualization
infrastructures, and for IT decision makers who will determine which virtualization product to implement
in their data centers. This course also is suitable for IT professionals who want to learn about current
Microsoft virtualization technologies.
Student Prerequisites
This course requires that you meet the following prerequisites:
• An understanding of TCP/IP, iSCSI, and networking.
Course Objectives
After completing this course, students will be able to:
• Evaluate their organization’s virtualization requirements and plan for server virtualization.
• Install and configure the Hyper-V role.
• Create virtual machines, create and manage virtual hard disks, and work with checkpoints.
• Create and configure virtual machine networks in a Hyper-V environment.
• Implement virtual machine movement and the Hyper-V Replica feature.
• Provide high availability for a Hyper-V environment by implementing failover clustering.
• Manage a virtual environment by using VMM.
• Manage networking and storage infrastructure in VMM.
• Create and manage virtual machines by using VMM.
• Configure and manage a VMM library and library objects.
• Create and manage clouds by using VMM.
• Create and manage services in VMM.
• Protect virtualization infrastructure by using Windows Server Backup and Data Protection Manager.
xviii About This Course
Course Outline
The course outline is as follows:
Module 1, “Evaluating the Environment for Virtualization" describes the Microsoft virtualization products
and System Center 2012 R2 components. It provides a broad overview of virtualization and a foundation
for the following modules.
Module 2, “Installing and Configuring the Hyper-V Role" describes the Windows Server 2012 R2 features
that are beneficial for Hyper-V. It also describes how to add the Hyper-V role to Windows Server 2012 R2,
and how to configure the role.
Module 3, “Creating and Managing Virtual Hard Disks, Virtual Machines, and Checkpoints" describes how
to create and configure virtual hard disks, virtual machines, and their components in the Hyper-V
environment. It also describes checkpoints and how to manage them in the Hyper-V environment.
Module 4, “Creating and Configuring Virtual Machine Networks" describes Hyper-V virtual machine
networking options and explains how network virtualization works in the Hyper-V environment. It also
describes the different types of virtual switches, and how you can create and manage them.
Module 5, “Virtual Machine Movement and Hyper-V Replica" describes the configuration and use of
Hyper-V, and the options that you can use to provide high availability in the Hyper-V environment. It also
describes how to move virtual machines between Hyper-V hosts and how to use Hyper-V Replica.
Module 6, “Implementing Failover Clustering with Hyper-V" describes failover clustering, and how you
can implement and manage it in the Hyper-V virtual environment. It also describes how you can use
failover clustering to provide high availability for the Hyper-V environment.
Module 7, “Installing and Configuring Microsoft System Center 2012 R2 Virtual Machine Manager"
describes how to install VMM, and explains its main features. It also describes how to add virtualization
hosts to VMM, and manage virtualization hosts and host groups.
Module 8, “Managing the Network and Storage Infrastructure in Microsoft System Center 2012 R2 Virtual
Machine Manager" describes VMM networking options, and how to manage storage infrastructure and
infrastructure updates in VMM.
Module 9, “Creating and Managing Virtual Machines by Using Microsoft System Center 2012 R2 Virtual
Machine Manager" describes how to create and manage virtual machines in VMM, and how to configure
virtual machine updating.
Module 10, “Configuring and Managing the Microsoft System Center 2012 R2 Virtual Machine Manager
Library and Library Objects" describes how to use and manage the Virtual Machine Manager library, and
how to configure library settings. It also explains how to use profiles and templates in VMM.
Module 11, “Managing Clouds in Microsoft System Center 2012 R2 Virtual Machine Manager" describes
how to create and manage clouds and user roles in VMM.
Module 12, “Managing Services in Microsoft System Center 2012 R2 Virtual Machine Manager and App
Controller" describes services in VMM and App Controller, and how to manage them. It also explains how
to use App Controller for cloud management.
Module 13, “Protecting and Monitoring Virtualization Infrastructure" describes how to use the backup
and restore options in VMM, and how to protect the virtualization infrastructure by using DPM. It also
describes how to monitor the virtualization infrastructure and generate reports by using System Center
2012 R2 Operations Manager, and how to configure Operations Manager integration with VMM.
About This Course xix
Course Materials
The following materials are included with your kit:
• Course Handbook: a succinct classroom learning guide that provides the critical technical
information in a crisp, tightly-focused format, which is essential for an effective in-class learning
experience.
• Lessons: guide you through the learning objectives and provide the key points that are critical to
the success of the in-class learning experience.
• Labs: provide a real-world, hands-on platform for you to apply the knowledge and skills learned
in the module.
• Module Reviews and Takeaways: provide on-the-job reference material to boost knowledge
and skills retention.
• Modules: include companion content, such as questions and answers, detailed demo steps and
additional reading links, for each lesson. Additionally, they include Lab Review questions and
answers and Module Reviews and Takeaways sections, which contain the review questions and
answers, best practices, common issues and troubleshooting tips with answers, and real-world
issues and scenarios with answers.
• Resources: include well-categorized additional resources that give you immediate access to the
most current premium content on TechNet, MSDN®, or Microsoft® Press®.
• Course evaluation: At the end of the course, you will have the opportunity to complete an online
evaluation to provide feedback on the course, training facility, and instructor.
• To provide additional comments or feedback on the course, send an email to
support@mscourseware.com. To inquire about the Microsoft Certification Program, send an
email to mcphelp@microsoft.com.
xx About This Course
The following table shows the role of each virtual machine that is used in this course:
Classroom Setup
This course requires two host computers for the instructor and for each student (or pair of students
working in a team). The two computers for each person must have network connectivity with each other,
but must not be able to communicate with other computers on the network.
The two host computers will be configured to run Hyper-V as part of the classroom installation, or as part
of the student labs. Each host computer will also host several virtual machines.
About This Course xxi
Hardware Level 7
• 64-bit Intel Virtualization Technology (Intel VT) or AMD Virtualization (AMD-V) processor (2.8
gigahertz [GHz] dual core or more recommended)
• Dual 500 gigabyte (GB) hard disks, 7200 RPM Serial ATA (SATA) or faster. Each hard disk must be
configured as a separate drive labeled Drive C and Drive D
• 16 GB RAM
• Network adapter
• Dual SVGA monitors that are 17 inches or larger, supporting 1,440 x 900 minimum resolution
• Windows+C: Opens the same menu as moving the mouse to the lower right corner.
• Windows+I: Opens Settings.
Module 1
Evaluating the Environment for Virtualization
Contents:
Module Overview 1-1
Module Overview
Microsoft offers several virtualization technologies that organizations can use to resolve challenges
that they encounter when running traditional server computing environments. For example, server
virtualization can help reduce the number of physical servers, and provide a flexible and resilient server
solution for businesses. This module provides an overview of the different Microsoft virtualization
technologies, and explains how you can use these technologies to manage both virtualization and
traditional infrastructures. This module also describes how to evaluate your business environment to
plan for virtualization.
Note: For the purpose of this course, all instances of Microsoft System Center 2012 R2
Virtual Machine Manager are referred to as VMM.
Objectives
After completing this module, you will be able to:
• Describe the various virtualization technologies and the scenarios where you would apply each
technology.
• Describe the different Microsoft System Center 2012 R2 components, and explain how you can use
them to manage both traditional and modern infrastructure solutions.
• Evaluate your organization’s virtualization requirements and plan for server virtualization.
1-2 Evaluating the Environment for Virtualization
Lesson 1
Overview of Microsoft Virtualization
Microsoft offers a number of virtualization technologies that administrators and infrastructure architects
can use to create and administer a virtual environment. To use these tools effectively, it is important for
administrators and infrastructure architects to know how and when to apply which Microsoft technology.
In many cases, you can combine multiple technologies to build an effective virtualized business solution.
For example, a new email infrastructure may consist of a server and several client systems, and you may
want to consider the various virtualization technologies available before deciding on and implementing
the one that best meets your business requirements. This lesson describes the different types of
virtualization technologies and the principles of cloud computing.
Lesson Objectives
After completing this lesson, you will be able to:
• Presentation virtualization. Presentation virtualization allows desktops and applications that are
running on a Remote Desktop Services server to display on remote clients.
Server Virtualization with Windows Server Hyper-V® and System Center 1-3
• Network virtualization. Network virtualization enables you to isolate networks used in server
virtualization without requiring the implementation of virtual local area networks (VLANs).
• Application virtualization. You can use application virtualization to virtualize applications, which then
enables applications to run in or be streamed to special containers on a host operating system.
Note: Later topics in this lesson discuss in more detail each type of virtualization and the
scenarios in which you would deploy them.
Server virtualization allows you to use hardware resources more efficiently. Consider a scenario where you
have separate computers running Microsoft Exchange Server 2013, Microsoft SQL Server 2012, Microsoft
SharePoint Server 2013, file and print services, Domain Name System (DNS), Dynamic Host Configuration
Protocol (DHCP). Additionally, you have another server functioning as an Active Directory domain
controller. If you use server virtualization, you can instead configure a single appropriately provisioned
server and run each of these separate computers as virtual machine guests. You can even make these
virtual machines highly available by deploying additional appropriately provisioned servers running
Hyper-V and configuring them in a failover cluster relationship.
Server virtualization allows you to detach the computer that is hosting a particular service or workload
from the hardware on which that service or workload runs. For example, you may have a virtualized
computer that hosts a SQL Server 2012 instance that is a guest on a Hyper-V host with other virtualized
computers. If the virtualized computer that hosts the SQL Server 2012 instance requires more computing
resources than are available on the current host, you can simply move the virtual machine to another
Hyper-V host that has resources that better meet the requirements of the workload.
1-4 Evaluating the Environment for Virtualization
Client-Side Virtualization
Client-side virtualization uses the Hyper-V role on supported operating system editions and hardware
running Windows 8 and Windows 8.1. Virtual machines running on Hyper-V client are compatible with
servers running Hyper-V. Client-side virtualization is often used as an application compatibility solution,
allowing individual users to run multiple versions of the Windows client operating system simultaneously
on their client computer hardware.
You would typically use client-side virtualization in scenarios where you need to provide application
compatibility to a small number of users. When larger numbers of users require an application
compatibility solution, you should instead host the previous version of the Windows client operating
system on a server running Hyper-V.
For example, consider a scenario where in an organization of several hundred people you have five users
that need to run a series of applications on the Windows XP operating system for several months until a
replacement solution can be found. All users in this organization have desktop computers that run the
Windows 8.1 operating system. In this scenario, you should consider deploying Windows XP in a virtual
machine that runs client Hyper-V. If you have a large number of users that need to run a series of
incompatible applications, or the incompatible applications need to be used on a long-term basis, you
might consider a different solution such as VDI or System Center 2012 R2 Application Virtualization
(App-V).
VDI
VDI enables you to run some or all of an organization’s client computers as virtual machines. Users can
connect to those virtual machines by using a Remote Desktop Client from any compatible computer or
device. Client computers in a VDI deployment run as a pool of virtual machines, which provides
organizations with the following benefits:
• One client accessible through any device. Because the client operating system runs independently of
hardware, users can access their personal client virtual machine by using a variety of devices. VDI
provides a solution for Bring Your Own Device (BYOD) environments, ensuring that a standardized
environment is available even if each user has their own unique device.
• Reduced hardware costs. Instead of having to manage and maintain a client computer for each user,
you only need to meet the minimum requirement of a keyboard, a mouse, and a display capable of
running a Remote Desktop client.
• Simplified updates. Rather than updating clients individually, you can update virtual machines in a
VDI deployment in a centralized way.
• Simplified deployment. You can deploy a new computer quickly from the existing virtual machine
pool. This is simpler than having to install and manage the operating system, applications, hardware,
and updates for each individual computer that you deploy.
Server Virtualization with Windows Server Hyper-V® and System Center 1-5
• High availability. Because the client computer is a virtual machine, you can make it highly available by
running it on highly available virtualization hosts. In the event that the hardware or device on which
the client virtual machine runs experiences a hardware failure, you can issue a replacement without
the user losing access to applications or data. This is because the operating system, applications, and
data are kept separate from any client computer hardware.
• Backup and recovery. Because virtual machines are data, VDI simplifies the process of centrally
backing up client computers.
• Settings storage location. This is a file share that the UE-V agent uses to store the settings.
1-6 Evaluating the Environment for Virtualization
• User Experience Virtualization agent. This agent is installed on each computer that will synchronize
the settings stored in the Settings storage location.
• Settings location templates. These are XML files that define what settings UE-V should monitor. The
UE-V installation includes these templates.
• Settings package. These packages are generated by the UE-V agent, and are then copied to the
Settings storage location.
User state virtualization is useful in environments where users might sign in to different computers or
devices but need to access their customized and configured operating system and application settings.
One example might be in a call center environment where users are assigned a separate desk each time
they arrive at work, but where policies allow them to configure their own desktop background (including
shortcuts) and operating system settings.
Remote Desktop client software exists for devices running the Windows RT, Windows Phone, Apple iOS,
Mac OSX, and Android operating systems. This makes Remote Desktop another possible solution in BYOD
environments where users may need to run apps that you do not want to or cannot run locally for
architectural or resource reasons.
Server Virtualization with Windows Server Hyper-V® and System Center 1-7
What Is App-V?
Application Virtualization (App-V) is a System
Center tool that virtualizes apps by abstracting
them from the operating system. App-V allows
apps to run without having to install them on the
computer or server that the user is accessing. As
App-V apps run in a separate virtualized silo, it
allows you to run apps side by side that would
otherwise cause conflicts. For example, using
App-V you can run different versions of a
Microsoft Office application concurrently, which
is not possible without App-V.
• Running applications that would otherwise conflict. For example, you can run two different versions
of Microsoft Office on the same computer or in an RD Session Host server. Each application has all the
necessary sequenced files that it requires to run.
• Virtualized applications display as if they are installed locally. Users can start applications from the
Start Screen, from desktop icons, and by file extension association. App-V applications use local
resources+ and display in Task Manager.
• App-V applications can be streamed on demand from an App-V server. This allows an application not
present locally to be started more quickly.
• App-V applications can be stored locally once they have completely streamed from the host server.
App-V apps can also be installed.
• Simplified management and deployment. With streaming, virtual applications are delivered on
demand from a server, thereby allowing users to download them automatically when they are
required. Administrators can update applications on the server and the App-V Desktop Client will
download the newer version automatically the next time the user runs the application.
Cloud computing service models include software as a service (SaaS), platform as a service (PaaS), and
infrastructure as a service (IaaS). Cloud computing has three main deployment models:
• Public cloud. Public clouds are infrastructure, platform, or application services that are delivered from
a cloud service provider for access and consumption by the public.
• Private cloud. Private clouds are privately owned and managed clouds that offer similar benefits to
that of public clouds, but are designed and secured for use by a single organization.
• Hybrid cloud. In a hybrid cloud, a technology binds two separate clouds (public and private) together
for the specific purpose of obtaining resources from both.
Microsoft cloud services provide technology and applications across all of these cloud computing models.
Some examples of Microsoft cloud services are:
o Windows Azure. Windows Azure is a public cloud environment that offers PaaS, SaaS, and IaaS.
Developers can subscribe to Windows Azure services and create software, which is delivered as
SaaS. Microsoft cloud services uses Windows Azure to deliver some of its own SaaS applications.
o Microsoft Office 365. Office 365 delivers online versions of the Microsoft Office applications and
online business collaboration tools.
o Microsoft Dynamics CRM Online. Microsoft Dynamics CRM Online is the Microsoft-hosted version
of the on-premises Microsoft Dynamics CRM application.
• Microsoft private cloud:
o Hyper-V in Windows Server 2012 R2 combines with System Center 2012 R2 to create the
foundation for building private clouds. By implementing these products as a combined solution,
you can deliver much of the same functionality offered by public clouds.
o Microsoft provides a number of hybrid cloud solutions that enable you to:
Back up an on-premises cloud application to a service provider.
Manage, monitor, and move virtual machines between different clouds.
Connect and federate directory services that allow your users to access applications that are
constructed across a combination of on-premises, service provider, and public cloud types.
You can reduce the computing costs of your organization by using Microsoft cloud computing
technologies. You can also improve the delivery times for infrastructure and application services, ensure
that they are always available, and monitor their performance.
Server Virtualization with Windows Server Hyper-V® and System Center 1-9
Lesson 2
Overview of System Center 2012 R2 Components
System Center 2012 R2 includes several integrated technologies that you can use to deploy, configure,
and manage servers, clients, mobile devices, services, and applications. In this lesson, you will review the
various technologies included in System Center 2012 R2, and explore their features and functionalities.
Lesson Objectives
After completing this lesson, you will be able to:
• Describe the features and functionalities of System Center 2012 R2 App Controller.
• Describe the features and functionalities of System Center 2012 R2 Operations Manager.
• Describe the features and functionalities of System Center 2012 R2 Orchestrator.
• Describe the features and functionalities of System Center 2012 R2 Service Manager.
• Describe the features and functionalities of System Center 2012 R2 Data Protection Manager.
establish and use controls and operations based on guidelines of either the Information Technology
Infrastructure Library or Microsoft Operations Framework.
Note: The following topics will examine each of the System Center components, their
features, and their integration capabilities in more depth.
Overview of VMM
VMM provides you with a single administrative
tool for deploying and managing a virtualization
infrastructure. You use VMM to manage large
numbers of virtual machine hosts and virtual
machines. Using VMM, you can deploy and
manage all components of your virtual machine
and virtual machine host infrastructure. You can
use VMM to manage a single virtual machine host
computer, or to manage as many as 400 hosts and
8,000 guests.
• Host groups. You can group hosts for manage multiple hosts.
• Cross-platform management. VMM supports Citrix XenServer host and pool management, and
supports VMware ESX hosts through integration with VMware vSphere.
Server Virtualization with Windows Server Hyper-V® and System Center 1-11
• Intelligent placement. Intelligent placement helps you select an appropriate host for a virtual machine
based on available resources.
• Dynamic optimization. VMM can balance workloads automatically, according to configurable
thresholds for core resources such as CPU, memory, disk, and network utilization.
• Power optimization. You can configure VMM to use power thresholds that you specify. This enables
VMM to evaluate the performance requirements of a Hyper-V host cluster, and shut down hosts if
they are not required to provide adequate performance.
• Performance and Resource Optimization (PRO). PRO allows you to ensure that virtual machines are
moved automatically when there is resource contention.
• Microsoft Server Application Virtualization (Server App-V). Server App-V enables you to virtualize
server-based applications.
What’s New in System Center 2012 - Virtual Machine Manager
http://go.microsoft.com/fwlink/?LinkId=253224
App Controller can control as many as 20 Windows Azure subscriptions. It allows you to upload virtual
hard disks and images to Windows Azure from a library or from network shares, and add virtual machines
to deployed services in Windows Azure. Additionally, you can manipulate and migrate virtual machines to
and from Windows Azure.
1-12 Evaluating the Environment for Virtualization
• Implementing PRO tips, which collect performance data from host machines, virtual machines, and
applications. PRO tips enable you to automate changes to the VMM and host environment, based
on the performance information that Operations Manager provides. For example, if a physical hard
disk fails, an alert in Operations Manager can trigger the migration of all virtual machines from a
host with a degraded disk subsystem. Another example could be using performance information to
automatically scale out a web farm in response to increased transactions in VMM. The reports are
available in the VMM console, but display data is retrieved from Operations Manager.
• Enabling maintenance-mode integration. When you place hosts in maintenance mode, VMM
attempts to put them in maintenance mode in Operations Manager.
• Integrating SQL Server Analysis Services (SSAS), which allows you to run forecasting reports that can
predict host activity based on history of disk space, memory, network I/O, disk I/O, and CPU usage.
SSAS also supports using a SAN for usage forecasting.
Overview of Orchestrator
Orchestrator is the Microsoft runbook automation
platform. You use Orchestrator to automate
virtualization management tasks. Orchestrator
allows you to create automation using the
Orchestrator Runbook Designer. The Runbook
Designer is a simple drag-and-drop interface
that makes it easier to design processes to help
accomplish complex tasks. This allows you to
create quick automation without having to create
and manage complex Windows PowerShell scripts.
that allow Orchestrator to extend its capabilities to other Microsoft and non-Microsoft components. The
Virtual Machine Manager integration pack includes tasks related to the management of VMM,
virtualization hosts, and virtual guests.
• Compliance. Service Manager has a downloadable management pack that can assist you with
managing and automating IT governance, risk, and compliance responsibilities, and can help you
connect complex business objectives to Microsoft infrastructure.
Note: Management packs extend System Center 2012 R2 functionality, and enable
integration between System Center components. You can download and install a wide variety of
management packs for most System Center components.
• An integrated platform. Service Manager has several available connectors to leverage Service
Manager’s full integration capabilities. You can use these connectors to import data into the Service
Manager Configuration Management database from AD DS, .csvc files, and other System Center
components.
1-14 Evaluating the Environment for Virtualization
Overview of DPM
Data Protection Manager (DPM) is a data backup
and recovery solution that works with disk-to-disk
and disk-to-tape backups. You can use DPM to
back up and restore Windows Servers operating
system servers, and application servers such as:
• SQL Server
• Exchange Server
• Hyper-V
• File servers
• AD DS
• SharePoint Server
DPM also includes support for system state and bare-metal recovery, offers protection for Windows
desktop clients, and provides some elements of self-service.
When planning a virtualization environment, you need to implement a backup system that will back up
the following items:
• Virtual machines. Sometimes referred to as virtual machine backups, in-guest backups, or traditional
backups, these backups are usually unaware of virtualization and are designed with an application in
mind. For example, Exchange backups should protect Exchange components such as stores and
mailboxes. Additionally, if you want to protect your entire server structure, you should perform a
system-state backup and include data drivers. If you must recover your entire server structure, you
must use a recovery copy that includes a full backup of all components.
• Host server backup. Not to be confused with backing up the host itself, a host-level backup is a
Hyper-V–aware backup designed to protect the virtualization files that comprise a virtual machine.
Virtualization files may include virtual machine configuration files, .vhd files, and snapshots. DPM uses
VSS to back up files while they run. You can use this form of backup to recover an entire virtual
machine or one of its disks, in place, to the same virtualization host server, or to an alternate
virtualization host server.
DPM provides the following important data center backup system features:
• VSS backups. DPM uses VSS to protect data sources while the data source continues to run.
This means that applications and servers do not have to be taken offline while DPM provides the
protection for them. After an initial full backup is complete, DPM can back up just the block changes,
incrementally, which allows for faster and more efficient backup and recovery.
• Hyper-V item-level recovery support. DPM can recover specific files, folders, volumes, and virtual hard
disks from a host-level backup of Hyper-V virtual machines.
• Hyper-V host and guest support. DPM supports host-based protection when the agent is installed on
the host computer, and guest-based protection when the agent is installed on the virtual machine.
For guests running Windows Server 2003 and newer Windows Server versions, DPM provides online
backups that ensure that DPM does not impact the performance of the protected virtual machine
when providing protection.
Server Virtualization with Windows Server Hyper-V® and System Center 1-15
• Integration with Operations Manager. Integrating DPM with Operations Manager provides
monitoring for the DPM environment via the DPM Management Pack. The DPM Central Console,
which is built on Operations Manager, allows you to monitor all DPM servers from a central
computer. You can use the Central Console to open a DPM Administrator Console to manage DPM
remotely.
• Integration with other System Center 2012 components. With the integration of DPM and
Orchestrator, you can automate functions such as data protection and recovery. Using Service
Manager and the Self-Service Portal together with DPM and Orchestrator, you can also offer these
functions as services to private cloud users.
• Self-service functionality. DPM also has a self-service function that administrators can use to configure
and delegate restore functionality to self-service users. You can grant permission to restore to the
same server, or to restore to an alternate server, including to which alternate servers.
• Windows Azure Backup. You can back up DPM data to Windows Azure.
• Linux virtual machine backup. DPM provides support for Linux virtual machines.
Note: When building a virtualization solution (or any solution), it is important to test and
validate data by using the restore functionality. Ensure that you can restore each type of backup,
and be sure to implement a plan with periodic testing of backup integrity.
1-16 Evaluating the Environment for Virtualization
Lesson 3
Evaluating the Current Environment for Virtualization
Prior to implementing virtualization into your organization, you must first determine key evaluation
factors that you can use to assess your organization’s virtualization requirements. You will learn about
some of the available resources, including solution accelerators such as the Microsoft Assessment and
Planning Toolkit (MAP). This lesson also describes some of the principal design factors for implementing a
server virtualization solution.
Lesson Objectives
After completing this lesson, you will be able to:
You should also determine how you will measure success. For example, if your company is migrating
from Exchange Server 2007 to Exchange Server 2013, your migration project scope may include
server virtualization elements, but the overall success is measured by a transparent upgrade of the
organization’s email platform. However if your project scope is to implement or upgrade a server
virtualization strategy, Exchange Server may just be a milestone goal of the overall consolidation or
improvement program. Understanding budgets and documenting the project are also important
factors.
• Resource and performance. Assessing the resource and performance of the servers to be virtualized is
another evaluation factor. You can use MAP to provide detailed information on the number of hosts
and the host hardware requirements.
Typically, virtual machines require approximately the same resources as a physical server. For
example, if a physical server is currently utilizing 1-GB RAM, you should expect the virtual machine to
use the same amount of RAM, assuming that it runs the same operating system and applications as
Server Virtualization with Windows Server Hyper-V® and System Center 1-17
the physical server. If a single virtual machine consumes more than half of your host’s workload, you
should consider whether virtualization is appropriate or if the host’s sizing is adequate.
Hardware is not the only consideration when implementing a server virtualization solution. You also
should review all aspects of a service or application’s requirements before deciding whether you can host
it virtually. Some factors to consider when determining whether to virtualize server workloads are:
• Compatibility. You must determine whether the application can run in a virtualization environment.
Business applications range from simple programs to complex, distributed multiple tier applications.
You need to consider requirements for specific components of distributed applications, such as
specific needs for communication with other infrastructure components, or requirements for direct
access to the system hardware. While you can virtualize some servers easily, other components may
need to continue running on dedicated hardware.
• Applications and services. Applications and services that have specific hardware or driver
requirements generally are not well suited for virtualization. An application may not be a good
candidate for application virtualization if it contains low-level drivers that require direct access to
the system hardware. This may not be possible through a virtualization interface, or it may affect
performance negatively.
• Supportability. You need to evaluate if a virtualized environment will support your operating system
and requisite applications. Verify vendor support policies for operating system and application
deployment using the virtualization technologies.
• Licensing. You also need to evaluate whether you can license the application for use in a virtual
environment. Reduced licensing costs for multiple applications or operating systems could add up
and make a strong financial case for using virtualization.
• Availability requirements. Most organizations have some applications that must always be available
in a virtual environment for users. Some applications provide built-in options for enabling high
availability, while other applications may be more difficult to make highly available outside of a
virtual machine environment. When considering whether to virtualize a server, evaluate whether the
application has high availability options, whether a virtual machine environment supports those
options, and whether you can use failover clustering to make the virtual machine highly available.
The goal in most organizations is to utilize all servers adequately, whether they are physical or virtual. You
can fully utilize some server roles such as SQL Server or Exchange Server Mailbox servers, by deploying
additional SQL Server instances or moving more mailboxes to the server. In some cases, you can virtualize
server workloads in one scenario, but not in another. For example, in a very large domain with thousands
of users logging on simultaneously, it may not be practical to virtualize a domain controller. However, in a
smaller domain or in a branch office deployment, virtualizing domain controllers may be your best option.
1-18 Evaluating the Environment for Virtualization
o VMware ESXi
o VMware Server
o Select Linux distributions
o LAMP application stack discovery
o MySQL
o Oracle
o Sybase
o Data analysis. MAP performs a detailed analysis of hardware and device compatibility for
migration to:
Windows 8
Windows 7
Windows Server 2012
Windows Server 2008 R2
SQL Server 2012
SQL Server 2008 R2
Microsoft Office 2010
Office 365
MAP helps to gather performance metrics, and then generates server consolidation
recommendations. These recommendations identify candidates for server virtualization, including
how you might place the physical servers in a virtualized environment.
• Readiness reporting. MAP generates reports containing both summary and detailed assessment
results for each migration scenario. MAP provides these results in Microsoft Excel and Microsoft Word
documents. Readiness reports are available for many technologies including Windows 8 and Windows
Server 2012.
MAP also helps to gather performance metrics and generates server consolidation recommendations.
These recommendations identify the candidates for server virtualization, and makes suggestions for
how you might place the physical servers in a virtualized environment.
The latest version of MAP includes planning for migrating to Office 2013, migrating to the latest Windows
Server and Windows client operating systems, and migrating workloads to Windows Azure.
The following section summarizes MAP features that you can use for server virtualization assessments.
MAP Discovery
MAP can discover Windows, Linux, Unix, and VMware servers, computers, and virtual machines. It has the
following discovery methods and requirements for creating an inventory:
• AD DS. Requires domain credentials. You can use this method to discover all computers in all
domains, or in specified domains, containers, and organization units.
• Windows networking protocols, using WIN32 LAN Manager application programming interface (API).
Requires the Computer Browser service to be running on the computer, or the server running MAP.
You can use this method to discover Windows workgroups and Windows NT 4.0 domains.
• Configuration Manager. MAP can use either Configuration Manager or Microsoft Systems
Management Server (an older version of Configuration Manager), for discovery. For discovery, you
require the primary site server name and appropriate credentials for Configuration Manager or
Systems Management Server.
• IP Address Range. You can scan for computer and servers using one or more IP address ranges, up to
a maximum of 100,000 addresses.
• NetBIOS names. You also can discover computers and servers by entering their NetBIOS names
manually, or by importing the names from a text file.
Note: If required, you can use the Performance Metrics Wizard to collect additional metrics.
You must choose either to discard previous metrics or append the new ones to existing data.
While the performance metric data collection is running, you may not be able to perform other
tasks with MAP.
Server Virtualization with Windows Server Hyper-V® and System Center 1-21
To use the wizard, you must first complete an inventory, gather performance metrics, and input the
hardware configuration. When you run the wizard, you can select a utilization ceiling on the proposed
hardware, which allows for periodic spikes in utilization. The utilization settings include processor,
memory, storage capacity, storage I/O operations per second, and network throughput. Upon completing
this wizard, MAP will provide you with the recommended number of hosts.
• Install MAP.
• Use MAP to collect inventory data.
Demonstration Steps
Install MAP
1. Sign in to LON-CL1, and then navigate to and run the file \\lon-dc1\e$\labfiles\mapsetup.exe.
2. In the Microsoft Assessment and Planning Toolkit Setup Wizard, on the Installation Successful page,
ensure that the Open the Microsoft Assessment and Planning and Toolkit check box is selected,
and then click Finish.
3. On the Datasource page, in the Create or select a database section in the Name text box, type
Demo, and then click OK.
1-22 Evaluating the Environment for Virtualization
1. In MAP, click Server Virtualization, and then click Collect inventory data.
2. In the Inventory and Assessment Wizard, on the Inventory Scenarios page, select both Windows
computers and Use Active Directory Domain Services (AD DS).
o Domain: Adatum
o Account name: administrator
o Password: Pa$$w0rd
4. On the Active Directory Options page, ensure that Find all computers in all domains, containers,
and organizational units is selected, and then click Next.
o Domain: Adatum
3. On the All Computer Credential page, ensure that the adatum\administrator account is selected.
4. Review the details on the metrics page, and then close the window.
Create a hardware configuration
Before you can work with MAP features, you must first cancel the running process that was initiated in the
previous step.
1. At the bottom left of the MAP console screen, in the running task drop-down list box, click Cancel
processing, and then click Yes.
3. On the Choose Scenarios page, click General Server Consolidation/Desktop Virtualization, and
then click Next.
4. On the Hardware Configuration page, click Create New, and in the Create New text box, type
Server-Type1.
5. Complete the wizard using approximate values based on a server that you might use.
Server Virtualization with Windows Server Hyper-V® and System Center 1-23
As a general guideline, each virtualization project should include the following steps:
1. Determine the virtualization scope. The first step in planning a virtualization solution is to define the
project’s scope. You may have one or more projects, each working to address different parts of an
overall server virtualization strategy. To ensure that a project is successful, you need to define scope,
milestones, and goals.
2. Determine the workloads. Create a list of potential workloads that you want to virtualize, identify the
workloads that cannot be virtualized, then use MAP to discover and inventory all the remaining
servers. Collect the performance metrics of the required servers for a suitable period of time.
3. Determine backup and fault-tolerance requirements for each workload. You use these requirements
when designing the virtual server deployment. For example, some server workloads may require
frequent and consistent backup of data located inside the virtual machine, while other server
workloads may require just a virtual machine-level or configuration information backup. You use the
fault-tolerance requirements for the server workload when you deploy clustered virtual machines, or
to provide another method for ensuring high availability for the virtual machine.
4. Use MAP to aid in the design of the virtualization hosts. Use the hardware configurations and the
MAP Server Virtualization and Consolidation Wizard to assist in the design of the host server
infrastructure. As a best practice, to simplify host server management you should consider creating a
standard design for all virtualization hosts. Decide if you will require a maintenance host. As part of
the host server design, you also need to consider the number of virtual machines that each host
computer will be running.
5. Map workloads to hosts. After designing the host server hardware, you can start mapping the virtual
machines to the host servers. There are many factors that you need to consider during this design,
including:
o Host server capacity. How many virtual machines can you place on a host?
o Reserve capacity. How much of a resource buffer do you want to implement on each host
computer?
1-24 Evaluating the Environment for Virtualization
o Virtual machine performance characteristics and resource utilization. Can you characterize the
network, CPU, disk, and memory utilization for each of the virtual machines on a host? You may
choose to deploy virtual machines with different resource requirements on the same host.
6. Design host backup and fault tolerance. Use the information that you collected on the backup and
fault tolerance requirements for the virtual machines to design a backup and high availability solution
for the host computers.
7. Determine storage requirements. As part of the server workload discovery, you should have
documented the storage requirements for each virtual machine. Before moving the server workloads
to virtual machines, ensure that you have space for both the operating system virtual hard disks and
the data associated with each virtual machine. You also need to include storage availability and
performance requirements. You can use the MAP share infrastructure configuration to assist.
8. Determine network requirements. As a final step in the virtual machine design process, you also
should plan the network design. When planning your network design, you should consider a number
of factors:
o What type of network access do the virtual machines require? Most virtual machines likely will
require access to the physical network, but some virtual machines may only need to
communicate with other virtual machines on the same host computer.
o What are the network reliability requirements for each virtual machine?
o Will Network Virtualization be used?
Lesson 4
Extending Virtualization to the Cloud Environment
In this lesson, you will review some of the features in Window Azure, the public cloud services offering
from Microsoft. You will also learn about how and why you might want to join an on-premises
infrastructure to a public cloud infrastructure, and how you could make use of a hybrid cloud computing
solution.
Lesson Objectives
After completing this lesson, you should be able to:
Compute
• Websites. You can use website services to
develop and deploy more secure and scalable
websites, which includes integration with
many source control technologies. Windows
Azure supports many languages including
ASP.NET (sometimes known as classic ASP),
PHP, Node.js, and Python. You can also
deploy a choice of SQL Server databases, or
deploy MySQL. The Web Application Gallery has many open source applications, frameworks, and
templates available, including WordPress, Umbraco, DotNetNuke, Drupal, Django, CakePHP, and
Express.
• Virtual machines. You can build virtual machine instances from scratch, from templates, or you can
build them on your own site, and then transfer them to Windows Azure (or the other way around).
Virtual machines can run a variety of workloads including many Microsoft-certified workloads such
SQL Server, SharePoint Server, and BizTalk Server.
• Mobile services. You can use these services to build mobile phone apps, including storage,
authentication, and notification services for Windows apps, Android apps, and Apple iOS apps.
Data Services
• SQL Database. Windows Azure includes a SQL Database offering, previously known as SQL Azure
Database. SQL Database provides interoperability, enabling customers to build applications using
most development frameworks.
• HD Insight. Windows Azure HDInsight is the Hadoop-based solution from Microsoft. Hadoop is used
to process and analyze Big Data.
• Backup. You can back up directly to Windows Azure. You can configure the cloud backups from the
backup tools in Windows Server 2012 R2, or from System Center 2012 R2.
App Services
• Media Services. You can use media services to create, manage, and distribute media across a large
variety of devices such as Xbox, computers running the Windows operating system, MacOS, iOS, and
Android.
• Messaging. The Windows Azure Service Bus provides the messaging channel for connecting cloud
applications to on-premises applications, services, and systems.
• Windows Azure Active Directory (Windows Azure AD). This is a modern, Representational State
Transfer-based service that provides identity management and access control capabilities for cloud
applications. It is the identity service used across Windows Azure, Office 365, Microsoft Dynamics
CRM Online, Windows Intune, and other non-Microsoft cloud services. Windows Azure AD also can
integrate with on-premises Active Directory deployments.
Server Virtualization with Windows Server Hyper-V® and System Center 1-27
Network
• Windows Azure Virtual Network. You can use the Windows Azure Virtual Network (Virtual Network)
to create a logically isolated section in Windows Azure, and then connect it securely either to your
on-premises data center, or to a single client machine, using an IPsec connection. Virtual Network is
discussed more in-depth in the next topic.
• Windows Azure Traffic Manager. Windows Azure Traffic Manager (Traffic Manager) is used to load-
balance inbound traffic across multiple Windows Azure services. This ensures the performance,
availability, and resiliency of applications.
Templates may have the base operating system installed, and in some cases, they may include an
additional application that is ready for you to work with or evaluate. The following list are few of the
available virtual machine templates in the Windows Azure gallery:
In addition to the above lists, the Windows Azure gallery includes many Linux installation templates.
Apart from deploying a virtual machine from a template, you can create and capture your own images
using familiar tools such as Sysprep, or you can create virtual machines on-premises, and then import the
virtual machines into Windows Azure.
Creating and Uploading a Virtual Hard Disk that Contains the Windows Server Operating
System
http://go.microsoft.com/fwlink/?LinkID=386656
1-28 Evaluating the Environment for Virtualization
• Building a distributed application that is scalable on Windows Azure-hosted web servers, and are
building a database or data store that resides on your own physical infrastructure.
The Windows Azure Pack includes Windows Azure technologies that you can run inside your data center,
and that enable you to offer your customers self-service and multi-tenant services.
Windows Azure Pack integrates with System Center 2012 R2 and Windows Server 2012 R2, and provides
an interface that has the look and feel of the Windows Azure Management Portal. The Windows Azure
Management Portal is customizable and offers a self-service user experience for provisioning, monitoring,
and managing services such as Web Sites, Virtual Machines, and Service Bus. The Windows Azure Pack
also has automation capabilities and additional custom services that include a runbook editor, and an
execution environment.
To find out more about the Windows Azure Pack for Windows Server, you can download and read the
whitepaper from the following link:
A. Datum is rapidly expanding. To provide greater flexibility and the capability to respond quickly to
rapidly changing business environments, IT management has decided to virtualize many of the existing
servers, and deploy as many new servers as possible as virtual machines. A. Datum is planning to adopt
Hyper-V on Windows Server 2012 R2 as their virtualization platform.
As a senior server administrator at A. Datum, you are responsible for planning and implementing the
virtualized infrastructure. The first step in deploying the virtual environment is to analyze the current
A. Datum IT infrastructure, and to identify the appropriate virtualization methods for different business
requirements. In addition, you also need to evaluate the existing servers and identify which servers would
be appropriate candidates for virtualization.
Objectives
After completing this lab, you will be able to:
• Determine which virtualization method you should use, based on the scenario.
• Install MAP, and use it to evaluate the existing environment.
Lab Setup
Estimated Time: 45 minutes
Virtual machines: 20409B-LON-CL1, 20409B-LON-DC1
4. Click 20409B-LON-CL1, and then In the Actions pane, click Connect. Wait until the virtual machine
starts.
o Password: Pa$$w0rd
o Domain: Adatum
Note: Because you will be using the same virtual machines in the next lab, do not revert
the virtual machines at the end of this lab. However, you can shut down all virtual machines after
finishing this lab.
1-30 Evaluating the Environment for Virtualization
1. Which virtualization technology can assist with the remote worker requirements?
2. What are three of the components required to deliver the remote worker solution?
3. Approximately four months after A. Datum has gone live with the remote worker solution, users
begin to complain they cannot access the company systems from home. What could be a likely
problem?
4. When designing the virtualization solution, you must be able to accommodate a physical server
failure by providing reasonable fast recovery. What are the options to achieve a fast recovery?
Remote workers will need to have access to both Office 2010 and Office 2013.
Providing separate computers is not an option, and application compatibility issues might exist between
different versions of Microsoft Office.
o Office 2013
o Windows 7 Professional
o Windows 8 Professional
1. Which virtualization and management technology could you implement to improve the development
department infrastructure?
2. What tool can you use to find out how big the Hyper-V hosts must be to accommodate the
developers’ current systems?
3. Which System Center 2012 R2 component could help you delegate some virtual machine
administration, and provide some elements of self-service to the developers?
• List a few suggestions that could form part of a report to the CEO.
Results: After completing this exercise, you should have evaluated a given scenario and selected the
appropriate virtualization method for that scenario.
1. Install MAP.
2. Review assessments.
2. In the Microsoft Assessment and Planning Toolkit Setup Wizard, on the Installation Successful page,
ensure that the Open the Microsoft Assessment and Planning and Toolkit check box is selected,
and then click Finish.
3. On the Datasource page, in the Create or select a database section, in the Name text box, type
Demo, and then click OK.
4. Leave the MAP console open for the next task.
6. From the Microsoft Assessment and Planning Toolkit, import map_sampleDB.bak, and use the
database name of MAPDEMO.
7. On the upgrade warning page, click Yes. This process may take a minute or two.
8. When the sample map database has imported and upgraded successfully, click OK, and then click
Close.
9. Click File, click Select a Database, click MAPDEMO, and then click OK.
2. For virtualization technology, choose Windows Server 2012 Hyper-V, and then click Sample host.
4. On the Computer List page, select all the computers, and then complete the assessment.
5. On the Summary page, review the settings, and then click Finish.
10. When finished, close Excel, and then close File Explorer.
Results: After completing this exercise, you should have installed MAP and assessed a virtualization
environment.
Server Virtualization with Windows Server Hyper-V® and System Center 1-33
Question: Which technology can assist you in managing large volumes of virtual machines
and Hyper-V clusters?
Best Practice
When working with the MAP toolkit, consider backing up your database regularly. If you are running
assessments over a long period of time, the data could become critical to the timeframe of your project.
Module 2
Installing and Configuring the Hyper-V Role
Contents:
Module Overview 2-1
Module Overview
In production environments, a majority of the new servers are installed on virtual machines, and not on
physical machines. Windows Server 2012 R2 supports virtualization, and you can run virtual machines
on it as soon as you install the Windows Server Hyper-V role. With virtualization, many virtual machines
are running on the same hardware. Therefore, it is important that Hyper-V is scalable and can utilize all
resources that the physical host can provide. As you will typically manage Hyper-V host remotely, you
should be familiar with how to use Hyper-V Manager, and how to use Windows PowerShell for
day-to-day and repetitive tasks.
This module describes how to install the Hyper-V role on Windows Server 2012 R2 operating system, and
how to perform basic configuration of the Hyper-V role. You will learn that Hyper-V is available as part of
Windows Server 2012 R2, and as part of Microsoft Hyper-V Server 2012 R2, which is freely available on the
Microsoft website. This module also describes Hyper-V scalability, the security model that Hyper-V uses,
and some of the changes that will occur when you install the Hyper-V role. You will also learn how to
manage Hyper-V from a GUI, and by using Windows PowerShell.
Note: For the purpose of this course, all instances of Microsoft System Center 2012 R2
Virtual Machine Manager are referred to as VMM.
Objectives
After completing this module, you will be able to:
• Manage Hyper-V.
Lesson 1
Installing the Hyper-V Role
Before you can use virtualization on Windows Server 2012, you must first install the Hyper-V role. The
Hyper-V role is included in the following Windows products:
Client Hyper-V is the Hyper-V feature that comes with the Windows 8 and Windows 8.1 client operating
systems. In addition to having Client Hyper-V available as a role in these products, Microsoft Hyper-V
Server 2012 is available as a free download. You can install the free edition on new hosts as the underlying
operating system.
Hyper-V is a Layer 1 Hypervisor virtualization platform, which can run multiple isolated virtual machines
on the same physical host machine. Because many virtual machines may be running on the same physical
hardware, you must ensure that enough resources are available. When planning for the server hardware,
you should consider the required resources such as disks, storage, networking, and high availability.
This course refers to the Windows Server 2012 R2 server with the Hyper-V role installed as a Hyper-V host.
Hyper-V Server is a separate operating system, which also includes the Hyper-V feature.
Lesson Objectives
After completing this lesson, you will be able to:
• Identify server platforms that provide Hyper-V as a feature.
In comparison, Windows Server includes additional roles and features (such as Dynamic Host
Configuration Protocol (DHCP) server), and you can manage the Hyper-V role locally from either a GUI
or a command line. Hyper-V Server 2012 R2 is a free product, but it does not include any license for
operating systems in virtual machines. This means that you should consider licensing for your virtual
machines in your planning process.
Aside from virtualization rights, the only other difference between the Windows Server 2012 R2 Standard
and Datacenter editions is that the Windows Server 2012 R2 Datacenter edition provides automatic
activation of virtual machines (qualifying Windows Server operating systems), whereas the Windows
Server 2012 R2 Standard edition has no such feature. Currently, the only qualified Windows Server 2012
R2 operating systems that are activated automatically are the Standard, Datacenter, and Essentials
editions. Hyper-V Server 2012 R2 has the same virtualization capabilities as Windows Server 2012 R2,
including high availability and live migration; however, it does not include any GUI interfaces, or any
additional roles, or virtualization rights.
operating systems can be used on Windows Server 2012 or Windows Server 2012 R2 and vice versa.
You can use Hyper-V management tools that are included with Windows client operating systems for
managing Hyper-V in Windows Server 2012 or Windows Server 2012 R2—for example, on Hyper-V
Server 2012 R2.
Competitive Advantages of Microsoft Hyper-V Server 2012 over the VMware vSphere
Hypervisor
http://go.microsoft.com/fwlink/?LinkID=386662
Hyper-V enables you to create virtual machines with up to 64 virtual CPUs and 1 TB of virtual RAM, which
means that you can virtualize high-performance, scale-up workloads. Virtual hard disks can be up to 64
TB in size, and virtual machines can have virtual Fibre Channel adapters to access Fibre Channel storage
area networks (SANs) directly. Hyper-V in Windows Server 2012 R2 adds Generation 2 virtual machines,
which support Unified Extensible Firmware Interface (UEFI), Secure Boot, and booting from small
computer system interface (SCSI) controllers.
Server Virtualization with Windows Server Hyper-V® and System Center 2-5
Because today’s physical servers are more powerful and have more resources, it is important that the
virtualization platform can utilize them. The following table lists the maximum resources that Hyper-V can
utilize.
Virtual processors per server 2,048 No virtual processor per logical processor
ratio is imposed by Hyper-V.
Memory 4 TB
Physical network adapters No limits imposed by Each external virtual switch requires a
Hyper-V separate adapter.
The following table lists the maximum resources that you can configure on each virtual machine.
Component Maximum
Virtual processors 64
Memory 1 TB
Checkpoints 50
Note: The .vhdx format supports 64 TB, and the .vhd format supports 2 TB.
With virtualization, multiple virtual machines are running on the same physical host. Therefore, the
virtualization platform should be highly available. To meet this requirement, Hyper-V utilizes the failover
clustering feature. The following table lists the maximum number of components that apply to a Hyper-V
failover clustering environment.
Question: You plan to virtualize a computer that is running Microsoft SQL Server. The
computer has 8 processors and 96 gigabytes (GB) RAM. Can you virtualize the computer on
Hyper-V in Windows Server 2012 R2 and have the same resources? Can you virtualize it on
Hyper-V on servers running Windows Server operating systems prior to Windows Server
2012?
Hyper-V Architecture
When you install Windows Server 2012 R2, the
operating system accesses the server hardware
directly by using device drivers. Device drivers run
in the kernel mode and have full system access.
Programs such as Microsoft Office are executing
in the user mode and have limited access to the
system.
Hyper-V provides software infrastructure and management tools that you can use to create and manage
child partitions. You can install a 32-bit or 64-bit operating system into child partitions. Newer operating
systems such as Windows Server 2012 R2, Windows 8.1, or certain Linux distributions are aware that they
are running in virtual environment and that they include VMBus support. Older operating systems such as
Windows Server 2008 do not include VMBus support by default, but you can add support by installing
Integration Services. Legacy operating systems that are not supported by Integration Services can still run
in the child partition, but they will not be able to use VMBus, and device emulation will be used for all
virtual devices.
Hyper-V architecture
http://go.microsoft.com/fwlink/?LinkID=386663
Question: You install Windows Server 2012 R2 on a virtual machine named VM1. Can you
monitor disk input/output (I/O) for the physical server from VM1?
Server Virtualization with Windows Server Hyper-V® and System Center 2-7
Although you can configure virtual machines to access disks directly, they typically use virtual hard disks,
which are managed by the Hyper-V host. Hyper-V can use the following different types of physical
storage to store virtual hard disks:
• Direct-attached storage (DAS). DAS is storage that is directly attached to the physical host. You
can use different bus types for attaching DAS, such as SCSI, Serial Attached SCSI, Serial ATA (SATA),
external Serial Advanced Technology Attachment, or USB. USB is never recommended for server
environments.
• SAN. SAN is storage that the operating system on the host accesses over a dedicated or non-
dedicated network. SAN provides block-based access, and is presented as local storage by the
host. You can use protocols such as Internet SCSI (iSCSI), Serial Attached SCSI, or Fibre Channel for
attaching SAN storage. You can use SAN for shared storage, and it is often used for this purpose.
• Network-attached storage (NAS). NAS is storage that the host operating system accesses over a
network, and it provides file-based access. Windows Server 2012 and newer versions can use file
shares as the storage for storing virtual hard disks over Server Message Block (SMB) 3.0 or newer
protocols. Shared folders are increasingly popular, because they are an inexpensive option for shared
storage, and they provide additional benefits such as SMB Transparent Failover, SMB Multichannel,
and SMB Direct.
Aside from the operating system on the Hyper-V host, each virtual machine requires additional storage
for its data files. Virtual machines can utilize much more storage than is required for the virtual machine
operating system, installed programs, and data files. It is also important to remember that virtual machine
storage requirements can increase through time.
• Configuration. Configuration stores virtual machine settings, and specifies which virtual devices are
for use by the virtual machine. Configuration settings are stored in XML format, and are a few
kilobytes in size.
• Checkpoints. Checkpoints are optional, and enable you to revert a virtual machine to an earlier state.
Checkpoint size depends on the virtual machine state (is the virtual machine running or not), and the
RAM that is assigned to the virtual machine. Prior to Windows Server 2012 R2, checkpoints were also
referred to as snapshots.
2-8 Installing and Configuring the Hyper-V Role
• Saved state. Saved state is created when you save a virtual machine. It includes the virtual machine
memory, which is written to the hard disk. Saved state size is approximately the same size as the
virtual machine RAM.
Note: Later in this module, you will find more extensive and in-depth information on how
the Hyper-V host uses disk and storage.
Question: Which virtual machine component requires the most storage space?
There is no single best recommendation on how many NICs a Hyper-V host should have, and different
factors such as virtualization load, storage type used, and Hyper-V features used, can all influence that
number. Consider the following recommendations as basic guidance:
• A dedicated NIC for host management. Because you may manage the Hyper-V host remotely, you
may want to have a dedicated NIC just for that purpose. We typically do not recommend that you use
the same NIC for virtual machine access and Hyper-V management.
• At least one NIC for virtual machine networks. If you want to provide virtual machines with
connectivity to an external network, you should dedicate at least one NIC for that purpose. This
number can increase for more complex virtual network scenarios, or if redundancy (such as NLB) is
required. If some of your virtual machines require higher network bandwidth, then we recommend
creating a network team of NICs within the host operating system, and then attaching the NIC
network to the external network.
• At least one (and in some cases multiple) NICs for accessing shared storage (iSCSI or Fibre Channel).
Storage communication should have a dedicated network, and the second NIC provides redundancy
(multipath). This network also is used for accessing Cluster Shared Volumes (CSVs), if you are using
Hyper-V failover clustering.
• A dedicated NIC for failover clustering. We recommend that cluster nodes send heartbeat and other
inter-node cluster communication over a dedicated network.
• At least one NIC for live migration. Hyper-V can migrate virtual machine components such as virtual
disks, configuration, and checkpoints between Hyper-V hosts. It can also migrate between Hyper-V
hosts entire virtual machines that are running. You should use a dedicated network for live migration.
Server Virtualization with Windows Server Hyper-V® and System Center 2-9
Windows Server 2012 R2 includes Network Adapter Teaming (NIC Teaming), which you can use to
consolidate multiple NICs and use them as a single interface. This provides higher network throughput
and redundancy. You can also enable bandwidth management to limit bandwidth available to each
network adapter in the virtual machine.
Question: Why would you not use the same network adapter in a Hyper-V host for
performing remote Hyper-V administration, and for providing network access to virtual
machines that are running on the Hyper-V host?
• Hyper-V host-based failover clustering. You can implement failover clustering on the Hyper-V host
servers, and then use the Failover Cluster Manager to configure the virtual machines to be highly
available. You must configure Hyper-V hosts as Cluster Nodes, and configure them with properly
configured shared storage. The shared storage must be able to store highly available virtual machines.
If the Hyper-V host fails, the highly available virtual machine will fail over to another Hyper-V host in
the failover cluster, and the cluster will attempt to restart the virtual machine. This will make the
virtual machine available even if the Hyper-V host fails.
• Guest failover clustering. This option provides high availability for cluster roles that are running inside
virtual machines. You must configure virtual machines with shared storage, which can be on an iSCSI
target, a Fibre Channel SAN, or a shared virtual hard disk that is stored on an SMB 3.0 share or scale-
out file server. If a virtual machine fails, cluster roles that are running on the virtual machine will fail
over to another virtual machine in the failover cluster, and the cluster will attempt to restart the failed
virtual machine. This will make cluster roles available even if the individual virtual machine fails. You
can use this approach with services and applications that are configurable as clustered roles.
• Virtual machine-based Network Load Balancing (NLB). You can use NLB inside virtual machines
just as you use NLB with physical servers. NLB provides fault tolerance for stateless applications by
distributing inbound traffic across multiple virtual machines running the same application. If a virtual
2-10 Installing and Configuring the Hyper-V Role
machine fails, remaining virtual machines in NLB will pick up the requests. When you implement NLB
in a virtual machine environment, you should configure virtual machines on different Hyper-V hosts
to be NLB members. With such configuration, the application that virtual machines provide is not
disrupted if a Hyper-V host or virtual machine fails.
Question: You need to provide virtual machine-based failover clustering. What can you use
for shared storage?
• The previously installed operating system is moved into the parent partition.
• A hypervisor is added between the operating system and server hardware, and is configured to start
automatically.
• Hyper-V management tools such as the Hyper-V Manager snap-in, the Virtual Machine Connection
tool, and the Hyper-V Windows PowerShell module are added to the parent partition.
• Installing the Hyper-V role also adds several services, including Performance Monitor counters,
Applications and Services logs, and Windows Firewall rules, and it creates the Hyper-V Administrators
group in the parent partition.
Question: How can you verify that you have added Hyper-V hypervisor successfully and
configured it to start automatically on the host?
Question: You installed the Hyper-V role in Windows Server 2012 R2. Do you need to create
Windows Firewall rules to enable remote management of Hyper-V?
Server Virtualization with Windows Server Hyper-V® and System Center 2-11
Demonstration Steps
1. On LON-HOST2, in Windows PowerShell, use the Get-WindowsFeature cmdlet to verify that the
Hyper-V role is not installed.
2. In Windows PowerShell, use the Get-Command –Module Hyper-V cmdlet to verify that the Hyper-V
module is not yet installed.
3. In Windows PowerShell, use bcdedit.exe to verify whether the hypervisor is configured to start
automatically.
4. On the Start screen, search for and confirm that no program with the word hyper in the name is
installed.
5. Confirm that only one counter starts with the word Hyper-V in Performance Monitor, Hyper-V
Dynamic Memory Integration Service.
6. Confirm that no inbound Windows Firewall rules that start with the word Hyper-V display.
8. Switch to LON-HOST1.
9. On LON-HOST1, in Windows PowerShell, use the Get-WindowsFeature cmdlet to verify that
Hyper-V is installed.
10. In Windows PowerShell, use the Get-Command –Module Hyper-V cmdlet to verify that the Hyper-V
module is installed.
11. In Windows PowerShell, use bcdedit.exe to verify that hypervisor is configured to start automatically.
12. Confirm that Hyper-V Manager and Hyper-V Virtual Machine Connection programs are installed.
13. Confirm that now there are multiple counters available in Performance Monitor that start with the
word Hyper-V.
14. Confirm that now there are inbound Windows Firewall rules that start with the word Hyper-V.
2-12 Installing and Configuring the Hyper-V Role
Lesson 2
Managing Hyper-V
You will usually manage Hyper-V remotely, and not locally on the server where you installed it. Regardless
of from where you manage Hyper-V, you have two options: you can administer it in a GUI by using
Hyper-V Manager, or by using Windows PowerShell. When you manage Hyper-V remotely, you must
install the administrative tools locally on your remote machine. Ensure that you can connect to the server
that is hosting the Hyper-V role, and that you have appropriate permissions that allow you to manage
Hyper-V.
Lesson Objectives
After completing this lesson, you will be able to:
Note: System Center 2012 R2 is required to manage Windows Server 2012 R2. System
Center 2012 with Service Pack 1 (SP1) (or a newer version) is required to manage Windows Server
2012.
The Hyper-V Manager console has three panes. The navigation pane on the left provides a listing of all
connected Hyper-V hosts. The details pane in the middle provides information about the virtual machines
on the selected Hyper-V host. Detailed information includes their state, CPU usage, and assigned memory.
You can also add or remove additional columns in this pane. The details pane also lists checkpoints
(point-in-time snapshots), summary, memory, networking, and replication details for selected virtual
machine. The Actions pane on the right is divided into two parts: at the top are the actions available for
managing the Hyper-V host; below that is the contextual Actions pane that allows you to manage the
Server Virtualization with Windows Server Hyper-V® and System Center 2-13
selected virtual machine. The same actions are available when you right-click the host in the navigation
pane, or right-click the virtual machine in the details pane.
Question: Your virtualization environment has three Hyper-V hosts. In Hyper-V Manager,
can you view Manager the virtual machines on all three Hyper-V hosts simultaneously?
Question: Do you need to install RSAT on a Windows 8.1 workstation if you want to use it
for managing Hyper-V hosts?
Demonstration Steps
1. Sign in to LON-CL1 with the user name Adatum\Administrator and password Pa$$w0rd.
2. Confirm that no program that has the word hyper in the name is installed on LON-CL1.
4. Use the Windows Features window to enable the Hyper-V Management Tools feature.
2-14 Installing and Configuring the Hyper-V Role
5. In Windows PowerShell, use the Get-Command –Module Hyper-V cmdlet to confirm that the
Hyper-V module has been installed.
6. Confirm that two programs, Hyper-V Manager and Hyper-V Virtual Machine Connection, are
installed on LON-CL1.
7. Add LON-HOST1 to Hyper-V Manager, and review Hyper-V Settings for LON-HOST1.
In Hyper-V Manager, you can view available options either in the Actions pane, or when you right-click
an object. To list all the Windows PowerShell commands (called cmdlets) that you can use to manage
Hyper-V, from a Windows PowerShell window, simply run the following cmdlet:
You can pipe the result to the Measure alias by using the following command:
When you do this, you will discover that Windows Server 2012 R2 includes 178 cmdlets in the Hyper-V
module. If you need the detailed cmdlet syntax, you can use the following command:
Get-Help
If you remember only part of the cmdlet, you can use the following command, where part of name is the
part of the cmdlet that you can remember:
Parts of Cmdlets
Cmdlets have consistent verb-noun names, so in most cases you will know from a cmdlet name what
action it will perform. Some examples are as follows:
• Cmdlets starting with Get- will return the object property values, and will not modify objects in any
way.
• Cmdlets starting with Set- will set object property values, and you can use these cmdlets for
configuring objects.
Server Virtualization with Windows Server Hyper-V® and System Center 2-15
The second part of a cmdlet name specifies the object type on which the cmdlet will act. Some examples
are as follows:
You can specify the server on which you want to run the cmdlet by using the -ServerName parameter.
You also can specify more than one server:
Another Windows PowerShell feature is pipeline ( | ), which you can use to pass results between cmdlets.
For example, if you want to save all virtual machines on LON-HOST1, you can run the following
command:
If you want to start only virtual machines that have DC in their name and are hosted on LON-HOST1, you
can run the following command:
When you run some cmdlets (for example Get-VMHost), you cannot see the entire output because of
formatting. However, you can always format output differently, for example by directing the output to the
Format-Table cmdlet (or to the ft alias):
These examples are very basic examples of what you can do with Windows PowerShell. By using these
basic commands, you can start exploring Hyper-V with Windows PowerShell. You can also use Windows
PowerShell Integrated Scripting Environment (ISE), which includes an editor in which you can run cmdlets.
You also can use Windows PowerShell ISE to write, test, and debug scripts in a single GUI with multiline
editing, tab completion, syntax coloring, selective execution, and context-sensitive help.
However, if Hyper-V host is not an AD DS member (which can be the case in small, high security, or test
environments), additional configuration is required if you want to manage the Hyper-V host remotely.
You must ensure that Windows Firewall allows remote management. In a server with a GUI, you create
and enable firewall rules by default when you install the Hyper-V role. However, in a Server Core
installation or in Hyper-V Server, you must enable firewall rules manually.
Remote management is enabled by default in Windows Server 2012 R2, but you still need to grant
administrative rights remotely to local users, which you can do by running the command winrm
quickconfig. You must also create a local user with the same username and password as the domain user
that will be managing Hyper-V host, and then grant the local user sufficient permissions by adding him or
her to the Hyper-V Administrators local group. Because Component Object Model (COM) security is set to
allow remote access for Everyone by default, no further configuration on the Hyper-V host is required.
Make sure that Hyper-V management tools are installed on the computer from which you want to
manage the Hyper-V host remotely. Then, when you open the Hyper-V Manager console, you should
be able to connect to the remote Hyper-V host and manage it remotely.
Best Practice: To simplify configuration of a workgroup member Hyper-V host for remote
management, use the Hyper-V Remote Management Configuration Utility (HVRemote).
Question: Can you join virtual machines to the domain if they are running on a Hyper-V
host that is a member of a workgroup?
Server Virtualization with Windows Server Hyper-V® and System Center 2-17
The Best Practices Analyzer (BPA) is a rule-driven framework that can scan server roles for compliance with
best practices. The Hyper-V BPA in Windows Server 2012 R2 is installed as part of the Hyper-V role, and
includes over 110 rules, which are grouped in several categories. Some of these categories are Hyper-V
and virtual machine configuration, Networking, Storage, and Backup. Hyper-V BPA rules includes many
best practice recommendations, such as the following:
• The Server Core installation option for Windows Server 2012 is recommended for servers running
Hyper-V.
BPA is available as part of Server Manager or as Windows PowerShell cmdlets, contained in the
BestPractices module. You can use BPA to increase best practices compliance by scanning one or multiple
roles simultaneously, on either local or remote Hyper-V hosts, and regardless of whether you run scans
using the Best Practices Analyzer tile in Server Manager, or use Windows PowerShell cmdlets. You also can
instruct BPA to exclude or ignore scan results that you do not want to view.
BPA measures compliance with each best practice rule. Results can have one of the three following
security levels:
• Error. Configuration is not compliant with best practices, and can potentially cause functionality
problems.
After you perform a BPA scan in Server Manager, you can view compliance results in the BPA section.
When you select a result in this section, a preview pane in the section displays result properties, including
an indication of whether the role is compliant with the best practice. If a result is not compliant, and if you
want to know how to resolve the problem, you click links in the Error and Warning result properties
section.
2-18 Installing and Configuring the Hyper-V Role
Question: Should you always configure your Hyper-V host as best practices rules suggest?
Simple Authorization
Two types of users work with Hyper-V authorization: administrators in enterprises who require complex
authorization policy, and administrators in smaller environments. Administrators in enterprises typically
use VMM, which hides Authorization Manager from them. If administrators in smaller environments are
not using VMM, then they must use Authorization Manager, even for a simple authorization policies. By
doing this, administrators can avoid having to make users who need to manage Hyper-V, local
administrators.
Hyper-V in Windows Server 2012 R2 uses a new security model called Simple Authorization. Simple
Authorization provides an alternative to using Authorization Manager to manage simple authorization
policy. It also improves the experience of granting Hyper-V administrator privileges to accounts, without
granting local administrator privileges on the Hyper-V host. As a result, security of the Hyper-V host is
improved.
You implement Simple Authorization on the Hyper-V host by creating a local security group named
Hyper-V Administrators. A group with the same name is also added at the domain level. Both groups
(local and domain) are empty by default. The Hyper-V Administrators group is also included in the
Authorization Manager authorization store. The local group is included in the workgroup Hyper-V host,
but as soon as the server is joined to the domain, the domain group replaces the local group in the
authorization store.
Server Virtualization with Windows Server Hyper-V® and System Center 2-19
Members of the Hyper-V Administrators group have complete and unrestricted access to all Hyper-V
features. They are granted permissions in:
• Authorization Manager
• DCOM permissions
Question: You need to allow a user to manage virtual machines on a Hyper-V host, but this
user must not be able to manage Hyper-V host settings. What should you do?
2-20 Installing and Configuring the Hyper-V Role
Lesson 3
Configuring Hyper-V Settings
Hyper-V settings control the Hyper-V host. For example, Hyper-V settings determine where new virtual
machines will be created by default, whether Hyper-V is configured with RemoteFX adapters, whether
virtual machines and virtual machine storage can be transferred via live migration, and if the host is
configured as a Hyper-V replica. You can configure Hyper-V settings in Hyper-V Manager, or in Windows
PowerShell. You should be familiar with available options (such as non-uniform memory access (NUMA)
spanning or enhanced session mode policy) before configuring them.
Lesson Objectives
After completing this lesson, you will be able to:
• Describe NUMA.
• Describe RemoteFX.
• Virtual Machines. This setting specifies the default folder location for storing virtual machine
configuration files. When running the New Virtual Machine Wizard, the location that you configure
here will be used. You should have similar considerations as with virtual hard disks, and if you want
virtual machines to be highly available, this location should point to a shared location on either a SAN
or SMB 3.0 share.
Server Virtualization with Windows Server Hyper-V® and System Center 2-21
• Physical GPUs. This setting applies to Remote Desktop Virtualization and the VDI implementation. If
you want to enable RemoteFX 3D Video Adapters in virtual machines, you must install the Remote
Desktop Virtualization Host role service, and the Hyper-V host must have a physical graphics
processing unit (GPU) that supports RemoteFX.
• NUMA Spanning. This setting allows virtual machines to span across NUMA nodes when CPU or
memory resources are needed. The default setting is to allow spanning, but administrators should
consider whether this is the optimal configuration for the applications and services that are running
in their virtual machines.
• Live Migrations. This setting defines whether Hyper-V host can participate in virtual machine live
migrations. This setting is not enabled by default. If you enable this setting, there are additional
configuration options from which to choose, such as authentication protocol, maximum number
of simultaneous live migrations, which networks can be used for live migrations, and performance
options.
• Storage Migrations. This setting controls how many storage migrations can occur simultaneously on
the Hyper-V host. The default setting is 2.
• Enhanced Session Mode Policy. This setting defines whether redirection of local devices and resources
to virtual machines is allowed. The default Enhanced Session Mode Policy setting is to not allow
redirection. Enhanced session mode requires a supported operating system on the virtual machine
and requires additional virtual machine configuration.
• Replication Configuration. This setting determines when Hyper-V host can be used as a Hyper-V
Replica server. The default setting is that Hyper-V is not enabled as a replica server. If you enable it as
a replica server, you can configure additional settings such as authentication, and from which servers
replication is allowed.
• Keyboard. This setting controls how Windows key combinations (for example, Alt+Tab) are used
when using the Virtual Machine Connection interface. The default setting is to allow use of key
combinations with the virtual machine.
• Mouse Release Key. This setting controls the key combination for releasing the mouse in the Virtual
Machine Connection interface, when the guest operating system does not have Integration Services
installed.
• Enhanced Session Mode. This setting controls whether you want to use enhanced session mode
with Virtual Machine Connection, when an enhanced session mode is available in a guest operating
system. This setting is enabled by default. This setting allows the use of full Remote Desktop capability
when connecting to a virtual machine, including shared clipboard and device redirection.
• Reset Check Boxes. When you click the Reset button here, all check boxes are cleared that when
checked, hide pages and messages.
Question: You want all virtual machines that you create on Hyper-V host to be stored in the
same folder. Which Hyper-V setting should you configure: Virtual Hard Disks, or Virtual
Machines?
2-22 Installing and Configuring the Hyper-V Role
Demonstration Steps
1. On LON-HOST1, in Hyper-V Manager, start the New Virtual Hard Disk Wizard, and confirm default
location for creating new virtual hard disks.
2. In Hyper-V Manager, confirm that the same location is set as Virtual Hard Disk location Hyper-V
Setting.
3. Set the Virtual Hard Disk location Hyper-V Setting to C:\Users and confirm that this location is
used as a default location when creating new virtual hard disks.
4. In Windows PowerShell, use the Set-VMHost cmdlet with the VirtualHardDiskPath parameter to set
virtual hard disk location to \\LON-HOST2\VHDs.
5. Use Hyper-V Manager to confirm that it was set successfully.
6. In Windows PowerShell, use the Set-VMHost cmdlet to disable NUMA Spanning, and set the
maximum simultaneous storage migrations to 4.
7. Use Hyper-V Manager to confirm the changes that you made in Windows PowerShell.
What Is NUMA?
A computer with a single processor has a single
bus for accessing memory, and that single
processor can access all of a computer’s memory
with the same latency. However, many modern
computers have multiple processors with multiple
cores. Each physical CPU uses its own bus for
accessing physical memory.
Modern operating systems and high-performance applications include optimizations that can recognize
and consider using system NUMA topology when scheduling threads or allocating memory to increase
system performance. To avoid remote access delays, a NUMA–aware application attempts to allocate
storage and schedule threads to access data in the same NUMA node.
When a virtual machine starts, Hyper-V attempts to allocate all the memory for the virtual machine from
a single NUMA node, if enough memory is available. If the single NUMA node does not have enough
memory, Hyper-V also allocates memory from other NUMA nodes—this is known as NUMA spanning. At
the Hyper-V host level, a single check box controls whether to allow NUMA spanning. If this setting is
Server Virtualization with Windows Server Hyper-V® and System Center 2-23
enabled (which is the default configuration, and which means that NUMA spanning is allowed), virtual
machines can span NUMA nodes and provide virtual machines with additional memory. However, when a
virtual machine allocates memory from multiple NUMA nodes, there is a performance cost because CPU
access to remote memory takes longer than when CPU accesses local memory in the same NUMA node.
Hyper-V in Windows Server 2012 and Windows Server 2012 R2 projects a virtualized NUMA topology to
virtual machines. By default, this virtual NUMA topology is optimized to match the NUMA topology of the
physical host. Projecting a virtual NUMA topology into a virtual machine enables optimal performance
and workload scalability in large virtual machines by allowing the guest operating system and applications
such as SQL Server to leverage their NUMA performance optimizations.
You can configure virtual NUMA topology at a virtual machine level. You can specify the maximum
amount of memory, maximum number of virtual processors, and the maximum number of virtual NUMA
nodes. By default, these values are set to align with the physical NUMA topology. If you change the
settings, you can restore the default virtual NUMA topology by clicking the Use Hardware Topology
button.
• Server settings - Enhanced Session Mode Policy. This setting affects all virtual machines that are
running on the Hyper-V host. If this setting is enabled, enhanced session mode connections to virtual
machines on this Hyper-V host will be allowed.
Note: The default setting for the Allow enhanced session mode is set to Disabled on
Hyper-V in Windows Server 2012 R2, and is set to Enabled on Windows 8.1.
• User settings - Enhanced Session Mode. This setting determines if the Virtual Machine Connection
tool attempts to use enhanced session mode.
• Guest operating system. Enhanced session mode is available only if you connect to virtual machines
that are running Windows Server 2012 R2 or Windows 8.1. Remote Desktop Service must be running
on the virtual machine, and the user account you will be using to sign in to the virtual machine must
be a member of the Remote Desktop Users local group.
Question: Can you use enhanced session mode to connect to a Windows Server 2012 R2
virtual machine that is running on a Hyper-V host on Windows Server 2012?
You implement resource pools in Hyper-V by resource type. There are different resource pool types
such as Processor, Memory, Ethernet and virtual hard disk. By default, primordial pools are created
automatically for each resource type when you install the Hyper-V role. Using the Windows PowerShell
cmdlet Get-VMResourcePool, the default primordial pools display. You can also create new resource
pools, for example by running following cmdlet:
Once you create the Network (Ethernet) and Storage (virtual hard disk) resource pools, the configuration
settings that are available for the virtual machine display in Hyper-V Manager.
Question: How can you configure a virtual machine to use a virtual hard drive from a
specific resource pool?
2-26 Installing and Configuring the Hyper-V Role
Lesson 4
Hyper-V Host Storage and Networking
You must properly configure storage and networking for a Hyper-V host, so that the virtualization
platform and the virtual machines that are running on that platform can use the available resources at
optimal performance. Features such as storage spaces, disk deduplication, and network teaming are
Windows Server features that Hyper-V can utilize when they are available. For example, Hyper-V can
store virtual machines on SMB 3.0 network shares, and disk deduplication in Windows Server 2012 R2
can minimize disk space used by running virtual machine in a VDI scenario.
Lesson Objectives
After completing this lesson, you will be able to:
Storage Spaces is represented as virtual disks built on top of storage pools. Storage Spaces can have
different levels of redundancy, can use all allocated space when created (fixed provisioning) or expand
dynamically (thin provisioning), and can have automatic or controlled allocation on heterogeneous
storage.
You can use Storage Spaces to add physical disks of any type and size to a storage pool, and then create
highly available virtual disks from the storage pool. The primary advantage of Storage Spaces is that you
can manage multiple disks as one unit, instead of managing single disks.
• Continuous availability. Storage Spaces is fully integrated with failover clustering, which provides
continuous availability. You can cluster pools across multiple nodes within a single cluster. Storage
Spaces can be created on individual nodes, and if failure occurs, the storage will fail over to a
different node. Storage Spaces supports integration with CSVs, which enables scale-out access to
data.
• Optimal storage use. Storage Spaces supports thin provisioning to allocate space as needed. If data is
deleted inside a virtual machine, Hyper-V supports automatic storage reclamation for deleted files.
• Storage Tiering: In Windows Server 2012 R2, you can enable storage tiers on virtual disk, which enable
automatic movement of the most frequently accessed files to faster SSD storage.
• Multitenancy. Administration of storage pools is controlled through ACLs, and is delegated on a per-
pool basis. Each storage pool can be isolated, and access is integrated with AD DS.
Question: Can you include an iSCSI disk that is connected to your Hyper-V host, in Storage
Spaces?
You can enable data deduplication in Server Manager, or by using Windows PowerShell. You enable
data deduplication only for an entire volume. The volume must be formatted with NTFS file system, and
must not be a system or boot volume. You can use data deduplication on shared storage, and failover
clustering is fully supported. Windows Server 2012 R2 adds support for data deduplication on CSVs.
Data deduplication can be effective for optimizing storage and reducing the disk space used for storing
data. A virtualization library that stores virtual hard disks is a good example of how Data Deduplication
reduces disk space usage. By using data deduplication, you can reduce the virtualization library size by
80 percent or more. Windows Server 2012 can dedupicate only files that are not constantly open, and
because of this, virtual hard disks of running virtual machines cannot be deduplicated.
2-28 Installing and Configuring the Hyper-V Role
Windows Server 2012 R2 improves deduplication performance and adds support for deduplication of
open files. As a result, Windows Server 2012 R2 can deduplicate the virtual hard disks of the running
virtual machines that you used for VDI, and that are stored on an SMB 3.0 network share. Deduplication of
running virtual machines that are not part of VDI or that are not stored on a network share may work, but
this scenario is not supported.
Question: You plan to enable data deduplication on a file server. How can you enable data
deduplication, and what must you install first?
You can use Offloaded Data Transfer to interact with the storage device to move large files or data
through the high-speed storage network. Offloaded Data Transfer reduces client-server network traffic
and CPU usage considerably during large data transfers, because all data movement is performed by the
storage. If you want to use Offloaded Data Transfer, source and destination SANs must:
• Support Offloaded Data Transfer, must be connected by using iSCSI, Fibre Channel, Fibre Channel
over Ethernet, or Serial Attached SCSI.
• Must be managed by the same storage manager.
Hyper-V supports Offloaded Data Transfer, and when Offloaded Data Transfer also is supported by a
storage array, performance improvements can be considerable. For example, if the creation of a 10-GB
fixed-size virtual hard disk takes almost three minutes, the same operation takes less than a second when
using Offloaded Data Transfer. In addition, when using Offloaded Data Transfer you can perform other
related Hyper-V operations much faster, such as expanding virtual hard disks, merging virtual hard disks,
or live storage migration.
Server Virtualization with Windows Server Hyper-V® and System Center 2-29
Question: Can you use Offloaded Data Transfer when you copy a 10-GB file between file
shares?
• SMB Scale Out. Administrators can use this feature to create file shares in failover clusters on CSVs
that provide simultaneous access to files, with direct I/O, through all nodes in a file server cluster.
This feature helps provide load-balancing of clients and better utilization of network bandwidth.
• SMB Multichannel. This feature provides the ability to use multiple network interfaces for aggregation
of network bandwidth and network fault tolerance, if multiple paths exist between the client and the
server. Server applications can utilize aggregated network bandwidth, and are resilient in case of a
network failure.
• SMB Direct. This feature provides the ability to use network adapters that have Remote Direct
Memory Access (RDMA) capability. Network adapters that have RDMA can function at full speed with
very low latency by using minimal CPU resources.
• SMB Encryption. This feature enables file encryption while files are transferred over the network, and
without using public key infrastructure (PKI). You can configure SMB Encryption per share, or for the
entire server.
• VSS for SMB file shares. Volume Shadow Copy Service (VSS) is a framework that enables volume
backups while applications continue to write to the volumes. The VSS provider for SMB file shares
enables VSS–aware backup applications to perform application-consistent shadow copies of VSS-
aware server applications that are storing data on SMB 3.0 file shares. Prior to this feature, VSS only
supported performing shadow copies of data stored on local volumes.
Note: Windows Server Backup in Windows Server 2012 does not support VSS for SMB file
shares.
2-30 Installing and Configuring the Hyper-V Role
• SMB share management. If you prefer graphical tools, you can use Server Manager to create
and configure file shares by using a simple set of wizards. However, when you need to manage a
significant number of shares or automate the configuration, you should use Windows PowerShell.
Windows PowerShell can also be help you to understand better the inner workings of SMB 3.0. For
example, you can create a new file share by running the following Windows PowerShell cmdlet:
New-SmbShare
You then can add required permissions by running the following Windows PowerShell cmdlet:
Grant-SmbShareAccess
You can view other SMB–related cmdlets by running the following Windows PowerShell cmdlet:
Updated links on Windows Server 2012 File Server and SMB 3.0
http://go.microsoft.com/fwlink/?LinkID=386658
Question: Is SMB 3.0 used when you access and copy files from a Windows Server 2008 R2
file server to a Windows Server 2012 R2 server?
Because computer accounts are used for configuring file share permissions, the Hyper-V host and the file
server that hosts the SMB share must be members of the same AD DS domain. If data files of the running
virtual machine are stored on the SMB share, you can also configure data deduplication for the volume
that is hosting the SMB share. This requires Windows Server 2012 R2, and is only supported if the virtual
machine is part of a VDI implementation.
Storing virtual machine data files on an SMB 3.0 file share provides a similar level of reliability, availability,
manageability, and performance, as when virtual machine data files are stored on a SAN storage. This
means that you can also use an SMB share as shared storage for high availability scenarios. When
accessing an SMB 3.0 file share, you can use features such as SMB Transparent Failover, SMB Scale Out,
SMB Multichannel, SMB Direct, and SMB Encryption.
Server Virtualization with Windows Server Hyper-V® and System Center 2-31
Some of the advantages of using file shares to store virtual machine data files include:
• Easier provisioning and management. Instead of managing SANs and LUNs, you can create and
configure file shares, with which all administrators are familiar.
• Use existing infrastructure. You can use the existing file servers and networks. You do not have to add
specialized storage hardware such as SANs, or networking such as Fibre Channel.
• Use existing knowledge. All administrators are familiar with creating and configuring file shares.
Question: Can you store and run virtual machines on an SMB 3.0 share on a Windows Server
2012 R2 file server that is not a domain member?
• Switch-independent modes. Algorithms do not require the switch to participate in NIC Teaming.
Because the switch does not have the knowledge that the network adapter is part of a team, you can
connect the team network adapters to different switches. However, this configuration is not required.
These modes do not require any configuration of a switch, and they protect against switch failures.
• Switch-dependent modes. Algorithms require the switch to participate in NIC Teaming. These
algorithms require that all network adapters in a team are connected to the same switch, and that the
switch is configured properly.
The NIC Teaming feature also works within a virtual machine. This allows a virtual machine to have virtual
network adapters that are connected to more than one Hyper-V switch, and still have connectivity even if
the network adapter under that switch becomes disconnected.
You manage NIC Teaming in Server Manager using the NIC Teaming interface, or by using
Windows PowerShell cmdlets. You can view the cmdlets for managing NIC Teaming by running
Get-Command -Module NetLbfo.
2-32 Installing and Configuring the Hyper-V Role
Question: Do you need to configure network switches if you want to use NIC Teaming in
Windows Server 2012 R2?
Server Virtualization with Windows Server Hyper-V® and System Center 2-33
The first step in the implementation project is to deploy the Hyper-V hosts in the branch office.
Technicians at the branch office have installed the hardware in the branch office, and have installed
Windows Server 2012 R2 on the servers. You have already configured LON-HOST1 and you now need to
install and configure Hyper-V on LON-HOST2.
Because all of the servers are located in a remote data center, you will use Windows 8.1 as an
administrative workstation. To become familiar with the different options for managing the Hyper-V
hosts, you will use both Server Manager and Windows PowerShell to manage the Hyper-V role remotely.
Objectives
After completing this lab, you will be able to:
• Install the Hyper-V role.
Lab Setup
Estimated Time: 60 minutes
Password: Pa$$w0rd
For this lab, you will use the available virtual machine environment. Before you begin the lab, you must
complete the following steps:
3. In Microsoft Hyper-V Manager, click 20409B-LON-DC1, and in the Actions pane, click Start.
4. In the Actions pane, click Connect. Wait until the virtual machine starts.
o Password: Pa$$w0rd
Note: Because you will be using the same virtual machines in the next lab, do not revert
the virtual machines at the end of this lab. However, you can shut down all virtual machines after
finishing this lab.
You will be working in pairs. Communicate clearly with your lab partner, and cooperate fully with
each other during this lab.
2-34 Installing and Configuring the Hyper-V Role
2. Verify that the LON-HOST2 computer does not have the Hyper-V role installed.
Note: One of the students in a pair will be working on LON-HOST1, and the other student
will be working on LON-HOST2.
• Write down your LON-HOST number on a piece of paper. If your LON-HOST number is 1, your
partner’s number will be 2, and vice-versa.
Task 2: Verify that the LON-HOST2 computer does not have the Hyper-V role
installed
1. On LON-HOST2, in Server Manager, confirm that the Hyper-V role is not installed.
2. In Windows PowerShell, use the Get-WindowsFeature cmdlet to confirm that neither Hyper-V nor
Hyper-V Management Tools are installed.
3. In Windows PowerShell, use the Get-Command –Module Hyper-V cmdlet to verify that the Hyper-V
module is not installed.
4. In Windows PowerShell, use bcdedit.exe to verify whether hypervisor is configured to start
automatically.
5. Use Windows Search to confirm that no program that has the word hyper in the name is installed.
6. Confirm that there is no Applications and Services Logs node that starts with word Hyper-V in
Event Viewer.
7. In Performance Monitor, confirm that there is only one counter available that starts with the word
Hyper-V, Hyper-V Dynamic Memory Integration Service.
8. Confirm that there are no inbound Windows Firewall rules that start with the word Hyper-V.
9. Confirm that six services display that start with the word Hyper-V, but that Hyper-V Virtual
Machine Management service is not present among the services on LON-HOST2.
2. Wait until LON-HOST2 restarts, and then sign in with the user name Adatum\Administrator and the
password Pa$$w0rd.
Server Virtualization with Windows Server Hyper-V® and System Center 2-35
2. In Windows PowerShell, use the Get-WindowsFeature cmdlet to confirm that both Hyper-V and
Hyper-V Management Tools are installed.
3. In Windows PowerShell, use the Get-Command –Module Hyper-V cmdlet to confirm that the
Hyper-V module has been installed.
4. In Windows PowerShell, use the bcdedit.exe command to verify that hypervisor is configured to start
automatically.
5. Confirm that the Hyper-V Manager and Hyper-V Virtual Machine Connection programs are
installed.
6. In Event Viewer, confirm that multiple Applications and Services Logs nodes that start with the
word Hyper-V display.
7. In Performance Monitor, confirm that multiple counters that start with the word Hyper-V are
available.
8. In Performance Monitor, confirm that multiple inbound Windows Firewall rules that start with the
word Hyper-V display.
9. In Performance Monitor, confirm that multiple services that start with the word Hyper-V display,
including a service named Hyper-V Virtual Machine Management, which has a status of Running.
Note: This script will import three virtual machines: 20409B-LON-PROD2, 20409B-LON-
TEST2, and 20409B-LON-CL2.
The script will ask for the drive letter on which the base images were extracted and the drive
letter on which the course images were extracted. Theses drive letters will depend on the physical
server configuration. If you are unsure about what are the drive letters, ask the instructor.
Results: After completing this exercise, you should have installed the Hyper-V role.
1. On LON-HOSTx, use Server Manager to create a share by using the SMB Share – Applications share
profile.
2. Create a share on drive C. Name the share VHDs, and grant the Domain Users group Full Control
permissions to the share.
1. On LON-HOSTx, in Hyper-V Manager, start the New Virtual Hard Disk Wizard, and confirm the
default location for creating new virtual hard disks.
2. In Hyper-V Manager, confirm that the same location is set as the Virtual Hard Disk location Hyper-V
Setting.
3. In Hyper-V Manager, set the Virtual Hard Disk location Hyper-V Setting to C:\Users, and confirm
that this location is the default location when creating new virtual hard disks using the New Virtual
Hard Disk Wizard.
4. In Windows PowerShell, use Set-VMHost cmdlet with the VirtualHardDiskPath parameter to set
virtual hard disk location to \\LON-HOSTy\VHDs, where y is number of your partner’s host. For
example, if you are using HOST1, then y represents 2, and if you are using HOST2, then y represents 1.
5. Use Hyper-V Manager to confirm that the Virtual Hard Disk location Hyper-V Setting is successfully
set to \\LON-HOSTy\VHDs.
o Storage Migration: 2
o Storage Migrations: 4
3. In Hyper-V Manager, confirm that all settings that you set by using Windows PowerShell are present.
Results: After completing this exercise, you should have configured Hyper-V settings.
2. Sign in to LON-CLx with the user name Adatum\Administrator and the password Pa$$w0rd.
3. Use Search to confirm that no program with the word hyper in the name is installed on LON-CLx.
4. In Windows PowerShell, use the cmdlet Get-Command with the Module parameter to confirm that
the Hyper-V module is not installed.
5. Use the Turn Windows Features on or off program to turn on the Hyper-V Management Tools
feature.
6. In Windows PowerShell, use the cmdlet Get-Command with the Module parameter to confirm that
the Hyper-V module is now installed.
7. Confirm that two programs containing word hyper are now installed: Hyper-V Manager, and
Hyper-V Virtual Machine Connection.
2-38 Installing and Configuring the Hyper-V Role
2. Review Hyper-V Settings for LON-HOSTx, and verify that the settings are configured as you
configured them in the previous exercise:
o Storage Migrations: 4
3. Open Windows PowerShell and review the Hyper-V configuration of LON-HOSTx by using the
Get-VMHost cmdlet.
4. Use the Get-VMHost cmdlet to set the Storage Migrations setting on LON-HOSTx to 3.
5. Confirm the setting in Hyper-V Manager.
Note: Do not forget to Refresh the settings to view the updated settings in Hyper-V
Manager.
Results: After completing this exercise, you should have accessed and managed Hyper-V remotely.
Server Virtualization with Windows Server Hyper-V® and System Center 2-39
Question: Can you virtualize a file server that is using a Fibre Channel SAN for storing shared
folders?
Question: You have a Windows 8.1 virtual machine that must be highly available. Can you use
virtual machine-based failover clustering to make it highly available?
3-1
Module 3
Creating and Managing Virtual Hard Disks, Virtual Machines,
and Checkpoints
Contents:
Module Overview 3-1
Lab A: Creating and Managing Virtual Hard Disks and Virtual Machines 3-24
Lesson 3: Installing and Importing Virtual Machines 3-30
Lesson 4: Managing Virtual Machine Checkpoints 3-37
Module Overview
After installing the Hyper-V role and configuring the server properties, you are ready to begin creating
virtual machines and virtual hard disks. In this module, you will learn that Hyper-V in Windows Server
2012 supports two virtual disk file formats (.vhdx and .vhd) and three disk types (fixed-size, dynamically
expanding, and differencing). You will learn about the differences between the various disk formats and
disk types. You will also learn how to create these disks and configure a virtual machine to use disks that
are directly attached.
You are probably familiar with the virtual machines that Windows Server 2012 R2 Hyper-V refers to
as Generation 1 virtual machines. In Windows Server 2012 R2, you can also create Generation 2 virtual
machines, which can have fewer types of virtual hardware, but conversely, provide advanced features such
as Unified Extensible Firmware Interface (UEFI), Secure Boot, and boot from the small computer system
interface (SCSI) device.
Virtual Machine Connection is a Hyper-V management tool. In Windows Server 2012 R2, this tool has
enhanced session mode, which provides a rich Remote Desktop experience when connecting to virtual
machines that support it. You can also use this tool to copy and paste data between virtual machines,
and to redirect devices such as those connected to it, including physical USB ports, to virtual machines.
In Windows Server 2012 R2, snapshots—a popular feature of previous releases—have been renamed
checkpoints. A major improvement in Windows Server 2012 Hyper-V is that virtual machines can detect
when a checkpoint was applied by using the Generation ID value. You should still use checkpoints
carefully in a production environment unless they are supported explicitly. In this module, you will
also learn about monitoring the Hyper-V environment by using performance monitoring and resource
metering.
3-2 Creating and Managing Virtual Hard Disks, Virtual Machines, and Checkpoints
Note: For the purpose of this course, all instances of Microsoft System Center 2012 R2 -
Virtual Machine Manager are referred to as VMM.
Objectives
After completing this module, you will be able to:
• Design and manage virtual machines for server roles and services.
Server Virtualization with Windows Server Hyper-V® and System Center 3-3
Lesson 1
Creating and Configuring Virtual Hard Disks
Just as physical computers store data on physical hard disks, virtual machines store data on virtual
hard disks, which actually are files that reside on physical hard disks. There are different types of virtual
hard disks available, and this lesson explains the differences between them. In the past, fixed-size disks
provided considerably better performance than dynamically expanding disks. In Windows Server 2012, the
performance difference between them is minimal. You also can configure virtual machines to use directly
attached disks, but such disks do not support snapshots and are less suitable for migration because they
are not encapsulated in a single file. Virtual hard disks can be in one of two formats: .vhd (legacy), and
.vhdx (modern). Although virtual hard disks are just that, the modern Windows operating system also can
access their content from physical computers.
Lesson Objectives
After completing this lesson, you will be able to:
• Describe storage options for virtual machines.
• Explain the difference between fixed-size and dynamically expanding virtual hard disks.
• Describe differencing virtual hard disks.
You can connect virtual machines to storage by using two different storage controller types—SCSI,
and integrated device electronics (IDE). A virtual machine can access a disk either as a virtual Advanced
Technology Attachment (ATA) device on a virtual IDE controller or as a virtual SCSI disk device on a virtual
SCSI controller. Virtual storage controllers have the following characteristics:
• IDE controllers are available only in Generation 1 virtual machines. Each virtual machine has two IDE
controllers and can have up to two devices (hard drives or DVD drives) attached to each controller.
• An IDE controller is first emulated, which means that it is available when the virtual machine starts
and later it is synthetic, which provides better performance.
• While the virtual machine is running, you cannot add devices to or remove devices from an IDE
controller.
• SCSI controllers are available in all virtual machines. Generation 1 virtual machines can use a SCSI
controller only as a data disk, whereas Generation 2 virtual machines start from the SCSI controller–
attached disks or DVD drives.
• A SCSI controller is synthetic, and you can add disks to or remove disks from a SCSI controller while
a virtual machine is running. A virtual machine can have up to four SCSI controllers, and each SCSI
controller supports up to 64 devices, which means that each virtual machine can have as many as 256
virtual SCSI disks.
• SCSI controllers include support for Windows Offloaded Data Transfers, which is not available for
disks that are attached to an IDE controller.
• You can use different hard disk types, such as fixed-size, dynamically expanding, differencing, and
attached physical disks, with both controller types.
• A virtual machine uses storage controllers for accessing storage. The type of storage controller that
the virtual machine uses does not have to be the same type that Hyper-V is using. For example, a
Hyper-V host can have only physical SCSI storage, but you can configure virtual machines with IDE
controllers, and use IDE-attached virtual hard disks, which are stored on the SCSI storage of the
Hyper-V host.
Note: Although physical SCSI and IDE hard disk I/O performance can be significantly
different, this is not the case for virtual SCSI and IDE hard disks. They both offer equally fast I/O
performance.
You can store virtual machine virtual hard disks locally on Hyper-V host, on Server Message Block (SMB)
3.0 file shares, or on a SAN LUN. You can configure virtual machines to use directly attached disks over
iSCSI or Fibre Channel protocol. Such directly attached disks are accessed directly and are not contained
in a virtual hard disk file. In addition, you cannot use them for starting virtual machines. However, directly
attached disks are important when configuring guest failover clustering because you can use them as a
shared storage.
Server Virtualization with Windows Server Hyper-V® and System Center 3-5
The following table describes the various storage configuration options that are available to virtual
machines.
Exposed to a Hyper-V Virtual hard disk Virtual hard disk on Physical disk directly
host as on NTFS file NTFS file system attached to a virtual
system machine
Question: Is there any difference between connecting a virtual hard disk to a virtual machine
by using an IDE virtual controller or a SCSI virtual controller?
The virtual hard disk format specification is available publicly. Developers can use the specification to
develop solutions to access virtual hard disk data and content, and they can use it to extend the virtual
hard disk. The virtual hard disk format has evolved over time, and Hyper-V in Windows Server 2012 R2
supports two virtual hard disk formats:
• .vhd. This format supports virtual hard disks up to 2,040 gigabytes (GB) in size. This format has been
available since Microsoft Virtual Server 2005 was released, which means that you can use the .vhd
format with older Hyper-V hosts and with legacy Microsoft virtualization products.
• .vhdx. This format supports virtual hard disks up to 64 TB in size. This format has been available since
Windows Server 2012, and it is not compatible with older Hyper-V hosts. Experience with the .vhd
format guided the .vhdx format improvements. The .vhdx format provides better data corruption
protection and optimizes structural alignments on large sector physical disks.
When you compare the .vhd and .vhdx formats, the .vhdx format provides the following benefits:
• Support for larger virtual hard disk sizes, up to 64 TB.
• Protection against data corruption by logging updates to the .vhdx metadata structures, which can be
especially important during power failures.
• The ability to store custom metadata about a file, such as which operating system is installed in .vhdx,
or which patches are applied to it.
• Improved alignment of the virtual hard disk format to work better with large sector disks.
• Larger block sizes for dynamic and differential disks, which improves their performance.
• 4 kilobytes (KB) logical sector virtual disk, which increases performance when used by applications
that are designed for 4 KB sectors.
• Efficiency in data representation, which results in smaller file size so that underlying physical storage
device can reclaim unused space (trim operation).
Note: You can convert .vhd files to the .vhdx format when you upgrade to Windows Server
2012 or Windows Server 2012 R2 because of the improvements of the .vhdx format. The only
reason why you should not convert the files is when you still need to move a virtual disk to an
older version of Hyper-V that does not support the .vhdx format.
When you create a new virtual hard disk on Windows Server 2012 R2, it selects the .vhdx format by
default. Hyper-V also provides the capability to convert .vhd files to .vhdx, and .vhdx files to .vhd, as long
as they are not larger than 2,040 GB. You can create new virtual hard disks from Windows PowerShell by
using the New-VHD cmdlet. You can also convert virtual hard disks between .vhd and .vhdx formats by
using the Convert-VHD cmdlet.
Note: Virtual hard disks are not only usable with virtual machines. You can also access,
mount, and use virtual hard disk content from physical host computers. You can use them even
without Hyper-V virtualization. From Windows Server 2012 R2 or Windows 8.1, you can right-
click the virtual hard disk file, mount it, and then perform operations on it just like any other hard
drive. In older Windows versions, you cannot mount virtual hard disk files by using Windows
Explorer (File Explorer in Windows 8 and Windows 8.1), but you can use Disk Management or
Diskpart tools instead. You can also use native boot from a virtual hard disk, where a physical
computer starts from a .vhd or .vhdx file.
Server Virtualization with Windows Server Hyper-V® and System Center 3-7
Question: On a Windows 8 computer, how can you view and access the content of a virtual
hard disk that is in .vhdx format?
• Dynamically expanding. When you create a dynamically expanding virtual hard disk, Hyper-V creates
a small file on the Hyper-V host. That file then grows as you write data to the virtual hard disk until it
reaches its fully allocated size. The size of the dynamically expanding disk only grows. It does not
shrink even if you delete data. For example, if you create a 100-GB dynamically expanding virtual
hard disk, Hyper-V will create a file that will be only a few megabytes (MB) in size. When you write
into that virtual hard disk file, it will grow; however, when you delete information from the virtual
hard disk it will not shrink. When you start using the dynamically expanding virtual hard disk, for
example, by formatting partitions and installing an operating system onto it, it will start growing until
it reaches its maximum size of 100 GB. Hyper-V creates the dynamically expanding virtual hard disk
much faster because it does not allocate all the space at once. However, when you add data to the
virtual hard disk, it might fragment in the same way that any file would on your volume. You can
create dynamically expanding virtual hard disks that would require more space on the storage
subsystem than is currently available—you can overcommit storage. Dynamically expanding virtual
hard disks are smaller than other virtual hard disk types until reaching their maximum size.
3-8 Creating and Managing Virtual Hard Disks, Virtual Machines, and Checkpoints
Historically, dynamically expanding virtual hard disks had inferior performance as compared with
fixed-size disks. However, in Windows Server 2012, this performance difference is minimal. Companies
typically use dynamically expanding virtual hard disks in test and development environments.
However, with live storage migration, the smaller size of dynamically expanding disks also is
attractive.
When you create a new .vhd virtual hard disk in Windows Server 2012 R2, the New Virtual Hard Disk
Wizard selects fixed-size by default. If you create a .vhdx virtual hard disk, the New Virtual Hard Disk
Wizard selects the dynamically expanding type by default. After Hyper-V creates a dynamically expanding
virtual hard disk, you can convert it to fixed-size, and vice versa.
Note: The fixed-size type virtual disk is a better choice when you are using the .vhd format
because it offers better resiliency and performance compared with the other virtual hard disk
types. When using the .vhdx format, it is beneficial to use the dynamically expanding type. In
addition to space savings, it offers resiliency. The fixed-size type is also a good choice for both
virtual disk formats when the storage on the Hyper-V host is not actively monitored.
Question: Do you benefit from Windows Offloaded Data Transfers when you are creating a
dynamically expanding virtual hard disk?
The differencing virtual hard disk stores changes for the parent disk and provides a way to isolate changes
without altering the parent disk. When you use a differencing virtual hard disk, you can access all the data
from the parent disk, and changes you make are written only to the differencing virtual hard disk, not to
the parent disk. In other words, reads for modified data are served from the differencing virtual hard disk,
and reads of all other data are served from the parent virtual hard disk. Metadata is used in both cases to
determine from where data should be read, which results in differencing virtual hard disks having slower
performance than fixed-size or dynamically expanding virtual hard disks. Differencing virtual hard disks
must use the same format as the parent disks—either .vhd or .vhdx.
Server Virtualization with Windows Server Hyper-V® and System Center 3-9
Note: While differencing virtual hard disks do have their place in production environments,
especially with Virtual Desktop Infrastructure (VDI) pooled desktops, they should be used
sparingly and only after careful planning in other scenarios.
The differencing virtual hard disk expands dynamically because data that is intended for the parent disk is
written to the differencing virtual hard disk. The base/differencing relationship is based on the integrity of
the base disk. Therefore, you should not write to the parent disk because any change made to the parent
disk will invalidate all differencing virtual hard disks that are linked to that parent.
Note: A differencing disk references a parent disk and stores the changes. Therefore, you
should avoid making any changes to a parent disk. As a best practice, you should configure a
parent disk as read-only. Be aware that a Merge operation changes the parent disk and
invalidates any other differencing disks that use that parent disk.
You cannot specify a size for a differencing virtual hard disk. Differencing virtual hard disks can grow as
large as the parent’s disk size limit. However, unlike dynamically expanding disks, you cannot compact
differencing virtual hard disks directly. You can compact a differencing virtual hard disk only after it
merges with its parent disk.
Differencing virtual hard disks can be beneficial in some scenarios. For example, you could use a virtual
hard disk that has a clean installation of the Windows Server 2012 R2 operating system as a parent, and
then use a new differencing virtual hard disk as the virtual machine hard disk. You could even create
multiple differencing virtual hard disks for multiple virtual machines that would use the same Windows
Server 2012 R2 virtual disk as their parent disk.
Note: Differencing virtual hard disks can be useful in a testing or training environment.
Question: Can Hyper-V allocate more storage space to a differencing virtual hard disk than
to the parent disk to which it links?
Demonstration Steps
1. Use Hyper-V Manager to create a new virtual hard disk with following settings:
o Format: VHDX
o Size: 100 GB
2. Use Hyper-V Manager to create a new virtual hard disk with following settings:
o Format: VHD
o Type: Differencing
o Name: Differencing.vhd
o Parent: E:\Program Files\Microsoft Learning\base\Base14A-WS12R2.vhd
3-10 Creating and Managing Virtual Hard Disks, Virtual Machines, and Checkpoints
3. In Windows PowerShell, use the cmdlet New-VHD to create a new virtual hard disk with the
following settings:
o Path: C:\Shares\VHDs\Fixed.vhdx
o Size: 1 GB
4. On LON-HOST1, in File Explorer, browse to C:\Shares\VHDx, and then confirm that Fixed.vhdx
allocates 1 GB disk space, while both Dynamic.vhdx and Differencing.vhd are allocated less disk space.
• When a virtual machine is using a directly attached disk, there is no associated virtual hard disk
involved because the virtual machine is accessing a physical disk.
• Directly attached disks provide superior performance, similar to physical disks, because there is no
overhead involved. On Windows Server 2012 and newer versions, fixed-size virtual hard disks provide
similar performance. Dynamically expanding virtual hard disks have only slightly lower performance.
• If a virtual machine will access a directly attached disk on a SAN, you do not need to mount the LUN
on a Hyper-V host by using iSCSI or Fibre Channel.
• Accessing directly attached disks requires lower CPU utilization because it does not involve any
overhead on the Hyper-V host.
• Directly attached disks have no size limitation, and they can be larger than 64 TB.
• You cannot use differencing virtual hard disks with directly attached disks.
• You cannot expand directly attached disks dynamically unless such functionality is provided in
the SAN.
• The Hyper-V Volume Shadow Copy Service (VSS) writer cannot back up directly attached disks, and
you cannot use Windows Server Backup in the parent partition to back up such disks. In such a case,
you should use the backup program that is installed on the virtual machine.
Note: You cannot use Live Migration to move virtual machines between Hyper-V hosts that
are not in the same failover cluster if the virtual machines are using directly attached disks.
If you want to configure a virtual machine to use an internal Hyper-V host physical disk or a LUN that
is connected to a Hyper-V host as a directly attached disk, you can access it over a virtual IDE or SCSI
controller. You can do so by modifying the virtual machine hard disk settings to use a physical disk
instead of a virtual hard disk. If you want to use a SAN directly from inside a virtual machine, you should
either configure an iSCSI initiator in the virtual machine or add a virtual Fibre Channel adapter to the
virtual machine, depending on how you will access the SAN.
Question: Can you view a directly attached disk that a virtual machine is using from the Disk
Management tool that is running on the Hyper-V host on which the virtual machine is
running?
You can enable virtual hard disk sharing only for .vhdx files that are connected to a virtual SCSI controller.
You cannot use virtual hard disk sharing for .vhd files that are connected to a virtual IDE controller. You
can store the shared .vhdx file only on a failover cluster. This can be a Cluster Shared Volume (CSV) on
block storage, which includes clustered storage spaces, or a scale-out file server with SMB 3.0 on file-
based storage. You cannot enable virtual hard disk sharing if these prerequisites are not met. For example,
if the .vhdx file is connected to a virtual SCSI controller but is stored locally or on a SMB 3.0 share.
You can configure storage QoS for each virtual hard disk. By specifying the maximum IOPS value on the
advanced features of the virtual hard disk, you can balance and throttle the storage I/O between virtual
machines and prevent a virtual machine from consuming excessive storage I/O operations, which could
affect other virtual machines. You can also configure the minimum IOPS value and receive a notification
when the IOPS for that virtual hard disk is below the configured value. In addition, the virtual machine
metrics infrastructure is updated with storage-related parameters so that you can monitor the
performance and chargeback for used resources.
Note: Virtual disk maximum IOPS settings are specified in terms of normalized IOPS. IOPS
are measured in 8 KB increments.
Note: Storage QoS is not available if you are using shared virtual hard disks.
• Virtual machines that are running on the same Hyper-V host are in competition for disk I/O. To
improve performance, you should have as many of the fastest physical disks as possible.
• Windows Server 2012 includes storage spaces so that you can create redundant storage for virtual
hard disks.
• If available, you should use solid-state drives (SSDs) for best possible performance. They do not have
moving parts, and they provide fast access speed and high throughput.
• Windows Server 2012 R2 introduces tiered storage, which you can use to combine classical spindle
base disks and SSDs in the same storage. Tiered storage significantly increases access speed and
throughput.
• You can store the virtual hard disks of running virtual machines on an SMB 3.0 share. Windows Server
2012 introduced this capability, and it provides a similar level of availability and performance as
storing virtual hard disks on a SAN. When accessing an SMB 3.0 file share, you can use features such
as SMB transparent failover, SMB scale-out, SMB multichannel, and SMB direct.
• You can use SAN for storing virtual hard disks. SAN provides several benefits, such as high
performance and high availability, and the possibility to expand LUNs dynamically if you need
additional storage.
• Antivirus software should exclude Hyper-V-specific files, including virtual hard disks (.vhd and .vhdx).
Question: For storing virtual machines, what are the benefits of SAN compared to local
storage?
Demonstration Steps
1. On LON-HOST1, use the Edit Virtual Hard Disk Wizard to expand Fixed.vhdx to 2 GB.
2. Use the Edit Virtual Hard Disk Wizard to expand Dynamic.vhdx to 200 GB.
3. On LON-CL1, use Disk Management to confirm that Disk 1 and Disk 2 have expanded, and now have
2 GB and 200 GB of unallocated space.
3-14 Creating and Managing Virtual Hard Disks, Virtual Machines, and Checkpoints
Lesson 2
Creating and Configuring Virtual Machines
Hyper-V is the infrastructure that you use for running virtual machines. You can create virtual machines
in several different ways. This lesson explains how you can create virtual machines by using Hyper-V
Manager and Windows PowerShell. This lesson also explores hardware components of the virtual
machine and explains the differences between Generation 1 and Generation 2 virtual machines. You will
also learn about Integration Services, which provides support for synthetic devices, in addition to any
communication required between the parent and the guest operating system, such as heartbeat and time
sync. A SCSI controller and a virtual Fibre Channel adapter are examples of synthetic devices. Virtual
machines use synthetic devices to access storage directly on Fibre Channel SANs.
Lesson Objectives
After completing this lesson, you will be able to:
• Hyper-V presents an emulated device to the virtual machine as if it is actual hardware, although such
a physical component does not exist in the Hyper-V host. Emulated devices present standard and
well-known functionalities that are universal to all devices of that type. This means that almost any
operating system supports them. Emulated devices are available when the virtual machine starts, and
Server Virtualization with Windows Server Hyper-V® and System Center 3-15
the virtual machine can start from them. These emulated devices include IDE controllers or legacy
network devices. However, because these devices are emulated, they do not perform as well and
present additional overhead for the Hyper-V host.
• Hyper-V does not present synthetic components to the virtual machine as actual hardware. It presents
them to the operating system on the virtual machine as a functionality that the device driver can use.
When an operating system has support for that functionality, it can pass the communication with it
through virtual machine bus (VMBus). Operating systems must support VMBus, and device drivers for
that functionality must be loaded for the virtual machine to be able to use synthetic components. This
is why synthetic components are not available during startup, and why you cannot start a Generation
1 virtual machine from a SCSI controller.
Until Windows Server 2012 R2, you could create only one type of virtual machine—Generation 1. A
Generation 1 virtual machine contains the components in the following table.
Component Description
Memory Configures the amount of memory assigned to the virtual machine, the dynamic
range of memory that can be used, and memory weight. When the virtual
machine is running, that memory allocates exclusively and cannot be used by
other virtual machines or by the Hyper-V host.
Processor Configures the number of processors that are available to the virtual machine,
the resource control, the processor compatibility settings, and the non-uniform
memory access (NUMA) settings.
IDE controller Connects IDE virtual disks and DVD to the virtual machine. Generation 1 virtual
machines have two IDE controllers. Devices that connect to IDE controllers can be
used to start the virtual machine.
SCSI controller Connects SCSI virtual disks to the virtual machine. SCSI controllers are synthetic,
which means that a Generation 1 virtual machine cannot start from a virtual disk
that is connected to it.
Network adapter Connects a virtual machine with the virtual switch. A network adapter is synthetic,
which means that Generation 1 virtual machines cannot use it for Pre-Boot
Execution Environment (PXE) startup.
Legacy network Connects the virtual machine with the virtual switch. A legacy network adapter
adapter is emulated, which means that it is available during startup, and Generation 1
virtual machines can use it for PXE.
Fibre Channel Accesses Fibre Channel–based storage directly from the virtual machine. This is a
adapter synthetic device, which means that it is not available during startup.
COM port Configures the virtual COM port to communicate with the physical server
through a named pipe.
In addition to virtual hardware components, you can also configure virtual machine management
components such as Integration Services, checkpoint file location, smart paging file location, automatic
start action, and automatic stop action.
3-16 Creating and Managing Virtual Hard Disks, Virtual Machines, and Checkpoints
Windows Server 2012 R2 changes all of this. It still fully supports the existing type of virtual machines
by naming them Generation 1 virtual machines, but it also provides support for the new type of virtual
machines, called Generation 2 virtual machines. Generation 2 is built on the assumption that operating
systems are virtualization-aware. Generation 2 removes all the legacy and emulated virtual hardware
devices and uses only synthetic devices. BIOS-based firmware is replaced by advanced UEFI firmware,
which supports Secure Boot. Virtual machines start from a SCSI controller or by using PXE from a network
adapter. All the legacy and emulated devices are removed from Generation 2 virtual machines, and the
remaining virtual devices use VMBus to communicate with parent partitions.
Generation 1 and Generation 2 virtual machines have similar performance, except during startup and
when installing operating system. In these instances, Generation 2 is considerably faster. You can run
Generation 1 and Generation 2 virtual machines side-by-side on the same Hyper-V host. You select virtual
machine generation when you create a new virtual machine and you cannot change it later. Generation 1
virtual machines will still be in use for a long time because you can install almost any operating system on
such virtual machines. Generation 2 virtual machines currently support only Windows Server 2012,
Windows 8 (64-bit), and newer 64-bit Windows operating systems.
Question: Can you convert a Generation 1 Windows Server 2012 R2 virtual machine to a
Generation 2 virtual machine?
Demonstration Steps
1. On LON-HOST1, use Hyper-V Manager to create a new virtual machine with the following settings:
o Name: LON-VM2
o Generation: Generation 2
2. Use the Windows PowerShell cmdlet New-VM to create a new virtual machine with the following
settings:
o Name: LON-VM1
o Generation: Generation 1
o Startup Memory: 1 GB
4. On LON-HOST1, use Hyper-V Manager to confirm that there are three types of hardware listed in the
Add Hardware section in the details pane for LON-VM2. Confirm also that no BIOS, IDE Controllers,
COM ports or Diskette Drive are listed, but that Firmware is listed.
5. Use Hyper-V Manager to confirm that you can add five hardware types to LON-VM1. Confirm also
that BIOS, IDE Controllers, COM ports and a Diskette Drive display, but no Firmware displays.
You can configure virtual machine settings in Hyper-V Manager or by using Windows PowerShell.
In Hyper-V Manager, you right-click the virtual machine, click Settings, and then modify properties
of the hardware component that you want to configure. In Windows PowerShell, you can use
several different cmdlets to configure a virtual machine, depending on whether you want to
configure virtual machine settings (Set-VM), add virtual hardware components (Add-VMHardDiskDrive,
Add-VMNetworkAdapter) or modify existing hardware component settings (Set-VMHardDiskDrive,
Set-VMNetworkAdapter).
3-18 Creating and Managing Virtual Hard Disks, Virtual Machines, and Checkpoints
As part of the virtual machine settings, you can also configure management settings. In the Management
section, you can configure the components that are listed in the following table.
Component Description
Name Specify the name of the virtual machine and add comments about it.
Integration Services Enable services that the Hyper-V host will offer to the virtual machine. To
use any of the services, Integration Services must be installed and supported
on the virtual machine operating system.
Checkpoint File Specify the folder in which checkpoint files for the virtual machine will be
Location stored. You can modify this location until the first checkpoint is created.
Smart Paging File Specify the folder in which the Smart Paging file for the virtual machine will
Location be created, if necessary.
Automatic Start Specify whether to start the virtual machine automatically after the Hyper-V
Action host restarts, and how long after Hyper-V is running to start them.
Automatic Stop Specify the state in which to place the virtual machine once the Hyper-V
Action host shuts down.
Question: Can you modify virtual machine memory settings while the virtual machine is
running?
You can configure virtual machine memory usage on the Memory Settings page for each virtual machine.
On this page, you can configure the following settings:
• Startup RAM. Use this setting to configure the amount of memory that will be available to the virtual
machine at startup time. If dynamic memory is not enabled, the virtual machine will use this memory
all the time while it is running (static memory).
Server Virtualization with Windows Server Hyper-V® and System Center 3-19
• Enable Dynamic Memory. Use this setting to configure the virtual machine to use dynamic memory
by enabling this option. If you enable this setting, the following three options become available:
o Minimum RAM. Use this option to set the minimum amount of memory that the virtual machine
can use while it is running. The virtual machine cannot use less than this amount. You can
decrease this value while the virtual machine is running.
o Maximum RAM. Use this option to set the maximum amount of memory that a virtual machine
can use while it is running. The virtual machine cannot use more than this amount of memory.
You can increase this value while the virtual machine is running.
o Memory buffer. Use this option to specify the percentage of memory that Hyper-V should
reserve as a buffer. Hyper-V uses the percentage and the current memory demand to determine
an amount of memory for the buffer.
• Memory weight. Use this option to specify how to prioritize the memory availability for the virtual
machine compared to other virtual machines that are running on the same Hyper-V host.
As with most other virtual machine settings, you cannot modify virtual machine memory settings while
the virtual machine is running. If you enable dynamic memory, however, you can decrease virtual machine
minimum RAM settings and increase maximum RAM while the virtual machine is running.
When enabled, dynamic memory results in more efficient use of the physical memory and enables more
virtual machines to run simultaneously. For example, consider a Hyper-V host with 8 GB of available
physical RAM, and four virtual machines created for the Finance, Engineering, Sales, and Services
departments. Each virtual machine has dynamic memory enabled and is configured with 1 GB of startup
RAM, 512 MB of minimal RAM, and 4 GB maximum RAM. In this scenario, when you start three virtual
machines, they will each be allocated 1 GB of RAM, which presents 37.5 percent utilization of the Hyper-V
host’s physical RAM. After a few minutes, the operating systems on all virtual machines will be running. In
the Finance and Engineering departments, running virtual machine applications require more RAM, and
memory utilization will increase to 3 GB and 2 GB, and the Sales virtual machine will still use 1 GB of
memory. All three virtual machines will be using 6 GB of memory total, which is 75 percent of the Hyper-V
host’s physical RAM. After another 15 minutes, the Finance virtual machine load lessens and no longer
needs as much memory. Dynamic memory will automatically decrease the memory that is assigned to
the Finance virtual machine to 2 GB. The Sales virtual machine, which is inactive for a long time, has a
decrease to 512 MB RAM. The Engineering virtual machine, which becomes even more active, has more
dynamic memory assigned to it. It now uses 4 GB of RAM, which is the maximum amount of configured
RAM allowed. Now that you have enough available resources, you can also start the fourth virtual
machine for the Services department. This results in Hyper-V using 7.5 GB of RAM, which is near its limit,
and is 94 percent RAM utilization of the Hyper-V host.
Hyper-V Dynamic Memory Overview
http://go.microsoft.com/fwlink/?LinkID=386694
Question: How does dynamic memory enable you to run more virtual machines on the same
amount of physical RAM?
3-20 Creating and Managing Virtual Hard Disks, Virtual Machines, and Checkpoints
Smart Paging
Smart paging is a memory management technique. It pages memory to the physical disk as additional,
temporary memory when more memory is required to restart a virtual machine. This approach provides
a reliable way to keep virtual machines running when there is not enough available physical memory.
However, it degrades virtual machine performance because disk access is much slower than memory
access. The default location for the smart paging file is configurable per virtual machine.
To minimize the performance impact of smart paging, Hyper-V uses it only when it is absolutely needed,
and if all of the following three conditions are met:
• The virtual machine is restarted.
• There is not enough available physical memory on the Hyper-V host.
• Memory cannot be reclaimed from other virtual machines on the Hyper-V host.
Smart paging is not used in any other situation, including the following three situations:
• The virtual machine is being started from an Off state.
• You want to configure the virtual machine with more memory than is physically available.
• The virtual machine is moved over or failed over from another Hyper-V cluster node.
Guest Paging
Hyper-V relies on guest paging (operating system paging inside the virtual machine) because it is more
effective than smart paging. With guest paging, the memory manager performs the paging operation
inside virtual machines. The memory manager has more information about memory usage within a virtual
machine than does the Hyper-V host. This means that the memory manager can provide Hyper-V with
better information to use when it is choosing the memory to be paged. Because of this, internal guest
paging incurs less overhead to the system compared with smart paging.
To reduce the impact of smart paging further, Hyper-V removes memory from the virtual machine after
it completes the restart process. It accomplishes this by coordinating with dynamic memory components
inside the virtual machine so that the virtual machine stops using smart paging. This process is also called
ballooning. The use of smart paging is temporary and is not longer than 10 minutes.
Server Virtualization with Windows Server Hyper-V® and System Center 3-21
To continue the example from the previous topic, if you assume that the Finance and Engineering virtual
machines use all 8 GB of available physical memory on the Hyper-V host, you can restart the other two
virtual machines only when using smart paging. However, you can only restart them if they are already
running. If they are off already, and if there are not enough resources to start them, you will get an error
when you try to start the virtual machines.
Question: Does Hyper-V use smart paging if a virtual machine is configured with the same
amount of startup and minimum RAM?
• Hyper-V Guest Shutdown Service. If you want to shut down a virtual machine without interacting
directly with the operating system on the virtual machine, the Hyper-V Guest Shutdown Service
provides a virtual machine shutdown function. Hyper-V initiates the shutdown request by using a
Windows Management Instrumentation call.
• Hyper-V Time Synchronization Service. This service synchronizes the time on the virtual machine with
the time on the Hyper-V host.
• Hyper-V Data Exchange Service. This service provides a method to set, delete, enumerate, and
exchange specific registry key values between the virtual machine and the Hyper-V host.
• Hyper-V Heartbeat Service. The Hyper-V host uses this service to verify if an operating system that is
running on a virtual machine is responding to requests.
• Hyper-V Volume Shadow Copy Requestor. When operating systems on virtual machines support
VSS, the Hyper-V Volume Shadow Copy Requestor service allows the Hyper-V host to request the
synchronization and backup of a running virtual machine.
• Hyper-V Remote Desktop Virtualization Service. This service enables the Remote Desktop
Virtualization Host to communicate with and manage virtual machines that are part of a VDI
collection.
3-22 Creating and Managing Virtual Hard Disks, Virtual Machines, and Checkpoints
• Hyper-V Guest Service Interface. This is a new integration service in Hyper-V in Windows
Server 2012 R2. It enables enhanced session mode communication with virtual machines, including
device redirection, shared Clipboard, and drag-and-drop functionality between the Hyper-V host and
virtual machines.
In virtual machine settings, on the Integration Services page, you can control which Integration Services
will be offered to a virtual machine. To use Integration Services, you must install it and ensure that the
operating system that is running on the virtual machine supports it. When you have installed Integration
Services on the virtual machine, you can see the services among other services on the virtual machine. By
default, all Integration Services except Hyper-V Guest Service Interface are enabled for the virtual
machines that you create in Hyper-V in Windows Server 2012 R2.
You can find out which version of Integration Services is installed on a virtual machine by running the
following cmdlet:
Note: Integration Services are available for Windows operating systems and supported
Linux operating systems. The current release of Integration Services for Linux adds support for
dynamic memory and for backing up a Linux virtual machine while it is running, in the same
manner as Windows-based virtual machines.
Question: Do you need to install Integration Services on a virtual machine if the operating
system on the virtual machine already includes it and is aware that it is running in a
virtualized environment?
Demonstration Steps
1. On LON-CL1, use a command prompt to make note of the local time, and then reset it to 11:00.
2. On LON-CL1, verify the local time again, and then confirm that it was set back automatically to its
previous value.
3. On LON-HOST1, use Hyper-V Manager, to disable Time synchronization Integration Service for
20409B-LON-CL1.
5. Confirm that the local time is now a few second after 11:00, as the time in virtual machine is no
longer synchronizing with the Hyper-V host.
6. Use Device Manager to confirm that virtual machine is using the Microsoft Hyper-V Video adapter
and several System devices with Hyper-V in their name, including Microsoft Hyper-V Dynamic
Memory. All those of these virtual devices are provided as part of Integration Services.
Server Virtualization with Windows Server Hyper-V® and System Center 3-23
Virtual machines can have up to four virtual Fibre Channel adapters, and you can associate each with
a different virtual SAN. Each virtual Fibre Channel adapter connects with one or two WWN addresses.
Two WWN addresses are required for highly available virtual machines, and to maintain Fibre Channel
connectivity during live migration. You can set a WWN address automatically or manually.
If you want to use a virtual Fibre Channel adapter, your environment must meet the following
requirements:
• The Hyper-V host must have one or more physical Fibre Channel host bus adapters (HBAs), which
support N_Port ID Virtualization.
• Virtual machines must have Windows Server 2008 or a newer Windows Server operating system
installed to be able to use a virtual Fibre Channel adapter. Windows client operating systems do not
support the virtual Fibre Channel adapter.
• A virtual Fibre Channel adapter is a synthetic adapter. Virtual machines can use a Fibre Channel SAN
for storing data, but storage that is accessed through a virtual Fibre Channel adapter cannot be used
as boot media.
When a virtual machine has virtual Fibre Channel adapters, consider the following limitations:
• You cannot create checkpoints of the volumes that are stored on a Fibre Channel SAN.
• Backups that are created on the Hyper-V host-by using the Hyper-V VSS provider do not include SAN
data. If you want to create a backup of the data on a Fibre Channel SAN, you should use a backup
program or a backup agent that is on the virtual machine.
• Hyper-V cannot perform live migration of data that is stored on a Fibre Channel SAN.
Question: You have a Hyper-V host that has a Fibre Channel host bus adapter (HBA) and
access to a Fibre Channel SAN. Can you add a virtual Fibre Channel adapter to a virtual
machine that has Windows 8.1 installed and is on that Hyper-V host?
3-24 Creating and Managing Virtual Hard Disks, Virtual Machines, and Checkpoints
Because the virtualization platform is new to A. Datum, you need to spend some time familiarizing
yourself with the Hyper-V features and components. To do this, you decide to deploy and evaluate
different hard disk types and virtual machine configurations.
Objectives
After completing this lab, you will be able to:
Lab Setup
Estimated Time: 70 minutes
Password: Pa$$w0rd
For this lab, you will use the available virtual machine environment. Before you begin the lab, you must
complete the following steps:
3. In Hyper-V Manager, click 20409B-LON-DC1, and in the Actions pane, click Start.
4. In the Actions pane, click Connect. Wait until the virtual machine starts.
o Password: Pa$$w0rd
7. Repeat steps 3 through 5 for 20409B-LON-CLx. The letter x is 1 for the first student in the team,
and 2 for the second student in the team.
Note: Because you will be using the same virtual machines in the next lab, do not revert
the virtual machines. You will be working in pairs. Communicate clearly with your lab partner,
and cooperate fully with each other during this lab.
Server Virtualization with Windows Server Hyper-V® and System Center 3-25
2. Use the New Virtual Hard Disk Wizard in Hyper-V Manager to confirm that the default disk type for
VHD hard disk is Fixed size, and that the maximum size is 2,040 GB.
3. Use Hyper-V Manager to create a new virtual hard disk with the following settings:
o Format: VHDX
o Type: Dynamically expanding
o Name: Dynamic.vhdx
o Size: 100 GB
4. Use Hyper-V Manager to create a new virtual hard disk with the following settings:
o Format: VHD
o Type: Differencing
o Name: Differencing.vhd
Note: The actual drive letter on which base images are stored can be different and, it
depends on the physical server configuration. Drive E is used in the instructions, but you should
use the drive on which base images are stored in your environment.
5. In Windows PowerShell, use the New-VHD cmdlet to create a new virtual hard disk with the
following settings:
o Path: C:\Shares\VHDs\Fixed.vhdx
o Size: 1 GB
o The last disk has two partitions, which are assigned letters E: and F:.
Note: Those are fixed, dynamically expanding, and differencing virtual hard disks that you
added in this task.
3. On LON-CLx, use Disk Management to confirm that Disk 1 and Disk 2 have expanded and now have 1
GB and 100 GB of unallocated space. Note that Hyper-V expanded the virtual hard disks while the
virtual machine was running.
6. On LON-HOSTx, use File Explorer to confirm that Converted.vhd is created, and that that size of
Fixed.vhdx is now 2 GB.
2. Use Disk Management to confirm that the disk is added to LON-HOSTx, and that it has a status of
Offline. Make note of its size.
Server Virtualization with Windows Server Hyper-V® and System Center 3-27
Note: Two disks are added on LON-HOST1. One disk is added on LON-HOST2.
3. In the Settings for LON-CLx virtual machine, modify the settings of the SCSI Hard Disk to use
Physical hard disk.
4. On LON-CLx, use Disk Management to confirm that Disk 1 displays that it has the same size as the
disk that was added to LON-HOSTx, and that it is not initialized. This is directly attached disk that was
added to LON-CLx.
5. Create Simple Volume with default values on Disk 1.
8. On LON-HOSTx, use the iSCSI Initiator to disconnect the existing iSCSI target.
Results: After completing this exercise, you should have created and managed virtual hard disks.
o Name: LON-VM2
o Generation: Generation 2
o Startup Memory: 1024 MB
2. Use the Windows PowerShell cmdlet New-VM to create a new virtual machine with the following
settings:
o Name: LON-VM1
o Generation: Generation 1
o Startup Memory: 1 GB
3. For LON-VM1, use Hyper-V Manager to confirm that you can add five hardware types to LON-VM1.
Confirm also that BIOS, IDE Controllers, COM ports, and Diskette Drive display, but Firmware
does not display.
4. Confirm that you can change Startup order, but you cannot set Secure Boot for LON-VM1. Also,
confirm that LON-VM1 is not configured to use Dynamic Memory, and it has a single Network
Adapter.
5. Use the Windows PowerShell cmdlet Set-VM to enable dynamic memory for LON-VM1.
6. Use the Windows PowerShell cmdlet Add-VMNetworkAdapter to add a network adapter to
LON-VM1.
7. Use Hyper-V Manager to confirm that LON-VM1 is using Dynamic Memory, and that LON-VM1 has
two Network Adapters.
2. In Hyper-V Manager, make note of the currently Assigned Memory for the LON-CLx virtual machine.
C:\LabFiles\Mod03
.\TestLimit64.exe –d 400 –c 1
4. On LON-HOSTx, use Hyper-V Manager to confirm that LON-CLx is using more memory.
5. Wait a few minutes, and then verify that the Assigned Memory for LON-CLx has decreased.
C:\LabFiles\Mod03\sqlio.exe
C:\LabFiles\Mod03\sqlio.exe
5. After the test completes, verify the IOs/sec result, and then confirm that it is close to 200, which is the
limit you set and that it is considerably lower than the first result.
3. On LON-CLx, verify the local time again, and then confirm that it was set back automatically to its
previous value, as Integration Services automatically synchronizes the time on LON-CLx with the time
on LON-HOSTx.
4. On LON-HOSTx, use Hyper-V Manager to disable the Time synchronization Integration Service for
LON-CLx.
5. On LON-CLx, confirm that Hyper-V Time Synchronization Service is not running.
6. On LON-CLx, set the local time to 11:00. Confirm that the local time is now a few seconds after
11:00, as time on the virtual machine is no longer synchronizing with the Hyper-V host.
7. Use Device Manager to confirm that the virtual machine is using the Microsoft Hyper-V Video
adapter, and several System devices with Hyper-V in their name, including Microsoft Hyper-V
Dynamic Memory. All of these virtual devices are provided as part of Integration Services.
8. On LON-HOSTx, use the Windows PowerShell cmdlet Enable-VMIntegrationService to enable time
synchronization for 20409B-LON-CLx.
9. On LON-CLx, confirm that the time on the virtual machine is synchronized once again with the time
on LON-HOSTx.
Results: After completing this exercise, you should have created and managed virtual machines.
3-30 Creating and Managing Virtual Hard Disks, Virtual Machines, and Checkpoints
Lesson 3
Installing and Importing Virtual Machines
When you need to install an operating system on a virtual machine, you have more options than when
you install an operating system on a physical computer. In both cases, you can use network installation
or installation media such as a CD, DVD, or .iso image. However, with virtual machines, you also have the
options of importing a virtual machine by using a differencing virtual hard disk and then pointing it to a
virtual hard disk with a preinstalled operating system, or by migrating an existing physical computer.
In this lesson, you will learn about the different methods of installing an operating system on a virtual
machine. You will learn about Virtual Machine Connection and how to customize it. This lesson also
describes enhanced session mode and explains its benefits.
Lesson Objectives
After completing this lesson, you will be able to:
• Install an operating system from a bootable CD or DVD. A virtual machine can start from physical
CD or DVD media that is attached to the Hyper-V host. You should be aware that only one virtual
machine can use the physical drive at a time on the Hyper-V host. To use this option, insert the
installation media in the Hyper-V host drive, and then start the virtual machine. If you have already
Server Virtualization with Windows Server Hyper-V® and System Center 3-31
created the virtual machine, you first will need to capture the physical CD/DVD drive. The virtual
machine will start from the physical media, and installation will progress as it would on a physical
computer.
• Install an operating system from an .iso file. Installing a virtual machine from an .iso file is very similar
to the previous method, the only difference being that it uses an .iso image instead of physical media.
The benefit of this method is that multiple virtual machines can use the same .iso image
simultaneously.
• Install an operating system from a network-based installation server. If you have Windows
Deployment Services (DS) on the network, you can use this option to install the operating system on
the virtual machines. A Generation 1 virtual machine can start from the network by using PXE only if
you configured it with a legacy network adapter, whereas a Generation 2 virtual machine has no such
limitations. When the virtual machine starts from the network adapter, the installation procedure is
the same as on a physical computer, where you typically have to press the F12 key to connect to
Windows DS.
• Copy a virtual hard disk file. If you have a virtual machine that already has an operating system, you
can copy its virtual hard disk file, and then use the copied disk file for the new virtual machine. This
process is similar to cloning physical computers, and you should generalize the virtual hard disk
before copying it by running the Sysprep command to avoid duplicate name and security identifier
(SID).
• Use differencing virtual hard disks. If you have a virtual hard disk with an installed operating system,
you can use it as a parent for a differencing virtual hard disk, and then configure the virtual machine
to use the differencing virtual hard disk. You should first generalize the parent disk. Keep in mind that
you should not modify a parent virtual hard disk after you have connected child differencing virtual
hard disks to it.
Question: Can you install an operating system on a virtual machine by using a USB flash
drive?
virtual switch is not available at the destination Hyper-V host. When importing a virtual machine, the
Import Virtual Machine Wizard performs the following steps:
1. Creates a copy of the virtual machine configuration file as a precaution for an unexpected reboot, for
example, because of a power outage.
2. Validates hardware and compares the information in the virtual machine configuration file with the
physical hardware on the target Hyper-V host. For example, consider a scenario in which the source
Hyper-V host has 16 processors, and the virtual machine is configured to use all of them. However,
the destination Hyper-V host has only eight processors. The wizard will detect such issues.
3. Compiles a list of incompatibilities. The list identifies which virtual machine settings you should
reconfigure to import the virtual machine successfully. For example, if a virtual machine is using a
virtual switch that is not available on the target Hyper-V host, you should connect the virtual machine
to a different virtual switch. The incompatibilities determine which pages appear next in the wizard.
4. Displays the relevant pages, one category at a time. The wizard identifies incompatibilities and asks
you for the new configuration so that virtual machine settings are compatible with the target Hyper-V
host.
5. Removes the copy of the configuration file. After the wizard finishes running, the virtual machine is
imported, and you can start it.
When you are importing virtual machines from previous Hyper-V versions, you should consider the
following limitations:
• You cannot start an imported virtual machine from a saved state if it was created on Hyper-V prior to
Windows Server 2012 or on a different CPU architecture.
• You cannot start an imported virtual machine from a checkpoint if it was created while the virtual
machine was running on Hyper-V prior to Windows Server 2012 or on a different CPU architecture.
After the virtual machine import completes, you should update Integration Services on the virtual
machine.
Simplified Import Overview
http://go.microsoft.com/fwlink/?LinkID=386692
Question: Can you import a virtual machine that is configured with 16 processors to a
Hyper-V host that has two quad core CPUs?
Demonstration Steps
1. On LON-HOST1, use Hyper-V Manager to import a virtual machine by using the following settings:
2. You will receive an error message because the parent virtual hard disk was not found.
Server Virtualization with Windows Server Hyper-V® and System Center 3-33
3. In Hyper-V Manager, use the Edit Virtual Hard Disk Wizard to link the C:\VirtualMachines
\LON-EXPORT\Virtual Hard Disks\LON-EXPORT.vhd virtual hard disk to the following parent disk:
E:\Program Files\Microsoft Learning\Base\Base14A-WS12R2.vhd. Note that this path might
differ based on the host machine.
• Create a differencing virtual hard disk that uses a virtual hard disk with a generalized operating
system as its parent, and configure a virtual machine to use that differencing virtual hard disk.
• Virtualize the content of the existing physical computer.
Remember that Hyper-V does not include virtual-to-physical functionality. Products such as Microsoft
System Center 2012 - VMM include real physical-to-virtual machine conversion (P2V conversion)
solutions. However, you can still use Hyper-V to move the content of physical disks into the virtual hard
disks.
When you create a new virtual hard disk, you can use Hyper-V to duplicate the contents of a physical disk
into a new virtual hard disk. Before you use the New Virtual Hard Disk Wizard method of migrating data
from a physical disk to a virtual hard disk, you should consider several factors. One of these factors is that
the wizard is limited to copying the entire physical disk only, not a volume or a partition. In addition,
the wizard should be used only with data disks because migrating physical disks that contain operating
systems (boot and system disks) is not supported. Depending on the size of the physical disk, this process
can take a considerable amount of time. Once you create the virtual hard disk, you then can add it to the
virtual machine and access data on it.
Note: You can also create a new virtual hard disk by using the Disk Management or
Diskpart tool, attaching a virtual hard disk as a new disk on a Hyper-V host, and then copying the
content to the disk.
Disk2vhd
When you want to create a virtual hard disk from the content of a physical disk, including system and
boot partitions, you can use the Disk2vhd tool. The Disk2vhd tool is available on the Microsoft website as
a free download. When you run Disk2vhd on a physical computer, it will show you the available volumes
3-34 Creating and Managing Virtual Hard Disks, Virtual Machines, and Checkpoints
that you can convert. The tool uses VSS, which is part of the Windows operating system, to create
consistent, point-in-time snapshots and write them into virtual hard disks while the physical computer
is running.
Disk2vhd v2.0
http://go.microsoft.com/fwlink/?LinkID=386697
After Disk2vhd creates a virtual hard disk, you can attach it to a virtual machine. If a virtual hard disk
contains only data files, you can add it to any virtual storage controller. If you used Disk2vhd to convert
a system partition and you want the virtual machine to be able to start from that virtual hard disk, you
should add it to the virtual IDE controller of a Generation 1 virtual machine or the virtual SCSI controller
of a Generation 2 virtual machine.
When you start the virtual machine that is using the virtual hard disk for the first time, the Windows
operating system will detect different hardware and will install appropriate drivers automatically. You
should not forget to install or update Integration Services on the virtual machine.
Note: Remember that the virtual machine has the same identity as the original system; you
should not connect it to the same network as the physical computer.
Question: Do you need to shut down a physical computer during the P2V conversion
process?
By default, Virtual Machine Connection connects remotely by using TCP port 2179, which you can modify
in the registry at HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Virtualization. Virtual
Machine Connection uses the Remote Desktop Protocol (RDP) to connect to the Virtual Machine
Management service on the Hyper-V host, which listens for incoming connection requests on TCP port
2179. Although Virtual Machine Connection uses RDP to connect to virtual machines, the operating
system on the virtual machine does not have to support Remote Desktop connections to connect to the
virtual machine. Virtual Machine Connection simply is a shell and uses the same ActiveX control that the
Remote Desktop Connection client uses to connect to virtual machines.
Server Virtualization with Windows Server Hyper-V® and System Center 3-35
You can use Virtual Machine Connection to establish only a single connection to the virtual machine. If
a connection is already established and the second user establishes a connection to the same virtual
machine, the first user will disconnect and the second user will take over the session. This can cause
privacy and security issues because the second user will be able to view the first user's desktop,
documents, and applications.
Any user with Console Read or Console Read/Write operations permissions in the authorization policy
can connect to the virtual machine. This includes members of Hyper-V Administrators and Administrators
groups on the Hyper-V host. You can use the Windows PowerShell Grant-VMConnectAccess and
Revoke-VMConnectAccess cmdlets to grant and revoke permissions to a virtual machine. For example,
if you want to grant permissions to a user named User1 in the Contoso domain for connecting to a virtual
machine named VM1, you could run the following cmdlet:
Question: Do you have to use Virtual Machine Connection if you want to connect to a
virtual machine?
Virtual Machine Connection in Windows Server 2012 R2 is improved and includes support for enhanced
session mode. This functionality has specific requirements. For example, the Hyper-V host policy must
allow it, and an enhanced session can be used only with virtual machines that are running supported
operating systems. When using enhanced session mode, you get a considerably better experience and
the same features as Remote Desktop Services (RDS), but without requiring the virtual machine to have
network connectivity or using the Remote Desktop functionality of the guest operating system. With
enhanced session mode, you can redirect local drives, printers, USB, and other devices to the virtual
machine, and you can use a shared Clipboard, redirected folders, rich copy and paste for copying files
or graphics, and redirected sound from virtual machines.
Enhanced session mode depends on RDS in the virtual machine, which is why it is available only when
the virtual machine is running a supported operating system. Currently supported operating systems are
Windows 8.1 and Windows Server 2012 R2.
Enhanced session mode establishes a Remote Desktop session over VMBus, which is available even when
the virtual machine is not connected to the virtual switch, and when connecting to virtual machines that
are running on a local or remote Hyper-V host. When you use enhanced session mode for connecting to
3-36 Creating and Managing Virtual Hard Disks, Virtual Machines, and Checkpoints
virtual machines, you have access to the entire Remote Desktop experience. This includes configuring
the parameters of a session that you can save for future connections to the same virtual machine. You
can also sign in to the virtual machine. When you use simple mode, you connect to the virtual machine
without having to sign in. You can use enhanced session mode to connect only to virtual machines that
are already running. If the virtual machine is turned off, you can connect to it only by using simple mode.
You configure enhanced session mode at three different levels. On the Hyper-V host level, you configure
Enhanced Session Mode Policy, which controls if the Hyper-V host will allow enhanced session mode
connections to virtual machines that are running on this server. At the user settings level, you configure
enhanced session mode, which controls whether Virtual Machine Connection will attempt to use
enhanced session mode when establishing connections with virtual machines. On the virtual machine
level, you can control whether Guest services Integration Service is enabled (in other words, if the virtual
machine offers enhanced session mode.) In addition, the operating system in a virtual machine must
support enhanced session mode, which means that it must be either Windows 8.1 or Windows Server
2012 R2.
Question: Can you use enhanced session mode to start a virtual machine from a USB device?
Demonstration Steps
1. On LON-HOST1, confirm that when Virtual Machine Connection with LON-CL1 opens, your previous
session displays.
2. On LON-HOST1, use Hyper-V Manager to configure Allow enhanced session mode.
3. Use Hyper-V Manager to connect to 20409B-LON-CL1. Confirm that local drives are redirected.
4. Confirm that you are not signed in automatically to LON-CL1, and then sign in as
ADATUM\administrator, with Pa$$w0rd as the password.
5. On LON-HOST1, use File Explorer to browse to C:\Windows, and then copy Write.exe.
Lesson 4
Managing Virtual Machine Checkpoints
A Checkpoint is a Hyper-V feature that you can use to create a point-in-time snapshot of a virtual
machine, and then revert to it if needed. In previous versions of Hyper-V, this feature was called a
snapshot, and you can still see references to it. The primary benefit of checkpoints in Hyper-V is that you
can use them to create hierarchies of changes quickly and easily, and then revert to them at any time.
Checkpoints can be quite useful in some scenarios, such as when testing Windows operating system
updates. However, you must use checkpoints carefully to avoid issues, especially when reverting virtual
machines in distributed environments such as Active Directory Domain Services (AD DS). This lesson
describes how to create and work with virtual machine checkpoints.
Lesson Objectives
After completing this lesson, you will be able to:
Note: Do not edit or modify a virtual hard disk file when it is used by a virtual machine that
has checkpoints.
Checkpoints can be useful when you need to revert virtual machines to an earlier state. You can undo
all the changes that took place after the specified state, such as those that occurred during testing,
development, or in a training environment. Conversely, checkpoints in production environments can
cause serious issues, such as losing user data. When running on a virtual machine, Windows Server 2012
3-38 Creating and Managing Virtual Hard Disks, Virtual Machines, and Checkpoints
works much better at detecting if the virtual machine was reverted, and if so, to avoid issues that this
might cause. Some functionality, such as Hyper-V Replica or pooled desktops in VDI deployments,
depends on the use of checkpoints.
Creating Checkpoints
When you create a checkpoint, the result is always the same, irrespective of the method you choose.
After you create a checkpoint, you should not modify its files directly on the disk because this could cause
problems with the checkpoint or even with the running virtual machine. You can create checkpoints in
one of the following ways:
• In Hyper-V Manager, you can highlight a virtual machine, right-click it, and then click Checkpoint, or
in the Action pane, click Checkpoint.
• You can use Virtual Machine Connection by clicking Checkpoint in the Action menu, or by using the
Windows PowerShell cmdlet Checkpoint-VM.
Factors to Consider
When you are considering checkpoints, you should be aware of the following factors:
• When you create a checkpoint of a virtual machine, the virtual machine is configured with a
differencing virtual hard disk even if it was using a fixed-size virtual hard disk before. Differencing
virtual hard disks might perform slower than normal disks because the two files (base and
differencing) need to be read from.
• If a virtual machine is using directly attached disks, you cannot create checkpoints of those disks
because they do not support differencing virtual hard disks.
• Checkpoints require additional storage space. If you create a checkpoint of a running virtual machine,
it also contains a virtual machine memory snapshot, and taking multiple checkpoints can use up a
large amount of storage space.
• Although you can use checkpoints to revert a virtual machine to an earlier point in time, you should
not consider them backups. Even if you use checkpoints, you should still make regular backups.
• If you no longer need a checkpoint, you should delete it immediately. However, this can cause
merging of differencing virtual hard disks. Prior to Windows Server 2012, merging of the differencing
virtual hard disks happened only after you turned off the virtual machine. In Windows Server 2012
and newer, the merging process happens asynchronously in the background while the virtual
machine is running.
• A virtual machine is limited to 50 checkpoints. The actual number of checkpoints might be lower,
depending on the available storage.
Question: Which checkpoint requires more space: a checkpoint of a running virtual machine,
or a checkpoint of a virtual machine that is turned off?
Server Virtualization with Windows Server Hyper-V® and System Center 3-39
Creating Checkpoints
When you create a checkpoint, Hyper-V performs
the following steps in the background:
2. For each virtual hard disk that the virtual machine is using, Hyper-V creates a differencing virtual hard
disk, configures it to use the virtual machine's virtual hard disk as a parent, and then updates virtual
machine settings to use the created differencing virtual hard disk.
3. Creates a copy of the virtual machine configuration file.
Because the virtual machine is paused before the checkpoint is created, you cannot create a checkpoint
of a virtual machine that is in a paused state. As the virtual machine resumes, while the memory is saving
to the disk, Hyper-V intercepts memory changes that have not yet been written to the disk, writes the
memory pages to the disk, and then modifies the virtual machine memory. Creating a checkpoint can take
considerable time, depending on virtual machine memory, Hyper-V host utilization, storage speed, and
what is running on the virtual machine. However, the process is transparent, and users who are connected
to the virtual machine do not experience any outage.
Hyper-V creates the virtual machine saved state file and the virtual machine memory content file only if a
checkpoint is created while the virtual machine is running, and not if the virtual machine is turned off.
The location of virtual machine checkpoint files is configured for each virtual machine, and by default, it is
the same location where the virtual machine configuration is stored. When you create the first checkpoint,
Hyper-V creates a Snapshots subfolder and stores checkpoint files there. You can modify the location of
the checkpoint files only until the first checkpoint is created. After this, the checkpoint file location setting
is read-only. You can modify this setting only after deleting all checkpoints or by using live storage
migration in Hyper-V Manager (the Move Virtual Machine Wizard).
3-40 Creating and Managing Virtual Hard Disks, Virtual Machines, and Checkpoints
Using Checkpoints
When you select a checkpoint, the following options are available in the Actions pane:
• Settings. Opens the virtual machine settings that were effective at the moment the checkpoint was
created. All of the settings are read-only because you cannot change the configuration that was used
in the past. The only settings that you can modify are the checkpoint name and the notes that are
associated with the checkpoint.
• Apply. Applies a checkpoint to a virtual machine, which means that you want to return the virtual
machine to the exact historical state it was in. When you apply a checkpoint, any change in the virtual
machine since the last checkpoint was made is lost. Before applying a checkpoint, Hyper-V prompts
you to create a new checkpoint to avoid possible data loss.
• Export. Exports a virtual machine checkpoint, which will create an exact copy of the virtual machine as
it existed at the moment you created the checkpoint.
• Rename. Renames the checkpoint to provide better information about the state of the virtual
machine when you created the checkpoint. The checkpoint name is independent of the checkpoint
content, and by default, it contains the date and time of checkpoint creation.
• Delete Checkpoint. Deletes a checkpoint if you no longer want to be able to revert a virtual machine
to the state it was in when you created the checkpoint.
• Delete Checkpoint Subtree. Deletes the selected checkpoint and any checkpoints that originate from
it. Checkpoints that originate from it are listed below it in the Checkpoint pane.
When you right-click a virtual machine with at least one checkpoint, you can also click the Revert option.
This returns a virtual machine to the last checkpoint.
Question: Can you modify the configuration of a virtual machine checkpoint if you created
that checkpoint when the virtual machine was turned off?
Each time you create a checkpoint, a new differencing virtual hard disk is created and configured to use
the previous virtual machine disk as a parent. For example, consider a virtual machine that is configured
with a fixed-size virtual hard disk named Disk1.vhd. When you create a checkpoint, a differencing virtual
hard disk is created, and it is configured to use Disk1.vhd as a parent. The virtual machine settings are
Server Virtualization with Windows Server Hyper-V® and System Center 3-41
updated to use the differencing virtual hard disk as its virtual hard disk. The same sequence repeats when
you create a second checkpoint. The only difference is that it uses the previous differencing virtual hard
disk as its parent, and the virtual machine now has three virtual hard disks in a hierarchy. All changes that
the virtual machine makes are written into the last (differencing) virtual hard disk.
If you decide to apply the last checkpoint to the virtual machine, which effectively reverts it to the
moment when the last checkpoint was created, the last differencing virtual hard disk will be deleted.
All changes that were performed in the virtual machine since the last checkpoint will be lost, and a new
differencing virtual hard disk will be created with the same parent as the previous one.
When you no longer need the ability to revert a virtual machine to a first checkpoint, you can delete
it. This will delete the virtual machine configuration and virtual memory content from that checkpoint.
However, you cannot delete the differencing virtual hard disk that was created at that time—you still need
it because the current disk content depends on it. When you delete the first checkpoint, the differencing
virtual hard disk will merge dynamically with the fixed parent virtual disk while the virtual machine is
running.
Note: Prior to Windows Server 2012, Hyper-V would merge virtual hard disks only after the
virtual machine was turned off.
If you want to apply the first checkpoint and create a branch, Hyper-V will delete the content of the
differencing virtual hard disk that was created during the last checkpoint. You will have the option to
create a new checkpoint prior to this. Hyper-V will create a new differencing virtual hard disk that will
use a fixed-size virtual hard disk as its parent. You can use checkpoint branches to have multiple different
states of the same virtual machine, where each state is independent from the others.
When you no longer need the last checkpoint and decide to delete it, you are effectively telling Hyper-V
that you no longer need to return to that moment in time. Because no other checkpoint depends on it, if
you want to delete the last checkpoint in a hierarchy, Hyper-V can in this case delete all checkpoint files,
including the differencing virtual hard disk.
Question: If a virtual machine is running and you delete a checkpoint, when will the parent
disk merge with the differencing virtual hard disk?
In Windows Server 2012 R2, you can perform a live export of a virtual machine or checkpoint. You can
export them while the virtual machine is running. In Hyper-V on Windows Server 2012, you first have
to save the state or shut down the virtual machine prior to performing the export. When you want to
perform an export, you need to specify a location to export the files. Export creates a subfolder and
consolidates virtual machine files there. If, for example, a virtual machine uses virtual disks from different
locations, after the export, all the virtual disks will be stored in the same folder. If a virtual machine is
using differencing virtual hard disks, Hyper-V exports all the parent disks. If multiple virtual machines are
exported and they all use the same parent disk, the parent disk is exported for each machine. This can
increase the total size of export considerably when you compare it to the size of virtual machines prior
to export. When you export a virtual machine, Hyper-V also exports all the checkpoints of that virtual
machine.
Exporting checkpoint exports only a single point-in-time snapshot of the virtual machine. The exported
virtual machine is the exact copy of the virtual machine at the moment you created the checkpoint. If
there are additional checkpoints in a hierarchy before the one you are exporting, which means that the
virtual machine is using the hierarchy of differencing virtual hard disks, all those differencing virtual hard
disks will be merged for the exported virtual machine.
After you import an exported virtual machine (when you export a checkpoint, the virtual machine is
exported without a checkpoint), you should update Integration Services on the virtual machine, especially
if the target Hyper-V host is running a newer version of Hyper-V. You should also be aware that if the
imported virtual machine contains a saved state or a checkpoint that was created when the virtual
machine was running, you will have to discard its memory content, if the saved state or checkpoint was
created on the Hyper-V host prior to Windows Server 2012, or if the Hyper-V host was running on a
different hardware architecture, such as Intel or AMD.
You can export a virtual machine or a checkpoint in the Hyper-V Manager console by right-clicking
it and then clicking Export. You can also use the Windows PowerShell cmdlets Export-VM and
Export-VMSnapshot to export a virtual machine or a checkpoint.
Question: Can you export a virtual machine checkpoint on a Hyper-V host that is running on
a physical server with Intel processors, and then import it to a Hyper-V host that has AMD
processors?
Demonstration Steps
1. Confirm that LON-VM1 is using the Differencing.vhd virtual hard disk.
2. Create a checkpoint for LON-VM1.
3. Start LON-VM1.
11. On LON-HOST1, use the Windows PowerShell cmdlet Checkpoint-VM to create a checkpoint for
LON-VM1, and name it Folder2.
12. Use the cmdlet Get-VMSnapshot to view existing checkpoints for LON-VM1.
13. Use Hyper-V Manager to confirm that LON-VM1 has three checkpoints. Apply the Folder1
checkpoint.
14. On LON-VM1, confirm that there is only one folder named Folder1 on the desktop.
17. On LON-HOST1, use File Explorer to browse to C:\Shares\Snapshots, and then confirm that there
are four .xml files and four subfolders.
18. Confirm that the size of the oldest folder in the details pane is 0. This is because the first checkpoint
was created when LON-VM1 was turned off.
19. Confirm that each of other folders have larger sizes, as the other checkpoints were created while
LON-VM1 was running.
A checkpoint contains an exact snapshot of a virtual machine. Applications that run on a virtual machine
have no knowledge of checkpoints and have no way of detecting when you create or apply a checkpoint
3-44 Creating and Managing Virtual Hard Disks, Virtual Machines, and Checkpoints
to a virtual machine. When you apply the checkpoint, you also undo all the changes in a virtual machine
that you made after creating the checkpoint. This can result in data loss and reversal of passwords to their
previous values.
Introduction to Active Directory Domain Services (AD DS) Virtualization (Level 100)
http://go.microsoft.com/fwlink/?LinkID=386693
Question: Can you prevent checkpoint creation from inside a virtual machine?
If the previous and current Generation ID values are different, this means that the virtual machine identity
is not the same. This can be the result of different actions, such as creating a new virtual machine and
attaching it to a virtual hard disk with an installed operating system, restoring a system backup to a
different virtual machine, or applying the checkpoint to the existing virtual machine. When the application
detects a change in Generation ID, it should consider that it is running in a different virtual machine and
act accordingly. For example, when AD DS detects a change in Generation ID value, it updates its
InvocationID value and effectively modifies the identity of the domain controller.
To use the virtual machine Generation ID from inside a virtual machine, the following prerequisites apply:
• The virtual machine must be running on a hypervisor that implements support for virtual machine
Generation ID. Several virtualization platforms meet this requirement, including Windows 8, Windows
Server 2012, and newer Windows operating systems, and VMware vSphere 5.0 update 2 and newer.
• The virtual machine must be running an operating system that is aware of and is using Generation ID.
Windows 8, Windows Server 2012, and newer Windows operating systems meet this requirement:
o If a virtual machine has Integration Services installed from Windows 8 or Windows Server 2012,
applications on other operating systems such as Windows Server 2008 Service Pack 2 or Windows
7 Service Pack 1 can also read the Generation ID value. These older operating systems are not
Generation ID–aware, but applications that are running on the virtual machine can still read the
Generation ID value.
Server Virtualization with Windows Server Hyper-V® and System Center 3-45
Note: The Generation ID value is projected into a virtual machine through an emulated
BIOS device, and Integration Services presents it as a Hyper-V Generation Counter. Because of
this, operating systems on a virtual machine can access the Generation ID value only if it has
Integration Services installed from Windows 8, Windows Server 2012, or newer.
• The virtual machine is migrated by using System Center 2012 - VMM (Export and Import).
• The virtual machine is imported.
Note: Virtualized domain controller cloning takes advantage of the Generation ID feature.
For more information, refer to the Virtual Machine Generation ID paper from the following website:
Question: Can you use Generation ID in a Windows Server 2008 R2 virtual machine?
3-46 Creating and Managing Virtual Hard Disks, Virtual Machines, and Checkpoints
Lesson 5
Monitoring Hyper-V
Monitoring your virtualization environment is important. You are most likely already familiar with the
monitoring tools included with Windows Server 2012 R2, but you should remember that not all of them
are virtualization-aware. Only Performance Monitor can provide you with real performance data, and
when you install the Hyper-V role, many additional performance counters are added to Performance
Monitor. If you are more interested in chargeback data, you should enable and use resource metering,
which is included with Hyper-V in Windows Server 2012 and newer Windows Server operating systems.
Lesson Objectives
After completing this lesson, you should be able to:
Windows Server 2012 R2 includes the following tools for monitoring system performance:
• Task Manager. Task Manager displays real-time monitoring data for a local server. You can view
information related to running processes, performance data, resource use by connected users, and
detailed information on running processes and Windows Server services. You can customize Task
Manager, for example, to configure update speed or view additional details of running processes.
You can also start new tasks, disconnect users, and end tasks from the Task Manager.
Task Manager is often the first tool to use when performance-related problems occur. For example,
you might examine the running processes in Task Manager to determine if a particular program is
using excessive CPU resources. However, Task Manager only shows real-time utilization for the local
server. You cannot use it to monitor remote servers or to store performance data.
Server Virtualization with Windows Server Hyper-V® and System Center 3-47
Note: The Performance tab in Task Manager shows overall CPU utilization. If you want to
view individual processor utilization on a multiprocessor server, you must change the graph to
the Logical Processor view.
• Resource Monitor. Resource Monitor provides an in-depth look at real-time performance for a
local server. You can use it to monitor the use and performance of CPU, disk, network, and memory.
By using Resource Monitor, you can identify and resolve resource conflicts and bottlenecks. By
expanding the monitored elements, you can identify which processes are using which resources.
Resource Monitor shows only real-time utilization for a local server.
• Event Viewer. You can use Event Viewer to work with Windows events. Events are collected in
event logs and can occur locally, or they can be collected from remote computers. Events include
information, warnings, and errors on Windows components and installed applications. Events also
include performance events, such as a disk is almost full. You can filter events, create custom views,
and attach tasks to the events.
• Reliability Monitor. Reliability Monitor provides an historical view of server reliability and problem
history. It assesses server stability on a scale from 1 to 10 and can show you hardware and software
problems that impacted the server during a specific period. If you want Reliability Monitor to start
collecting data, you first must enable the RACTask scheduled task.
• Performance Monitor. This is the most robust and complete monitoring tool in Windows operating
systems. You can use it to view real-time performance for local and remote servers and to store
and view historical data, which is gathered by using data collector sets. In Performance Monitor,
you can also create performance counter alerts, which generate alerts and start tasks when the
performance counter is either less than or more than the specified value. You can monitor operating
system performance through performance objects and counters in the objects. When you install an
additional role, for example, Hyper-V, additional performance objects are added in Performance
Monitor.
Each server role uses processor, memory, disks, and networks, but it uses them differently.
Performance counters that are relevant for monitoring servers are different, based on the server roles.
For example, you should monitor different performance counters on a file server than on a Hyper-V
host or a domain controller.
For more information, refer to the Performance Tuning Guidelines for Windows Server 2012 paper from
the following website:
Microsoft Download Center
http://go.microsoft.com/fwlink/?LinkID=285313
Question: Which of the monitoring tools in Windows Server 2012 R2 must you first enable
to provide you with data after at least a few hours?
3-48 Creating and Managing Virtual Hard Disks, Virtual Machines, and Checkpoints
You should use Performance Monitor to monitor Hyper-V host performance. You can monitor memory,
disk, and network performance on the Hyper-V host in the same way, and by using the same performance
counters as on any other server. For example, you can monitor:
• Disk latency by using the \Logical Disk(*)\Avg. sec/Read and \Logical Disk(*)\Avg. sec/Write
Performance Monitor counters. These performance counters measure the time that read and write
operations take to respond to the operating system. Requests from virtual machines and the parent
partition affect this counter. If one virtual machine accesses the disk heavily, this will increase disk
latency.
o \Memory\Available Mbytes. This counter measures the amount of available physical memory to
processes that are running in the parent partition, expressed as a percentage of total physical
memory.
o \Memory\Pages/sec. This counter measures the rate at which pages are read and written to
disk to resolve hard page faults. To resolve hard page faults, the Hyper-V host must swap the
contents of memory to disk. A high value for this counter in correlation with low available
physical memory might indicate insufficient physical memory on the Hyper-V host.
• Network utilization on the Hyper-V host by using \Network Interface(*)\Bytes Total/sec and \Network
Interface(*)\Output Queue Length Performance Monitor counters.
Processor utilization on a Hyper-V host is measured differently than on a physical server. On a physical
server, you would monitor processor utilization by using the \Processor(*)\% Processor Time Performance
Monitor counter. However, on the Hyper-V host, this counter is not appropriate, because the parent
partition is treated as another virtual machine. Therefore, this counter monitors utilization of available
processor resources for the parent partition, not the entire physical Hyper-V host. To monitor total
processor utilization on the Hyper-V host, which includes parent partition and virtual machines, you
should use the \Hyper-V Hypervisor Logical Processor(_Total)\% Total Run Time Performance Monitor
counter. This counter measures the total percentage of time spent by the processor for running the
Hyper-V host and all the virtual machines on the Hyper-V host.
Server Virtualization with Windows Server Hyper-V® and System Center 3-49
You can use the following Performance Monitor counters to monitor processor usage on a Hyper-V host:
• Hyper-V Hypervisor Logical Processor\% Total Run Time. Monitors the total non-idle time of the
logical processors.
• Hyper-V Hypervisor Logical Processor\% Hypervisor Run Time. Monitors the non-idle time of the
logical processors for the Hyper-V host only.
• Hyper-V Hypervisor Root Virtual Processor. Monitors processor utilization for the host (Hyper-V host)
operating system only.
Question: Can you use Performance Monitor in virtual machines to monitor Hyper-V host
performance?
On a Hyper-V host, you have Hyper-V hypervisor performance counters to monitor the performance of
both logical and virtual processors. A logical processor correlates directly to the number of processors on
the physical server. For example, single quad core processors correlate to four logical processors. Virtual
machines use virtual processors to execute the code. The virtual processors perform all the execution in
the parent partition and the virtual machines.
3-50 Creating and Managing Virtual Hard Disks, Virtual Machines, and Checkpoints
You can use processor settings for the virtual machine to configure resource control and limit the
processor resources that the virtual machine can use. In the Resource control section, you can configure
the following settings:
• Virtual machine reserve (percentage). Use this setting to reserve a certain portion of the Hyper-V host
processor resources for the virtual machine. By configuring this setting, you can ensure that the
virtual machine will always have at least that part of processor resources available to it. By default,
the virtual machine reserve is set to 0, which means that no processor resources are reserved.
• Virtual machine limit (percentage). This setting limits processor resources that are available to the
virtual machine and prevents it from consuming an excessive amount of processor resources.
• Percent of total system resources. This setting is read-only, and its value is set based on the virtual
machine limit, number of virtual processors, and the number of physical processors in the Hyper-V
host. For example, consider a virtual machine that is allowed to use 100 percent of the processor,
has a single virtual processor, and four physical processors in the Hyper-V host. In this case, the
percentage of total system resources is set to 25, because 100 percent utilization of one processor is
equal to 25 percent utilization of total Hyper-V processor resources.
• Relative weight. Virtual machines with higher relative weights receive more processor time, and virtual
machines with lower relative weights receive less processor time. By default, all virtual machines are
assigned a relative weight of 100.
Question: How can you limit processor resources that a virtual machine can use?
Demonstration Steps
1. On LON-HOST1, start Performance Monitor, and then add the following counters:
o Hyper-V Hypervisor Virtual Processor\% Guest Run Time for LON-CL1 instance
o Hyper-V Virtual Storage Device\Read Operations/sec for the instance that refers to
20409B-LON-CLx
4. On LON-HOST1, use Performance Monitor to follow how disk access increased in virtual machine and
on the Hyper-V host while sqlio.exe is running on the virtual machine.
6. In CPU Stress, set Process Priority Class to High. In the Thread 1 section, set Thread Priority to
Highest and Activity to Busy.
7. On LON-HOST1, use Performance Monitor to follow how processor utilization in a virtual machine
and on Hyper-V increases.
8. On LON-HOST1, use Hyper-V Manager to view CPU Usage for the LON-CL1 virtual machine.
10. Use Hyper-V Manager to confirm that CPU Usage for the LON-CL1 virtual machine is considerably
lower.
Hyper-V in Windows Server 2012 includes resource metering, a feature that you can use to monitor
resource consumption over time, per virtual machine or resource pool. Resource pools are logical
containers that collect resources of the virtual machines that one business unit uses. When you use
resource pools, you can enable resource metering and query on resource use in the same way as for a
single virtual machine. Resource metering works with all Hyper-V operations. The movement of virtual
machines between Hyper-V hosts, for example, by using live migration, does not affect the data collection
process.
The following cmdlets are used for resource metering:
Resource metering in Hyper-V collects and reports on the following resource use data:
• Average CPU use. The average CPU, in megahertz (MHz), that a virtual machine uses over a period.
• Average memory use. The average physical memory, in MB, that a virtual machine uses over a period.
3-52 Creating and Managing Virtual Hard Disks, Virtual Machines, and Checkpoints
• Minimum memory use. The lowest amount of physical memory, in MB, assigned to a virtual machine
over a period.
• Maximum memory use. The highest amount of physical memory, in MB, assigned to a virtual machine
over a period.
• Maximum disk allocation. The highest amount of disk space capacity, in MB, allocated to a virtual
machine over a period.
• Incoming network traffic. The total incoming network traffic, in MB, for a virtual network adapter over
a period.
• Outgoing network traffic. The total outgoing network traffic, in MB, for a virtual network adapter over
a period.
Before you can obtain data on resources that are used by virtual machines, you first must enable
resource metering. You can use Windows PowerShell to enable resource metering and retrieve collected
data. Windows Server 2012 R2 does not include a graphical reporting tool on virtual machine resource
utilization, but you can use one of the non-Microsoft tools, or develop your own tool.
Server Virtualization with Windows Server Hyper-V® and System Center 3-53
Lesson 6
Designing Virtual Machines for Server Roles and Services
You can use Hyper-V Manager to manage multiple Hyper-V hosts, but it is not the optimal tool when you
have to manage an enterprise environment. The Hyper-V module for Windows PowerShell is a better tool
when you need to automate operations or perform repetitive tasks on multiple servers. However, not all
administrators like to work with a command shell. For environments with multiple Hyper-V hosts, System
Center 2012 - VMM is the recommended tool, although, you must obtain it separately.
Hyper-V does not support the concept of templates, but copying a virtual hard disk that has an installed
operating system or the use of differencing virtual hard disks can achieve similar results. By using that
approach, companies can create libraries of virtual disks with different operating systems and applications
and then use them as templates. In this lesson, you will learn about recommendations for running domain
controllers, Microsoft SQL Server, and Microsoft Exchange Server on virtual machines.
Lesson Objectives
After completing this lesson, you will be able to:
• Plan Hyper-V host management.
• Servers that you will use for virtualization should have only the Hyper-V role installed to minimize
overhead and the potential attack surface. If you plan to implement a highly available environment,
you should also consider installing failover clustering and multipath I/O features.
• Test and apply updates to Hyper-V hosts. This includes hardware updates (for example, firmware
updates), and Microsoft updates. Always test updates before deploying them in a production
environment.
• Implement shared storage and high availability. Shared storage is required for high availability,
and you can use SAN or SMB 3.0 file shares for shared storage. A highly available virtualization
infrastructure is critical, for which you should implement Hyper-V failover clusters.
• Monitor performance to optimize and manage server utilization. Server workloads change over time,
and you must ensure that the Hyper-V host is not overused.
• Automate and standardize administration of the Hyper-V host environment. Large organizations
might have hundreds of Hyper-V hosts, and the only way to manage them efficiently is to standardize
deployment and then automate management tasks. To do so, you can:
o Standardize the Hyper-V configuration. For example, consider using the same path for storing
virtual machines, and create virtual switches with the same name on all Hyper-V hosts.
o Join Hyper-V hosts to the domain unless your security policy states differently. Domain
membership makes it possible to centralize the management of policies for identity, security,
and auditing. Hyper-V hosts must be domain members if you want to create a Hyper-V failover
cluster.
o Implement remote management. Administering servers locally is not practical, for example, when
they are running a Server Core installation or Hyper-V Server, or you do not have physical access
to them. You can use remote management to centralize administration and automate
procedures.
o Use Windows PowerShell whenever possible. You can use Windows PowerShell cmdlets and
scripts to manage Hyper-V hosts. Windows PowerShell is installed by default, and you can use
it to automate and standardize administration.
o Consider implementing VMM, which provides tools for simplifying administrative tasks to
manage a large virtualization environment. For example, a company can use VMM to store
templates and to automate virtual machine deployment.
Windows Server 2012 Hyper-V Best Practices (In Easy Checklist Form)
http://go.microsoft.com/fwlink/?LinkID=386657
Windows PowerShell
When you create new virtual machines, you should provide them with appropriate virtual hardware, which
can be based on the recommendations for the physical servers. Multiple virtual machines run on the same
Hyper-V infrastructure, but you should be careful not to oversubscribe processor resources because it can
result in poor performance. Some applications, such as Exchange Server or SQL Server, are only supported
if the P2V conversion processor ratio is 1:2 or lower. To avoid creating virtual machines with the same
configuration manually, and if VMM is not an option, you should use Windows PowerShell for virtual
machine creation and for other administrative tasks.
Operating System
If possible, use the latest Windows Server operating system when building virtual machines because it
provides new and improved features such as Generation ID for detecting when a checkpoint was applied.
Newer Windows operating systems (Windows Server 2008 R2 and newer versions, and Windows 7 and
newer versions) also include Integration Services, and virtual machines should always run the latest version
of integration services.
Monitoring
It is important that your virtualization infrastructure is not overused and that virtual machines have
enough available resources. In smaller environments, you should implement monitoring by using
Performance Monitor. In enterprise environments, you should also use Operations Manager. Remember
that if you are using both products, Operations Manager can integrate with VMM, and System Center
components must be implemented in your environment.
Question: How can you use Hyper-V Manager to create a virtual machine with four
processors, two virtual hard disks, and two network adapters?
3-56 Creating and Managing Virtual Hard Disks, Virtual Machines, and Checkpoints
• A Hyper-V host should be just as secure as a domain controller. A Hyper-V administrator has full
permissions in a virtualization infrastructure and could potentially perform an elevation-of-privilege
attack. Such an attack could compromise all virtual machines, domains, and forests that Hyper-V is
hosting:
o If a Hyper-V host is a domain member in a domain for which it hosts virtual domain controllers,
then domain administrators have administrative permissions on the Hyper-V host.
o Consider applying different Group Policy Objects to your Hyper-V hosts and to your domain
controllers to secure them both.
• The virtual hard disk of a virtualized domain controller is equivalent to the physical hard drive of a
physical domain controller. It stores important identity data, and you should protect it just as you
protect the disks of physical domain controllers.
• Avoid using differencing virtual hard disks for a domain controller. They have more overhead than
other disk types, and they provide slower performance.
• Avoid using checkpoints for domain controllers. If a domain controller is running an operating system
prior to Windows Server 2012, you should not use checkpoints at all, because they can cause an
update sequence number (USN) rollback. Domain controllers that run Windows Server 2012 or newer
detect that a checkpoint was applied by monitoring the Generation ID and resolve the USN rollback
situation.
• Disable time synchronization of a virtual domain controller with a Hyper-V host. Windows Time
Service has its own algorithm for time synchronization within a domain. You should only disable the
time synchronization service, but still use other Integration Services.
• Store AD DS files on a different virtual hard disk than the operating system, and connect that virtual
hard disk to the virtual SCSI controller. Virtual hard disks that are attached to a virtual SCSI controller
provide better performance than virtual hard disks that are attached to a virtual IDE controller. They
also support additional functions such as forced unit access. Forced unit access ensures that the
operating system writes and reads data directly from the disk and bypasses all caching mechanisms.
• Windows Server 2012 includes virtualization-safe capabilities and enables faster deployment of virtual
domain controllers by using cloning.
Introduction to Active Directory Domain Services (AD DS) Virtualization (Level 100)
http://go.microsoft.com/fwlink/?LinkID=386693
Active Directory Virtualization Safeguards and Domain Controller Cloning with Windows
Server 2012
http://go.microsoft.com/fwlink/?LinkID=386679
Question: How can you disable virtual domain controller time synchronization in a Hyper-V
virtual machine?
• Hyper-V on Windows Server 2012 provides considerably better scalability than older versions, and
SQL Server can better take advantage of that scalability.
• Use fixed-size virtual hard disks or directly attached disks for SQL Server. Do not use dynamically
expanding or differencing virtual hard disks.
• Do not use checkpoints on a SQL Server virtual machine. Checkpoints can cause significant issues,
including slower performance and data loss.
• Ensure high availability for SQL Server. You can use different features to ensure high availability for
SQL Server, such as Hyper-V failover clustering, guest clustering, and AlwaysOn Availability Groups.
• Attach the SQL Server virtual hard disks to the Virtual SCSI controller for more flexibility.
• If you use virtual Fibre Channel, use Multipath I/O (MPIO) inside the virtual machine to ensure
resilient connections from the virtual machine to storage.
• Monitor performance of the Hyper-V host on which the SQL Server virtual machine is running, in
addition to the performance of the virtual machine.
• Consider using SQL optimization for better performance. The database administrator will most likely
perform this tuning, which includes the following:
o Configure SQL Server to use large page allocations (/T834 startup flag) to reduce memory
overhead.
3-58 Creating and Managing Virtual Hard Disks, Virtual Machines, and Checkpoints
o Set Max Worker Threads to the number of maximum concurrent user connections.
o Grant user rights for Lock pages in memory to the SQL Server service account. This helps
when dynamic memory is trying to reduce the virtual machine memory because it will prevent
Windows Server from paging out a large amount of buffer pool memory.
o Set the SQL Server processor affinity mask to isolate system resources for the SQL Server instance
from other SQL Server instances, or other applications that are running on the same virtual
machine.
o Set a fixed amount of memory for the SQL Server process to use. About three percent of the
total available memory is used for the system, and another one percent is used for memory
management structures. Use the following equation to calculate the total memory to be used by
SQL Server:
Memory – (1%memory * (NUMA_nodes)) – 3%memory – 1GB
SQL Server 2012 supports cloning by using the System Preparation Tool (Sysprep). You can use Sysprep
to install SQL Server on a virtual machine, generalize the operating system, and use it as a template when
creating new virtual machines. By using this approach, you can create a new virtual machine that has SQL
Server installed, which is considerably faster than if you installed it again.
Question: Can you only use virtual hard disks attached to a virtual SCSI controller for a SQL
Server virtual machine?
• Hyper-V in Windows Server 2012 R2 does not enforce a limit on the virtual processor-to-logical
processor ratio. You can have as many virtual processors used by virtual machines as the physical
hardware allows. Exchange supports a physical-to-logical processor ratio no greater than 2:1,
Server Virtualization with Windows Server Hyper-V® and System Center 3-59
although the recommended ratio is 1:1. For example, a dual processor system that uses quad core
processors contains 8 logical processors in the host system. On a system with this configuration, do
not allocate more than 16 virtual processors to all the guest virtual machines. Oversubscribing the
processor on the Hyper-V host decreases performance, depending on how much CPU is
oversubscribed.
• Exchange 2013 is not NUMA-aware, but it can benefit from NUMA in the same way as any other
application that is not NUMA-aware, by taking advantage of the Windows scheduler algorithms that
keep threads isolated to particular NUMA nodes.
• Dynamic memory is not supported for virtual machines that run any of the Exchange Server 2013
roles. Exchange Server 2013 uses in-memory data caching to provide better performance and faster
I/O operations. For this, Exchange Server 2013 needs sufficient memory at all times and full control
over the memory. If Exchange Server 2013 does not have full control of the memory that is allocated
to the virtual machine, system performance is considerably lower. Because of this, dynamic memory is
not supported for Exchange Server 2013.
• Differencing and dynamically expanding virtual hard disks are not supported in Exchange Server 2013
virtual machines. Thin provisioned dynamically expanding disks can overcommit the available storage,
and as they are growing, the underlying storage could run out of space if not monitored closely.
When you create fixed-size virtual hard disks, they are allocated their full size on the physical storage,
which ensures that storage will not later run out of space.
• Virtual machine checkpoints are not supported. When you create a checkpoint, Hyper-V creates
a new differencing virtual hard disk for the virtual machine. Changes are written only on the
differencing virtual hard disk, and data is read from both disks, which increases overhead and reduces
performance. You can also use checkpoints to revert a virtual machine back to any of the previous
states. Exchange Server 2013 is not checkpoint-aware, and applying checkpoints can have unintended
consequences for applications such as Exchange Server, which maintains state data.
• Exchange Server virtual machines, including Exchange Mailbox virtual machines that are part of
database availability group (DAG), might be protected by Hyper-V failover clustering and migration
technology. When failover happens, it must result in a system restart when the virtual machine is
started on a different node.
• Hyper-V Replica is not supported for Exchange Server. Replica makes sense for applications that do
not include disaster recovery capability. You should use DAG with Exchange Server 2013.
Question: How many virtual processors at most can you assign to Exchange Server virtual
machines that are running on a test Hyper-V host with two double-core CPUs?
3-60 Creating and Managing Virtual Hard Disks, Virtual Machines, and Checkpoints
Because the virtualization platform is new to A. Datum, you need to spend some time becoming familiar
with Hyper-V features and components, including checkpoints. As the pilot project continues, you will
need to be able to monitor server performance to ensure that virtual machines are configured properly.
For now, you will familiarize yourself with the monitoring tools that are available in Windows Server 2012
R2 and Hyper-V.
Objectives
After completing this lab, you will be able to:
• Import virtual machines and work with checkpoints.
• Monitor Hyper-V.
Lab Setup
Estimated Time: 60 minutes
Virtual machines: 20409B-LON-HOSTx, 20409B-LON-CLx, 20409B-LON-DC1
3. In Hyper-V Manager, click 20409B-LON-DC1, and in the Actions pane, click Start.
4. In the Actions pane, click Connect. Wait until the virtual machine starts.
5. Sign in by using the following credentials:
6. Repeat steps 3 through 5 for 20409B-LON-CLx. The letter x is 1 for the first student in the team,
and 2 for the second student in the team.
Note: Because you will be using the same virtual machines in the next lab, do not revert
the virtual machines. However, you can shut down all virtual machines after finishing this lab.
You will be working in pairs. Communicate clearly with your lab partner, and cooperate fully with
each other during this lab.
Server Virtualization with Windows Server Hyper-V® and System Center 3-61
4. Manage checkpoints.
3. In Hyper-V Manager, use the Edit Disk feature to link the C:\VirtualMachines\LON-EXPORT
\Virtual Hard Disks\LON-EXPORT.vhd virtual hard disk to the parent disk E:\Program Files
\Microsoft Learning\Base\Base14A-WS12R2.vhd. Note that this path might differ on your host
machine.
4. Use Hyper-V Manager to import the LON-EXPORT virtual machine again from
C:\VirtualMachines\LON-EXPORT\.
5. Use Hyper-V Manager to confirm that LON-EXPORT is imported, that it is configured with a single
virtual processor, and that it is connected to a virtual switch named External Network.
3. In Virtual Machine Connection to LON-CLx, from the Clipboard menu, click Type clipboard text.
Confirm that the text that you copied from the Win.ini file displays. Close the LON-CLx window.
6. Confirm that you are not signed in automatically to LON-CLx, and then sign in as
ADATUM\administrator, with Pa$$w0rd as the password.
7. In Notepad, paste the copied text from Win.ini.
10. On LON-CLx, use File Explorer to confirm that drives from LON-HOSTx are mapped to the virtual
machine.
11. On LON-CLx, confirm that Remote Desktop is disabled.
13. On LON-HOSTx, start the LON-CLx virtual machine, and then connect to it.
14. Confirm that after LON-CLx is started and the sign-in screen displays, the Connect to LON-CLx
window opens.
Note: Because Integration Services are not available during system start, enhanced session
mode is available only after the operating system is fully started.
4. Confirm that LON-VM1 is now using a virtual hard disk with a GUID in its name.
13. On LON-HOSTx, use the Windows PowerShell cmdlet Checkpoint-VM to create checkpoint for
LON-VM1, and then name it Folder3.
14. Use the cmdlet Get-VMSnapshot to view existing checkpoints for LON-VM1.
15. Use Hyper-V Manager to confirm that LON-VM1 has four checkpoints.
17. Confirm that on the LON-VM1 desktop, there is only one folder named Folder1.
18. On LON-VM1, on the desktop, create a folder named Folder1.1.
19. Use Hyper-V Manager to create a checkpoint for LON-VM1, and then rename it Folder1.1.
20. On LON-HOSTx, use File Explorer to browse to C:\Shares\Snapshots, and then confirm that there are
five .xml files and five subfolders.
Server Virtualization with Windows Server Hyper-V® and System Center 3-63
21. Confirm that Size of the oldest folder in the details pane is 0, as the first checkpoint that you created
was when LON-VM1 was turned off.
22. Confirm that each of other folders has larger sizes, as the other checkpoints were created while
LON-VM1 was running.
2. Use the Windows PowerShell cmdlet Export-VMSnapshot to export the Folder2 checkpoint of
LON-VM1 to the C:\Exported folder.
7. Double-click the Virtual Hard Disks folder, and then confirm that it contains the Differencing.vhd
virtual hard disk, its parent disk, and all of the differencing virtual hard disks that the checkpoints
created.
8. Use the Windows PowerShell cmdlet Restore-VMSnapshot to apply the Folder3 checkpoint to
LON-VM1.
9. On LON-VM1, confirm that on the desktop, there are three folders named Folder1, Folder2, and
Folder3.
10. Use Hyper-V Manager to confirm that you cannot modify Folder2 checkpoint settings, except for the
Name and Description.
11. Use Hyper-V Manager to delete the Folder1 checkpoint and its subtree.
12. Use Hyper-V Manager to confirm that all checkpoints for LON-VM1 except the first checkpoint are
deleted instantly.
13. On LON-HOSTx, use File Explorer to confirm that there is single .xml file, and one subfolder in the
C:\Shares\Snapshots folder.
Results: After completing this exercise, you should have imported virtual machines and worked with
checkpoints.
3-64 Creating and Managing Virtual Hard Disks, Virtual Machines, and Checkpoints
5. Confirm that the LON-CLx Task Manager shows high utilization, while the LON-HOSTx Task Manager
shows low utilization.
Note: As each Task Manager is reporting utilization of its own virtual environment, the
utilization shown is very different.
6. In CPU Stress, in the Thread 1 section, set Thread Priority to Idle, and set Activity to Low.
7. On LON-HOSTx, in Task Manager, click Open Resource Monitor. The Resource Monitor opens.
8. On LON-CLx, run the Windows PowerShell command C:\LabFiles\Mod03\sqlio.exe.
9. Confirm that on LON-CLx, Task Manager reports almost 100 percent Disk 0 utilization. Resource
Monitor on LON-HOSTx reports only a slight increase in disk activity.
o Hyper-V Hypervisor Virtual Processor\% Guest Run Time for the 20409B-LON-CLx instance
o Hyper-V Virtual Storage Device\Read Operations/sec for the instance that refers to
20409B-LON-CLx
4. On LON-HOSTx, use Performance Monitor to follow how disk access increases in the virtual machine
and on the Hyper-V host while sqlio.exe is running on the virtual machine.
5. On LON-CLx, in CPU Stress, set Process Priority Class to High. In the Thread 1 section, set Thread
Priority to Highest and Activity to Busy.
Server Virtualization with Windows Server Hyper-V® and System Center 3-65
6. On LON-HOSTx, use Performance Monitor to follow how processor utilization on the virtual machine
and on Hyper-V increases.
7. On LON-HOSTx, use Hyper-V Manager to view CPU Usage for the LON-CLx virtual machine.
8. Set Virtual machine limit (percentage) for 20409B-LON-CLx to 10.
9. Use Hyper-V Manager to confirm that CPU Usage for the LON-CLx virtual machine is considerably
lower.
12. In Hyper-V Manager, set Virtual machine limit (percentage) for LON-CLx to 100.
2. Use the Windows PowerShell cmdlet Enable-VMResourceMetering to enable resource metering for
20409B-LON-CLx.
3. Use the Windows PowerShell cmdlet Measure-VM to view resource metering data for
20409B-LON-CLx.
4. On LON-CLx, run the Windows PowerShell command C:\LabFiles\Mod03\Cpustres.exe.
5. In CPU Stress, set Process Priority Class to High. In the Thread 1 section, set Thread Priority to
Highest, and then set Activity to Busy.
6. Run the Windows PowerShell command C:\LabFiles\Mod03\TestLimit64.exe –d 400 –c 5.
7. On LON-HOSTx, use the Windows PowerShell cmdlet Measure-VM to view resource metering data
for 20409B-LON-CLx. Compare the data with previous results, and then notice the increase in use of
AvgRAM(M) and AvgCPU(MHz).
8. On LON-CLx, close CPU Stress.
Results: After completing this exercise, you should have monitored Hyper-V.
3-66 Creating and Managing Virtual Hard Disks, Virtual Machines, and Checkpoints
Question: Can you use shared virtual hard disks with two virtual machines that have Windows
8.1 installed?
Question: Can you use virtual machine settings to discover whether it is Generation 1 or
Generation 2?
Question: Can you use enhanced session mode to connect to a Windows Server 2012 R2 virtual
machine that is running on Windows Server 2012 Hyper-V host?
Question: Which monitoring tool can you use to monitor multiple servers simultaneously and to
provide you with alerts when the performance of servers is different than normal?
4-1
Module 4
Creating and Configuring Virtual Machine Networks
Contents:
Module Overview 4-1
Module Overview
Virtual machines are isolated, even when they are running on the same Hyper-V host and are
communicating only over the network. Hyper-V in Windows Server 2012 and Windows Server 2012 R2
includes an entirely redesigned and extensible virtual switch, which enables basic network packet
forwarding and more advanced features such as support for network virtualization. You can connect a
virtual switch to different networks, and based on this connection, you can create a private, internal, or
external virtual switch. If supported by server hardware, you can also use features such as single root I/O
virtualization (SR-IOV) and Dynamic Virtual Machine Queue, which enable higher network throughput
and lower CPU utilization.
On the Hyper-V host, the host operating system (for example Windows Server 2012 R2) is also running
in the virtual machine (parent partition), which means that its traffic can be controlled by a virtual switch.
One of the new features of the Hyper-V virtual switch is support for network virtualization, which you can
use to create multiple isolated tenant networks on the same physical network.
Note: For the purpose of this course, all instances of Microsoft System Center 2012 R2
Virtual Machine Manager are referred to as VMM.
Objectives
After completing this module, you will be able to:
Lesson 1
Creating and Using Hyper-V Virtual Switches
Virtual machines are rarely disconnected from a network. Most users typically will want virtual machines
to communicate with other computers. To provide virtual machines with network connectivity, you must
first connect them to a virtual switch. The virtual switch in Windows Server 2012 and Windows Server
2012 R2 is fully extensible, and provides advanced features such as port access control lists (ACLs),
network traffic monitoring, packet inspection, and network virtualization. The virtual switch also enables
basic features such creating different virtual switch types, and using virtual local area network (VLAN)
tagging. In this module, you will learn about basic Hyper-V virtual switch management, the different types
of virtual switches, and how to configure virtual switches by using Virtual Switch Manager and Windows
PowerShell.
Lesson Objectives
After completing this lesson, you will be able to:
• Describe the Hyper-V virtual switch.
The Hyper-V virtual switch offers similar functionalities as hardware network switches. The Hyper-V virtual
switch is a software-implemented Layer 2 network switch that is available as part of the Hyper-V role. You
can use the Hyper-V virtual switch to connect virtual machines to virtual networks and physical networks.
On the Hyper-V host, the host operating system, for example Windows Server 2012 R2, is also running in
the virtual machine (parent partition). This means that the Hyper-V virtual switch can be used when the
parent partition connects to the network.
Prior to Windows Server 2012, Hyper-V included a simple network switch that was not extensible and
provided only basic networking features. The Hyper-V Virtual Switch in Windows Server 2012 and
Windows Server 2012 R2 is fully extensible. It provides advanced features such as policy enforcement,
Server Virtualization with Windows Server Hyper-V® and System Center 4-3
tenant isolation, traffic shaping, and protection against malicious virtual machines. You can also extend it
with non-Microsoft extensions.
The Hyper-V virtual switch provides ways to extend the virtual switch without replacing the entire switch;
for example, to add monitoring, filtering, or forwarding functionality. You implement extensions by using
network device interface specification (NDIS) filter drivers and Windows Filtering Platform (WFP) callout
drivers. NDIS and WPF are two public platforms for extending the Windows networking functionality. If
you extend the virtual switch, the virtual switch extensions are listed in the Virtual Switch Manager feature
of Hyper-V Manager.
You can manage Hyper-V virtual switches by using the Virtual Switch Manager, or by using Windows
PowerShell cmdlets. For example, the following cmdlet lists all of the Hyper-V virtual switches on a
Hyper-V host:
Get-VMSwitch
VMNetworkAdapter is the primary noun that you can use to manage various security features, Quality
of Service (QoS), port mirroring, and other features. You can get more information on these features by
running the following cmdlet:
Get-Help Set-VMNetworkAdapter
The host operating system on Hyper-V host is also running inside a virtual machine (parent partition),
which means that you can add and manage virtual network adapters to it in a similar manner as to
other virtual machines. Each virtual network adapter can be connected to a separate Hyper-V virtual
switch, or to the same Hyper-V virtual switch as other adapters. You can create multiple parent virtual
network adapters that you then use for different purposes such as live migration, accessing the storage
area network (SAN), and parent operating system management. You can also limit bandwidth for each
virtual network adapter by assigning the QoS policy to the adapter. If you want to create a virtual network
adapter in the parent partition, run the following Windows PowerShell cmdlets:
You can connect only one virtual switch to a specific physical network adapter, wireless adapter, or
network interface card (NIC) team. Once you connect a Hyper-V virtual switch to a network adapter, all
other protocols are automatically unbound from that network adapter and reassigned to the virtual
network adapter.
Hyper-V supports three types of virtual switches: external, internal, and private. There is no limit on how
many virtual switches you can create on a Hyper-V host, or how many virtual machines you can connect
to a virtual switch. However, you cannot have more external virtual switches than the number of network
adapters on the Hyper-V host.
• Private network. A virtual switch that you connect to a private network provides connectivity only
between virtual machines on the same Hyper-V host, and that connect to the same virtual switch.
Virtual machines cannot communicate with virtual machines that are connected on a different virtual
switch, Hyper-V host, or external physical network. You can use a private switch if you need to isolate
virtual machines for security reasons, or if you are using them for testing and you do not want them
to access the company network inadvertently. When you create a private switch, there is no new
network connection added in the parent partition.
• Internal network. A virtual switch that you connect to an internal network provides connectivity
between virtual machines on the same Hyper-V host, and with the Hyper-V host itself. Virtual
machines that connect to an internal switch cannot communicate with any physical network, unless
the Hyper-V host provides network address translation (NAT) functionality. You use an internal virtual
switch when virtual machines must have network connectivity to a Hyper-V host, but not to external
resources. When you create an internal virtual switch, an additional virtual network connection is
added in the parent partition, and it is connected to the virtual switch.
• External network. A virtual switch is connected to a physical network adapter, wireless adapter, or
NIC team on the Hyper-V host, and it enables virtual machine connectivity to a physical network. You
use an external switch to provide virtual machines with access to external resources, or to the Internet.
When you create a new external virtual switch, Hyper-V creates a virtual network adapter in the
parent partition, unless you clear the option to Allow management operating system to share this
network adapter.
Note: If you create an external virtual switch and clear the Allow management operating
system to share this network adapter option, the physical network adapter will be available only
to virtual machines, and will not be accessible by the Hyper-V host. This is recommended,
because you should separate the production network from the network used to manage Hyper-V
host.
After you create a virtual switch, you can view and manage virtual switch extensions. By default, Hyper-V
includes two virtual switch extensions: Microsoft NDIS Capture, and Microsoft Windows Filtering Platform.
The Microsoft NDIS Capture extension enables the capture of network packets traversing the virtual
switch, which is the same functionality as is included in the Microsoft Network Monitor packet capturing
utility. The Microsoft NDIS Capture extension is not enabled by default. The Microsoft Windows Filtering
Platform processes network traffic as it traverses the virtual switch, and it is enabled by default for each
virtual switch that you create in Hyper-V.
You can create virtual switches by using the New Virtual Switch Wizard, which is part of Hyper-V Manager.
Alternatively, you also can use the new Windows PowerShell cmdlet New-VMSwitch. The cmdlet syntax is
determined by the type of virtual switch that you want to create.
Server Virtualization with Windows Server Hyper-V® and System Center 4-5
The external virtual switch type is associated with a physical network adapter that is present in the
Hyper-V host. When you create an external virtual switch, the Hyper-V Extensible Virtual Switch protocol
is bound to a physical adapter. All other bindings are moved to the virtual adapter that is created, and
display in the Network Connections interface. When you create an internal virtual switch, an additional
virtual adapter is created, which allows the host to connect to the virtual machines. If you create a private
virtual switch, no virtual adapter is created on the host.
Question: Can a virtual machine access the Internet if it is connected to an internal virtual
switch?
Question: What will happen in the parent partition when you create a new internal virtual
switch? Will it be the same as when you create a new private virtual switch?
Demonstration Steps
1. On LON-HOST1, in Hyper-V Manager, confirm that there is one virtual switch present named
External Network.
2. On LON-HOST1, in Hyper-V Manager, create a private virtual switch named Private Switch.
5. Confirm that four replies are received, and that LON-TEST1 has an IP address of 10.0.0.16.
6. On LON-HOSTx, connect the 20409B-LON-PROD1 virtual machine to the External Network virtual
switch.
7. On LON-PROD1, try to ping IP address 10.0.0.16, and confirm that it does not have connectivity with
LON-TEST1.
8. On LON-PRODx, in Windows PowerShell, use the cmdlet Set-NetIPInterface to enable dynamic
TCP/IP configuration for Ethernet network connection.
9. In Windows PowerShell, use ipconfig to confirm that LON-PRODx obtained the IP address from the
Dynamic Host Configuration Protocol (DHCP) server that is running on LON-DC.
4-6 Creating and Configuring Virtual Machine Networks
Note: The word virtual in the VLAN definition has nothing to do with server virtualization,
although server virtualization supports it. VLANs have been in use for more than thirty years.
VLAN cannot span multiple logical subnets. This limits the number of computers within a single VLAN,
and restricts the placement of virtual machines based on physical location. Even though VLANs can be
stretched across physical sites, the stretched VLAN must be all on the same subnet. A VLAN ID is 12 bits
long, which limits the value of VLAN IDs to 4,094. When you need to move a virtual machine that is
configured with a VLAN ID, you must ensure that you have reconfigured the underlying networking
infrastructure properly.
To enable VLAN Identification (VLAN ID) for management operating systems, you must enable the VLAN
ID for an external or internal virtual switch, and specify an ID. You can specify the VLAN ID in Hyper-V
Manager, on the Virtual Switch Manager page, under Switch Properties.
Note: The VLAN ID that you configure for the virtual switch specifies the VLAN that the
management operating system is using for all network communications through this network
adapter. This setting does not affect virtual machine networking.
To enable VLAN ID for a virtual machine, open Virtual Machine Settings, select the virtual network
adapter, select the Enable virtual LAN identification check box and then specify an ID that you want
the virtual machine connection to use. A virtual machine may have multiple network adapters, and the
adapters may use either the same or different VLAN IDs. You must perform this configuration on each
network adapter.
Hyper-V on Windows Server 2012 and Hyper-V on Windows Server 2012 R2 supports enhanced
functionality and simple VLAN tagging, which includes private VLAN and trunk mode to a virtual machine.
Question: Why can you create only a maximum of 4,094 VLAN networks?
Server Virtualization with Windows Server Hyper-V® and System Center 4-7
Demonstration Steps
1. On LON-HOSTx, connect the 20409B-LON-TESTx virtual machine to the External virtual switch.
2. On LON-PROD1, try to ping IP address 10.0.0.16 and verify that four replies are received. This
confirms that LON-PROD1 and LON-TEST1 have network connectivity.
3. On LON-HOST1, in Hyper-V Manager, configure the network adapter for the 20409B-LON-PROD1
virtual machine with a virtual LAN identification value of 2.
4. On LON-PROD1, try to ping IP address 10.0.0.16. Confirm that destination host is now not reachable.
This is because LON-PROD1 is connected to different VLAN as LON-TEST1.
5. On LON-HOST1, in Hyper-V Manager, configure the network adapter for the LON-TEST1 virtual
machine with a virtual LAN identification value of 2.
6. On LON-PROD1, try to ping IP address 10.0.0.16. Confirm that four replies are returned. LON-PROD1
and LON-TEST1 have network connectivity because now they are connected to the same VLAN.
When using Ethernet resource pools, virtual machines do not connect to precreated and preconfigured
ports in a virtual switch. The virtual machine is configured to connect to one or more virtual switches in a
pool of virtual switches. By default, every virtual switch is placed in the default primordial pool
automatically until other pools of type Ethernet are created.
4-8 Creating and Configuring Virtual Machine Networks
You can create resource pools by using the New-VMResourcePool Windows PowerShell cmdlet. You
cannot use Hyper-V Manager to create resource pools. However, if resource pools already exist, you
can use Hyper-V Manager to configure virtual machines to use a virtual switch from the resource pool.
When configured properly, you can move virtual machines between Hyper-V hosts with compatible
pool configurations without having to do any reconfiguration. When you configure a virtual machine to
connect to an Ethernet resource pool, the Hyper-V management layer configures the connections when a
virtual machine is started. Ports of the virtual switches in a pool are reclaimed automatically when they are
no longer in use. The virtual machine switch port configuration becomes an integral part of a virtual
machine overall configuration, and it is migrated automatically in all mobility scenarios.
Note: You can also use resource pools to collect resource pool usage information for
chargeback purposes.
Question: Can you configure a virtual network adapter to connect to a virtual switch in the
Ethernet resource pool by using Hyper-V Manager?
Server Virtualization with Windows Server Hyper-V® and System Center 4-9
Objectives
After completing this lab, you will be able to:
Lab Setup
Estimated Time: 20 minutes
Virtual machines: 20409B-LON-HOST1, 20409B-LON-HOST2, 20409B-LON-DC1, 20409B-LON-PROD1,
20409B-LON-PROD2, 20409B-LON-TEST1, and 20409B-LON-TEST2
For this lab, you will use the available virtual machine environment. Before you begin the lab, you must
complete the following steps:
1. Sign in to the LON-HOSTx computer as Adatum\Administrator with the password of Pa$$w0rd.
3. In Hyper-V Manager, click 20409B-LON-DC1, and in the Actions pane, click Start.
4. In the Actions pane, click Connect. Wait until the virtual machine starts.
6. Repeat steps 2 and 3 for 20409B-LON-TESTx and 20409B-LON-PRODx. The letter x is 1 for the first
student in the team, and 2 for the second student in the team.
7. For 20409B-LON-TESTx and 20409B-LON-PRODx, sign in as Administrator. For both accounts, use
the password Pa$$w0rd.
LON-HOST1 and LON-HOST2 are sometimes referenced as LON-HOSTx, which indicates that each
student performs the lab tasks on his or her computer.
Note: You will be working in pairs. Communicate clearly with your lab partner, and
cooperate fully with each other during this lab.
4-10 Creating and Configuring Virtual Machine Networks
3. View the properties of the Ethernet 2 network connection, and confirm that it is using only the
Hyper-V Extensible Virtual Switch, and that the check boxes for all other items are not selected.
4. View the properties of the vEthernet (External Network) network connection, and confirm that it is
using most items, but is not using the Hyper-V Extensible Virtual Switch, which is the only item for
which the check box is not selected.
o Management
o Storage
o Live Migration
3. Use the Network Connections window to confirm that three network connections have been added
to LON-HOSTx, and that they are named:
o vEthernet (Management)
o vEthernet (Storage)
o vEthernet (Live Migration)
Server Virtualization with Windows Server Hyper-V® and System Center 4-11
4. View the properties of the vEthernet (Management) network connection, and confirm that the
network connection is using most items, including Internet Protocol Version 4 (TCP/IPv4), but it is
not using the Hyper-V Extensible Virtual Switch.
5. In Windows PowerShell, use the cmdlet Get-VMNetworkAdapter with the All parameter to confirm
that the network adapters that you added by using Windows PowerShell are present on the system.
Note: You should get an error, because the physical network adapter is already bound to
the external switch.
2. In Hyper-V Manager, create an internal virtual switch and name it Internal Switch.
3. Use the Network Connections window to confirm that a network connection is added and that it is
named vEthernet (Internal Switch).
4. View the properties of vEthernet (Internal Switch), and confirm that the network connection is using
most items, including Internet Protocol Version 4 (TCP/IPv4), but that it is not using Hyper-V
Extensible Virtual Switch.
5. Use the Windows PowerShell cmdlet Get-VMNetworkAdapter with the All parameter to confirm
that there is a network adapter named Internal Switch present on the system.
6. On LON-HOSTx, in Hyper-V Manager, create a private virtual switch, and name it Private Switch.
7. Use the Network Connections window to confirm that no network connection was added when you
created the private virtual switch.
8. In Windows PowerShell, use the Get-VMNetworkAdapter cmdlet with the All parameter to confirm
that no network connection was added when you created the private virtual switch.
9. Use Hyper-V Manager to confirm that External Network, Internal Switch and Private Switch have
the same two extensions available: Microsoft NDIS Capture, which is not enabled, and Microsoft
Windows Filtering Platform, which is enabled.
3. Open Windows PowerShell in Administrator mode, and to try to ping IP address 10.0.0.x6.
4. Confirm that four replies are received
Note: Confirm that the destination host is unreachable. This is because the virtual network
adapter in LON-HOSTx that is connected to the Internal switch does not have IP address from the
same subnet as LON-PRODx.
8. On LON-HOSTx, configure the vEthernet (Internal Switch) network connection with the following
settings:
o IP address: 10.0.0.100
o Subnet mask: 255.255.255.0
9. On LON-HOSTx, try to ping IP address 10.0.0.x5. Confirm that four replies are returned, which
confirms that LON-HOSTx and LON-PRODx now have network connectivity.
10. On LON-HOSTx, connect the LON-PRODx virtual machine to the External Network virtual switch.
11. On LON-PRODx, use the Windows PowerShell cmdlet Set-NetIPInterface to enable dynamic TCP/IP
configuration for the Ethernet network connection. To do this, you will need to run Windows
PowerShell in Administrator mode.
12. In Windows PowerShell, use ipconfig to confirm that LON-PRODx obtained the IP address from the
DHCP server. Write down the LON-PRODx IPv4 address.
13. On LON-HOSTx, try to ping the IP address of LON-PRODx, and confirm that four replies are returned.
14. On LON-DC1, try to ping the IP address of LON-PRODx, and confirm that four replies are returned.
Note: Leave the virtual machines running, as you will use them in the next lab.
Results: After completing this exercise, you should have created and used Hyper-V virtual switches.
Server Virtualization with Windows Server Hyper-V® and System Center 4-13
Lesson 2
Advanced Hyper-V Networking Features
The Hyper-V virtual switch provides many other features in addition to the basic packed forwarding
functionality It supports the following features, if they are supported by the physical network adapters in
the Hyper-V host hardware:
• Port ACLs
Lesson Objectives
After completing this lesson, you will be able to:
• Explain virtual switch expanded functionality.
• Limit bandwidth.
• Allow connectivity only between certain virtual switch ports.
4-14 Creating and Configuring Virtual Machine Networks
You can use Hyper-V Manager to configure some of the Hyper-V virtual switch functionality and
expanded features, such as configuring virtual machine networking adapter settings. However, you must
use Windows PowerShell to configure some of the other features. The Hyper-V virtual switch expanded
functionality includes the following features:
• ARP/ Neighbor Discovery Poisoning (spoofing) protection. This feature provides protection against
malicious virtual machines that try to use Address Resolution Protocol (ARP) spoofing to associate
their media access control (MAC) addresses with the IP addresses of another virtual machine. By
doing this, they effectively steal IP addresses and intercept network traffic that is being sent to other
virtual machines. This feature also provides protection against attackers who use IPv6 Neighbor
Discovery spoofing.
You can enable this feature in the Advanced Features settings for the virtual machine network
adapter by selecting the Enable router advertisement guard option. You can also enable it by using
the Windows PowerShell cmdlet Set-VMNetworkAdapter. For example, if you want to enable this
feature on a network adapter in a virtual machine named VM1, you would run the following cmdlets:
• DHCP guard protection. This feature protects against a malicious virtual machine that is running a
rogue DHCP server that can be used for man-in-the-middle attacks. If you enable the DHCP guard
protection option, the virtual switch drops DHCP acknowledgement packets that the virtual machine
sends. This effectively prevents other computers from obtaining TCP/IP configuration from the DHCP
server that is running in the malicious virtual machine.
You can enable this feature in the Advanced Features settings for the virtual machine network
adapter, by selecting the Enable DHCP guard option. You also can enable this feature by using the
Windows PowerShell cmdlet Set-VMNetworkAdapter. For example, if you want to enable this
feature on a network adapter in virtual machine named VM1, you can run the following cmdlets:
• Port ACLs. The virtual switch performs traffic filtering based on MAC or IP addresses and ranges.
With this feature, you can set up virtual network isolation by creating two lists: a list of computers
with which a virtual switch port can communicate (white list), and a list of computers with which a
virtual switch port cannot communicate (black list). A network port ACL has several entries, which
include a network address and an associated permit, deny, or meter action. When a network packet
matches one of the entries, the virtual switch takes the appropriate action.
Port ACLs can be based on MAC address, IPv4 address, or IPv6 address. You can configure this
feature only by using Windows PowerShell, by running the Add-VMNetworkAdapterAcl cmdlet.
For example, if you want to allow network traffic in both directions between a virtual machine named
VM1 and computers on the 10.0.0.0/8 subnet, you can run the following cmdlet:
• Trunk mode to a VM. A VLAN logically isolates computers that are connected to the same local
network, irrespective of their actual physical location. By using VLANs, you can assign computers
on different switches to the same Layer 2 broadcast domain. This enables network communication
between the computers while they are isolated from the other computers that are either assigned to
Server Virtualization with Windows Server Hyper-V® and System Center 4-15
a different broadcast domain or have a different VLAN ID. A VLAN trunk enables traffic from multiple
VLANs to be visible and accessible on the same network adapter, as defined in the IEEE 802.1Q
standard.
Prior to Windows Server 2012 Hyper-V, the virtual switch did not have the ability to set a switch
port to trunk mode, and you could not have multiple VLANs assigned to the same virtual NIC.
Hyper-V in Windows Server 2012 supports the IEEE 802.1Q standard, and can forward traffic from
multiple different VLANs to the same network adapter. You can configure this feature only by using
Windows PowerShell, by running the cmdlet Set-VMNetworkAdapterVlan. For example, if you want
to enable trunk mode to a virtual machine named VM1, you would run the following cmdlets:
• Network traffic monitoring. You can use this feature to monitor and review all incoming or outgoing
network traffic that the network switch is forwarding to a specific virtual machine network adapter.
When you configure this feature, network traffic is copied and you can view it inside a virtual machine
by using a packet capture tool such as Network Monitor.
You can enable this feature in the Advanced Features settings for the virtual machine network
adapter by configuring the port mirroring mode. You can also configure it by using the Windows
PowerShell cmdlet Set-VMNetworkAdapter. For example, if you want to configure network traffic
monitoring for a virtual machine named VM1, you would run the following cmdlets:
• Isolated VLAN or private VLAN. Private VLANs were introduced to help with VLAN scalability issues.
A private VLAN consists of a primary VLAN, which has secondary VLANs. The secondary VLAN IDs
differentiate the various private VLANs, and all secondary VLANs share the same primary VLAN ID.
Private VLANs are designed to reduce the number of IP subnets and VLANs for some types of
network configurations. The virtual switch supports private VLANs to restrict communication between
computers on the same VLAN or network segment.
Private VLANs support an isolated mode in which virtual machines can share the same VLAN ID, but
can only communicate externally. You can configure this feature only by using Windows PowerShell,
by running the cmdlet Set-VMNetworkAdapterVlan. For example, if you want to configure private
VLAN for a virtual machine named VM1 and configure it with primary VLAN ID 10 and secondary
VLAN ID 200, you would run the following cmdlet:
• Bandwidth limits and burst support. By setting a minimum bandwidth, you can guarantees at least
that amount of bandwidth for the virtual machine network adapter. The maximum bandwidth setting
specifies the maximum amount of bandwidth that a virtual machine network adapter can consume.
You can enable and configure this feature only for network adapters, and not for legacy network
adapters.
You can enable and configure this feature on the virtual machine network adapter settings, or by
using the Windows PowerShell cmdlet Set-VMNetworkAdapter. For example, for a network adapter
in a virtual machine named M1, if you want to specify a minimum bandwidth of 10 megabytes (MB)
and maximum bandwidth of 1 gigabyte (GB), you can run following cmdlets:
Question: Do you need to enable DHCP guard protection on each virtual machine that you
want to protect from obtaining TCP/IP configuration from the rogue DHCP server?
You can also implement extensions by using NDIS filter drivers or Windows Filtering Platform (WFP)
callout drivers, which are two public Windows platforms used for extending the Windows networking
functionality. Both platforms are available in Windows Server 2008 and newer Windows Server platforms,
and you can use them to extend a virtual switch in different ways.
NDIS filter drivers or WFP callout drivers have the following characteristics:
• NDIS filter driver. The NDIS filter driver is a filtering service that monitors and modifies network
packets in Windows operating systems. For example, you can use the NDIS filter driver to perform
packet inspection, to modify packets when transiting a virtual switch, or to perform packet forwarding
based on their content. NDIS filters were introduced with the NDIS 6.0 specification, which was first
implemented in Windows Server 2008 and Windows Vista.
• WFP callout drivers. Developers can use WFP callout drivers to filter and modify TCP/IP packets,
and to monitor or authorize connections, filter Internet Protocol security (IPsec)–protected traffic,
and filter remote procedure calls (RPCs). Filtering and modifying TCP/IP packets provides unlimited
access to the TCP/IP traffic that passes through the virtual switch. WFP callout divers can examine
and modify outgoing and incoming packets before additional processing occurs. By using WFP
callout drivers, developers can create firewalls, antivirus software, diagnostic software, intrusion
detection software, and other types of applications and services. WFP callout drivers were first
implemented in Windows Server 2008 and Windows Vista.
After you install virtual switch extensions, you can control them on the Extensions settings for the virtual
switch, or by using Windows PowerShell. By default, there are two virtual switch extensions included with
Hyper-V. These virtual switch extensions are the Microsoft NDIS Capture monitoring extension, which is
disabled by default, and the Microsoft Windows Filtering Platform filtering extension, which is enabled by
default.
Server Virtualization with Windows Server Hyper-V® and System Center 4-17
The following table lists some of the virtual switch extensions, functionalities they provide, and which
platform you can use to provide such functionality.
Network packet Inspects network packets that are exchanged NDIS filter driver
inspection between virtual machines and passed through a
virtual switch. Network packets cannot be
modified.
Network packet Creates, filters, and modifies network packets that NDIS filter driver
filter are entering or leaving the virtual switch.
Network Provides network packets with a forwarding logic NDIS filter driver
forwarding extension. This extension replaces the default
forwarding extension, because the virtual switch
can have only one forwarding extension.
Intrusion detection Filters and modifies network packets, monitors or WFP callout driver
or firewall authorizes connections, and filters traffic based on
different criteria (for example, if the network
packets are protected by IPsec).
Question: Can you write Hyper-V virtual switch extensions in Windows PowerShell?
What Is SR-IOV?
SR-IOV is a standard that specifies how a
hardware device can make its functionality
available for direct use by virtual machines.
These functionalities are called virtual functions,
and are associated with physical functions.
Physical functions are what the parent partition
uses in Hyper-V.
If you want to use SR-IOV, both the Hyper-V host hardware and the network device and its device driver
must support it. Because SR-IOV requires compliant hardware, it can be only associated with an external
virtual switch that maps to an SR-IOV–capable network adapter in the Hyper-V host. You can only
configure SR-IOV at the time that you create the virtual switch. You cannot convert an external virtual
switch with SR-IOV enabled, to an internal or private switch. You can enable SR-IOV on virtual machine
network adapters.
4-18 Creating and Configuring Virtual Machine Networks
In Windows Server 2012 and newer Windows Server operating systems, you can use live migration to
move running virtual machines without noticeable downtime, even when virtual machines are configured
to use SR-IOV. During live migration, Hyper-V can check whether the destination server has SR-IOV
capabilities, and if so, move the virtual machine to that server. You also can configure live migration to
refuse migrations of SR-IOV–dependent virtual machines to a Hyper-V host that does not have SR-IOV
capabilities.
You also can use live migration to move virtual machines that are configured to use SR-IOV between
Hyper-V hosts even if Hyper-V hosts have different SR-IOV–enabled network adapters. When you move a
virtual machine, you will notice that it is using a different network adapter, but the configuration and
network connectivity will be preserved.
SR-IOV Requirements
When you want to enable and use SR-IOV, the Hyper-V host must meet the following requirements:
• Server hardware must support SR-IOV, which includes chipset support for interrupt, and DMA
remapping and firmware support to enable and make the hardware system SR-IOV capabilities
available to the Windows Server operating system.
• An SR-IOV–capable network adapter and network adapter device driver must be present on the
Hyper-V host (in the parent partition). The network adapter device driver also must be present in
each virtual machine, where an SR-IOV–capable network adapter (its virtual function) is assigned.
Note: When using SR-IOV, virtual machine traffic bypasses the Hyper-V virtual switch. If
any switch port policies are set, SR-IOV functionality is disabled for that virtual machine.
Question: Can you configure a Hyper-V virtual switch to use SR-IOV after you have
created it?
traffic to the corresponding queue. For VMQ support, you must have both the multiple unicast MAC
addresses per network adapter feature, and the ability to create queues in the memory address space that
is assigned to the virtual machines.
VMQ allows the efficient transfer of the incoming network traffic to a virtual machine. A VMQ-capable
network adapter can use DMA to transfer incoming packets to the appropriate virtual machine. This
reduces CPU overhead when transferring packets to the virtual machines, which can be beneficial when
virtual machines are receiving large amounts of traffic when performing tasks such as file backup,
database replication, or data mirroring.
Hyper-V in Windows Server 2008 R2 associated the VMQ queue with virtual machine statically. In
Windows Server 2012 and newer versions, Hyper-V provides automatic configuration and tuning for VMQ
queues. This is accomplished by allowing VMQ to be associated with a processor dynamically, based on
processor networking and CPU load. The number of processors that network processing uses can increase
or decrease automatically, based on the network load. This allows the Hyper-V host to process more
networking traffic and support higher network bandwidth. The ability to dynamically adjust number of
processor cores that are used for processing VMQ queues is called Dynamic Virtual Machine Queue.
Dynamic Virtual Machine Queue is enabled automatically in the virtual switch whenever an administrator
enables VMQ on the virtual network adapter that is connected to the switch. The only ways to disable the
VMQ feature either is to disable VMQ in the virtual network adapter Hardware Acceleration settings, or to
use the Windows PowerShell cmdlet Set-VMNetworkAdapter.
Note: VMQ requires a physical network adapter that supports this feature. If the VMQ
feature is enabled on a virtual network adapter, but the Hyper-V host does not have a physical
adapter that supports VMQ, this feature cannot be used.
Question: Is VMQ beneficial when a virtual machine has to perform complex calculations
and database searches?
4-20 Creating and Configuring Virtual Machine Networks
• MAC Addresses. By using this setting, you can configure a virtual machine either to use a dynamic
MAC address assignment (which is the default configuration), or to specify a static MAC address that
the virtual machine will use. As with most other settings, you can configure this setting only if the
virtual machine is not running. In this setting, you can also enable MAC Address spoofing, which
allows virtual machines to change the source MAC addresses in outgoing packets to one that is not
assigned to them. This can be beneficial when the virtual machine is a node in the Network Load
Balancing (NLB) cluster, in which nodes should be using the same MAC address for outgoing traffic.
If a virtual machine has NIC Teaming configured, MAC address spoofing must be enabled.
• DHCP guard. This is a security feature that can prevent a rogue DHCP server that is running in a
virtual machine from providing TCP/IP settings on the network. This option is disabled by default,
which means that the virtual switch is forwarding DHCP Acknowledge packets from the virtual
machine. If you enable this option, the DHCP server that is running in the virtual machine will not
be able to offer TCP/IP settings over the virtual network adapter that has this feature enabled.
• Router guard. This is also a security feature that can prevent virtual machines from sending router
advertisements and redirection messages, and prevent man-in-the-middle type attacks. This option is
disabled by default. If you enable it, the virtual switch will drop router advertisements and redirection
messages, which are sent from the virtual machine over a virtual network adapter that has this feature
enabled.
• Protected network. This option is enabled by default, and enables network health detection and
recovery. If a virtual machine is running on a Hyper-V host cluster and a network is disconnected on
a protected virtual network, the failover cluster will use live migration to move the affected virtual
machine to a Hyper-V node on which that external virtual network is available.
• Port mirroring. This feature enables monitoring of the incoming and outgoing traffic for a virtual
machine. You can configure port mirroring as either the source or as the destination, and the virtual
switch will copy all traffic from the source virtual network adapter to the destination adapter. In a
virtual machine that has the virtual network adapter configured as a destination, you should typically
be running a network monitoring application.
• NIC Teaming. By using this setting, you can add multiple network adapters that are configured in a
virtual machine to a network team. This aggregates their bandwidth and provides redundancy, even if
NIC Teaming is not configured on the Hyper-V host itself.
Server Virtualization with Windows Server Hyper-V® and System Center 4-21
Note: You can configure the same network adapter advanced features for network
adapters, legacy network adapters, and network adapters that are used in Generation 2 virtual
machines.
Question: How can you monitor network traffic when you enable port mirroring for a
network adapter?
If virtual switches are connected to physical network adapters that are not SR-IOV–enabled, the end result
will be the same. However, physical network adapters will not be directly mapped to the virtual machine
by using virtual function, but will map instead by using the Hyper-V virtual network adapter. Another
option is to use a combination of adapters that are SR-IOV–enabled, and those which are not in the same
virtual machine NIC team.
You can enable virtual machine NIC Teaming either from the Advanced Properties settings page of the
virtual network adapter, or by using the Windows PowerShell cmdlet Set-VmNetworkAdapter. Virtual
machine NIC Teaming is not enabled by default. If you do not enable it, and if one of the physical
network adapters stops working, the NIC team that is created in the guest operating system in the virtual
machine will lose connectivity.
4-22 Creating and Configuring Virtual Machine Networks
At the Hyper-V host level, NIC Teaming is not supported when physical network adapters are using SR-
IOV or Remote Direct Memory Access (RDMA). This is because network traffic is delivered directly to the
adapter, thereby bypassing the network stack, and not allowing path redirection. When you configure NIC
Teaming at the virtual machine level, physical network adapters that are connected to virtual switches can
be using SR-IOV.
Question: Are there any special hardware requirements if you want to use NIC Teaming in
virtual machines?
Demonstration Steps
1. On LON-PROD1, in File Explorer, copy the C:\Windows\Inf folder and paste it to the network share
\\10.0.0.16\share. Be aware of the copy speed and how long the process takes.
2. After the copy finishes, delete the copied Inf folder.
3. On LON-HOST1, in Hyper-V Manager, enable bandwidth management for the network adapter in the
LON-PROD1 virtual machine. Type 10 as both the Minimum bandwidth and Maximum bandwidth.
4. On LON-PROD1, in File Explorer, copy the C:\Windows\Inf folder, and paste it again to the network
share \\10.0.0.16\share. Notice that copy process takes noticeably longer to complete.
5. On LON-PROD1, in Windows PowerShell, use the ipconfig command to release and renew TCP/IP
settings.
6. On LON-HOST1, in Hyper-V Manager, enable DHCP guard on the network adapter of the
20409B-LON-DC1 virtual computer.
7. On LON-PROD1, in Windows PowerShell, use the ipconfig command to release renew TCP/IP
settings. Notice that this time the process takes considerably longer, and LON-PROD1 is not able to
obtain TCP/IP settings.
Server Virtualization with Windows Server Hyper-V® and System Center 4-23
Objectives
After completing this lab, you will be able to:
Lab Setup
Estimated Time: 20 minutes
Password: Pa$$w0rd
For this lab, you will use the available virtual machine environment.
Note: You will be working in pairs. Communicate clearly with your lab partner, and
cooperate fully with each other during this lab.
Note: In this exercise you will see how you can prevent rogue DHCP servers on your
network. Because your partner is also using the same DHCP server, you should synchronize this
task with him or her.
Note: This step confirms that the DHCP guard setting on the virtual network adapter has
no effect on whether or not the virtual machine can obtain TCP/IP settings over that adapter or
not.
Note: The following lab steps will also affect your lab partner, so let him or her know that
you will perform the change on the LON-DC virtual machine. Your partner should wait until you
finish this change, and then proceed.
4. On LON-HOST1, in Hyper-V Manager, enable the DHCP guard on the network adapter of the
20409B-LON-DC1 virtual computer.
5. On LON-PRODx, use ipconfig to release and renew TCP/IP settings.
Note: Notice that this time it takes considerably longer, and that LON-PRODx is not able to
obtain TCP/IP settings.
Note: The DHCP server in LON-DC1 can once again offer TCP/IP settings.
Note: In step 6 you disabled DHCP guard on LON-DC1, so now your partner can now
perform steps 4 through 6.
o IP address: 10.0.0.x5
4. On LON-HOSTx, in Hyper-V Manager, configure the LON-PRODx virtual machine network adapter
with the virtual LAN identification value of 2.
5. On LON-PRODx, try to ping IP address 10.0.0.x6. Confirm that the destination host is no longer
reachable. This is because LON-PRODx is connected to a VLAN different from LON-TESTx.
6. On LON-HOSTx, in Hyper-V Manager, disable virtual LAN identification for the network adapter in
the LON-PRODx virtual machine.
Server Virtualization with Windows Server Hyper-V® and System Center 4-25
5. On LON-HOSTx, in Hyper-V Manager, disable Bandwidth management for the network adapter in the
20409B-LON-PRODx virtual machine.
Note: Leave the virtual machines running, as you will use them in the next lab.
Results: After completing this exercise, you should have configured and used advanced virtual switch
features.
4-26 Creating and Configuring Virtual Machine Networks
Lesson 3
Configuring and Using Hyper-V Network Virtualization
Network virtualization, which was introduced with Hyper-V in Windows Server 2012, provides similar
functionality to network traffic as does server virtualization to the server load. With network virtualization,
network traffic between different computers is isolated, even when it is on the same physical network.
You can isolate network traffic by using different features such as VLANs, private VLANs, and Port ACLs.
However, all of these features have limitations. Therefore, for Hyper-V network virtualization (which is
an implementation of Software Defined Networking, you use Network Virtualization Generic Routing
Encapsulation. You can configure network virtualization by using Windows PowerShell, but this process
is much easier when you use tools such as VMM.
Lesson Objectives
After completing this lesson, you will be able to:
The different solutions that you can use to provide network isolation in a multiple tenant environment are:
• VLANs. This is the solution that most organizations use today to support address space reuse and
multiple tenant isolation. A VLAN uses an additional header that contains a VLAN ID. It relies on
switches to enforce isolation of network traffic between computers that are connected on the same
network but use different VLAN IDs. One of the drawbacks of VLAN is that it provides limited
scalability. Because VLAN ID only uses 12 bits, you can theoretically have a maximum of 4,094
Server Virtualization with Windows Server Hyper-V® and System Center 4-27
different VLANs on the same infrastructure. However, many switches can support much less than
4,094 VLANs. The second drawback is that VLANs cannot span multiple logical subnets. This limits
the number of computers in a single VLAN, and restricts the placement of virtual machines based on
physical location.
Although you can enhance or stretch VLANs across physical locations, a stretched VLAN must be on
the same subnet. You should also be aware that switches and routers should be configured to support
VLANs and you need to reconfigure them whenever virtual machines or isolation boundaries move
in the dynamic data center. This can be automated to a certain extent, but it increases risk of an
inadvertent network outage due to incorrectly performed reconfiguration.
• Private VLANs. You can use private VLANs to avoid some of the VLAN scalability limitations. You
implement private VLANs in a similar way as you implement VLANs, but you can use private VLANs
to divide a VLAN into a number of separate and isolated subnetworks, which you can then assign to
tenants. Private VLANs consist of a primary and secondary VLAN pair, and share the IP subnet that is
assigned to the parent VLAN. Although computers that are connected to different private VLANs still
belong to the same IP subnet, they require a router to communicate with each other, and with
resources on any other network.
When you use private VLANs, you can assign a large number of tenants to the same primary VLAN
and have isolated secondary VLAN IDs. For example, if you have 4,000 tenants and you could not use
private VLANs, you would need 4,000 VLANs to provide isolation. However, if you use private VLANs,
you can use only one primary VLAN, and assign each tenant a different secondary VLAN. When using
such a configuration, you would need only a single VLAN ID, instead of 4,000.
• Port ACLs. You can use port ACLs to configure network traffic filtering based on MAC or IP addresses
or IP ranges. By using port ACLs, you can configure virtual network isolation by creating two lists:
one list contains addresses of computers with which a virtual switch port can communicate, and the
second list contains addresses of computers with which a virtual switch port cannot communicate or
share data.
When you add a new virtual machine or move an existing virtual machine, you must manage and
update these two lists, which can be challenging and error-prone. Technically, it is possible to provide
multiple tenancy isolation by using only port ACLs. However, you typically do not use the port ACLs
feature for this purpose. Instead, you typically use port ACLs to ensure that virtual machines do not
pretend to have different IP or MAC addresses than what they are assigned.
All three solutions—VLANs, PVLANs and port ACLs—are also supported and can be implemented by
using the Hyper-V virtual switch. However, the virtual switch also supports network virtualization, and this
is the best solution for providing multitenant networking.
Question: Can two virtual machines always communicate if they are connected to an
external virtual switch?
4-28 Creating and Configuring Virtual Machine Networks
The Hyper-V virtual switch in Windows Server 2012 and newer Windows Server versions supports this
virtualization by using two IP addresses for each virtual machine. By using two IP addresses, network
virtualization enables you to keep the logical network topology (which is virtualized), and kept separate
from the actual underlying physical network topology and addresses that are used on the physical
network. This enables you to run virtual machines and provide them with the same network access
without any modification on any Hyper-V host, assuming that the Hyper-V hosts are configured to map
between both IP addresses.
Question: Can you use network virtualization to allow virtual machines that are running on
multiple segments to communicate, while isolating that traffic from other network traffic?
Server Virtualization with Windows Server Hyper-V® and System Center 4-29
• Flexible virtual machine placement. Network virtualization provides abstraction and separates virtual
machine IP addresses (customer address) from the physical network IP addresses (provider address).
This way, you can place virtual machine on any Hyper-V host in the data center, and placement is no
longer restricted by the IP address assignment or VLAN isolation restrictions of the physical network.
• Multitenant network isolation without VLANs. You can define and enforce network traffic isolation
without using VLANs or reconfiguring physical network switches. You are also not limited to 4,094
VLAN IDs. In addition, with network virtualization, when you move existing virtual machines or create
new ones, you do not need to manually reconfigure the physical hardware.
• IP address reuse. Virtual machines in different virtual networks can use the same or overlapping IP
address space, even when they are deployed on the same physical network. Virtual networks are
isolated, and they can use the same address space without any conflict or issue.
• Live migration across subnets. Previously, virtual machine live migration was limited to the same
IP subnet or VLAN, because when a virtual machine was moved to different subnets, it should have
changed its IP address. With network virtualization, you can use live migration to move a virtual
machine between two Hyper-V hosts in different subnets, without needing to change the virtual
machine IP address. With network virtualization, the virtual machine location change is updated
and synchronized among computers that have ongoing communication with the migrated virtual
machine.
• Compatibility with the existing network infrastructure. Network virtualization is compatible with
existing network infrastructure, and you can deploy it in an existing data center.
• Transparent moving virtual machines to a shared infrastructure as a service (IaaS) cloud. When
you use network virtualization, IP addresses, IP policies, and virtual machine configurations remain
unchanged, regardless of on which Hyper-V host the virtual machine is running. As a result, you
can move virtual machines between Hyper-V hosts in your data center, between Hyper-V hosts in
different data centers, and between Hyper-V hosts in your data center and shared IaaS cloud.
Question: Do you need to modify a network virtualization configuration when you migrate
virtual machines between Hyper-V hosts?
4-30 Creating and Configuring Virtual Machine Networks
• Provider Address. This is the IP address that the virtualization platform (Hyper-V) assigns, and
is dependent on the physical network infrastructure where Hyper-V host is connected. When
network virtualization is being used and the virtual machine sends network traffic, the Hyper-V host
encapsulates the packets and includes the provider address as the source address from where packets
were sent. The provider address is visible on the physical network, but not to the virtual machine. If
you migrate a virtual machine to a different Hyper-V host, the provider address changes.
You can configure several virtual machines with the same IP addresses, but when they are on the different
virtual networks, Network Virtualization Generic Routing Encapsulation can isolate their traffic. In the GRE
envelope header, aside from the new source and destination addresses (provider address 1 and provider
address 2), there is also a file named Key, which represent the virtual subnet ID. The virtual subnet ID is
used to separate and isolate traffic from different virtual networks, and enables the Hyper-V host to pass
the traffic only to virtual machines on the same virtual network. When multiple virtual machines (customer
address) on the same Hyper-V host (provider address) have the same IP address (customer address), the
Hyper-V host can still differentiate between them, based on which virtual network the virtual machine is
connected.
Server Virtualization with Windows Server Hyper-V® and System Center 4-31
Question: Does a virtual machine customer address change when you move the virtual
machine between Hyper-V hosts?
For example, assume that you are hosting two companies, Blue Yonder Airlines and Woodgrove Bank,
with the following configuration:
• Blue Yonder Airlines is running Microsoft SQL Server in a virtual machine with the IP address 10.1.1.1,
and a web server in a virtual machine with the IP address 10.1.1.2. The web server is using SQL Server
as a database for storing transactions.
• Woodgrove Bank is running SQL Server in a virtual machine with the same IP address 10.1.1.1, and a
web server in a virtual machine with the IP address 10.1.1.2. The web server is using SQL Server as a
database for storing transactions.
SQL servers for both companies are running on Hyper-V Host 1, which has the IP address 192.168.1.10.
Web servers for both companies are running on Hyper-V Host 2, which has the IP address 192.168.1.12.
Therefore, the virtual machines have the following customer addresses:
Based on which Hyper-V host the virtual machines are running on, the virtual machines are also assigned
the following provider addresses:
When you configure virtual networks, Blue Yonder Airlines is assigned virtual subnet ID of 5001, and
Woodgrove Bank is assigned virtual subnet ID of 6001. You also need to create network virtualization
policies for both companies, and then apply policies to Hyper-V Host 1 and Hyper-V Host 2.
When the Blue Yonder Airlines web virtual machine on Hyper-V Host 2 queries its SQL Server at 10.1.1.11,
the following happens:
1. Hyper-V Host 2, based on its policy settings, translates the addresses in the packet:
a. From source: 10.1.1.2 (the customer address of Blue Yonder Airlines web)
b. To destination: 10.1.1.1 (the customer address of Blue Yonder Airlines SQL Server)
2. Into the encapsulated packet, that contains:
b. Source: 192.168.2.12 (the provider address for Blue Yonder Airlines web)
c. Destination: 192.168.1.10 (the provider address for Blue Yonder Airlines SQL Server)
When Hyper-V Host 1 receives the packet, based on its policy settings, it unencapsulates the Network
Virtualization Generic Routing Encapsulation packet, sees that it is for the Blue Yonder Airlines virtual
network (virtual subnet ID 5001), and then passes it on to the virtual machine with IP address 10.1.1.1,
as specified in the original (encapsulated) packet.
Note: You can configure network virtualization policies by using Windows PowerShell, but
this can be a daunting and error-prone task. Instead, this configuration is easier to perform with
tools such as VMM.
You can use network virtualization and network virtualization policies to move virtual machines between
Hyper-V hosts while preserving their network configuration. When you move a virtual machine, you only
need to update the network virtualization policies to reflect the new Hyper-V host on which the virtual
machine is running. The virtual machine network configuration stays the same, and it is still connected to
the same virtual network.
If you are using network virtualization between virtual machines, you do not need any additional
infrastructure. However, when you need to provide connectivity between the Hyper-V network
virtualization environment and resources that are not part of the same Hyper-V network virtualization
environment, you will need a network virtualization gateway. Windows Server Gateway is an example of
such a gateway, which is a virtual machine-based router that is built on Windows Server 2012 R2.
Question: Why do you need network virtualization policies needed using network
virtualization?
Demonstration Steps
1. On LON-PROD1, ping the following IP addresses:
o LON-TEST1: 10.0.0.16
o LON-PROD2: 10.0.0.25
o LON-TEST2: 10.0.0.26
2. Confirm that LON-PROD1 has connectivity with the other three virtual machines.
4. Use the Get-NetAdapter cmdlet to determine the Ethernet index number for the network adapters
on LON-HOST1 and LON-HOST2. Write these numbers down.
5. On LON-HOST1, open the file C:\LabFiles\Mod04\ConfigureNWx.ps1 in Windows PowerShell ISE.
6. Review the Windows PowerShell script to see how network virtualization is being configured. Review
the variables as well, which are defined at the start.
7. In Windows PowerShell ISE, on the toolbar, click Run Script. (Alternatively, you can also press the F5
key).
8. When prompted, enter the index numbers of LON-HOST1 network adapter and the-HOST2 network
adapter that you recorded in step 4.
9. On LON-HOST1, use the cmdlet Get-VMNetworkAdapter to confirm that LON-PROD1 has the
VirtualSubnetId property with a value 5001, which you configured with the Windows PowerShell
script.
o LON-TEST1: 10.0.0.16
o LON-PROD2: 10.0.0.25
o LON-TEST2: 10.0.0.26
11. Verify that four replies are returned, but only from IP address 10.0.0.25.
Note: This confirms that LON-PROD1 has connectivity with LON-PROD2, but it does not
have connectivity with LON-TEST1 or LON-TEST2.
4-34 Creating and Configuring Virtual Machine Networks
Objectives
After completing this lab, you will be able to:
Lab Setup
Estimated Time: 20 minutes
Password: Pa$$w0rd
For this lab, you will use the available virtual machine environment.
Note: Because you will be using the same virtual machines in the next lab, do not revert
the virtual machines. However, you can shut down all virtual machines after finishing this lab.
You will be working in pairs. Communicate clearly with your lab partner, and cooperate fully with
each other during this lab.
Note: Only the student who is using LON-HOST1 performs this task.
o LON-TEST1: 10.0.0.16
o LON-PROD2: 10.0.0.25
o LON-TEST2: 10.0.0.26
2. Confirm that LON-PROD1 has connectivity with all three virtual machines.
Note: Only the student who is using LON-HOST2 performs this task.
o LON-PROD1: 10.0.0.15
o LON-TEST1 10.0.0.16
o LON-PROD2: 10.0.0.25
2. Confirm that LON-TEST2 has connectivity with the three virtual machines.
3. On LON-HOST2, use the Get-VMNetworkAdapter cmdlet to confirm that 20409B-LON-TEST2 has a
VirtualSubnetId property value of 0, which means that virtual subnets are not in use.
7. For the physical network adapter, under the ifIndex column, write down the Index number.
4-36 Creating and Configuring Virtual Machine Networks
2. Review the Windows PowerShell script to see how network virtualization is configured. Review also
the variables that are defined at the start.
3. In Windows PowerShell ISE, on the toolbar, press Run Script, or press F5. If you run the script on
LON-HOST1, enter the index number of your physical server network adapter and the index number
of your partner physical server network adapter that were recorded earlier.
Note: Only the student who is using LON-HOST1 will perform steps 3 and 4.
o LON-TEST1: 10.0.0.16
o LON-PROD2: 10.0.0.25
o LON-TEST2: 10.0.0.26
5. Verify that four replies are returned, but only from IP 10.0.0.25, which confirms that LON-PROD1 has
connectivity with LON-PROD2, but it does not have connectivity with LON-TEST1 and LON-TEST2.
Note: Only the student who is using LON-HOST2 will perform steps 6 and 7.
o LON-TEST1: 10.0.0.16
o LON-PROD1: 10.0.0.15
o LON-PROD2: 10.0.0.25
8. Verify that four replies are returned, but only from IP 10.0.0.16, which confirms that LON-TEST2 has
connectivity with LON-TEST1, but it does not have connectivity with LON-PROD1 and LON-PROD2.
Server Virtualization with Windows Server Hyper-V® and System Center 4-37
3. In Windows PowerShell ISE, on the toolbar, press Run Script, or press F5. If you run the script on
LON-HOST1, enter the index number of your physical server network adapter and the index number
of your partner’s physical server network adapter that you recorded earlier.
4. After network virtualization is removed, confirm network connectivity by performing the following
steps:
a. If you are using LON-HOST1, on LON-PROD1, ping the IP addresses of the following virtual
machines:
LON-TEST1: 10.0.0.16
LON-PROD2: 10.0.0.25
LON-TEST2: 10.0.0.26
b. If you are using LON-HOST2, on LON-TEST2, ping the IP addresses of the following virtual
machines:
LON-PROD1: 10.0.0.15
LON-TEST1: 10.0.0.16
LON-PROD2: 10.0.0.25
Results: After completing this exercise, you should have configured Hyper-V network virtualization.
4-38 Creating and Configuring Virtual Machine Networks
Question: Is there a limit on how many virtual switches you can create on a Hyper-V host?
Question: Why is it that you can configure VLAN IDs for external and internal virtual switches,
but you cannot configure VLAN ID for a private virtual switch?
5-1
Module 5
Virtual Machine Movement and Hyper-V Replica
Contents:
Module Overview 5-1
Module Overview
Using virtualization to host server loads provides you with multiple benefits, such as the ability to make
virtual machines highly available, and the ability to move them around within the same failover cluster.
With Windows Server 2012, you can move running virtual machines and their storage between two
Hyper-V hosts, even when they are not part of a failover cluster. This feature is called live migration, and in
this module, you will learn how to implement the Live Migration feature, and how to utilize live migration.
Throughout this module, you will see how to move virtual hard disks while a virtual machine is running,
and you will test this feature in the lab. You will also learn how to use Hyper-V Replica (a feature of
Windows Server 2012 Hyper-V) to protect virtual machines on one site by replicating them to another
site.
Objectives
After completing this module, you will be able to:
• Explain the importance of providing high availability and redundancy for virtualization.
Lesson 1
Providing High Availability and Redundancy for
Virtualization
When providing redundancy and high availability for virtual machines, you can choose from a variety, or
even a combination of methods. Some of these, such as failover clustering, Network Load Balancing (NLB),
and Network Adapter Teaming (NIC Teaming) are part of the operating system. Other applications, such
as Microsoft Exchange Server 2013 and Microsoft SQL Server 2012, also include their own high availability
features. In this lesson, you will learn about high availability features, their requirements, and the
situations in which you can benefit from high availability.
Lesson Objectives
After completing this lesson, you will be able to:
• Describe the use of NLB to achieve high availability at the operating-system level.
• Describe the use of clustering to achieve high availability at the operating-system level.
• Describe high availability at the application level.
To make a virtual machine highly available, you must first ensure that the hardware on which it is running
is as reliable as possible. You should store virtual machine data files on shared storage, so they are still
Server Virtualization with Windows Server Hyper-V® and System Center 5-3
available even if the physical host fails. You should then provide redundancy of all components, including
power and networking, by using redundant power supplies and physical network paths to virtual
machines. There is no benefit if the virtual machine is running, but clients cannot access it because of
network failure.
Question: Can you ensure high availability by simply copying the virtual machine that is
providing a critical service, and making both the original virtual machine and the copy
available on the network?
Hyper-V builds on and includes the following features to mitigate failures and provide high availability at
different levels:
• Hardware failure. Hyper-V benefits from Windows Server 2012 R2 availability and serviceability,
in addition to Windows Hardware Error Architecture, which provides a common infrastructure for
managing hardware errors on Windows platforms. With Hyper-V, if a memory error is detected at a
memory location that Hyper-V does not use, it will be marked as bad and in the future, the operating
system will not use it. If the memory error is in the physical random access memory (RAM) that the
virtual machine is using, only that virtual machine will be affected. The entire host and all virtual
machines will fail only if the memory error is in the physical RAM that the Hyper-V host kernel is
using.
• Physical server failure. Hyper-V uses the failover clustering feature to provide redundancy if the entire
physical server fails. The failover clustering feature is part of all Windows Server 2012 R2 editions,
in addition to Hyper-V Server 2012 R2. If the server is a node in a failover cluster, virtual machines
that were running on it will fail over automatically to other cluster nodes, and will be available after
minimum downtime as a result of the virtual machine reboot. Hyper-V also includes live migration,
which enables you to move virtual machines between Hyper-V hosts without downtime. An example
is if you need to upgrade hardware or install updates to a Hyper-V host, or if you simply want to
rebalance your virtualization workload.
• Input/output (I/O) redundancy. Windows Server 2012 R2 includes several features such as server
message block (SMB) 3.0 multichannel, storage Multipath I/O (MPIO), NIC Teaming, and NLB, which
can provide high availability and benefit from network path redundancy. If a network adapter or
other network infrastructure fails, Hyper-V uses these features to preserve network connectivity. If
there are multiple network paths between the source and the destination, and if network equipment
of one of those paths fails, Hyper-V uses these features to maintain connectivity to the virtual
machine.
5-4 Virtual Machine Movement and Hyper-V Replica
• Application or service failover. If a service or application inside a virtual machine fails or loses network
connectivity, Hyper-V host can detect it and try to recover the application by moving the virtual
machine to another node. You also can configure failover clustering inside virtual machines, either by
using Internet small computer system interface (iSCSI) or Fibre Channel shared storage, an SMB 3.0
file share, or by using virtual hard disk sharing. In the same way that you can benefit from teaming
physical network adapters on a Hyper-V host, you can also use team network adapters in virtual
machines, which can be especially beneficial when using single-root I/O virtualization (SR-IOV).
• Disaster Recovery. Windows Server 2012 R2 includes Cluster Shared Volume (CSV) integration with
storage arrays for synchronous replication. This can provide protection against disaster at a single
location, because Hyper-V hosts are also at the alternate location and accessing replicated storage.
However, Hyper-V also includes Hyper-V Replica, a feature that provides asynchronous replication of
the running virtual machines to an alternate location with configurable intervals. Hyper-V Replica
failover requires virtual machine downtime during failover.
Question: Can you configure virtual machine guest clustering only if iSCSI or Fibre Channel
storage area network (SAN) is available as a shared storage?
• All of the Windows Server 2012 R2 editions include the NLB feature. You can include up to 32 servers
in an NLB farm, and you can add or remove a server dynamically from the NLB farm. For a load-
balanced service, the load is redistributed automatically among the servers that are still operating
when a server fails or goes offline. If the failure is unexpected, only active connections to the failed
server are lost. When you repair the server, it can rejoin the NLB farm transparently and regain its
share of the requests.
• Hyper-V can use NLB for load-balancing requests for virtual machines on the same Hyper-V host, or
for virtual machines across multiple Hyper-V hosts. When you use NLB in unicast mode to distribute
load among virtual machines, you must enable MAC Spoofing for the virtual machine network
adapter. This is because the network adapter does not use its own media access control (MAC)
address, but the MAC address of the unicast NLB.
Question: If multiple virtual machines will be part of the same NLB farm, should you
configure them with the same IP address or with different IP addresses?
Server Virtualization with Windows Server Hyper-V® and System Center 5-5
Because clients connect to the application by using the cluster name and not the name of the node
where the application was running, the clients are reconnected to the node to where the application was
moved. If Hyper-V is running on a failover cluster, Hyper-V can monitor the state of a virtual machine, the
services running inside the virtual machine, and whether the virtual network adapter has connectivity. If
connectivity is lost but the virtual machine is still running, then the virtual machine can be moved to a
different node. The same is true if a monitored service within the virtual machine stops.
Question: Does a virtual machine operating system have to support the failover feature if
you want to make the virtual machine highly available by using failover clustering?
5-6 Virtual Machine Movement and Hyper-V Replica
Note: Each availability replica must reside on a different node of a single Windows Server
failover cluster.
• Database mirroring. This feature increases SQL Server database availability. SQL Server implements
mirroring at the database level, which works only if the database is using a full recovery model. With
mirroring, two copies of a database are maintained, and each copy is on separate servers that are
running SQL Server, typically in different locations. Clients access one server running SQL Server, and
the other server acts as a hot or warm standby server, depending on configuration. When the servers
that are running SQL Server synchronize, database mirroring provides a hot standby server that
supports rapid failover without a loss of data from committed transactions.
Server Virtualization with Windows Server Hyper-V® and System Center 5-7
Note: Database mirroring will be removed in a future version of SQL Server. Therefore, you
should not include it in your applications, and you should plan to modify applications that are
using this feature. Instead, you should use AlwaysOn Availability Groups.
• Log shipping. This feature operates at the database level and automatically sends transaction log
backups from a production (or primary) database to one or more standby secondary databases on
a separate server that is running SQL Server. The transaction log backups are applied to each of the
secondary databases individually. You can also configure an optional third server or monitor server,
which records the status of backup and restore operations, and can raise alerts if these operations fail
to occur as scheduled.
With Exchange Server 2013, you can simply install two or more Exchange Server 2013 mailbox servers
as stand-alone servers, and then when needed, configure these servers and mailbox databases for high
availability and site resilience. Exchange Server provides high availability for the mailboxes by configuring
database availability groups (DAGs). A DAG is a collection of up to 16 servers that provides the
infrastructure for replicating and activating database copies. Any server in a DAG can host a copy of a
mailbox database from any other server in the DAG. The DAG uses continuous replication to each of the
passive database copies within the DAG.
DAG requires the Windows Server failover clustering feature, although all installation and configuration
is performed by Exchange Server. Failover clustering does not manage database failover. Instead, Active
Manager performs this task. Active Manager will recover from the failure automatically by failing over to a
database copy on another mailbox server in the DAG. Windows Server failover clustering is also useful for
some failure-detection scenarios, such as a server failure.
If you need to provide high availability for client access in Exchange Server 2013, you can add multiple
Client Access servers to the Exchange deployment and use NLB or round-robin Domain Name System
(DNS) to distribute clients among the Client Access servers in an NLB farm.
Question: Can you implement application high availability features such as AlwaysOn
Availability Groups in SQL Server 2012 without operating system support?
5-8 Virtual Machine Movement and Hyper-V Replica
Lesson 2
Implementing Virtual Machine Movement
One benefit of virtualization is that you can move virtual machines between Hyper-V hosts. In the past,
you could move virtual machines without downtime (referred to as live migration), but only between
nodes in the same failover cluster. In Windows Server 2012, the Live Migration feature is improved, so
that you now can move virtual machines between any two Hyper-V hosts, providing there is network
connectivity between them. You can also move virtual hard disks, checkpoints, and other virtual machine
items while a virtual machine is running.
In this lesson, you will learn how to implement storage migration and live migration, and you will learn
how you can perform these types of migrations using Hyper-V Manager and Windows PowerShell.
Lesson Objectives
After completing this lesson, you will be able to:
• Virtual machine and storage migration. With this method, you can move an entire virtual machine
or only its data files from one location to another or between Hyper-V hosts, while the virtual
machine is running, and without noticeable downtime. Virtual machine and storage migration do
not require failover clustering or any other high availability solution to work. They only require
network connectivity between the source and destination. When you are moving a virtual machine
and storage from Windows Server 2012 Hyper-V, a destination server can be either Windows Server
2012 or Windows Server 2012 R2 (cross-version migration).
Server Virtualization with Windows Server Hyper-V® and System Center 5-9
• Quick migration. Windows Server 2008 introduced the quick migration method, which you can use
to move virtual machines only between Hyper-V hosts within the same failover cluster. The virtual
machine is unavailable for the short time during the move operation.
• Live Migration. Windows Server 2008 R2 introduced the Live Migration feature, which is an
improvement over quick migration functionality. When first introduced, you could use the Live
Migration feature only to move virtual machines between Hyper-V hosts in the same failover
cluster. The benefit of live migration functionality is that there is no noticeable virtual machine
downtime. In Windows Server 2012, live migration functionality is improved. Failover clustering is
no longer a requirement, and you can move multiple virtual machines from the same Hyper-V host
simultaneously. Windows Server 2012 R2 provides further improved live migration performance,
because you can use compression, SMB Direct, and SMB Multichannel during live migration.
• Hyper-V Replica. Windows Server 2012 introduced the Hyper-V Replica feature, which you can use to
replicate a virtual machine asynchronously over IP networks, typically to a remote disaster recovery
site. With Hyper-V Replica, the virtual machine is replicating while it is running, and its changes are
synchronized with the replica. In Windows Server 2012 R2, you can configure replication frequency
and extended replication. Extended replication forwards the virtual machine changes to a third
Hyper-V host.
• Exporting and importing virtual machines. In Windows Server 2012 R2, you can export a virtual
machine while it is running. You can also copy virtual machine data files, because in Windows Server
2012 and newer versions, you can import a virtual machine and then configure necessary settings
during the import operation even if you did not first export the virtual machine. This can be a very
time-consuming operation however, because you need to copy virtual machine data files between
Hyper-V hosts, and the virtual machine is typically turned off during that time.
Question: What is the main difference between quick migration and live migration?
1. Before the migration starts, all virtual machine Read and Write operations are performed at the
source virtual hard disk.
5-10 Virtual Machine Movement and Hyper-V Replica
2. When storage migration starts, virtual hard disk content is copied over the network to the destination,
while all the Read and Write operations are still performed on the source virtual hard disk.
3. After the initial copy is complete, Write operations for the virtual hard disks are mirrored to both the
source and destination virtual hard disks.
4. After the source and destination virtual hard disks are synchronized, the virtual machine switches over
and starts using the destination virtual hard disk.
Storage migration is only supported for virtual hard disks, current virtual machine configuration,
checkpoints, and smart paging file. If you try to perform storage migration on any other storage type,
such as directly-attached (pass-through) disks or data on a Fibre Channel SAN (not the virtual Fibre
Channel adapter itself), the storage migration attempt will result in an error.
Note: You cannot move virtual machine storage if the virtual machine is using directly-
attached physical disks.
When you are migrating virtual machine storage, you can move all the data files to the same location, or
to different locations. During this storage migration process, the virtual machine continues to run on the
same Hyper-V host, and access to it is uninterrupted.
Note: Use the Storage Migration Hyper-V settings to specify how many storage migrations
can be performed simultaneously. By default, two simultaneous storage migrations are
configured, but you can increase this number.
Question: Can you use storage migration to move only virtual hard disks?
Alternatively, you can also use Windows PowerShell to move a virtual machine. If you want to move
an entire virtual machine, use the Windows PowerShell cmdlet Move-VM. If you want to move just
the virtual machine data, you use the Windows PowerShell cmdlet Move-VMStorage.
You can then complete the Move Wizard and perform the move. This process can occur quickly if you use
a fast network, if the virtual machine is turned off, and if its storage is small. Conversely, the process can
take considerable time for large virtual machines. However, at the end of the move process, the virtual
machine is running on the target Hyper-V host, and is no longer present at the source Hyper-V host.
Demonstration Steps
1. On LON-HOST1, use Hyper-V Manager to confirm that LON-MOVE1 is running and is configured
with a locally stored VHD.
2. Use the Move Wizard to move the LON-MOVE1 virtual machine VHD to \\LON-HOST2\VHDs
\LON-MOVE1. Because the VHD is dynamically expanding and is small, notice that the move
completes quickly.
3. Use Hyper-V Manager to confirm that the LON-MOVE1 virtual machine VHD is now stored on a
network share. Notice that the VHD was moved while virtual machine was running.
4. On LON-HOST1, use Hyper-V Manager to confirm that LON-MOVE2 is running, is configured with a
locally stored VHD, and that its checkpoints are stored locally.
6. Use the Windows PowerShell cmdlet Get-VM to view the LON-MOVE2 virtual machine Path and
SnapshotFileLocation.
7. Use Hyper-V Manager to confirm that the LON-MOVE2 VHD and checkpoints are now stored on the
network share, and that they were moved while the virtual machine was running.
5-12 Virtual Machine Movement and Hyper-V Replica
• When virtual machine storage is local, and on a Hyper-V host. This is sometimes referred to as shared
nothing live migration.
Note: If you are managing a Hyper-V host remotely and you want to move a virtual
machine, you must first allow Kerberos protocol delegation for the computer account of the
Hyper-V host. You can review the detailed steps for configuring Kerberos delegation in the
hands-on lab at the end of this module.
When virtual hard disks of a virtual machine are stored on an SMB 3.0 share, only the virtual machine is
moved during live migration, and the virtual machine storage remains on the SMB 3.0 share. If virtual
hard disks are on local Hyper-V storage, then the virtual machine storage is copied to the destination
server over the network by using storage migration. After the source and destination storage are
synchronized, the virtual machine live migration starts. The steps are in the following order:
1. The virtual machine configuration is copied to the destination Hyper-V host, which is a blank virtual
machine with the same configuration but without any data created. Memory is allocated to the
destination virtual machine.
2. The virtual machine memory is copied over the network to the destination Hyper-V host. This
memory is called the working set of the migrating virtual machine, and consists of memory pages that
are each 4 kilobytes (KB) in size. The Hyper-V host monitors the memory, and as the source virtual
machine modifies the memory pages, it tracks and marks the pages as modified.
3. After all the memory pages are copied, Hyper-V also copies the modified pages. Hyper-V iterates
the memory copy process several times, and each iteration requires copying a smaller number of
modified pages.
4. After all of the modified memory pages are copied to the destination Hyper-V host, the working set
for the virtual machine is in the same exact state as on the source Hyper-V host.
5. In the final stage of a live migration, a network package is sent to the network switch, which causes
it to obtain a new MAC addresses for the moved virtual machine. This enables network traffic for the
moved virtual machine to use the correct switch port. The final stage of the live migration completes
in less time than the Transmission Control Protocol (TCP) time-out interval.
Server Virtualization with Windows Server Hyper-V® and System Center 5-13
• The available network bandwidth between the source and destination Hyper-V hosts
• The hardware configuration and utilization of the source and destination Hyper-V hosts
After the live migration completes and the virtual machine is running on the destination Hyper-V host,
virtual machine data is deleted on the source Hyper-V host, but virtual machine storage is not deleted
from the SMB 3.0 share.
Note: In Windows Server 2012 R2, you can configure use of compression or SMB
Multichannel and SMB Direct when performing live migration.
Question: How does the virtual machine memory size affect live migration time?
Question: Does live migration use compression when migrating virtual machines?
Demonstration Steps
1. On LON-HOST1, use Hyper-V Manager to confirm that LON-PROD1 is running, is configured with a
locally stored VHD, and that its checkpoints are stored locally.
2. On LON-PROD1, use the Windows PowerShell ping command with the –t parameter to send network
packets to IPv4 address 10.0.0.25. This will ping the LON-PROD2 computer, which is running on your
partner’s Hyper-V host.
3. Use the Move Wizard to move the LON-PROD1 virtual machine to LON-HOST2, and to move all
data to the C:\Moved\LON-PROD1 folder on the target host.
4. Use Hyper-V Manager to monitor the progress of live migration, and to verify that LON-PROD1 is
able to ping LON-PROD2 throughout the live migration.
5. After live migration completes, confirm that LON-PROD1 is no longer running on LON-HOST1.
6. In Hyper-V Manager, confirm that the LON-PROD1 VHD is now in the C:\Moved\LON-PRODx
\Virtual Hard Disks folder.
5-14 Virtual Machine Movement and Hyper-V Replica
IT management has approved the purchase of several additional Hyper-V hosts. You now need to balance
the number of virtual machines running on both the existing hosts and the new hosts. You need to ensure
that you can move virtual machines to the new hosts in such a way that the virtual machines are available
during the move operation.
Objectives
After completing this lab, you will be able to:
Lab Setup
Estimated Time: 45 minutes
Password: Pa$$w0rd
Note: You will be working in pairs. Communicate clearly with your lab partner, and
cooperate fully with each other during this lab.
Note: Before starting with this lab, run the C:\Labfiles\Mod05\Mod05setup.ps1 script to
prepare environment for the lab.
1. On LON-HOSTx, use Hyper-V Manager to confirm that LON-MOVE1 is running and configured with a
locally stored VHD.
2. Use the Move Wizard to move the LON-MOVE1 virtual machine VHD to \\LON-HOSTy\VHDs
\LON-MOVE1.
Note: Because the VHD is dynamically expanding and is small, it moves quickly.
3. Use Hyper-V Manager to confirm that the LON-MOVE1 virtual machine VHD is now stored on a
network share.
Note: The VHD was moved while the virtual machine is running.
4. Confirm that the LON-MOVE1 checkpoints are stored locally, and that you cannot change the
location.
5. Use the Move Wizard to move the LON-MOVE1 virtual machine checkpoints to \\LON-HOSTy
\VHDs\LON-MOVE1.
6. Confirm that LON-MOVE1 checkpoints are now stored on the network share, and that they were
moved while the virtual machine was running.
3. Use the Windows PowerShell cmdlet Get-VM to view the Path and SnapshotFileLocation of the
LON-MOVE2 virtual machine.
4. Use Hyper-V Manager to confirm that the LON-MOVE2 VHD and checkpoints are stored on the
network share, and that they were moved while the virtual machine was running.
Note: You will get an error, as the computer is not configured for live migration.
2. Enable live migration on LON-HOSTx. Confirm that incoming live migration can Use any available
network for live migration, that Kerberos is used as Authentication Protocol, and that
Compression is used.
Note: Live migration must be enabled on both LON-HOSTx machines before you can
continue with the lab. Make sure that your partner has finished this task before you continue.
2. On LON-PRODx, open Windows PowerShell, and use the ping command with the –t parameter to
send network packets to the IPv4 address 10.0.0.y5. This will ping the LON-PRODy computer, which
is running on your partner’s Hyper-V host.
3. Use the Move Wizard to move the 20409B-LON-PRODx virtual machine to LON-HOSTy, and move
all data to the C:\Moved\LON-PRODx folder on the target host.
4. Monitor the progress of migration, and notice that LON-PRODx is able to ping LON-PRODy
throughout the live migration.
5. After live migration completes, confirm that LON-PRODx is no longer running on LON-HOSTx.
6. Use Hyper-V Manager to confirm that the 20409B-LON-PRODx VHD is in the C:\Moved\LON-
PRODx\Virtual Hard Disks folder, and that the checkpoint files location is C:\Moved\LON-PRODx.
7. Use the Move Wizard again to move the LON-PRODx virtual machine back to LON-HOSTx, and to
move its data to the C:\Moved\LON-PRODx folder.
8. Confirm that this time, a Move Wizard error dialog box opens, and reports that there was an error
during the move operation. The error occurs because you are managing a remote Hyper-V host,
which is not allowed to delegate your permissions.
2. Use Active Directory Users and Computers to configure delegation on the Delegation tab of the
LON-HOSTy computer object. Select to use Kerberos only, and add cifs and Microsoft Virtual
System Migration Services service types on LON-HOSTx.
o Name: LON-PRODx
o DestinationHost: LON-HOSTx
o ComputerName: LON-HOSTy
o DestinationStoragePath: C:\Moved\LON-PRODx
2. View the Status column in Hyper-V Manager to monitor migration progress.
4. Use Hyper-V Manager to confirm that the LON-PRODx VHD is located in the C:\Moved\LON-
PRODx\ Virtual Hard Disks folder, and that checkpoints are located in the C:\Moved\LON-PRODx
folder.
Note: Leave the virtual machines running for the next lab.
Results: After completing this exercise, you should have moved Hyper-V storage and virtual machines.
5-18 Virtual Machine Movement and Hyper-V Replica
Lesson 3
Implementing and Managing Hyper-V Replica
Hyper-V Replica is a disaster recovery feature that is built into Hyper-V. You can use it to replicate a
running virtual machine to a secondary location, and in Windows Server 2012 R2, you can extend the
replication to a third location. While the primary virtual machine is running, Hyper-V Replica is turned
off. Hyper-V Replica is updated regularly, and when needed, you can perform failover from primary
virtual machine to a replica virtual machine. You perform failovers manually, and they can be planned
or unplanned. Planned failovers are without data loss, whereas unplanned failovers can cause loss of last
changes, up to five minutes by default. In this lesson, you will learn how to implement and manage
Hyper-V Replica, and how to perform both a test failover and a planned failover.
Lesson Objectives
After completing this lesson, you will be able to:
You also can use Hyper-V Replica to have two instances of a single virtual machine residing on different
Hyper-V hosts. One of the instances will be the primary, running virtual machine, and the other instance
will be a replica, offline copy. Hyper-V synchronizes these instances, and you can perform manual failover
at any time. If a failure occurs at a primary site, you can use Hyper-V Replica to execute a failover of the
virtual machines to replica servers at a secondary location, thereby minimizing downtime.
Before you implement Hyper-V Replica, ensure that the virtualization infrastructure meets the following
prerequisites:
• Windows Server 2012 or a newer Windows Server version with the Hyper-V role installed at both
locations. Server hardware should have sufficient capacity to run all of the virtual machines—its local
virtual machines, as well as replicated virtual machines. Replicated virtual machines are in a turned-off
state, and they will be started only if you perform a failover.
• Sufficient storage is available on both the primary and replica Hyper-V hosts. This is necessary to store
both local and replicated virtual machine data.
• Network connectivity is available between the locations that are hosting the primary and replica
Hyper-V hosts. Connectivity can be through either a WAN or local area network (LAN) link.
• Firewall rules to allow replication between the primary and replica sites are in place. When you install
the Hyper-V role, the Hyper-V Replica HTTP Listener (TCP-In) and Hyper-V Replica HTTPS Listener
(TCP-In) rules are added to the Windows Firewall. Before you can use Hyper-V Replica, you need to
enable one or both of these rules on the replica Hyper-V host.
• If you want to use certificate-based authentication, ensure that an X.509v3 certificate from the trusted
certification authority (CA) exists to support mutual authentication at both Hyper-V hosts.
• If you use Kerberos authentication, both Hyper-V hosts must be joined to the same AD DS forest.
Note: You can configure Hyper-V replica regardless of whether the Hyper-V host is a node
in the failover cluster.
Question: Can you use Hyper-V Replica to replicate only virtual machines that have
integration services installed?
failover, while primary virtual machine is running. When you enable replication, changes in the primary
virtual machine are written in the log file, which is periodically replicated and applied to the replica.
• Change tracking module. This component tracks changes that occur to the virtual machine on the
source Hyper-V host. The change tracking module tracks the Write operations to the virtual hard
disks, regardless of where the virtual hard disks are stored—locally, on the SAN, on SMB 3.0 share,
or on a CSV.
• Network module. This component provides a secure and efficient way to transfer virtual machine data
between Hyper-V hosts in the primary site and replica site. It minimizes the traffic by compressing
data by default. The network module can also encrypt data when https and certification-based
authentication are used.
• Hyper-V Replica Broker. This component is used only when a Hyper-V failover cluster is the source
or destination for Hyper-V Replica traffic. This role enables you to use Hyper-V Replica with highly
available virtual machines, which can move between cluster nodes. The Hyper-V Replica Broker role
queries the cluster database, and then redirects all requests to the cluster node where the virtual
machine is currently running.
• Management tools. These tools enable you to configure and manage Hyper-V Replica. Aside from
Hyper-V Manager and Windows PowerShell, you can also use Failover Cluster Manager, which you
should use for all virtual machine management and Hyper-V Replica configurations when the source
or replica Hyper-V hosts are part of a Hyper-V failover cluster.
Security Considerations
You can establish Hyper-V Replica with a Hyper-V host regardless of its location and domain membership,
as long as you have network connectivity with it. There is no requirement for Hyper-V hosts to be part of
the same AD DS domain. You can also implement Hyper-V Replica when Hyper-V hosts are members of
untrusted domains or workgroups, because you can configure certificate-based authentication. Hyper-V
Replica implements security at the following different levels:
• On each server, Hyper-V creates a local security group called Hyper-V Administrators. Members of
this group, in addition to local administrators, can configure and manage Hyper-V Replica.
• You can configure a replica server to allow replication from any authenticated server, or to limit
replication to specific servers. In that case, you need to specify a fully qualified domain name (FQDN)
for the primary server (for example hv1.contoso.com), or use a wildcard with a domain suffix, for
example *.contoso.com. Use of IP addresses is not allowed. If the replica server is in a failover cluster,
replication is allowed at the cluster level.
When you are limiting replication to specific servers, you also need to specify a trust group, which
is used to identify the servers within which a virtual machine can move. For example, if you provide
disaster recovery service to partner companies, the trust group prevents one company from gaining
access to another company's replica machines.
Server Virtualization with Windows Server Hyper-V® and System Center 5-21
• Replica Hyper-V host can authenticate primary Hyper-V host by using Kerberos authentication and
certificates. Kerberos authentication requires both Hyper-V hosts to be in the same AD DS forest,
whereas you can use certificate authentication in any environment. Kerberos authentication is used
with http traffic and is not encrypted, whereas certificate-based authentication is used with https
traffic and is encrypted.
• You can establish Hyper-V Replica only if network connectivity exists between the Hyper-V hosts.
You should configure Windows Firewall to allow either HTTP or HTTPS Hyper-V Replica traffic.
Question: You want to replicate your virtual machines to a hosting provider. How must the
replica Hyper-V host that is running at the hosting provider be configured so that it can
authenticate your primary Hyper-V host?
Question: How can you limit primary Hyper-V hosts to be able to access only virtual
machines that originate from the same company?
• Connection Parameters. If the replica server is accessible, the Enable Replication Wizard populates
the authentication type and replication port fields automatically with the appropriate values. If the
replica server is inaccessible, you can configure these fields manually. However, you should be aware
that you will not be able to enable replication if you cannot establish a connection to the replica
server. On the Connection Parameters page, you can also configure Hyper-V to compress the
replication data before transmitting it over the network.
• Replication virtual hard disks. By default, all virtual hard disks are replicated. If some of the virtual
hard disks are not required at the replica Hyper-V host, you can exclude them from replication. An
example would be a virtual hard disk that is dedicated for storing page files. You should not exclude
virtual hard disks that include operating systems or applications, because this can result in that
particular virtual machine being unusable at the replica server.
• Replication Frequency. Prior to Windows Server 2012 R2, replication frequency was always five
minutes, and was not configurable. In Windows Server 2012 R2, you can set replication frequency to
30 seconds, 5 minutes, or 15 minutes, based on the network link to the replica server and acceptable
state delay between primary and replica virtual machines.
• Additional recovery points. You can configure the number and types of recovery points to be sent to
the replica server. By default, the option to Maintain only latest point for recovery is selected, which
5-22 Virtual Machine Movement and Hyper-V Replica
means that only the parent virtual hard disk is replicated and all the changes are merged into that
virtual hard disk. However, you can select to create additional hourly recovery points, and then set
the number of additional recovery points (up to 24). You can also configure the Volume Shadow
Copy Service (VSS) snapshot frequency, which is used to save application-consistent replicas for the
virtual machine, and not just the changes in the primary virtual machine.
• Initial replication method and schedule. The default selection is to send an initial copy immediately
over the network. Because virtual machines can have large virtual disks, initial replication can take a
long time and can cause a large amount of network traffic. If you do not want immediate replication,
you can schedule it to start at a specific time. If you want an initial replication but want to avoid
network traffic, you can select to send the initial copy to external media, or to use an existing virtual
machine on the replica server. You would use the last option if you already restored a copy of the
virtual machine at the replica server, and you want to use it as the initial copy.
After the replication relationship is established, the Status column in Hyper-V Manager shows replication
progress as a percentage of the total replication for the configured virtual machine. Virtual machine
replica is in the turned off state, and you cannot start it until the failover is performed.
When replication is enabled, virtual machine network adapters get additional settings that were previously
unavailable. These new settings pages are Failover TCP/IP and Test Failover. Failover TCP/IP is available
only for network adapters, and not for legacy network adapters. The settings on this page are useful when
a virtual machine has a static IP address assigned, and the replica site is using different IP settings than
the primary site. You can configure TCP/IP settings that a network adapter will use after the failover is
performed. If static IP addresses are used, you should configure failover TCP/IP on the primary and replica
virtual machines. Virtual machines must also have integration services installed to be able to apply failover
TCP/IP settings.
Virtual machines for which you enable replication have an additional management setting called
Replication. You use this setting to review and modify replication parameters.
Note: In Windows Server 2012 R2, you can extend Hyper-V Replica from the replica virtual
machine to a third Hyper-V host (the Extended Replica Server). This enables you to use Hyper-V
Replica to create two virtual machine replicas.
Question: Are failover TCP/IP settings useful if a virtual machine is using Dynamic Host
Configuration Protocol (DHCP) for obtaining an IP address?
Demonstration Steps
1. Use Hyper-V Manager to confirm that in the 20409B-LON-TEST1 virtual machine settings, under
Network Adapter, two nodes display: Hardware Acceleration, and Advanced Features.
2. Confirm that there are six settings in the Management section for the 20409B-LON-TEST1 virtual
machine, and that Replication is not one of them.
3. Use Hyper-V Manager to enable replication for the 20409B-LON-TEST1 virtual machine, and provide
the following settings:
o Replica Server: LON-HOST2
o Initial Replication Method: Immediately send initial copy over the network
4. Use Hyper-V Manager to confirm that 20409B-LON-TEST1 is one of the virtual machines on
LON-HOST2, and that it is in the Off state.
5. View Replication Health for 20409B-LON-TEST1. As initial replication is probably not yet completed,
Replication Health should be in the Warning state.
6. Use Hyper-V Manager to confirm that there are two new nodes under Network Adapter for the
20409B-LON-TEST1 virtual machine, which were not present before: Failover TCP/IP, and Test
Failover.
7. Confirm that there are seven settings in the Management section for 20409B-LON-TEST1, including
Replication, which was not present before.
8. Use the Windows PowerShell cmdlets Get-VMReplication and Measure-VMReplication to review
replication settings and status for 20409B-LON-TEST1.
9. In Hyper-V Manager, view Replication Health for 20409B-LON-TEST1. If initial replication has
finished, Replication Health will be Normal.
• Replication Type. Indicates whether you are monitoring Replication Health on the primary virtual
machine or on the replica virtual machine.
• Primary and Replica server names. Indicates on which Hyper-V host the primary virtual machine is
running, and which Hyper-V host is the replica.
• Replication Health. Indicates replication status. Replication Health can have one of three possible
values: Normal, Warning, or Critical.
• Replication statistics. Displays replication statistics since virtual machine replication started, or since
you reset the statistics. Statistics include data such as maximum and average size of the replication,
average replication latency, number of errors encountered, and number of successful replication
cycles.
• Pending replication. Displays information about the size of data that still needs to be replicated, and
when the replica was last synchronized with the primary virtual machine.
5-24 Virtual Machine Movement and Hyper-V Replica
Replication Health can have one of three possible values, based on how well the replication is performing:
• Normal
• Warning
o Failover was initiated, but reverse replication has not been configured.
• Critical
You can monitor Replication Health in Hyper-V Manager, where you can add a Replication Health column
to the virtual machines pane. You can also right-click the virtual machine that has replication enabled, and
then click View Replication Health. From Windows PowerShell, you can also view Replication Health by
using the cmdlets Get-VMReplication and Measure-VMReplication. You can also monitor Replication
Health by using Performance Monitor and Event Viewer.
For Replication Health to be in Normal state, the Hyper-V Replica replication engine must regularly
replicate changes in the primary virtual machine, and then apply those changes to the virtual hard disk of
the replica based on the replication frequency. If more than 20 percent of the replication cycles have not
been applied, Replication Health automatically changes to the Warning state. The following tables show
the number of replications based on replication frequency, and the number of successful replications
required for Normal Replication Health.
15 minutes 4 48 96 672
12 10 2 80% Normal
Question: How can you monitor virtual machine replication health from Windows
PowerShell?
Test Failover
After you configure Hyper-V Replica and after the
virtual machines start replicating, you can perform
a test failover. A test failover is a nondisruptive
task that enables you to test a virtual machine
on the replica server while the primary virtual
machine is running, and without interrupting the
replication. You can initiate a test failover on the
replica virtual machine, which will create a new checkpoint and allow you to select a recovery point from
which the new test virtual machine is created. The test virtual machine has the same name as the replica,
but with - Test appended to the end. The test virtual machine is not started, and is disconnected by
default to avoid potential conflicts with the running primary virtual machine.
When you finish testing, you can stop test failover. This option is available only if test failover is running.
When you stop test failover, it stops the test virtual machine and deletes it from the replica Hyper-V host.
If you run a test failover on a failover cluster, you will have to remove the Test-Failover role from the
failover cluster manually.
Planned Failover
You can initiate a planned failover to move the primary virtual machine to a replica site, for example,
before site maintenance or before a disaster. Because this is a planned event, there is no data loss, but the
virtual machine will be unavailable for some time during its startup. A planned failover confirms that the
primary virtual machine is turned off prior to executing the failover. During the failover, it sends all the
data that has not yet been replicated, to the replica server. It then fails over the virtual machine to the
replica server, and starts it there. After the planned failover, the virtual machine is running on the replica
server, and its changes are not replicated. If you want to establish replication again, you should reverse
the replication. You will have to configure similar settings to when you enabled replication, and the
existing virtual machine will be used as an initial copy.
Failover
A failover is an unplanned event that can result in data loss, because changes at the primary virtual
machine might not have replicated before the disaster happened. (Replication frequency setting controls
how often changes are replicated). In the event that an occurrence disrupts the primary site, you can
perform a failover. You initiate a failover at the replica virtual machine only if primary virtual machine
is either unavailable or turned off. Similar to planned failover, during a failover the virtual machine is
running on a replica server. If you need to start failover from a different recovery point and discard all
changes, you can cancel the failover. After you recover the primary site, you can use reverse replication
to reestablish replication. This will also remove the option to cancel failover.
5-26 Virtual Machine Movement and Hyper-V Replica
• Pause Replication. This action pauses replication for the selected virtual machine.
• Resume Replication. This action resumes replication for the selected virtual machine. It is available
only if replication for the virtual machine is paused.
• View Replication Health. This action provides data about the replication events for a virtual machine.
• Extend Replication. This action is available on replica virtual machines. It is available only on Windows
Server 2012 R2, and it extends virtual machine replication from the replica server to a third server (the
Extended Replica Server).
• Remove Recovery Points. This action is available only during a failover. If you select it, all recovery
points (checkpoints) for a replica virtual machine are deleted, and their differencing virtual hard disks
are merged.
• Remove Replication. This action stops replication for the virtual machine.
Note: If you have implemented Microsoft System Center 2012 R2 and you are interested in
using Hyper-V Replica for disaster recovery, you should consider using the Windows Azure
Hyper-V Recovery Manager. The Hyper-V Recovery Manager helps to orchestrate the recovery of
private cloud services across multiple locations in the event of an outage at the primary site.
Question: Which of the three failover actions can you perform while the primary virtual
machine is running: test failover, planned failover, or failover?
There are also more serious reasons that can affect synchronization, such as:
• Issues on the primary server with change tracking. The replication engine tracks changes in the virtual
machine only while the virtual machine is running. If you turn off the virtual machine and then modify
the virtual hard disk, (for example, to perform offline patching), these modifications will not be
replicated to the replica when you start the primary virtual machine.
Server Virtualization with Windows Server Hyper-V® and System Center 5-27
• Replication issues with tracking logs. Changes in a virtual machine are first written into a tracking log,
and are then transferred to the replica. If network connectivity with the replica is lost, the tracking log
can increase in size and can be larger than 50 percent of the virtual hard disk size.
• Problems linking the virtual hard disk with the parent. This problem can occur if a virtual machine is
using a differencing virtual hard disk, and a replica Hyper-V host is not able to link the replicated
differencing virtual hard disk with its parent.
• Virtual machine is restored from the backup. If you restore the primary or replica virtual machines
from a backup, their state changes and is no longer synchronized.
• Reverse replication after failover. If you perform a planned failover and you reverse replication, the
virtual machine will already exist on the target Hyper-V host, but it will not be up-to-date.
In all the above cases, the primary and replica virtual machine are not synchronized, and there is
no tracking log that could simply be applied to synchronize them. However, in all cases, virtual
machines already exist on both sides, and it would be inefficient to perform full initial replication. The
resynchronization process is optimized for virtual hard disks with size up to 500 GB. It tries to find and
replicate only the differences between virtual machines, not the entire virtual hard disk. The virtual hard
disk of the primary virtual machine and the replica are split into chunks of 2 megabytes (MB). The, CRC64
checksum of each chunk is generated, and then compared to determine which chunks from the primary
virtual machine need to be applied to the replica. The resync process also has logic built into it, which
decides if the process would take longer than six hours. If so, you should perform a full initial replication.
Demonstration Steps
1. Connect to the LON-TEST1 computer that is running on the LON-HOST1 Hyper-V host. On the
desktop, create a folder named Current State.
3. Confirm that the Planned Failover error displays, as the virtual machine is not prepared for a planned
failover.
7. On LON-TEST1, confirm that a folder named Current State is on the desktop. With planned failover,
all changes from the primary virtual machine are replicated.
Objectives
After completing this lab, you will be able to:
Lab Setup
Estimated Time: 45 minutes
Virtual machines: 20409B-LON-HOSTx, 20409B-LON-DC1, 20409B-LON-TESTx, and 20409B-LON-PRODx
Password: Pa$$w0rd
For this lab, you will use the available virtual machine environment.
Note: Because you will be using the same virtual machines in the next lab, do not revert
the virtual machines. However, you can shut down all virtual machines after finishing this lab.
You will be working in pairs. Communicate clearly with your lab partner, and cooperate fully with
each other during this lab.
2. Add the Windows Firewall with Advanced Security snap-in to MMC, connect to the LON-HOSTy
computer, and enable the Hyper-V Replica HTTP Listener (TCP In) rule.
2. Confirm that for the 20409B-LON-TESTx virtual machine, in the Management section, six settings
display, and Replication is not one of them.
3. Confirm that the LON-TESTx computer has an IPv4 address of 10.0.0.x6.
4. Use Hyper-V Manager to enable replication for the 20409B-LON-TESTx virtual machine using the
following settings:
o Replica Server: LON-HOSTy
o Initial Replication Method: Immediately send initial copy over the network
5. Use Hyper-V Manager to confirm that 20409B-LON-TESTx is one of the virtual machines on
LON-HOSTy, and that it is in the Off state.
Note: Because initial replication is most likely not yet completed, Replication Health is in a
Warning state.
7. Use Hyper-V Manager to confirm that two new nodes display under Network Adapter for
20409B-LON-TESTx: Failover TCP/IP, and Test Failover.
8. Confirm that there are now seven settings in the Management section for 20409B-LON-TESTx,
including Replication, which was not present before.
9. Use the Windows PowerShell Get-VMReplication and Measure-VMReplication cmdlets to review
replication settings and status for 20409B-LON-TESTx.
10. In Hyper-V Manager, view Replication Health for 20409B-LON-TESTx. If initial replication has finished,
Replication Health will be Normal.
Server Virtualization with Windows Server Hyper-V® and System Center 5-31
Note: If initial replication of 20409B-LON-TESTx has not yet finished, wait until it finishes.
3. Use Hyper-V Manager to start Test Failover for 20409B-LON-TESTx. Confirm that the checkpoint for
20409B-LON-TESTx is created, and a new virtual machine named 20409B-LON-TESTx – Test is
created.
4. Confirm that the 20409B-LON-TESTx – Test virtual machine is connected to Private Switch.
5. Start the 20409B-LON-TESTx virtual machine, and sign in as Administrator with the password
Pa$$w0rd.
6. Confirm that it has the same IP configuration as you configured in Failover TCP/IP for
20409B-LON-TESTx.
7. Stop the test failover for 20409B-LON-TESTx. Confirm that the 20409B-LON-TESTx – Test virtual
machine has been deleted, in addition to the 20409B-LON-TESTx virtual machine checkpoint.
Note: This is because the virtual machine is not prepared for planned failover.
5. Use Hyper-V Manager to perform a Planned Failover for the 20409B-LON-TESTx virtual machine.
6. Confirm that 20409B-LON-TESTx is in the Running state on the LON-HOSTy Hyper-V host.
7. On LON-TESTx, confirm that a folder named Current State displays on the desktop.
Note: With planned failover, all changes from the primary virtual machine are replicated.
5-32 Virtual Machine Movement and Hyper-V Replica
9. Use Hyper-V Manager to start Reverse Replication for 20409B-LON-TESTx, and accept all default
values.
10. Shut down LON-TESTx, and then perform its Planned Failover.
12. Confirm that two folders display on the LON-TESTx desktop: Current State, and Planned Failover.
13. On LON-HOSTx, remove replication for 20409B-LON-TESTx.
Results: After completing this exercise, you should have configured and managed Hyper-V Replica.
Server Virtualization with Windows Server Hyper-V® and System Center 5-33
Question: Can you use self-signed certificates for authentication with Hyper-V Replica?
Question: Can you perform live migration of a virtual machine from a Windows Server 2012
Hyper-V host to a Windows Server 2012 R2 Hyper-V host?
6-1
Module 6
Implementing Failover Clustering with Hyper-V
Contents:
Module Overview 6-1
Module Overview
Failover clustering is a Windows Server 2012 feature that provides high availability. Hyper-V in Windows
Server 2012 uses failover clustering to provide highly available virtual machines. It is crucial for critical
virtual machines to be highly available, which means that if the node on which a virtual machine is
running fails, then the failover cluster will start the virtual machine automatically on a different node.
The first lesson in this module provides a general overview of failover clustering. You will learn about the
components of failover clusters, how failover clusters provide high availability, and why shared storage is
important. You will also learn about the different quorum modes, and understand how you can provide
encryption for Cluster Shared Volumes (CSVs).
The second lesson in this module details shared storage. You will see how you can use Server Message
Block (SMB) 3.0 file shares for Hyper-V. You will also learn how to configure Internet small computer
system interface (iSCSI) shared storage by using an iSCSI target server, which is part of Windows Server
2012. If you are considering failover clustering in virtual machines, you will learn more about Windows
Server 2012 R2, in which you can use virtual hard disk sharing to present shared storage to virtual
machines.
The third lesson explains how you can implement failover clustering. You will also learn about the settings
that you can configure for highly available virtual machines, and how you can configure monitoring for
services that run inside a virtual machine.
Note: For the purpose of this course, all instances of Microsoft System Center 2012 R2
Virtual Machine Manager are referred to as VMM.
Objectives
After completing this module, you will be able to:
Lesson 1
Overview of Failover Clustering
Hyper-V uses failover clustering to provide highly available virtual machines. Before you can create highly
available virtual machines, you need to understand the basics of failover clustering. In this lesson, you will
learn about failover clustering components, the importance of shared storage, and how you can provide
network redundancy. By default, failover clustering uses CSVs as the default storage type. This lesson
explains the requirements for CSVs, and their advantages over logical unit numbers (LUNs). You will
also learn about quorums, the different quorum modes that failover clustering supports, and what the
differences are between the quorum modes. Because some highly available data can be sensitive, you will
also learn about how you can use BitLocker Drive Encryption to encrypt CSVs.
Lesson Objectives
After completing this lesson, you will be able to:
• Networks. Networks enable communication between nodes that are still available and responsive, and
also between nodes and client computers. Because clusters use external storage such as iSCSI or Fibre
Channel Storage Area Network (SAN), nodes also use networks for accessing the shared storage.
• Clustered role. A clustered role is a highly available role or service that is running on the cluster node
and to which clients connect. If such a service becomes unavailable on one node, the failover cluster
fails it over automatically to another node and redirects client requests for the service to the new
node.
• Resources. Resources are physical or logical elements such as a shared folder, disk, or IP address,
which the failover cluster manages. Resources may provide service to clients or may be integral parts
of highly available applications. Resources are the most basic and smallest configurable units. A
resource can run only on a single node at any given time.
• Cluster Storage. Each node has local storage (where the Windows operating system is installed), in
addition to server roles and highly available applications. Cluster storage is a shared storage, where
application configuration and data is stored. When a node fails, other nodes can access data on the
cluster storage, and can start applications from that point. For example, the highly available virtual
machine stores configuration data and virtual hard disks of the highly available virtual machine are
stored on the cluster storage.
• Clients. These are computers that access highly available services and applications that are running in
the failover cluster. There should be multiple network paths between clients and the cluster. Clients
should also try to reconnect to the service automatically if a cluster node fails.
• Has full connectivity and communication with other failover cluster nodes.
• Is aware of configuration changes to the failover cluster, such as when an additional node joins or
leaves the cluster. Each node is also aware of other node failures, and has the ability to run services
that the failed node hosted. You can configure which services to run on which nodes.
• Connects to a network through which client computers can access the node.
• Connects to other nodes, and regularly checks their availability and responsiveness.
• Connects to shared storage, where configuration and data of highly available applications is stored.
• Has awareness of the services and applications that are running locally, and resources that are
running on other failover cluster nodes.
Question: Will clients still be able to connect to a cluster role if the failover cluster has only
two nodes and the internode network fails?
6-4 Implementing Failover Clustering with Hyper-V
1. The cluster service takes all of the resources of the highly available role offline in an order that is
determined by the instance’s dependency hierarchy. First, the cluster service takes the clustered role
offline, and then it takes offline the resources on which it the cluster role depends. For example, if a
role depends on a disk resource, the cluster service takes the role offline first, which allows the role to
write uncommitted changes to the disk, before taking the disk offline.
2. When all resources are offline, the cluster service attempts to move the role to the node that is next
on the list of preferred owners for that role. If the preferred owner is not available, then the cluster
service contacts the next server on the list.
3. If the cluster service moves the role successfully to a different node, it attempts to bring all role
resources back online. This time, it takes the resources online in reverse order, from the bottom of the
dependency hierarchy. Failover is complete when all of the resources are online on the new node.
In most cases, failover results in some downtime and data loss. If a node on which a highly available role is
running fails, everything that was not saved on the shared storage (such as in-memory state of the open
client connections), are lost. Failover restarts the role based on the configuration and state of the shared
storage. Clients experience this as if you turn off and then turn on a single server on which the role runs.
For some highly available roles such as scale-out file server, failover is transparent and without downtime.
The cluster service can fail back a highly available role that was originally running on the failed node, after
you repair or recover the failed node and it is available once again. When the cluster service fails back the
highly available role, it uses the same steps that it performed during failover. The cluster service takes all
the resources offline, moves the role, and then brings all the resources back online. You can configure in
the properties of the highly available role how many times the cluster service will attempt to fail over and
then fail back the role. You can also configure the list of preferred owners for the role.
Question: Does failback always follow failover when the failed node is back online?
Server Virtualization with Windows Server Hyper-V® and System Center 6-5
You can classify networks in failover clustering based on their use. You can configure the following three
settings:
• Do not allow cluster network communication on this network. The nodes in the failover cluster cannot
use this network for internode communication or for communication with the clients. You would
typically use such a network for accessing shared storage, for example iSCSI SAN.
• Allow cluster network communication on this network. The nodes in the failover cluster can use this
network for intranetwork communication. For example, nodes can use this network for updating the
cluster database, monitoring the health of other nodes, or for live migration data.
• Allow clients to connect through this network. Clients can access the failover cluster nodes over this
network, for example, to access a highly available database. (The term client refers not only to client
computers accessing clustered applications, but also to remote computers that you use to administer
the cluster.) You can allow clients to connect through this network only if it can be used for cluster
communication as well.
Technically, it is possible to have a failover cluster node with a single network adapter that is used for all
network traffic, including internode communication, client communication, and access to shared storage.
However, we do not recommend having a single network adapter for all network traffic, and validation
will generate a warning to alert you of a potential single point of failure.
When you install the failover clustering feature, it adds the Failover Cluster Virtual Adapter to the node.
This is a hidden and completely self-configuring network adapter, which provides the failover node with
a fault-tolerant connection across all available network adapters. The Failover Cluster Virtual Adapter is
similar to NIC Teaming for clustering, and it hides all underlying network complexity from the failover
cluster; for example, when other nodes are on remote networks, or when a node obtains an IP address
from a Dynamic Host Configuration Protocol (DHCP) server. You can view the Failover Cluster Virtual
Adapter in Device Manager as a hidden device.
• The node transmits and receives a heartbeat, which is used to monitor the health status of network
interfaces, and is sent over all cluster-enabled networks. The heartbeat is sent by using unicast User
Datagram Protocol (UDP) traffic over port 3343.
• Failover cluster nodes can be on different segments, providing there is network connectivity between
them.
• The Failover Cluster Virtual Adapter hidden network adapter is added to each node. This adapter is
assigned a media access control (MAC) address based on the first physical adapter, and it is used to
6-6 Implementing Failover Clustering with Hyper-V
build redundant and fault-tolerant routes to other nodes. You can also clone Windows Server
computers when they have the failover clustering role installed.
• Failover clusters fully support IPv6 for both internode and client communication.
• Cluster nodes can use static or dynamic IP addresses. If some nodes in a failover cluster use static IP
addresses, and if others are configured with dynamic IP settings, validation will report an error.
Question: Do you need to manually put network adapters in a failover clustering node in a
NIC team?
• iSCSI. Servers access iSCSI SANs by sending SCSI commands over an IP network. Performance is
acceptable over fast 10 gigabits per second (Gbps) or slower 1 Gbps networks. iSCSI is not limited
by the length or the number of servers that access the storage. The physical medium for data
transmission is Ethernet, and no special hardware is required. You can build an iSCSI SAN by using
the iSCSI target feature, which is part of Windows Server 2012 R2.
• Fibre Channel. Fibre Channel SANs require special network infrastructure for accessing the storage.
They often have better performance than iSCSI storage, but they are considerably more expensive to
implement.
• Fibre Channel over Ethernet. This network technology encapsulates Fibre Channel traffic over
Ethernet networks. This enables Fibre Channel to use high-speed Ethernet networks, while preserving
the Fibre Channel protocol.
You can also use SMB 3.0 file shares as shared storage for servers that are running Hyper-V, regardless of
whether they are part of failover cluster nodes. Servers can access storage on a SAN as a LUN, or as a CSV.
When you are considering shared storage for the failover cluster, you should consider using it as a CSV.
This is because it provides many benefits, such as simultaneous access from multiple failover cluster nodes,
and more efficient use of the storage space.
Server Virtualization with Windows Server Hyper-V® and System Center 6-7
When you choose the storage type, you should consider the following storage requirements:
• A failover cluster does not support dynamic disks for a shared storage. You should therefore use basic
disks for the shared storage, and not dynamic.
• As a best practice, use NTFS file system on all failover node volumes. If the volume is on shared
storage and you will use it as CSVs, you must format it by using NTFS file system.
• If you will use disk witness for your quorum, you can format the volume with either NTFS file system
or Resilient File System (ReFS).
• You can use either master boot record (MBR) or GUID partition table (GPT) partition style for the disks
in a failover cluster node.
• Storage must support the SCSI-3 standard. Failover clusters require that storage supports persistent
reservations commands so that storage spaces can be properly managed as clustered disks, and those
commands are part of the SCSI-3 standard.
• Confirm storage compatibility. You should verify that that the storage, drivers, firmware, and software
used for the storage are compatible with failover clusters in Windows Server 2012.
• Isolate storage devices, one cluster per device. You should not allow nodes from different failover
clusters to access the same storage. You can achieve this by using LUN masking or zoning. This
prevents LUNs that you use on one failover cluster from being accessible from another failover
cluster.
• Use Multipath I/O (MPIO) and teamed network adapters. This will provide the highest level of
redundancy and availability for accessing the storage.
• Consider using storage spaces. Storage spaces virtualize access to the storage and provide resilient
and highly available shared storage.
Question: Can you use a network-attached storage (NAS) device as a shared storage for a
failover cluster?
What Is CSV?
In a classic failover cluster deployment, only a
single failover cluster node can access and use
LUN on the shared storage at any given time. This
means that other failover cluster nodes cannot
access the same LUN, and that multiple LUNs are
used for different highly available applications on
different nodes. A LUN is also the smallest unit of
failover. If multiple virtual machines are stored on
the same LUN, they all fail over to another node,
and it is not possible to fail over just one of them.
each node can only access a different file on the CSV. Nodes cannot access the same file at the same time,
even when it is stored on CSV.
In Windows Server 2008 R2, CSV was supported only for storing virtual machine files. This way, you
could have multiple virtual machines on the same storage, with each virtual machine running on a
different node. CSV also enables individual virtual machines to fail over between failover cluster nodes.
This provides better use of storage space, because you no longer have to maintain multiple LUNs, one per
each virtual machine.
• CSV file system. CSV volumes appear as if they are using a CSV file system. This is not a new file
system, the underlying technology is still NTFS, and CSV volumes are formatted with NTFS. However,
based on the file system, applications can discover that they are running on CSV.
• Simplified CSV setup. CSV is integrated into the Failover Cluster Manager Storage view, and you do
not need to enable it explicitly. Instead, you can simply right-click a disk, and then add it to CSV.
• Support for BitLocker. You can use BitLocker to encrypt a shared CSV volume, and protect data. Each
node performs decryption by using the computer account for the cluster server.
• Integration with SMB Multichannel and SMB Direct. This enables CSV traffic to stream across multiple
networks in the cluster, and to utilize network adapters that support Remote Direct Memory Access
(RDMA).
• Integration with the Storage Spaces feature in Windows Server 2012. This enables failover cluster to
use virtualized storage on clusters of inexpensive disks.
• Ability to scan and repair volumes. CSVs can scan and repair volumes without moving storage offline.
What Is a Quorum?
A failover cluster can have up to 64 failover cluster
nodes. A quorum is the consensus that enough
nodes are online and that the cluster can continue
running. Each node has one vote. If there is an
even number of nodes, then votes from the
witness element, which can be either a file
share witness or a disk witness, is also counted.
Quorum mode defines who will have a vote, and
until Windows Server 2012, that configuration was
static. Each voting element contains a copy of the
cluster configuration, and the cluster service keeps
all copies synchronized at all times.
A failover cluster stops providing failover protection if the quorum does not have more than half of the
votes. This means that most of the nodes have failed, or they are not able to vote because of some other
Server Virtualization with Windows Server Hyper-V® and System Center 6-9
problem such as a network connectivity issue. Without a quorum, each set of nodes could continue to
operate as a failover cluster, even if it would have half of the nodes or less, which could result in creation
of two cluster instances from a single failover cluster. A quorum prevents such a splitting of a failover
cluster into two parts, where each part would continue to operate as a failover cluster concurrently.
If the available nodes do not achieve majority, then the vote of the witness becomes crucial. Quorum
mode, which is configured at the failover cluster level, defines which elements can vote. If the number of
votes drops below the majority, the cluster stops running and does not provide failover protection if there
is a node failure. Nodes continue to listen for the presence of other nodes, in case another node appears
again on the network. However, nodes will not function until a majority consensus or quorum is achieved.
Note: Failover cluster functionality depends not only on a quorum, but also on the
resources available to cluster nodes and their ability to run cluster services that fail over to
that node. For example, a cluster with five nodes will still have a quorum even if two nodes
fail. However, each remaining cluster node will continue serving clients only if it has enough
resources to run cluster roles that failed over to the remaining three nodes. These resources
include storage space, processing power, network bandwidth, and memory. You can configure
priority, preferred hosts, and anti-affinity to decide the nodes on which the cluster role can run.
• Node and Disk, or Node and File Share Majority. Each failover cluster node and a witness, which is
either a disk or file share, can vote when they are online and have network connectivity. The cluster
provides its services only when quorum has majority of the votes. This quorum model is appropriate
when the failover cluster has an even number of nodes.
• No Majority: Disk Only. The cluster has a quorum if at least one node is available and it has
connectivity with a specific disk in the failover cluster storage. Only nodes that can communicate
with that disk can join the cluster.
Note: If the disk in the No Majority: Disk Only quorum model is not available, the cluster
will stop functioning, even if all nodes are still available. In this mode, a quorum-shared disk is a
single point of failure. Therefore, use of this mode is not recommended.
Except for the No Majority: Disk Only quorum mode, all quorum modes are based on a simple majority
vote model. As long as a quorum has majority of the votes, the cluster continues to accept client requests.
For example, if there are five votes in the cluster, the cluster continues to accept requests as long as the
quorum has at least three votes, and the source of the votes is not relevant. A quorum can get a vote
from a failover cluster node, a disk witness, or a file-share witness. The failover cluster stops answering
requests if the quorum does not receive the majority of the votes. In the No Majority: Disk Only mode, the
quorum-shared disk can veto all other possible votes. In this mode, the cluster will continue to function as
long as the quorum-shared disk and at least one node are available.
6-10 Implementing Failover Clustering with Hyper-V
Dynamic quorum provides higher availability within a failover cluster by continuously monitoring and
adjusting the quorum model based on the available cluster nodes. Cluster quorum calculation is adjusted
each time the number of nodes changes, so that even if a failover cluster has less than 50 percent of the
original number of nodes, the failover cluster continues to work and cluster roles are still available. With
dynamic quorum enabled, a failover cluster can survive with only one node up and running. The only
limiting factor is the availability of enough resources such as memory and processor to support the
workload. The dynamic quorum model is enabled by default.
Windows Server 2012 R2 includes several quorum enhancements, including:
• Dynamic witness. If a failover cluster is configured to use dynamic quorum, which is the default
configuration, the witness vote is also dynamically adjusted based on the number of voting nodes in
the failover cluster. If the failover cluster has an odd number of votes, the quorum witness does not
have a vote. If the failover cluster has an even number of votes, the quorum witness has a vote. The
quorum witness vote is also dynamically adjusted based on the state of the witness resource. If the
witness resource is offline or has failed, then the witness does not have a vote.
• Tie breaker for 50 percent node split. Failover cluster can dynamically adjust a node's vote to keep the
total number of votes at an odd number. To maintain an odd number of votes, the failover cluster will
first adjust the quorum witness vote through dynamic witness. If a quorum witness is not available,
then the failover cluster can adjust a node's vote. There is also a new failover cluster property that you
can use to determine which site survives if there is a 50 percent node split and neither site has
quorum.
• Quorum user interface improvements. Failover Cluster Manager shows the assigned quorum vote and
the current quorum vote for each failover cluster node.
Configure and Manage the Quorum in a Windows Server 2012 Failover Cluster
http://go.microsoft.com/fwlink/?LinkID=386728
Question: Can a failover cluster that originally had six nodes still run cluster roles if three
nodes fail and only three nodes remain online?
Server Virtualization with Windows Server Hyper-V® and System Center 6-11
You can use BitLocker encryption with physical disk resources such as a LUN on a SAN, NAS, or with a
CSV. You can turn on BitLocker prior to adding the disk to the storage pool within a cluster. Otherwise,
you will need to put the resource into maintenance mode before you can perform BitLocker encryption.
When you use BitLocker on a stand-alone server, the BitLocker protector is stored locally. However,
when you use BitLocker encryption in a failover cluster, multiple cluster nodes must be able to access the
encrypted volume, and because of this, an Active Directory-based protector is used. You must add the
failover cluster Active Directory Domain Services (AD DS) identity as a BitLocker protector to the target
disk volumes.
You can manage BitLocker on a failover cluster by either using Windows PowerShell, or by using the
Manage-bde.exe command. BitLocker encryption introduces minimal (less than one percent) performance
overhead.
Before you can use BitLocker in a failover cluster, the following prerequisites must be met:
• Windows Server 2012 or a newer Windows Server operating system with the Failover Clustering
feature must be installed and configured on each failover cluster node.
• Domain controller running Windows Server 2012 or a newer Windows Server operating system must
be reachable from all failover cluster nodes.
• BitLocker must be installed on all failover cluster nodes.
• Manage-BDE.exe or the BitLocker module for Windows PowerShell must be available to configure
BitLocker-encrypted volumes in failover cluster.
How to Configure BitLocker Encrypted Clustered Disks in Windows Server 2012
http://go.microsoft.com/fwlink/?LinkID=386710
Question: Can you protect data on shared storage by using an encrypted cluster volume if
the failover cluster is a member of an AD DS domain with a Windows Server 2008 R2
domain-functional level?
6-12 Implementing Failover Clustering with Hyper-V
Lesson 2
Configuring and Using Shared Storage
Each node in a failover cluster has local storage on which the operating system and applications are
installed. Each node should have access to shared storage, where it can store application configuration
information and data. Shared storage is useful in enabling a failover cluster node to continue the cluster
service from the point at which it was before the originating node failed.
In this lesson, you will learn how you can use an SMB 3.0 file share as a shared storage for virtual
machines, and how you can install and configure an iSCSI target for use by a failover cluster. You will also
learn about virtual hard disk sharing, which enables virtual machines to use a virtual hard disk on a highly
available location as a shared storage.
Lesson Objectives
After completing this lesson, you will be able to:
• Describe the requirements and process of storing virtual machines on an SMB 3.0 file share.
• Explain the benefits and use of scale-out file servers.
• Describe iSCSI.
• AD DS forest infrastructure is required if you want to use SMB 3.0 file shares. You need to grant
permissions for the SMB 3.0 file share to the Hyper-V host computer account, which is created only in
a domain environment.
Server Virtualization with Windows Server Hyper-V® and System Center 6-13
• The file server must support SMB 3.0 protocol, which means that it must have Windows Server 2012
or a newer Windows Server operating system installed. You can use also non-Microsoft file servers, if
they support the SMB 3.0 protocol. Hyper-V does not block older versions of SMB, but Hyper-V Best
Practice Analyzer raises an alert when it detects an older version of SMB.
• Loopback configurations are not supported. These are configurations in which the Hyper-V host is
used as the file server, and is configured to use local SMB 3.0 file shares for storing virtual machines.
• When Hyper-V is running in a failover cluster, it must not store virtual machines on the file server in
the same failover cluster. Instead, it must use a file server in another failover cluster or stand-alone file
server. This is because when a failover node fails, it could potentially result in the Hyper-V and file
server roles running on the same failover cluster node.
• We recommend that the Hyper-V host stores virtual machines on a continuously available file share
on a file server in the failover cluster, and not on a stand-alone file server.
Configuration Steps
The two most important steps when configuring an SMB 3.0 file share for storing virtual machines are:
• Select the SMB Share - Applications profile for the shared folder. You can configure this profile when
creating the shared folder by using Server Manager. You will notice that you cannot enable access-
based enumeration or allow caching, because those features are not supported with this share profile.
• Configure the appropriate NTFS file system and share permissions. The necessary permissions include
allowing Full Control for the Hyper-V host and Hyper-V Administrators. If Hyper-V is running in a
failover cluster, the computer account for the failover cluster must also have Full Control permissions
on the SMB 3.0 file share.
You can also create a shared folder and grant the permissions by using Windows PowerShell. You can
create a shared folder for C:\VMs, and grant Full Permissions for the LON-HOST1 account and local
Hyper-V Administrators group by running the following Windows PowerShell cmdlets:
Question: Can you store a virtual machine on a shared folder on a Windows Server 2008 R2
file server?
6-14 Implementing Failover Clustering with Hyper-V
• Higher Utilization. All failover cluster nodes can accept and serve client requests for all scale-out
shared folders. When you combine their bandwidth and processor power, you can achieve higher
utilization rates than with any single node. A single failover cluster node is no longer a potential
bottleneck, because a scale-out file server can support as many clients as the shared storage can
manage.
• Non-disruptive maintenance and updates. When you need to check the disk, perform maintenance,
update, or restart a failover cluster node, the scale-out file server is available without an interruption.
This is also true for file server for general use.
• CSV cache. You can use this feature to allocate system memory as a write-through cache. The CSV
cache provides caching of read-only data, which can improve performance for applications such as
Hyper-V, when accessing virtual hard disks. CSV cache performs caching at the block level, and not at
the file level.
• Automatic rebalancing of the clients. SMB client connections are tracked per shared folder, instead of
per server as it was before Windows Server 2012 R2. Clients are redirected to the failover cluster node
with the best access to the volume used by the shared folder. This improves efficiency by reducing
redirection traffic between file server nodes.
• Support for multiple SMB instances. A default SMB instance manages incoming SMB client traffic,
while an additional SMB instance is created on each failover cluster node to manage only internode
CSV traffic. This feature improves scalability and reliability of traffic between CSV nodes.
Server Virtualization with Windows Server Hyper-V® and System Center 6-15
• Simpler management. You can view and manage file server, storage, and networking by using Server
Manager. You can also manage the scale-out file server by using Windows PowerShell.
Note: Clients must support the SMB 3.0 protocol to utilize all the benefits of the scale-out
file server. Older clients such as the Windows 7 operating system or Windows Server 2008 R2,
which support SMB 2.x, are able to connect to scale-out shared folders. However, they cannot
benefit from the SMB transparent failover functionality.
Question: Does a file server cluster for general use support more clients than a stand-alone
file server?
What Is iSCSI?
iSCSI is a client-server protocol that enables
access to remote, small computer system interface
(SCSI)–based devices over a TCP/IP network. You
can use iSCSI for encapsulating and sending
standard SCSI commands over IP networks to any
target device that supports SCSI commands. You
can use iSCSI to transmit data over local area
networks (LANs), wide area networks (WANs), or
even over the Internet. The Windows operating
system has implemented iSCSI only for accessing
block storage devices, and uses the iSCSI initiator
to access storage on iSCSI SANs, but not other
remote SCSI devices.
iSCSI relies on standard Ethernet networking and does not require any special hardware. It uses the TCP/IP
protocol and TCP port 3260 by default to send SCSI commands and transfer data. This means that iSCSI
enables two hosts that are communicating over the network to negotiate the session and connection
parameters, and then exchange SCSI commands and data as they would were they locally connected.
iSCSI emulates a local storage subsystem over LANs and WANs, and provides access to the SAN as if it
were a locally attached disk. Unlike Fibre Channel, iSCSI does not require a separate network, and you can
run it over the existing IP network infrastructure. Although not required, as a best practice you should use
a dedicated and highly available network for iSCSI traffic.
• iSCSI target. iSCSI targets present and advertise local storage as a network block device, as an
iSCSI SAN. Many storage vendors implement hardware-level iSCSI targets as part of their storage
appliances. Windows Server 2012 includes iSCSI target server as a role service. Because it is critical for
storage to be available constantly, you should implement an iSCSI target server as a failover cluster
role to make it highly available. To provide network redundancy, you should also configure the MPIO
feature to use multiple paths between the server and iSCSI target.
• iSCSI initiator. The iSCSI initiator is an iSCSI client that connects to the remote iSCSI target and
presents it as a locally attached disk. Windows client and Windows Server operating systems include
iSCSI initiator, and can connect to iSCSI targets. To use an iSCSI initiator, the iSCSI service must be
running. Because this service is not running by default, you should start it before you start using an
iSCSI initiator.
• iSCSI qualified name. iSCSI qualified names are globally unique identifiers that address initiators and
targets on an iSCSI network. When you configure an iSCSI target, you must configure it with an iSCSI
qualified name.
Question: What must you enable and configure in Windows Server 2012 R2 to be able to
use storage on an iSCSI SAN?
When you create a fixed-size virtual disk, you can clear it on allocation. This means that its entire content
is filled with zero values, which removes any fragments of data that might remain on the underlying
storage.
After you create a virtual disk, you can assign it to the iSCSI target to make it available to the iSCSI
initiators over the network. You can identify the initiators that can access the logical unit by providing
their iSCSI qualified name, Domain Name System (DNS) name, IP address or MAC address, or by querying
the initiator computer for ID, which is supported only for Windows Server 2012, or for Windows 8 or
newer computers that are members of the same AD DS forest. You can also enable the Challenge
Handshake Authentication Protocol (CHAP) to authenticate initial connection and iSCSI target.
After the client iSCSI initiator connects to the logical unit, it can start using it as a locally attached disk,
which means initializing the disk, creating volumes, formatting them, and storing data. If the client is
Server Virtualization with Windows Server Hyper-V® and System Center 6-17
running out of space on the logical unit, you can provide it with additional space by extending the virtual
disk. Conversely, if the logical unit has too much space for client needs, you can shrink the virtual disk.
You can perform both operations online, while the client is connected to the iSCSI target.
The iSCSI target server also enables backup applications that are connected to an iSCSI target and are
using Volume Shadow Copy Service (VSS) to complete the application-consistent snapshot, while the
application is accessing the logical unit. The iSCSI target VSS hardware provider communicates with the
iSCSI target server during the VSS snapshot process, and ensures that the snapshot is
application-consistent.
The iSCSI target server includes a Storage Management Initiative – Specification provider, which is an
industry standard for discovery and management of heterogeneous storage systems. For example, VMM
can use functionality to perform the following actions on iSCSI target server:
You can manage the iSCSI target server by using Server Manager, or by using Windows PowerShell
cmdlets. For example, you can create a new virtual disk by running the following Windows PowerShell
cmdlet:
New-IscsiVirtualDisk
You can create a new iSCSI target by running the following cmdlet:
New-IscsiServerTarget
You can add a virtual disk to an iSCSI target by running the following cmdlet:
Add-IscsiVirtualDiskTargetMapping
Question: Can you use an iSCSI target server on Windows Server 2012 R2 to provide storage
to a server that is running a non-Microsoft operating system?
6-18 Implementing Failover Clustering with Hyper-V
Demonstration Steps
1. On LON-HOST1, add LON-SS1 to All Servers.
2. Use Server Manager to add an iSCSI Virtual disk with following data:
o Location: E:\
3. Connect the iSCSI virtual disk to the New iSCSI target with following data:
4. Use the Windows PowerShell New-IscsiVirtualDisk cmdlet to create new virtual disk with following
parameters:
o Path: C:\iSCSIVirtualDisks\Disk12.vhdx
o Size: 15 GB
o ComputerName: LON-SS1
5. Use the Windows PowerShell Add-IscsiVirtualDiskTargetMapping cmdlet to add a virtual disk to an
iSCSI target with the following parameters:
o TargetName: Lab6-Host1
o Path: C:\iSCSIVirtualDisks\Disk12.vhdx
o ComputerName: LON-SS1
6. Refresh Server Manager, and confirm that virtual disk Disk12.vhdx now displays and it is mapped to
the Lab6-Host1 target.
7. On LON-HOST1, open iSCSI Initiator and connect to the Lab6-Host1 target on the LON-SS1 iSCSI
target server. Disconnect any previously connected targets.
8. Use Disk Management to confirm that two disks are now added, that they have a size of 15 GB, and
they are all Offline. Note that these are the virtual disks that you just added on the iSCSI target.
Server Virtualization with Windows Server Hyper-V® and System Center 6-19
• Read the vendor-specific best practices for implementing iSCSI storage, and for using it with your
applications, such as Hyper-V.
Question: How can you control which iSCSI initiators can connect and use an iSCSI target?
clustering node. This virtual machine must be running either on the same Hyper-V host, or on a different
one. When you use failover clustering at both levels, you realize many benefits. However, you also realize
the downside of increased complexity. Virtual machines and the cluster roles are highly available.
To provide failover clustering functionality, you need shared storage for the quorum, for cluster roles
configuration, and for data storage. You can use iSCSI or Fibre Channel SAN as a shared storage with
Hyper-V failover clustering, in addition to an SMB 3.0 file share. You can also use both SAN types with
virtual machine clustering.
Windows Server 2012 R2 introduces a third option—you can use virtual hard disk sharing and use that
disk as shared storage. Virtual hard disk sharing presents a disk as a Serial Attached SCSI disk, and failover
clustering can then use it as a shared storage.
The following table shows a comparison between iSCSI, Fibre Channel, and virtual hard disk sharing when
used for virtual machine shared storage:
How is storage presented in Virtual Serial Attached Virtual Fibre iSCSI LUN
virtual machine SCSI Channel LUN
Provides low latency and low Yes (RDMA or Fibre Yes (Fibre No
CPU use Channel) Channel)
Before you can use a shared virtual hard disk as a shared storage, you must first meet the following
requirements:
• The virtual hard disk must use .vhdx format. You can enable virtual hard disk sharing only on .vhdx
disks, and not on virtual hard disks that use the .vhd format.
• The virtual hard disk must be connected to a SCSI virtual controller. You cannot enable virtual hard
disk sharing for disks that are connected to a virtual IDE adapter.
• A shared virtual hard disk can only store data, and you cannot start a virtual machine from it. This is
also true for Generation 2 virtual machines, which can start from the virtual SCSI controller.
• A shared virtual hard disk must be stored on a highly available location, either on scale-out file server
share, or on CSV. If a virtual hard disk is stored locally or on the SMB 3.0 file share, you cannot enable
virtual hard disk sharing.
Server Virtualization with Windows Server Hyper-V® and System Center 6-21
• You can enable virtual hard disk sharing only if the virtual machine is turned off. Although you can
add or remove virtual hard disks to a virtual SCSI adapter while the virtual machine is running, you
can enable or disable virtual hard disk sharing only when the virtual machine is turned off.
• To be able to use virtual hard disk sharing, the virtual machine must be running a supported
Windows Server operating system, and it must have the latest version of integration services installed.
Supported operating systems are currently Windows Server 2012 and Windows Server 2012 R2. You
cannot use shared virtual hard disks from client operating systems or older Windows Server operating
systems.
You can enable virtual hard disk sharing from the advanced settings of the virtual hard disk in Hyper-V
Manager, or by using the Windows PowerShell Add-VMHardDiskDrive cmdlet with the ShareVirtualDisk
parameter. For example, if you want to add shared virtual hard disk named disk1.vhd, which is located on
the highly available share \\LON-HOST1\files, to a virtual machine named VM1, you would run the
following cmdlet:
Question: Do you need to install anything into the virtual machine to enable virtual hard
disk sharing?
6-22 Implementing Failover Clustering with Hyper-V
Lesson 3
Implementing and Managing Failover Clustering with
Hyper-V
Failover clustering provides high availability for virtual machines. Making virtual machines highly available
is similar to making any other role highly available. You should first install servers, configure the shared
storage, install the Hyper-V role on all the servers that will run virtualization load, validate and create
cluster, and then create highly available virtual machines. You should ensure that all virtual machine data
files are on shared storage, otherwise the virtual machine will not be highly available.
When configuring the virtual machine cluster role, you will notice that many configuration settings such
as priority, failover, and failback, are the same as for the other cluster roles. However, some other settings
such as monitoring virtual machine heartbeat and applications, or network connectivity are specific to
virtual machines. For running virtual machines in a failover cluster, you do not need any additional cluster
roles, but when you want to replicate a virtual machine to a failover cluster node, you should first add the
Hyper-V Replica Broker cluster role to a failover cluster.
Lesson Objectives
After completing this lesson, you will be able to:
• Describe the steps for failover cluster implementation.
2. Configure shared storage. This includes configuring the storage, for example creating LUNs or iSCSI
targets, configuring MPIO, connecting servers to the storage, and creating volumes.
Server Virtualization with Windows Server Hyper-V® and System Center 6-23
3. Install roles on the servers that you want to make highly available. For example, you can install
Hyper-V if you plan to create highly available virtual machines, and install file and storage services if
you plan to create a scale-out file server. You need to install roles only on servers that will host the
cluster role. For example, if you plan to have an eight-node failover cluster, but virtual machines will
run on only five nodes, you should install the Hyper-V role on only five servers.
4. Validate the configuration and create a failover cluster. The failover cluster includes the Validate
a Configuration Wizard, which validates all of the prerequisites for creating a failover cluster and
provides warnings or errors if any component does not meet the requirements. Before you create a
failover cluster, you should resolve any issues that the wizard reports. You can create a failover cluster
by using the Failover Cluster Manager, or by using Windows PowerShell.
5. Create cluster roles. These are the highly available roles that run in a failover cluster. The High
Availability Wizard has several often-used cluster roles, such as file server or virtual machine. After you
create the cluster role, you can test the failover by moving the role between failover cluster nodes.
Deploy a Hyper-V Cluster
http://go.microsoft.com/fwlink/?LinkID=386729
Question: Can you implement a failover cluster by using the Windows Server 2012 R2
Standard operating system?
Note: Some validation tests do not run until you create a cluster or install server roles.
For example, the Cluster Configuration tests will not run until after you create the cluster, and
Hyper-V tests will not run if you have not yet installed the Hyper-V role on the cluster nodes.
You can also use the cluster validation process as a troubleshooting tool on a configured cluster. When
running the validation process, you can select a subset of the validation tests to help you troubleshoot.
The validation process will warn you if storage tests are selected, but they will not run on a failover cluster
that already has allocated storage online.
6-24 Implementing Failover Clustering with Hyper-V
Validation is not mandatory, but we strongly recommend it as a best practice. Furthermore, validation is
required if you want to have a supported failover clustering configuration. You should perform validation
after each change in configuration, including the following:
• Run validation tests on the failover cluster. To have a supported configuration and to rule out
configuration problems, you are required to run validation tests on the failover cluster successfully.
The report shows any errors and warnings for your configuration, and what you should do to avoid
them. For example, the report will warn you if there is no network redundancy or if servers are not
running the same edition of the Windows Server or Windows client operating systems.
• Before adding a node to a failover cluster. You should run a validation test to confirm that the server
is configured properly and that it has connectivity to shared storage.
• When adding new shared storage. When you add new shared storage to the cluster, you should run
validation to confirm that new storage will function correctly (for example, that it supports SCSI-3
persistent reservation). To minimize the impact on availability, you should run the validation after you
attach the storage, but before you begin using the new LUNs.
• When updating firmware and drivers. You should run validation to confirm that the new combination
of hardware, firmware, drivers, and software supports your failover cluster functionality.
• After restoring a node from backup. Run the validation to confirm that the restored node can
function properly as part of the failover cluster.
As part of the cluster role validation, the following tests are performed if the Hyper-V role is installed on
failover cluster nodes:
• List Hyper-V Virtual Machine Information. This test lists virtual machine information for each virtual
machine in the failover cluster. Test information includes the virtual machine name, the node that is
hosting the virtual machine, heartbeat connectivity to the virtual machine, and the version of the
installed integration services.
• List Information About Servers Running Hyper-V. This test lists Hyper-V host-related information on
each specified node, for example, if they are Virtual Machine Queue (VMQ)–capable and single root
I/O virtualization (SR-IOV)–capable.
• Validate Compatibility of virtual Fibre Channel SANs for Hyper-V. This test validates that each node in
the failover cluster is configured with the same set of virtual Fibre Channel SANs.
• Validate Hyper-V Integration Services Version. This test validates that all virtual machines are running
the up-to-date version of the Hyper-V integration services.
• Validate Hyper-V Memory Resource Pool Capability. This test validates that memory resource pools
with the same names are present on all specified nodes.
• Validate Hyper-V Network Resource Pool and Virtual Switch Compatibility. This test validates that all
nodes in the failover cluster have the same set of network resource pools and virtual switches with the
same names.
• Validate Hyper-V Processor Resource Pool Compatibility. This test validates that all nodes in the
failover cluster have the same set of processor resource pools.
• Validate Hyper-V Role Installed. This test validates that all nodes in the failover cluster have the
Hyper-V role installed.
• Validate Hyper-V Storage Resource Pool Compatibility. This test validates that all nodes in the failover
cluster have storage resource pools that share the same name.
• Validate Hyper-V Virtual Machine Network Configuration. This test validates that all virtual machines
on the failover cluster nodes are configured with cluster-compatible network settings; for example,
virtual machines are configured with correct network resource pool.
Server Virtualization with Windows Server Hyper-V® and System Center 6-25
• Validate Hyper-V Virtual Machine Storage Configuration. This test validates that all virtual machines
are configured with cluster-compatible storage settings; for example, virtual machine data files are on
cluster storage. If virtual Fibre Channel adapters are used, it verifies if the virtual machine is
configured with at least two virtual Fibre Channel adapters.
• Validate Machine Processor Manufacturers. This test validates that all failover cluster nodes use
processors from the same manufacturer.
Question: Why is it important that all failover cluster nodes have processors from the same
manufacturer?
Demonstration Steps
1. On LON-HOST1, use the Failover Cluster Manager to create a new cluster with the following data
(accept default values on all other wizard pages):
o Servers in cluster: LON-HOST1, and LON-HOST2
o Address: 172.16.10.105
2. Use Active Directory Users and Computers to confirm that in the Computers container, there are
computer accounts for LON-HOST1, LON-HOST2, and LON-CLUST (which was added when you
created the failover cluster).
3. On LON-HOST1, use File Explorer to confirm that the C:\ClusterStorage folder is empty.
4. Use the Failover Cluster Manager to add Cluster Disk 2 to Cluster Shared Volumes.
5. Use File Explorer to confirm that the C:\ClusterStorage folder now contains a mounted volume for
Volume1.
6-26 Implementing Failover Clustering with Hyper-V
You can configure basic properties for the highly available virtual machine on the role Properties page,
The Priority setting is one of these properties, and it controls which virtual machines (or cluster roles in
general) have priority over others. This is important when a failover cluster starts and when virtual
machines fail over to a different node.
For example, when failover cluster starts, resources are allocated first to virtual machines with high
priority, and as a result, they are started first. Only after that will virtual machines with medium priority
be started. The failover cluster will continue to start virtual machines until they are all started or there are
no more nodes in the failover cluster with resources available. The Priority setting is set to Medium by
default, and you can change it to Low, High, and No Auto Start.
When a failover cluster is placing virtual machines on the failover nodes, it uses the following rules:
• Start a virtual machine on the same node it was running on previously.
• Move a virtual machine to a node that is on the virtual machine’s Preferred Owners list.
• If the node on which a virtual machine was running previously is not available, the failover cluster will
place the virtual machine on another node, based on available resources (primarily memory).
• If a virtual machine cannot be started, the failover cluster continues to contact all the nodes every five
minutes to find out if any node has enough resources available. When enough resources become
available, the virtual machine is started.
You can configure the virtual machine’s Preferred Owners list on the role Properties page. The failover
cluster will try to start the virtual machine on the Hyper-V host that is highest on the virtual machine’s
Preferred Owners list. If it is not able to start the virtual machine on any of the preferred owners, it will try
to start it on one of the possible owners, which you can configure on the Advanced Policies tab for the
virtual machine’s resource properties. If the virtual machine cannot be started on any possible owners,
then the failover cluster will move it to any other failover cluster node, but will not start it there.
On the Failover tab of the role properties page, you can also configure failover and failback settings. You
can specify the number of times that the failover cluster will attempt to restart or fail over the cluster role
in the specified period, and whether the cluster role will fail back automatically to the most preferred
owner when it is available again.
Server Virtualization with Windows Server Hyper-V® and System Center 6-27
On the Settings tab of the virtual machine’s resource properties page, you can configure two settings
regarding virtual machine health monitoring, both of which are enabled by default:
• Enable heartbeat monitoring for the virtual machine. This setting enables the failover cluster to
periodically check the Heartbeat integration service in the virtual machine. If the heartbeat stops,
it can restart and fail over the virtual machine.
• Enable automatic recovery for application health monitoring. This setting enables you to configure
application health monitoring for applications and services that are running inside the virtual
machine.
When you want to prevent virtual machines from running on the same Hyper-V host, you can use
anti-affinity. Some examples include when virtual machines use a significant amount of resources, or
because a company policy requires that they never run on the same physical host. The failover cluster
will move virtual machines that have the same AntiAffinityClassNames property to different failover
cluster nodes. You can configure this property by using Windows PowerShell, or by using VMM, in which
AntiAffinityClassNames is called availability sets. You cannot configure it by using Failover Cluster
Manager.
AntiAffinityClassNames
http://go.microsoft.com/fwlink/?LinkID=386717
Question: Will a virtual machine ever fail over to a node that is not on either its preferred
owners list or its possible owners list?
Failover clustering in Windows Server 2012 has the ability to monitor and detect application health
for applications and services that run inside a virtual machine. If a service in a virtual machine stops
responding, or if an event is added to the System, Application, or Security logs, the failover cluster can
take actions such as restarting the virtual machine or failing it over to a different node to restore the
6-28 Implementing Failover Clustering with Hyper-V
service. The only requirement is that the failover cluster node and virtual machine must be running
Windows Server 2012 or newer Windows Server operating system, and have integration services installed.
You can configure virtual machine monitoring by using either the Failover Cluster Manager or Windows
PowerShell. By default, a failover cluster is configured to monitor virtual machine health, in addition to
applications and services within that virtual machine. Heartbeat monitoring requires that integration
services is installed on the virtual machine, and that you can verify the monitoring configuration on the
Settings tab of the virtual machine resource Properties dialog box.
To add monitoring of the specific services that are running in the virtual machine, right-click the virtual
machine cluster role, click More actions, and then click Configure Monitoring. From there you can select
services to monitor inside the virtual machine. The failover cluster will take action only if a service stops
responding, and in the Services Control Manager if the service is configured with Take No Actions
recovery setting.
Windows Server 2012 R2 can also monitor failure of virtual machine storage and loss of network
connectivity. Storage failure detection can detect the failure of a virtual machine boot disk or any other
virtual hard disk that the virtual machine is using. If failure happens, the failover cluster moves the virtual
machine and then restarts it on a different node. You can also configure a virtual network adapter to
connect to a protected network. If network connectivity to such network is lost because of reasons such as
physical switch failure or disconnected network cable, the failover cluster will move the virtual machine to
a different node to restore network connectivity.
Question: How can you monitor an application that is installed in a Windows Server 2012 R2
virtual machine, but is not running as a service?
Question: How should you configure a service in a highly available virtual machine by using
Service Control Manager, if you plan to monitor it by failover cluster?
Demonstration Steps
1. On LON-HOST1, use the Failover Cluster Manager to create a new virtual machine with following
data:
o Name: LON-HA1
o Location: C:\ClusterStorage\Volume1\
2. On LON-HOST1, use the Failover Cluster Manager to set LON-HA1 startup priority to Low.
3. Use the Failover Cluster Manager to configure LON-HOST1 as the preferred owner for the
LON-HA1 role.
Server Virtualization with Windows Server Hyper-V® and System Center 6-29
5. Configure the Virtual Machine LON-HA1 resource with the following value:
8. On LON-HOST1, use the Failover Cluster Manager to confirm that in the 20409B-LON-PROD1
clustered role, no services are monitored currently.
9. Use Failover Clustering Manager to configure monitoring for LON-PROD1, and then click Print
Spooler as service to be monitored.
10. Use Failover Cluster Manager to confirm that Print Spooler is listed under Monitored Services.
CAU orchestrates and automates the update process by performing the following actions:
1. Puts a failover cluster node into maintenance mode.
CAU can coordinate the complete cluster updating operation in two modes:
• Remote-updating mode. In this mode, updating is coordinated by a computer, which is not the
failover cluster node. This computer is called the orchestrator, and it must have failover clustering
administrative tools installed. You can trigger on-demand updating from the orchestrator by using a
default or custom Updating Run profile. Remote-updating mode is useful for monitoring real-time
progress during the Updating Run, or for updating failover cluster nodes that do not have a GUI.
• Self-updating mode. In this mode, CAU is configured as a cluster role in the failover cluster, and an
associated update schedule is defined. In this mode, CAU does not have a dedicated orchestrator
computer, but the cluster updates itself at scheduled times by using a default or custom Updating
Run profile. During the Updating Run, the CAU orchestrator process starts on the failover cluster node
that currently owns the CAU cluster role, and the process updates cluster nodes one after another. In
the self-updating mode, CAU can update the failover cluster by using a fully automated updating
process. You can also trigger updates on demand if so desired. You can view information about an
Updating Run by running the Windows PowerShell cmdlets Get-CauRun and Get-CauReport.
Update Management in Windows Server 2012: Revealing Cluster-Aware Updating and the
New Generation of WSUS
http://go.microsoft.com/fwlink/?LinkID=386713
Question: Is there any downtime when you update nodes in a failover cluster by using CAU?
Server Virtualization with Windows Server Hyper-V® and System Center 6-31
You need to implement a high availability solution for these virtual machines by deploying failover
clustering for the virtual machines. You also need to configure highly available virtual machines and
virtual machine monitoring.
Objectives
After completing this lab, you will be able to:
• Create a Hyper-V failover cluster.
Lab Setup
Estimated Time: 90 minutes
Password: Pa$$w0rd
For this lab, you will use the available virtual machine environment. Before you begin the lab, you must
complete the following steps:
3. In Hyper-V Manager, click 20409B-LON-DC1, and in the Actions pane, click Start.
4. In the Actions pane, click Connect. Wait until the virtual machine starts.
o Password: Pa$$w0rd
LON-HOST1 and LON-HOST2 are sometimes referenced as LON-HOSTx, which indicates that each
student can perform the lab tasks on his or her computer.
Note: Because you will be using the same virtual machines in the next lab, do not revert
the virtual machines. However, you can shut down all virtual machines after finishing this lab.
You will be working in pairs. Communicate clearly with your lab partner, and cooperate fully with
each other during this lab.
6-32 Implementing Failover Clustering with Hyper-V
2. Use Server Manager to add an iSCSI Virtual disk with the following settings:
o Location: E:\
o Name: Diskx1
o iSCSI virtual disk size: 10 GB
o iSCSI virtual disk type: Dynamically expanding
3. Connect the iSCSI virtual disk to the New iSCSI target with following data:
o Target name: Lab6-Hostx
o Access servers: LON-HOST1 and LON-HOST2
4. Use the Windows PowerShell New-IscsiVirtualDisk cmdlet to create a new virtual disk with following
parameters:
o Path: E:\iSCSIVirtualDisks\Diskx2.vhdx
o Size: 10GB
o ComputerName: LON-SS1
5. Use the Windows PowerShell New-IscsiVirtualDisk cmdlet to create a new virtual disk with the
following parameters:
o Path: E:\iSCSIVirtualDisks\Diskx3.vhdx
o Size: 15GB
o ComputerName: LON-SS1
6. Use the Windows PowerShell Add-IscsiVirtualDiskTargetMapping cmdlet to add the virtual disk to
the iSCSI target with the following parameters:
o TargetName: Lab6-Hostx
o Path: E:\iSCSIVirtualDisks\Diskx2.vhdx
o ComputerName: LON-SS1
Server Virtualization with Windows Server Hyper-V® and System Center 6-33
o TargetName: Lab6-Hostx
o Path: E:\iSCSIVirtualDisks\Diskx3.vhdx
o ComputerName: LON-SS1
8. Refresh Server Manager, and confirm that virtual disks Diskx2.vhdx and Diskx3.vhdx now display,
and that they are mapped to target Lab6-Hostx.
Note: Although both students created an iSCSI target, only the Lab6-Host1 iSCSI target
will be used for creating the failover cluster.
4. Create and format simple volumes on Disk 3, Disk 4, and Disk 5 with default values.
3. Use the Extend Volume Wizard to extend the volume on the disk to allocate all available disk space.
4. Confirm that the partition is now expanded to 15 GB. You expanded it while it was online, while it was
in use.
Note: Both students should finish with this task before you continue.
6-34 Implementing Failover Clustering with Hyper-V
1. On LON-HOST1, use the Failover Cluster Manager to create a new cluster with following data (accept
default values on all other wizard pages):
2. Use Active Directory Users and Computers to confirm that in the Computers container there are
computer accounts for LON-HOST1, LON-HOST2, and LON-CLUST (which was added when you
created the failover cluster).
2. Use the Failover Cluster Manager to add the first Cluster Disk with Available Storage status to
Cluster Shared Volumes if you are on LON-HOST1, or the second Cluster Disk with Available
Storage status to Cluster Shared Volumes if you are on LON-HOST2.
3. Use File Explorer to confirm that the C:\ClusterStorage folder contains mounted volumes for
Volume1 and Volume2, which were added when you and your partner added disks to the CSV.
4. Create a new text document with your name in the C:\ClusterStorage\Volumex folder.
5. Confirm that the C:\ClusterStorage\Volumey folder contains a file with your partner’s name. Notice
that now, all cluster nodes have access to the CSV.
Note: If file with your partner’s name is not in the C:\ClusterStorage\Volumey folder, wait
until your partner creates a file.
Results: After completing this exercise, you should have created a Hyper-V failover cluster.
o Path: C:\Shares\HDD1x.vhdx
o SizeBytes: 10 GB
2. Use the Windows PowerShell New-VHD cmdlet to create virtual hard disks on CSV by using following
parameters:
o Path: C:\ClusterStorage\Volumex\HDD2x.vhdx
o SizeBytes: 10 GB
Note: You cannot modify a virtual hard disk’s sharing setting while the virtual machine is
running.
5. Use Hyper-V Manager to confirm that 20409B-LON-PRODx has two hard disks listed under SCSI
Controller: HDD1x.vhdx, and HDD2x.vhdx.
6. Try to Enable virtual hard disk sharing for the HDD1x.vhdx virtual hard disk.
Note: The Error applying Hard Disk Drive changes message displays, because local
storage where HDD1x.vhdx is located does not support virtual hard disk sharing.
Note: This time you do not get any error, because the virtual hard disk is stored on a CSV.
Note: Notice that an error message displays, because HDD2x.vhdx is already in use by a
virtual machine.
12. Use Hyper-V Manager to Enable virtual hard disk sharing for the HDD2x.vhdx virtual hard disk of the
20409B-LON-TESTx virtual machine.
6-36 Implementing Failover Clustering with Hyper-V
Note: Notice that this time LON-TESTx starts without an error, as it is now configured with
virtual hard disk sharing.
15. Open Disk Management, and confirm that the shared virtual hard disk is available as shared storage
to both computers.
16. Remove HDD1x.vhdx and HDD2x.vhdx virtual hard disks from 20409B-LON-PRODx.
o Name: LON-HAx
o Location: C:\ClusterStorage\Volumex\
o Memory: Use Dynamic Memory
3. Use the Failover Cluster Manager to confirm that LON-HAx and 20409B-LON-CLx are listed as
clustered Roles.
3. Use Failover Cluster Manager to configure LON-HAx with the following settings:
o Maximum failures in the specified period: 2
o Period: 3
4. Use the Failover Cluster Manager to configure Virtual Machine LON-HAx on the Resources tab with
Period for restarts (mm:ss) set to 10:00 minutes.
5. Confirm that both LON-HOST1 and LON-HOST2 are set as Possible Owners, and that heartbeat
monitoring is enabled for LON-HAx.
2. On LON-PRODx, configure the Print Spooler service with Take No Action if Second failure occurs.
3. On LON-HOSTx, use the Summary tab in the Failover Cluster Manager to confirm that currently no
services are monitored in the LON-PRODx clustered role.
Server Virtualization with Windows Server Hyper-V® and System Center 6-37
4. In the Failover Cluster Manager, in details pane, right-click 20409B-LON-PRODx, click More
Actions, and then configure monitoring for the Print Spooler service that is running on LON-PRODx.
5. Use the Summary tab in the Failover Cluster Manager to confirm that Print Spooler is now listed
under Monitored Services.
6. Use the Failover Cluster Manager to review Settings for 20409B-LON-PRODx clustered virtual
machine, and confirm that Protected Network is enabled for Network Adapter.
2. Use the Failover Cluster Manager to start live migration of LON-HAx to the LON-HOSTy node.
3. Use the Failover Cluster Manager to confirm that Live Migration is moving LON-HAx, and that after
the move, the virtual machine is running on the LON-HOSTy node.
1. On LON-HOST1, remove all clustered roles for the CLUST.Adatum.com failover cluster.
2. Use the Failover Cluster Manager and click Destroy Cluster to remove the LON-CLUST.Adatum.com
failover cluster.
3. On LON-HOST1 and LON-HOST2, delete the LON-HAx virtual machine.
Results: After completing this exercise, you should have managed a Hyper-V failover cluster.
6-38 Implementing Failover Clustering with Hyper-V
Question: How can you configure anti-affinity for virtual machines that are running in a failover
cluster?
7-1
Module 7
Installing and Configuring Microsoft System Center 2012 R2
Virtual Machine Manager
Contents:
Module Overview 7-1
Module Overview
Microsoft provides several built-in tools, such as Hyper-V Manager, that you can use for virtual platform
management. Alternatively, you can use specialized software such as Microsoft System Center 2012 R2
Virtual Machine Manager. Using Virtual Machine Manager (VMM) provides many benefits over built-in
utilities, particularly in enterprise environments with many virtual host servers.
This module explains how to integrate VMM into an existing virtual environment, and how to manage
that virtual environment. System Center 2012 R2 VMM is the successor to System Center 2012 – Virtual
Machine Manager, which is a management solution for virtual data centers. By using VMM, you can
consolidate physical servers, provision new virtual machines rapidly, and perform unified management
of virtual infrastructure through one console.
Note: For the purpose of this course, we are referring to all instances of Microsoft System
Center 2012 R2 Virtual Machine Manager as VMM.
Objectives
After completing this module, you will be able to:
• Explain how to use different System Center 2012 components for managing a virtual environment.
• Add virtualization hosts to VMM, and manage virtualization hosts and host groups.
7-2 Installing and Configuring Microsoft System Center 2012 R2 Virtual Machine Manager
Lesson 1
Integrating System Center and Server Virtualization
In addition to integrating Hyper-V with Windows Server 2012, Microsoft provides hypervisor integration
into several System Center 2012 products, specifically with VMM. Understanding how the System Center
2012 products integrate is an important part of running a highly virtualized data center. In this lesson, you
will learn how VMM and other System Center products work together with the hypervisor.
Lesson Objectives
After completing this lesson, you will be able to:
• Use System Center 2012 R2 Data Protection Manager to help protect a virtualized server deployment.
• Use the Windows Azure Pack to provide self-servicing.
• Intelligent placement. You can use VMM resources to determine the best available host for a new
virtual machine.
• Dynamic optimization. Dynamic optimization enables you to react to alerts sent by Operations
Manager so that you can move virtual machines to other hosts to maintain performance continuity.
• Physical-to-virtual machine (P2V) conversion. You can use VMM to convert a physical machine to a
virtual machine.
• Microsoft Application Virtualization (App-V) support. You can use this feature to virtualize server
applications.
• Live migration. In VMM, you can move virtual machines to different host machines without affecting
users or workloads.
Server Virtualization with Windows Server Hyper-V® and System Center 7-3
• Delegated administration. You can delegate administrative tasks to users, and allow them to create
and manage virtual machines on their own.
• Cloud, infrastructure, and services management. You can manage your cloud environment and
services from a single console.
• Power optimization. VMM can optimize hosts by moving virtual machines from underused hosts, and
then powering off the host machine.
Microsoft has introduced several new enhancements to VMM in the System Center 2012 R2 release. The
following are available enhanced categories and improvements:
o Forwarding extensions for Hyper–V extensible switch work with Hyper–V network virtualization
o Differencing disks
o Leverage of the new Hyper–V file transfer application programming interface (API) in Windows
Server 2012 R2 to transfer files to guest operating systems
o Ability to create Windows-based and Linux-based virtual machines and multiple virtual machine
services, from a template gallery
o Faster live migration and support for migration of Windows Server 2012 R2 operating systems
• Storage features include:
o Management of zones
o Support for Windows Offloaded Data Transfers (ODX)
o Integration of storage with differencing disks optimization and storage spaces files
o Allowing the script that runs on the first deployed virtual machine to differ from the script that
runs on the other virtual machines in the tier
7-4 Installing and Configuring Microsoft System Center 2012 R2 Virtual Machine Manager
o Management packs updated with new metrics for chargeback purposes based on allocation and
utilization
Note: By design, P2V conversion is no longer available in System Center 2012 R2 VMM.
App Controller provides the self-service component of a solution by enabling application owners to:
• Configure, deploy, and manage services through a service-centric interface, while using a library of
standard templates.
• Provide self-service application management, visibility, and control across both the Microsoft cloud
services and the various public cloud services (such as Windows Azure).
• Create, manage, and move services using a web-based interface that presents a customized view of
resources based on the application owner’s role in the organization, and enables them to manage
services rather than servers.
Server Virtualization with Windows Server Hyper-V® and System Center 7-5
• View virtual machines, and both private and public cloud services. Control components at each layer,
track jobs, and maintain a detailed history of changes.
App Controller also enables data center administrators to delegate authority to application owners.
Predefined templates ensure compliance with company IT standards and policies. Using App Controller,
data center administrators can create a customized, role-based view of private and public cloud services,
and a consumed and available resources view for application owners. In addition, application owners can
customize all service components, including virtual machines, network resources, and load balancing.
You can also use App Controller to move applications and components within public and private cloud
environments. You can copy Windows Azure configuration, package files, and .vhd files among Windows
Azure subscriptions, and you can copy service templates and resources from one VMM server to another.
You install App Controller as a separate component. You can choose to host this service on a separate
server, or you can host it together with an existing service such as VMM. In both cases, you should first
ensure that your server meets the system requirements for App Controller. For better performance, you
should install the App Controller server on a separate computer from the VMM management server.
7-6 Installing and Configuring Microsoft System Center 2012 R2 Virtual Machine Manager
The following table displays some limits for App Controller. You should be aware of these limits when you
plan App Controller deployment.
Note: App Controller can connect only to System Center 2012 R2 VMM.
The new enhancements introduced with App Controller in System Center 2012 R2 are:
• Support for System Center 2012 R2 VMM.
The components for Operations Manager are organized into a management group. Most organizations
have a single management group, although you can have multiple management groups. If you have
multiple management groups, the alerts from one management group can roll up to another
management group. This enables you to centralize monitoring for multiple management groups.
Agentless Monitoring
You also can monitor Windows-based computers without installing an agent. This is referred to as
agentless monitoring. The information that you collect by using agentless monitoring may be limited
because some management packs do not work with agentless monitoring. Agentless monitoring also
creates a high load on the management server and is not very scalable. For these reasons, agentless
monitoring is generally not recommended.
Queries for agentless monitoring perform with remote procedure calls (RPCs) that are difficult to
perform through firewalls. When no firewall exists between the management server and the monitored
system, a management server can query the monitored system directly. If there is a firewall between the
management server and the monitored system, then you must configure an agent-managed computer
as a proxy agent. The proxy agent queries the monitored system, and then transfers the data to the
management server.
Microsoft has introduced several new enhancements to Operations Manager in the System Center 2012
R2 release. These enhancements include:
• Fabric monitoring. Fabric monitoring is the System Center cloud hybrid monitoring of physical
and virtual layers for hybrid cloud environments. Other enhancements include the Fabric Health
Dashboard, which generates a detailed overview of your private clouds and the fabric that services
those clouds. In each cloud, the Fabric Health Dashboard displays the following information:
o Host state
o Storage pools state, file share, and logical unit number (LUN) state
o Network node state
o Active alerts
• The Microsoft Monitoring Agent. This tool now includes full functionality for the IntelliTrace Collector
tool in Microsoft Visual Studio. You can also use it as a stand-alone tool for collecting application
traces locally.
• Integrating Operations Manager with the development processes. There are new alert fields in Team
Foundation Server (TFS) work item IDs, and TFS work item owners.
• Support for IPv6. You can now accept IPv6 addresses as input for network discovery in the Operations
console.
• Java application performance monitoring. You can monitor Java application performance and
exception events using the Operations Manager Application Advisor console.
• System Center Advisor. You can use this online service to analyze installations of Windows Server
software.
Through its integration with other System Center components and key infrastructure services such as
AD DS, Service Manager provides accurate configuration management database population and private
cloud process integration.
By using Service Manager, you can:
• Improve private cloud efficiency through centralized management of incident, problem, and change
processes.
• Provide self-service deployment of private cloud resources through integration with other System
Center 2012 components.
• Implement compliance controls for the management of private cloud infrastructure components.
In Service Manager, you define various types of templates and workflows so that you can automate many
administrative processes. As part of your initial Service Manager configuration, you must configure
settings and workflows for change and activity management.
Change requests are generated typically when the IT infrastructure requires a configuration change to
achieve a desired result. Change requests are also generated to support new technologies, processes, or
applications. Service Manager allows you to collect and process change requests automatically by defining
Server Virtualization with Windows Server Hyper-V® and System Center 7-9
workflows and activities that you should perform during the change management process. End users and
administrators can create change requests.
In Service Manager, you use workflows to close completed change requests automatically, and to send
notifications to users when activities require approval. To maintain change requests, you create change
request templates. You can use a workflow to apply these templates automatically. You generally use
change request templates when users submit new change requests. The templates are particularly useful
when you create a change request for a recurring type of issue.
Change request templates allow you to:
• Set an issue category, then define a standard priority, effect, and risk level for it in the template.
Additionally, by using change request templates, users spend less time submitting new change requests.
This is because the request templates store commonly used settings, and then the templates apply these
settings to new change requests. For example, you can create a change request template to modify the
Microsoft Exchange Server infrastructure. You also can create change templates that include an activity
that automatically changes a standard change priority request to Low.
Note: When you create a change request template, do not create links to configuration
items or work items, and do not enter any user information. If you create a template with these
objects, you cannot remove them and you will have to re-create the template.
Manual activity templates help ensure that all manual activities are assigned to the person who is
designated as the activity implementer. After you create the manual activity template, you need to create
a workflow that applies to the template.
Service Manager 2012 R2 fully supports the Windows Server 2012 R2 and Windows 8.1 operating systems.
• Automate your private cloud operations, and standardize best practices to improve operational
efficiency.
• Connect different systems from different vendors without using scripting and programming
languages.
As part of the enhancements in System Center 2012 R2 Orchestrator, you can now install the Service
Management Automation Web service with up to three runbook workers from the Orchestrator setup
program. You can then use these runbooks as part of the Windows Azure Pack for Windows Server, or
you can use the runbooks and conduct other automation tasks using Windows PowerShell cmdlets.
There are also new and updated integration packs available for System Center 2012 R2 Orchestrator.
System Center Integration Pack for Microsoft SharePoint Server is the new integration pack, while the
updated packs are Windows Azure Integration Pack for Orchestrator, and System Center Integration Pack
for System Center 2012 Virtual Machine Manager.
• Centrally manage the DPM servers with the DPM Administrator Console. In larger environments,
managing all DPM servers from a central console is particularly beneficial.
• Use role-based access permissions to distribute backup and restore management. You can assign
permissions to users that allow them to restore the systems for which they are responsible. The
benefit is that you do not grant them full permissions, so they will not be able to access data that
they do not own.
• Perform quick item-level recovery for virtual machines. To recover a specific item (such as a file), you
do not need to recover the entire virtual machine. Instead, you can just recover the particular file.
Server Virtualization with Windows Server Hyper-V® and System Center 7-11
The following new features and enhancements are available in System Center 2012 R2 DPM:
• Windows Azure Backup. You can use this Windows Azure service to back up DPM data in System
Center 2012 R2 to Windows Azure Backup.
• SQL Server cluster support. You can use clustered SQL Server nodes in DPM. In System Center 2012
R2, DPM no longer has the limitation that existed in System Center 2012 - DPM and System Center
2012 SP1 DPM. This provides greater reliability, scalability, and consistency. You can also install the
DPM server on the same stand-alone or clustered SQL Server that hosts the DPM database.
• Virtualized deployment. With System Center 2012 R2, you can now deploy DPM on a virtual machine,
and you can configure storage using .vhd storage pool disks that are shared in the Virtual Machine
Manager library.
• Linux virtual machine backup. DPM now allows for greater protection of Linux virtual machines
beyond previous versions support. DPM also provides for backup of the Linux virtual machines.
However, only file-consistent snapshots are supported for Linux backups. Windows Azure Backup
does not support protection of Linux virtual machines.
• Windows Azure Management Portal. The Management Portal is a self–service portal that lets you
provision, monitor, and manage services. You can customize the portal for tenants.
• Service management application programming interface (API). This API uses a Representational state
transfer (REST API that helps a range of integration scenarios from custom portals through billing
systems.
• Websites. Windows Azure Pack helps provide high density, scalable, shared web hosting platforms for
Microsoft ASP.NET, PHP: Hypertext Preprocessor (PHP), and Node.js web applications. The Windows
Azure Pack also has a customizable web application gallery of open source web applications, and
integration for source control systems for custom developed applications and for websites.
• Virtual machines. The Windows Azure Pack includes a virtual machine service that provides
Infrastructure-as-a-Service (IaaS) capabilities for virtual machines running both Windows operating
systems and Linux operating systems. This service contains a virtual machine template gallery, scaling
options, and virtual networking capabilities.
7-12 Installing and Configuring Microsoft System Center 2012 R2 Virtual Machine Manager
• Service Bus. The Service Bus service delivers reliable messaging services between distributed
applications. This includes queued and topic-based publishing and subscription resources.
• Automation and extensibility. The Windows Azure Pack allows you to automate and integrate
additional custom services into the services framework. Custom services include a runbook editor,
and an execution environment.
You can install the Express option or use a distributed deployment of Windows Azure Pack. Several
components make up the Windows Azure Pack for Windows Server. If you are using the Express version,
all the components can go on one computer. Otherwise, you can distribute the components to up to
seven separate machines. Windows Azure Pack includes the following components:
• Management portals and the service management API. The available portals include the portal for
administrators and the portal for tenants.
• Website roles:
o Web Workers
o Front End
o Publisher
o File Server
• SQL/MySQL. These are the database services that are included in the Windows Azure Pack.
• Virtual machines. Two components are available for tenants to control their virtual machines: VMM,
and the Service Provider Foundation.
Server Virtualization with Windows Server Hyper-V® and System Center 7-13
Lesson 2
Overview of VMM
Before you begin a VMM installation, you should carefully plan the integration and deployment in an
existing virtual and physical infrastructure. VMM provides several benefits for business environments and
enhancements for built-in management tools. VMM consists of several components that provide various
features and functionalities, and you need to plan the deployment and integration of each of these
features with the current environment.
Lesson Objectives
After completing this lesson, you will be able to:
Introducing VMM
VMM includes several enhancements to the
previous VMM iterations, including enterprise–
class performance enhancements. The latest
version of VMM includes simplified provisioning
and migration abilities, support for cloud services
and cloud infrastructure, and enhanced ability
for business units to manage their resources
individually with multitenant cloud infrastructure
improvements. Additionally, System Center 2012
R2 has been extended to allow further
provisioning of on-premises virtual machines
and resources into the Windows Azure cloud
infrastructure.
Enterprise-Class Performance
System Center 2012 R2 supports enterprise-class scale and performance for Windows Server-based
environments. The System Center 2012 R2 version of VMM is key to enabling the virtualization and
management scale. In this version of VMM, a VMM server can support up to 1,000 hosts and 25,000
virtual machines.
Another important VMM enhancement is the Dynamic VHDX resize feature, which enables you to grow a
SCSI virtual disk without any downtime. VMM support for an automated Hyper-V cluster upgrades virtual
machines without downtime, and reduces the time, effort, cost, and downtime required to upgrade from
Windows Server 2012 to Windows Server 2012 R2. You can upgrade Hyper-V clusters automatically using
the Live Migration feature with VMM.
VMM also has many new and enhanced private cloud management capabilities. VMM enables
dynamically allocated memory changes in addition to snapshots of running virtual machines without
downtime. Additionally, VMM includes enhanced support for deploying VMM services to Citrix XenServer
7-14 Installing and Configuring Microsoft System Center 2012 R2 Virtual Machine Manager
and VMware ESX hosts. This allows for consistent management of Hyper-V, Citrix XenServer, and ESX-
based virtual machines through the VMM console. You can treat ESX and XenServer hosts the same as any
other VMM host.
Another new VMM feature is simplification of cross-data center disaster recovery for virtual machine-
based infrastructure services. This is achieved by providing the private cloud abstraction layer in the
source and destination data centers.
Using VMM, you also now have the ability to combine multiple instances of VMM infrastructures with
the sender policy framework (SPF) API. Additionally, the latest VMM version strengthens Microsoft
software-defined network solutions by allowing you to add multitenant edge gateways to bridge your
organization’s physical and virtual data centers. This enables you to combine private cloud elements with
certain elements in the public cloud, resulting in better hybrid cloud integration while enhancing mobility
and delivering flexible workloads. VMM also provides for multitenant enhanced chargeback with greater
granular infrastructure metering, and the ability to analyze various business and operational metrics.
Fabric Management
In VMM 2012 R2, fabric is the infrastructure and
services that you use to manage and deploy hosts,
and that you use to create and deploy virtual
machines and services to both the data center
and the private cloud. This includes:
• Host groups
• Networking
• Storage elements
• Aggregate private cloud resources. The goal of the fabric is to aggregate private cloud resources
in meaningful ways that enable you to deploy these resources more easily and comprehensively.
The fabric is a logical manifestation of the networks, storage, and services that will be available as
resources in your cloud environment.
• Abstract your networking resources. The fabric combines logical networks with Hyper V virtual
networks to define IP address assignments and route traffic, and set up static addresses for host
servers. The VMM fabric can supply IP addresses by using combinations of IP ranges, media access
control (MAC) address pools, and virtual IP templates. The VMM fabric also provides IP load balancer
support.
• Storage. VMM uses the Microsoft Storage Management Service extensively to create this storage
aspect of the fabric. You can automate storage assignments across your public or private cloud,
providing the storage device is supported through the Storage Management Initiative Specification
(SMI-S). Additionally, if you are using Windows Server 2012 R2 with the File Server role and the
Internet small computer system interface (iSCSI) Target Server role enabled, you can attach storage,
create storage pools, create discs and volumes, and create iSCSI disks and targets, which you can then
add into your fabric storage.
• Management. The VMM console has a workspace devoted to the fabric that lets you manage the
overall fabric that makes up all of these resources mentioned in this list. In System Center 2012 R2
VMM, the fabric workspace has an additional element entitled Infrastructure. Your VMM
management servers, PXE servers, VMware servers, and library servers are now located in this
Infrastructure.
7-16 Installing and Configuring Microsoft System Center 2012 R2 Virtual Machine Manager
Cloud computing makes maximum use of the resources that are available in a data center. For example,
an application owner can deploy a developed application to the private cloud infrastructure and the
infrastructure will dynamically adjust resources for the application, scale the application, and enable the
application to migrate across servers based on best resource match.
• Reduced operational costs. Cloud computing helps mitigate issues such as low system use,
inconsistent availability, and high operational costs by providing pooled resources, elasticity, and
virtualization technology.
• Server consolidation. Cloud computing allows you to host multiple virtual machines on a
virtualization host, which enables you to consolidate servers across a data center.
• Improved resilience and agility. With products such as System Center 2012, cloud computing can
reduce costs and improve efficiency.
There are two main types of clouds: the public cloud, and the private cloud:
• Public cloud. A public cloud is cloud services infrastructure that is made available to the public or a
large industry group, and is owned by an organization (or service provider) that sells cloud services.
The company that purchases the space on the public cloud, known as the tenant, shares cloud
resources with other organizations. The public cloud exists only off-premises.
• Private cloud. A private cloud infrastructure is dedicated to one organization only. The cloud
infrastructure that an organization uses can exist either on-premises or off-premises. A private
cloud may be managed by the organization itself, or by an outside company.
Server Virtualization with Windows Server Hyper-V® and System Center 7-17
The key difference between a public cloud and a private cloud is the workloads that are running on the
infrastructure:
• With public cloud services, the tenant organization has less management overhead than
organizations that use private clouds. This also means, however, that control of the infrastructure and
services is reduced greatly, because the service provider manages the infrastructure and services for
the tenant organization. In addition, the public cloud hosts the infrastructure and services for multiple
organizations (multitenant), which introduces security implications that you need to review.
• Private clouds are owned by their respective organizations. The cloud infrastructure is managed and
maintained in the organization’s data center. One of the key benefits of this is that the organization
has complete control over the cloud infrastructure and services that it provides. However, the
organization also has the management overhead and costs that are associated with this model.
A hybrid cloud is a cloud infrastructure that combines certain elements from both a public cloud and a
private cloud. For example, you could use Windows Azure virtual machines in your private cloud.
Implementing and integrating the various private cloud service elements is a complicated process. System
Center 2012 provides you with the necessary tools and services to help you with this process.
To implement your custom-designed service management processes, you can automate the specific
System Center 2012 components to interact with each other. For example, you can configure Service
Manager so that it initiates a workflow that starts an Orchestrator runbook that interacts with VMM
automatically.
You can combine your services into VMM service templates. This allows you to add virtual machine
templates, network configurations, applications, and storage into a single element. For example, suppose
you want to deploy a new virtual machine based on characteristics of an existing virtual machine. While
could clone the existing virtual machine, the cloning process can take several minutes before you can
7-18 Installing and Configuring Microsoft System Center 2012 R2 Virtual Machine Manager
deploy it, and a sysprep process typically takes up more time. Instead, you can create a service template
that has that type of virtual machine with its various resources already assigned, and then deploy the
service template to create quickly a virtual machine based on the template.
Typically, providing for service management is a recurring cycle, which is known as service life cycle
management. You can begin service life cycle management by creating the appropriate service template.
You can then use the template to customize a particular virtual machine or application deployment,
and then deploy that service template. If you need to update that service, you can create a new service
template that incorporates those updates. When you create a new service template with the updates, you
will have completed one full life cycle for the initial template. After this point, you would then customize
the deployment, and then deploy the service.
VMM Architecture
VMM is a System Center 2012 component that
offers a management solution for a virtualized
data center. You can use VMM to create and
deploy virtual machines and services to private
clouds by configuring and managing your
virtualization host, networking, and storage
resources. By using VMM, you can discover,
capture, and aggregate information about the
virtualization infrastructure and enable automatic
management of policies and processes. In the
private cloud infrastructure, VMM helps transition
enterprise IT from an infrastructure-focused
deployment model into a service-oriented, user-centric environment.
• VMM management server. The VMM management server is the computer on which the VMM service
runs. The VMM management server processes commands and controls communications with the
database, the library server, and the virtual machine hosts. The VMM management server is the hub
of a VMM deployment through which all other VMM components interact and communicate. The
VMM management server also connects to a SQL Server database that stores all VMM configuration
information.
• Database. VMM uses a SQL Server database to store the information that you view in the VMM
management console. This information includes managed virtual machines, virtual machine hosts,
virtual machine libraries, jobs, and other virtual machine-related data.
• Management console. The management console is a program that you use to connect to a VMM
management server. Through the management console, you can view and manage physical and
virtual resources, including virtual machine hosts, virtual machines, services, and library resources.
• Library. A library is a catalog of resources such as virtual hard disks, templates, and profiles, which are
used to deploy virtual machines and services. A library server also hosts shared folders that store file-
based resources. The VMM management server is always the default library server, but you can add
additional library servers later.
• Command shell. Windows PowerShell is the command-line interface in which you use cmdlets to
perform all available VMM functions. The VMM console is built by using Windows PowerShell. You
can use VMM–specific cmdlets to manage all the actions in a VMM environment.
Server Virtualization with Windows Server Hyper-V® and System Center 7-19
Lesson 3
Installing VMM
Installing the VMM server and VMM console is a key process in establishing the VMM infrastructure.
You should perform installation procedures for these components based on prior planning.
Before starting to install the VMM server and VMM console, consider the potential issues and
requirements. After completing installation, you will need to perform several post-installation tasks,
such as adding physical hosts, creating and deploying host groups, and ensuring that the configuration
is set appropriately for your organization’s goals.
Lesson Objectives
After completing this lesson, you will be able to:
• Describe the considerations for implementing a highly available VMM management server.
• Describe the requirements for installing VMM.
• Number of hosts
• Number of branch sites with hosts
The number of hosts determines the physical or virtual resources that each component server in the
VMM deployment requires. In System Center 2012 SP1 VMM, the scale of a VMM management server
has the capacity to manage 1,000 hosts and 25,000 virtual machines. However, the demand on a single
management server would suggest that you should use multiple VMM instances. You can use App
Controller with five VMM instances. Therefore, in theory, you could manage resources of over 125,000
virtual machines. If your deployment has thousands of hosts, you should consider contacting your
regional Microsoft office for guidance on a personalized deployment to fit your environment.
The number of branch sites with hosts and the wide area network (WAN) links capabilities between the
branches and the VMM management server determines if you should have a single VMM deployment
with multiple Virtual Machine Manager library servers or individual VMM deployments at each branch.
7-20 Installing and Configuring Microsoft System Center 2012 R2 Virtual Machine Manager
VMM offers delegated administration and self-service. You can use App Controller, Service Manager,
or your own customized portals to provide self-service to your users. When you determine what type of
VMM deployment is appropriate for your environment, you can then plan a self-service deployment that
is appropriate for the design. For example, App Controller can span five VMM deployments. However,
your security requirements may require you to have an App Controller deployment for each VMM
deployment.
The availability and recovery time for VMM components is also important when determining the
topology for your VMM deployment. VMM is a cluster-aware application that you can configure to be
highly available. SQL Server is cluster-aware, and you can install the Virtual Machine Manager library
server on a Microsoft file server cluster, but not on the same cluster that hosts a clustered VMM instance.
DPM can back up your VMM components and if required, you can locate DPM at a remote site and use it
to restore one or more offsite components.
For the latest information on deployment scenarios, and for the individual component hardware and
software prerequisites for the most current service pack, review the information provided on the Microsoft
TechNet website.
• The VMM database no longer supports SQL Express. Therefore, you must move your database to a
supported version of SQL Server.
• A Windows Deployment Services (Windows DS) server is required for bare-metal deployment of
Hyper-V hosts. A bare-metal deployment refers to deploying a host on a computer that does not have
an operating system.
• At least one library server is necessary, but you should consider at least one library for each site that
you will separate with a low-speed WAN link.
• Operations Manager is required to use VMM reporting, and to leverage Performance and Resource
Optimization (PRO) tips.
• Managing VMware ESX and VMware ESXi hosts requires that you integrate VMware vSphere. If you
need more than the maximum number of hosts for business or network reasons, you must have
multiple VMM servers. You can use App Controller to view resources for up to five VMM servers.
Consider which VMM services you will use in your topology and review the associated ports that VMM
uses to communicate between its components. Ensure that firewalls are not blocking ports, and determine
whether the component coexists with another application that these ports review. If you need to amend a
default port, make sure that you update the associated firewall rules.
Server Virtualization with Windows Server Hyper-V® and System Center 7-21
The following table lists some default ports that you can change during the VMM installation.
Port Description
8101 Provides communication with Windows Preinstallation Environment (Windows PE) agents
8103 Provides communication with the Windows PE agent for time synchronization
The following table describes hardware requirements for managing more than 150 hosts.
RAM 4 GB 8 GB
If you are managing more than 150 hosts, you can enhance performance by separating the VMM
components. For example, rather than using the default library share on the same server as the VMM
server, you can deploy a separate library server. Conversely, you can use a VMM database on a dedicated
computer that is running SQL Server.
The following table describes the software requirements for installing the VMM management server.
Microsoft .NET System Center 2012 SP1 requires .NET Framework 4 or newer, which
Framework 4 or newer Windows Server 2012 includes.
Windows Assessment Windows ADK is available from the Microsoft Download Center.
and Deployment Kit
(Windows ADK) for Windows Assessment and Deployment Kit (ADK) for Windows® 8
Windows 8 http://go.microsoft.com/fwlink/?LinkID=386730
When you install the Windows ADK, select the Deployment Tools and the
Windows Preinstallation Environment features.
The following table describes the hardware requirements for managing more than 150 hosts.
RAM 1 GB 2 GB
The following table describes the software requirements for installing the VMM console.
A supported operating See the approved operating systems in the next table
system
Windows PowerShell 2.0 or Windows PowerShell 2.0 is included in Windows Server 2008 R2 and
Windows PowerShell 3.0 Windows 7. Windows PowerShell 3.0 is included in Windows Server
2012.
At least .NET Framework 4 On a computer that is running Windows 7, .NET Framework 3.5 with
SP1 is installed by default.
On a computer that is running Windows Server 2008 R2, .NET
Framework 3.5 with SP1 is not installed by default. However, you can
use the VMM Setup Wizard to install the feature.
On a computer that is running Windows 8 or Windows Server 2012,
.NET Framework 4 is included.
.NET Framework 4.5 is available at the Microsoft Visual Studio 2012
download page at http://go.microsoft.com/fwlink/p/?linkId=285269.
The following table lists the supported operating systems on which you can install the Virtual Machine
Manager console.
Windows 8 and 8.1 Client Standard, Pro, and Enterprise x86 and x64
You can deploy the VMM console on the same server as the VMM management server, or on another
server or workstation that is running a supported operating system.
To enable integration with App Controller and Operations Manager, you must first install the VMM
console on the other servers that are running System Center 2012. You can integrate VMM with
Orchestrator, and you optionally can install the console on the same server as the Runbook Designer.
7-24 Installing and Configuring Microsoft System Center 2012 R2 Virtual Machine Manager
Note: It is not possible to upgrade the Virtual Machine Manager Self-Service Portal to App
Controller.
Note: If you are upgrading from an earlier version of VMM and you use an unsupported
version of SQL Server, first you will need to move the database. To move the VMM database, you
must back up the VMM database, copy it to the computer that is running a supported version of
SQL Server, and then restore the database.
When you are planning the design and placement of your VMM database, you should consider
availability. If you need to install the VMM server as a highly available clustered application, you also
should plan availability for the SQL Server that is hosting the database.
The VMM database can reside on a SQL Server along with other application databases. For example, in
smaller deployments, you could consider hosting the App Controller database and the VMM database on
the same SQL Server. When planning to host multiple application databases, review the prerequisites for
each application.
The VMM database either must be in the same domain as the VMM server, or a two-way trust must be in
place. The SQL Server database server name may not be longer than 15 characters, and must not be case
sensitive.
SQL Server 2008 R2 (64-bit) SP1 or Service Pack 2 (SP2) Standard, Enterprise, and
Datacenter
Note that before you install VMM, you must prepare AD DS to store encryption keys. You must create
a container in AD DS with a Lightweight Directory Access Protocol (LDAP) distinguished name. The user
account installing VMM must have Full Control access to this container, to the This object container, and
all descended objects of the container.
Whenever possible, try to use a highly available installation of SQL Server that is installed on a separate
failover cluster from the failover cluster on which you are installing the VMM management server.
When you are planning a VMM deployment, keep in mind that App Controller can connect to multiple
VMM management servers. This can be useful when you deploy multiple management servers, as it
enables you to reduce traffic between branch office hosts and a centralized management server.
Note: If you deploy a highly available (clustered) management server, keep in mind that
you cannot install the Virtual Machine Manager library share as a clustered share on the same
server on which the management servers reside.
Note: When you are naming the VMM management server, the computer name cannot
contain the character string SCVMM. For example, you cannot name the server ADATUM-
SCVMM-01, but you can name it ADATUMSCVMMM01.
7-26 Installing and Configuring Microsoft System Center 2012 R2 Virtual Machine Manager
Windows
Windows Server 2012
Server 2012
System Center Windows Windows Datacenter, Windows Server
Standard,
2012 R2 server- Server 2008 Server 2008 2012 R2 Preview, and
Windows
side component R2 R2 with SP1 Windows Server 2012 R2
Server 2012
Standard
Datacenter
VMM
management
server
VMM virtual
machine hosts
VMM update
server
Virtual Machine
Manager library
The following table lists the SQL Server requirements for VMM.
SQL Server
System Center 2008 R2 SP1 SQL Server 2008 SQL Server 2012 SQL Server 2012 SP1
2012 R2 Standard, SQL R2 SP2 Standard, Enterprise, Enterprise, Standard
component Server 2008 Datacenter Standard (64-bit) (64-bit)
Datacenter
VMM database
server
Some System Center 2012 R2 components such as the DPM management server, the Operations Manager
management server, the Service Manager management server, and the Service Manager data warehouse
management server do not work correctly if they are combined on the same server. Other components
including App Controller, Orchestrator, and VMM can run together on the same computer without issues.
Keep this in mind when deploying VMM and other System Center 2012 R2 components.
Server Virtualization with Windows Server Hyper-V® and System Center 7-27
Demonstration Steps
1. Sign in to LON-VMM1 as Adatum\administrator with a password of Pa$$w0rd.
2. Check the VMM management server prerequisites by examining the Local Server page in Server
Manager on LON-VMM1. Review the locations to get this information.
3. Sign in to the SQL Server Management Studio and review where to find SQL Server version
information.
4. Navigate to the CD ROM drive, and then run the setup.exe file, which will open the Microsoft System
Center 2012 R2 Installation splash screen.
5. In the Microsoft System Center 2012 Virtual Machine Setup Wizard, install VMM, and configure the
options as follows:
o Select features to install:
VMM management server
VMM console
o Product registration information page:
Name: Administrator
Organization: A. Datum, Inc.
Product key: Leave blank
o On the Customer Experience Improvement Program (CEIP) page, click No, I am not willing
to participate.
o On the Microsoft Update page, click Off.
o On the Library configuration page, set the shared folder location to C:\ProgramData
\Virtual Machine Manager Library Files, and set the Share name to MSSCVMMLibrary.
6. After the installation finishes, close the splash screen and launch the VMM console.
Lesson 4
Adding Hosts and Managing Host Groups
Using a Hyper-V server to manage multiple virtual machines offers several advantages. The Hyper-V
Manager console becomes the single, central location to conduct all virtual machine configuration and
management. You can then add the Hyper-V host to VMM along with other hosts, and create host groups
to further centralize your administrative and management oversight. You can then add selected hosts to
these groups. When you need to manage several hosts (but not all) in a particular manner, you can set
distinct properties for host groups, which simultaneously configures all the hosts belonging to that host
group.
Lesson Objectives
After completing this lesson, you will be able to:
• Explain how to add Citrix XenServer and VMware vSphere virtualization resources.
• Explain how to add a Hyper-V virtualization host to VMM.
Demonstration Steps
1. Sign in to LON-VMM1 as adatum\administrator with a password of Pa$$w0rd.
2. On the desktop, open the Connect to Server page, and review the parameters on the page. Note the
example of testing out User Role assignments.
o Lower left, Workspace. There are five main workspaces: VMs and Services, Fabric, Library, Jobs,
and Settings. Review each main workspace.
o Named workspace Console tree: Review the various named console trees,
o Details panes: Review the details panes, and what is included in them, depending on the
workspace item selected.
o Ribbon. Note that System Center 2012 products all have a ribbon at the top of their respective
consoles. Note how the tabs and items on the ribbon change depending on what workspace item
has been selected.
5. In the Library workspace, on the ribbon, click the Create Service Template item on the ribbon.
This lets you create a new service template. Note the View Script button, and see how it brings up
Notepad with Windows PowerShell cmdlets that can be used to create the same item that the user
Server Virtualization with Windows Server Hyper-V® and System Center 7-29
interface can create. These cmdlets can be saved as a Windows PowerShell script and is a very useful
tool. Notice that the Create items in the Virtual Machine Manager console will have a View Script
button.
3. On the Credentials page, choose to either use a Run As account (an account already configured with
domain privileges) or manually enter credentials of an account with privileges to install the agent on
the host server, and then click Next.
4. On the Discovery Scope page, you can either specify computer names by entering them on separate
lines in the Computer name text box, or you can click Specify an Active Directory query to search
for Windows Server computers, type a query, and then click Next.
5. On the Target resources page, you can click each host or click Select all, and then click Next. A
dialog box will prompt you that you are about to enable the Hyper-V role on any servers as part of
the process. If you choose to enable the role, the servers will reboot during the process. You can click
OK to close the dialog box.
6. On the Host settings page, you can assign the host or hosts to a Host group. A later section of
this module details host groups. Additionally, if you have multiple VMM servers, and another VMM
environment currently is managing your host, you can reassociate the host with this environment by
clicking Reassociate. You also can assign default placement paths, which is the location in which the
Windows operating system will store new or migrated Hyper-V virtual machine files. Additionally, you
can assign these paths after you add the host, and then click Next.
7. On the Summary page, confirm the settings, and then click OK.
8. In the Jobs window, you can review the progress of the agent deployments.
When you add a host in a perimeter network, you install the agent from the VMM installation media,
which will prompt you to generate an encryption key file and assign a password. You must remember
the password, and as a best practice, you should copy the generated file to somewhere secure on the
VMM server so that you can access it. When adding a host, on the Target resources page, you enter the
password in the Encryption key text box, and then provide the location of the encryption key file.
7-30 Installing and Configuring Microsoft System Center 2012 R2 Virtual Machine Manager
Note: By default, the VMM management server uses port 5986 for agent communication
with hosts in a perimeter network, and port 443 for file transfers.
The DHCPv4 Server Switch Extension is a new feature in System Center 2012 R2 VMM. You can use this
extension to assign custom addresses through Dynamic Host Configuration Protocol (DHCP) or you can
continue to use static IP addresses as was previously required. When you create IP address pools for a
virtual machine subnet, the pool is enabled automatically to provide IP addresses by either mechanism.
For DHCP to work correctly, the new DHCPv4 server switch extension is required on all Windows Server
2012 Hyper-V hosts.
For Hyper-V hosts running Windows 2012 or Windows Server 2012 R2, VMM offers support for online
resizing of .vhdx disks while the disks are in use. This supports the Hyper-V online resizing feature.
When VMM manages Citrix XenServer hosts, the features in the following table are supported.
Feature Details
Adding Citrix XenServer You can add stand-alone Citrix XenServer hosts and clusters or pools
hosts and pools to the VMM management server. You must install and configure Citrix
XenServer before you add the hosts. You must create and configure
the Citrix XenServer pools in Citrix XenCenter.
Dynamic optimization and The Dynamic Optimization feature is available for Citrix XenServer
power optimization hosts in VMM. You can use the Live Migration feature to load-balance
virtual machines on Citrix XenServer host clusters. You can turn Citrix
XenServer hosts on and off with the Power Optimization feature.
Library You can use VMM to organize and store Citrix XenServer virtual
machines, templates, and virtual hard disk files in the Virtual Machine
Manager library. When storing Citrix XenServer .vhd and .vhdx files in
the Virtual Machine Manager library, open the file’s properties, and on
the General page, change the Virtualization platform to Citrix
XenServer server.
Server Virtualization with Windows Server Hyper-V® and System Center 7-31
Feature Details
Maintenance mode You can move Citrix XenServer hosts in and out of maintenance mode from
the Virtual Machine Manager console.
Networking The new VMM network management features are supported on Citrix
XenServer hosts. Use Citrix XenServer XenCenter to create external virtual
networks. VMM will recognize and use any existing external networks from
Citrix XenServer. You should be aware that: a single virtual switch represents
all Citrix XenServer switches with different virtual local area network (VLAN)
IDs bound to a single physical network adapter.
PRO You can monitor and provide alerts for Citrix XenServer hosts by integrating
Operations Manager with PRO.
Placement When you create Citrix XenServer virtual machines, VMM uses virtual machine
placement on host ratings in the same manner as it does for Hyper-V virtual
machines.
Private clouds Citrix XenServer host resources can be used by private clouds simply by
creating a private cloud from host groups wherever Citrix XenServer hosts
reside. You can configure quotas, and apply self-service user roles to these
clouds without distinction between the different host types.
Storage VMM 2012 supports several Citrix XenServer storage repositories, as follows:
o Software iSCSI, network file system (NFS) virtual hard disks, hardware-
based host bus adapters, and Citrix StorageLink technology
o ISO repositories on an NFS where Windows File Sharing/Common
Internet File System (CIFS) share with these conditions:
ISO images deployed from the Virtual Machine Manager library to
the Citrix XenServer host must have their permissions set on the
ISO repository to Read /Write.
ISO images can only be attached from the Virtual Machine
Manager library.
o Shared and local storage
Note: New VMM storage automation features are not supported for
Citrix XenServer hosts.
7-32 Installing and Configuring Microsoft System Center 2012 R2 Virtual Machine Manager
Feature Details
VMM templates You can create Citrix XenServer templates with the following restrictions:
o Generalization and customization can occur on Windows-based
virtual machines only.
o You must install Citrix Tools for Virtual Machines manually.
o VMM virtual machine templates created from Citrix XenServer virtual
machines cannot have any associated disk images modified. You can
modify all other properties.
XenServer templates VMM does not use Citrix XenServer templates. However, you can, use Citrix
XenCenter to create a virtual machine, and then make a VMM template
from that virtual machine.
VMM command shell The VMM command shell features work across all hypervisors.
The following features are supported when VMM manages VMware ESX hosts through vCenter Server.
Feature Details
Dynamic The Dynamic Optimization feature is available for VMware ESX hosts in VMM
Optimization & 2012. You can use the Live Migration feature to load-balance virtual machines
Power Optimization on VMware ESX host clusters. You can turn VMware ESX hosts on and off with
Power Optimization.
Library You can use VMM to organize and store VMware virtual machines, VMware
templates, and .vmdk hard disk files in the Virtual Machine Manager library.
You should be aware that VMM does not support older .vmdk file types. The
only types that are supported are those .vmdk files that are stored as VMware’s
Virtual Machine File System, and monolithicFlat.
Maintenance mode VMware ESX hosts can be put in and out of maintenance mode from the VMM
console.
Server Virtualization with Windows Server Hyper-V® and System Center 7-33
Feature Details
Note: Port groups are not created automatically. Use VMware vCenter
server to configure port groups with the necessary VLANs that correspond to
VMM logical network sites.
PRO You can monitor and provide alerts for VMware ESX hosts by integrating
Operations Manager with PRO.
Placement When you create VMware virtual machines, VMM uses virtual machine
placement on host ratings in the same manner as it does for Hyper-V virtual
machines.
Private clouds VMware ESX host resources can be used by private clouds simply by creating a
private cloud from host groups wherever VMware ESX hosts reside, or by using
a VMware resource pool. You can configure quotas and apply self-service user
roles to these clouds without distinction between the different host types.
However, you should be aware that VMM does not integrate with VMware
vCloud.
Services You can deploy VMM 2012 services to VMware ESX hosts. However, you
cannot use VMM to deploy VMware vApps.
Feature Details
Templates You can create templates using .vmdk files that are stored in the library, and
you can import templates stored on VMware ESX hosts. Importing templates
from the VMware vCenter server only imports template metadata, and not the
.vmdk file itself.
VMM command The VMM command shell works across all hypervisors.
shell
Consider security requirements before you add other vendor hosts to your network. For example, you
must decide how to implement certificates for virtualization hosts, and you may want to determine how
to use a Run As account.
Demonstration Steps
1. Sign in to LON-DC1 as adatum\administrator with a password of Pa$$w0rd.
2. In the Group Policy Management Editor, open the Default Domain Policy. Apply the following
settings to the domain policy located at: Computer Configuration, Administrative Templates
\Network\Network Connections\Windows Firewall\Domain Profile.
a. In the Windows Firewall: Allow inbound file and printer sharing exception dialog box, click
Enabled, in the Options text box, type an asterisk (*), which indicates all IP addresses.
b. In the Windows Firewall: Allow ICMP exceptions dialog box, click Enabled, and then in the
Options area, select the Allow inbound echo request check box.
c. In the Windows Firewall: Define inbound port exceptions dialog box, click Enabled, in the
Options section, click Show, and under Value, type 5985.
4. In the Allow remote server management through WinRM section, click Enabled. In Options, in
both the IPv4 and IPv6 text boxes, type an asterisk (*).
6. On both the LON-HOST1 and LON-HOST2 physical machines, update group policy with the
gpupdate.exe /force cmdlets.
7. Sign in to LON-VMM1 as adatum\administrator with a password of Pa$$w0rd.
8. Open the Virtual Machine Manager console, and add LON-HOST1 as a Hyper-V server to the All
Hosts node in VMs and Services, using the following parameters:
9. Observe that LON-HOST1 now displays in the VM’s and Services console tree. Select it and review the
details pane showing all the virtual machines from the host that now display. Review all the different
management tasks that you can run on the virtual machines.
10. In Windows PowerShell, navigate to the documents folder and then use Notepad to open
AddHost.ps1.
11. In Notepad, examine the script by reviewing all of the different cmdlets and text. Note the two
variables that are created and the cmdlets they are based on. Note the Add-SCVMHost cmdlets and
the various parameters that it calls. Check if there is anything on this line that needs to be changed.
The answer should be just the -ComputerName parameter to identify lon-host2 rather than
lon-host1 as is written. Go ahead and make this change, and save the file.
12. Close Notepad.
13. Run the Windows PowerShell script that you just saved, by typing ./addhost.ps1. Use the
ADATUM\administrator credentials.
14. Wait for Windows PowerShell to display parameters and values in columnar form.
17. With LON-HOST2 still selected, on the ribbon, click the Folder tab, and then click Properties.
18. Take a few moments to review each of the pages in the lon-host2.adatum.com Properties dialog
box.
19. Close the Properties dialog box, close all open windows, and sign off of LON-VMM1.
7-36 Installing and Configuring Microsoft System Center 2012 R2 Virtual Machine Manager
Placement Rules
By default, a host group uses the placement setting from the parent host group. If you opt to configure
custom placement rules at the individual group level, you can block inheritance by modifying the parent
host-group setting.
On the Placement Rules page of the host group properties, you can assign custom placement rules. For
example, you can assign custom values to hosts and virtual machines that will determine placement based
upon criteria, including one of the following criteria:
• The virtual machine must match the host
Host Reserves
Host reserves are placement settings that enable the host system to retain resources for its own use. This
is useful when a Hyper-V host has additional services running, such as in a branch office where you have
configured a Virtual Machine Manager library.
Server Virtualization with Windows Server Hyper-V® and System Center 7-37
The following table details how you can set or override the following host reserves at the individual host
level.
Resource Notes
CPU You can set CPU as a percentage. The default percentage value is 10. However, 10
percent of one dual-core processor that is running at 2 GHz is not the same as 10
percent of four six-core processors that are running at 2.8 GHz.
Memory The default is memory value is 256 MB, but you can change this or set this as a
percentage.
Disk I/O The default value is 0, but you can set this as a percentage. You may wish to ensure
a minimal amount of disk I/O is reserved if you are using a host as a Virtual
Machine Manager library.
Disk space You can set disk space as a numeric value or percentage.
Network I/O The default value is 0, but you can set this as a percentage. You may wish to ensure
a minimal amount of network I/O is reserved if you are using a host as a Virtual
Machine Manager library.
Dynamic Optimization
Dynamic Optimization enables VMM to balance the virtual machine loads automatically within a host
cluster. By defining minimum resource thresholds for hosts, VMM migrates the virtual machine to
alternative hosts if available resources fall below those assigned thresholds.
The following table lists the thresholds that you can set.
Resource Notes
Note that these settings will impact all hosts within the host group.
In addition to workload balancing, VMM also can invoke power optimization. You can enable power
optimization by selecting Settings under the Power Optimization section of the Dynamic Optimization
page.
• Systems Management Architecture for Server Hardware version 1.0 over Web Services for
Management (WS-Management)
7-38 Installing and Configuring Microsoft System Center 2012 R2 Virtual Machine Manager
Network
The network page defaults to inheriting network logical resources from the parent host group. You
can clear these settings and assign different resource types including IP pools, load balancers, logical
networks, and MAC pools.
Storage
Storage capacity for the host group includes storage allocated to the parent host groups. Here you can
allocate storage pools and logical units, if they exist.
Custom Properties
You can assign and manage custom properties here. The Manage Custom Properties button lets you
select various object types, and the Create button allows you to create custom properties.
Demonstration Steps
1. Sign in to LON-VMM1 as adatum\administrator with a password of Pa$$w0rd.
2. In the Virtual Machine Manager console, in the VMs and Services console tree, create a new host
group, and name it LocalGroup.
• The physical computers must be configured correctly and be able to run the Hyper-V role (such as
64-bit processors, and virtualization technologies). In addition, a PXE server must exist and you must
add it to VMM management. You can do this by deploying the Windows DS role on any supported
operating system, which is most any Windows Server 2008 R2 or newer domain member server. Your
Windows DS server can continue to deploy various operating systems as always, because VMM will
only respond to requests from computers that you designate as new virtual machine hosts in VMM.
• You must set the bare-metal computer’s BIOS or Extensible Firmware Interface (EFI) boot order to
boot first from a PXE-enabled network adapter.
• Baseboard management controllers (BMCs) must have logon credentials and an IP address assigned,
either statically or through DHCP, and the BMC's network segment must be accessible to the VMM
management server. This will allow the out–of–band management to discover the physical
computers.
• You must create a host profile, and any needed driver files must be in the Virtual Machine Manager
library.
• If you are assigning static IP addresses to the hosts, then you must obtain the network adapter MAC
address of those hosts that you will use for management. This adapter will be used to communicate
with the VMM management server. If the hosts have multiple network adapters and locally attached
storage, you should collect this information, such as the MAC addresses of the adapters and the sizes
of the disks, before you begin the deployment. However, if you are running System Center 2012 SP1
VMM or System Center 2012 R2 VMM, you can use the process for discovering physical computers to
create as physical hosts known as deep discovery to view this information during the deployment.
• If you wish to use a Run As account to launch the deployment process, the account must have
permissions to access the BMCs.
• If you have multiple Domain Name System (DNS) servers that take time to replicate information, you
can create DNS host records for the computer names that will be assigned to the hosts, and allow this
information to replicate to all the DNS servers.
You start the process to deploy the Hyper-V host to bare-metal computers in the Fabric workspace on the
Virtual Machine Manager console, using the following procedures:
2. On the home tab of the ribbon, click the Add Resources drop-down list box, and then click Hyper-V
Hosts and Clusters.
3. In the Add Resource Wizard, on the Resource location page, select the radio button for Physical
computers to be provisioned as virtual machine hosts.
Note: This step will fail if you do not have any host profiles.
4. On the Credentials and protocol page, if you have created a Run As account, you can click the
Browse button, and find it here. There is also the option to Create Run As Account. In the Protocol
area, you can select the out-of-band management protocol: you can use either the Intelligent
Platform Management interface (which includes the Data Center Management interface), or you
can use the Systems Management Architecture for Server Hardware (SMASH).
7-40 Installing and Configuring Microsoft System Center 2012 R2 Virtual Machine Manager
5. On the Discovery scope page, type the IP address scope that includes the BMC’s IP addresses.
You can also specify a single IP address. If you use the subnet or range of IP addresses, the Target
resources page will display all the discovered computers for those addresses. Each computer has a
check box next to it; select the check boxes of the computers that you wish to convert to a Hyper-V
host.
6. On the Provisioning options page, you can select the host group to which to assign the Hyper-V
host, regardless of whether the Hyper-V hosts will use DHCP or static addresses. You do this by using
the appropriate host profile. If you are running System Center 2012 SP1 VMM or System Center 2012
R2 VMM, when you select the check box next to a computer name, the system runs deep discovery.
You must allow time for this process to occur.
7. On the Deployment customization page, the options will vary based on the host profile you
previously selected.
8. On the Summary page, click Finish to deploy the bare metal computers as Hyper-V hosts. This will
also place them as physical hosts that are controlled by the VMM management server.
Server Virtualization with Windows Server Hyper-V® and System Center 7-41
A. Datum has decided to implement System Center 2012 R2 VMM to manage their virtualization
infrastructure. You need to deploy the VMM server components and add the existing Hyper-V hosts
to the environment. You also need to ensure that you configure the environment in such a way that
administrators in each subsidiary can manage the virtualization hosts at their location.
Objectives
After completing this lab, you will be able to:
• Install and configure VMM, including managing VMM from a remote host.
• Configure and manage hosts and host groups in System Center VMM.
Lab Setup
Estimated Time: 45 Minutes
Virtual machines: 20409B-LON-HOST1, 20409B-LON-HOST2, 20409B-LON-DC1, 20409B-LON-VMM1, and
20409B-LON-CL1
For this lab, you will use the available virtual machine environment. Before you begin the lab, you must
complete the following steps:
2. Sign in to the LON-HOST1 and LON-HOST2 computers as Adatum\Administrator with the password
of Pa$$w0rd.
3. On LON-HOST1 and LON-HOST2, start Hyper-V Manager.
4. In Hyper-V Manager, click 20409B-LON-DC1, and in the Actions pane, click Start.
5. In the Actions pane, click Connect. Wait until the virtual machine starts.
8. In the 20409B-LON-VMM1 on LON-HOST1 – Virtual Machine Connection, click the Media drop-
down list box, click DVD Drive, and then click Insert Disk.
7-42 Installing and Configuring Microsoft System Center 2012 R2 Virtual Machine Manager
In addition, for the rest of the labs, the tasks need be done only once in each lab partnership. There will
not be some steps done by the LON-HOST1 student and others by the LON-HOST2 student. The lab
partners can decide and even switch between themselves as to who does what for each task. This applies
to this lab through the lab in Module 13.
Note: Because you will be using the same virtual machines in the next lab, at the
conclusion of this lab do not revert the virtual machines. However, you can shut down all virtual
machines after finishing this lab.
1. Load the software on one of our servers in the London Site. We need at least two physical hosts,
but have plenty of virtual machines on them. Do you recommend putting this on a virtual
machine or physical computer? Please let me know what computers you’ll be using. Remember
that the test data that you gather will be used to further deploy a much more robust solution
that we will use to build our private clouds.
2. Make sure that all the prerequisites Microsoft has recommended are met. If there are any
shortfalls, let me know as soon as possible. Create a list of the prerequisites that you will need to
verify.
3. After you have created the VMM management server and installed a Virtual Machine Manager
console on a desktop client in the Developer department, finish testing the console and ensure
everything works.
4. Finally, create the local host group and assign at least two physical hosts.
Ed
Server Virtualization with Windows Server Hyper-V® and System Center 7-43
1. How many VMM servers do you need to deploy in the Adatum environment?
3. Will you deploy VMM on a single server, or will you separate components onto dedicated
servers?
4. Will you install the VMM server inside a virtual machine or on a physical machine?
5. What computers will you use, and what will be their roles?
4. Confirm that the operating system has at least a 2 GHz Pentium processor, 4 GB of RAM, and 80 GB
of disk space available.
5. From the Start screen, open and then sign in to SQL Server Management Studio.
6. Verify that the version of SQL Server supports System Center 2012 R2 VMM.
7. Open the Registry Editor. In the Registry Editor window, click the HKEY_LOCAL_MACHINE subkey.
Navigate to SOFTWARE\Microsoft\Net Framework Setup\NDP\v4\Client\.
8. In the Version item, note the value in the Data column. It should be 4.5.51641 or higher.
10. Open the Services console, and verify that the Windows Remote Management (WS–Management)
service is running and is set to Automatic.
Task 3: Install the VMM management server and Virtual Machine Manager console
on LON-VMM1
1. In File Explorer, in the VMM window, double-click the setup.exe file, which will open the Microsoft
System Center 2012 R2 Installation splash screen.
2. Use the Microsoft System Center 2012 Virtual Machine Setup Wizard to install VMM, and set the
options on each page, as follows:
a. Select features to install page: VMM management server and VMM console.
5. Close both the Virtual Machine Manager console and the Microsoft System Center 2012 R2 splash
screen.
Note: Perform these steps from LON-HOST2. In Hyper-V Manager on LON-HOST2, right-
click Hyper-V Manager in the console tree and select Connect to server, select Another
computer, and type LON-HOST1 and then click OK. Select and connect to LON-CL1.
3. Run the AdminConsole.msi file. The MSI file will open a pop-up window stating that it is installing
and displaying a progress bar. If it does not encounter an error, then after installing the Virtual
Machine Manager console successfully, the window will close itself.
4. Open the Apps by name start screen, and then pin the Virtual Machine Manager Console NEW
tile to the desktop taskbar.
5. Launch the Virtual Machine Manager Console NEW program from the taskbar.
7. Navigate around the console, and observe that is the same Virtual Machine Manager console as is
installed on LON-VMM1.
8. Close the Virtual Machine Manager console, and sign off of LON-CL1.
Results: After completing this exercise, you should have installed System Center 2012 R2 VMM.
Server Virtualization with Windows Server Hyper-V® and System Center 7-45
1. Set the default domain group policy to allow domain members to become hosts.
3. Create a LocalGroup host group, and then add LON-HOST1 and LON-HOST2 to the LocalGroup host
group.
4. Configure LocalGroup properties.
Task 1: Set the default domain group policy to allow domain members to become
hosts
1. On LON-DC1, in Server Manager, open the Group Policy Management Editor, and then edit the
Default Domain Policy.
2. Navigate to Computer Configuration\Profiles\Administrative Templates\Network
\Network Connections\Windows Firewall\Domain Profile, and then apply the following settings:
a. In Windows Firewall: Allow inbound file and printer sharing exception, click Enabled, in
Options, type an asterisk (*) (which indicates all IP addresses).
b. In Windows Firewall: Allow ICMP exceptions, click Enabled, in Options, click Allow inbound
echo request.
c. In Windows Firewall: Define inbound port exceptions, select Enabled, in Options: Define
port exceptions, click Show, and under Value, type 5985.
4. In the Allow remote server management through WinRM window, select Enabled, in Options, for
both IPv4 and IPv6, type an asterisk (*).
6. On both LON-HOST1 and LON-HOST2 physical machines, use Windows PowerShell to update the
group policy with gpupdate.exe /force.
f. Summary page: View Script, save script in the documents library as AddHost.ps1 (ensure the
All Files (*.*) type is selected).
2. Observe that LON-HOST1 now displays in the VM’s and Services console tree.
3. Open Windows PowerShell, navigate to the documents folder, and then use Notepad to open
AddHost.ps1.
6. Run the Windows PowerShell script that you just saved by typing ./addhost.ps1.
Task 3: Create a LocalGroup host group, and then add LON-HOST1 and LON-HOST2
to the LocalGroup host group
1. On LON-VMM1, if the Virtual Machine Manager console is not already open, then open it.
2. In the Virtual Machine Manager console, in the VMs and Services console tree, create a new host
group named LocalGroup.
3. Use the tools on the ribbon to move LON-HOST1 into the group.
4. Use the context menu to move LON-HOST2 into the group.
2. In the LocalGroup Properties dialog box, in the Properties pages, configure the following:
a. On the General page, add the description, The local group of virtualization hosts the
A. Datum IT department is using.
b. On the Host Reserves page, clear the Use the host reserves settings from the parent host
group check box. In the Disk space, amount text box, change the values from 1% to 2%.
Results: After completing this exercise, you should have created and configured hosts and host groups.
Server Virtualization with Windows Server Hyper-V® and System Center 7-47
Question: In which scenarios is it beneficial for you to use Windows PowerShell rather than a
GUI such as the VMM console?
Tools
SQL Server Manage all aspects of a SQL Server SQL Server installation DVD
Management Studio installation.
Disk2vhd Tool that creates virtual hard disks of Windows Sysinternals download
physical disks for use on Hyper-V hosts as page:
virtual machines. You can convert the http://go.microsoft.com/fwlink
operating system disk and the data disks /?LinkID=386697
on a physical computer.
Windows ADK A collection of tools that you can use to Microsoft Download Center:
customize, assess, and deploy Windows http://go.microsoft.com/fwlink
operating systems to new computers. /?LinkID=386730
8-1
Module 8
Managing the Network and Storage Infrastructure in
Microsoft System Center 2012 R2 Virtual Machine Manager
Contents:
Module Overview 8-1
Module Overview
Microsoft System Center 2012 R2 includes components that you can deploy and manage through the
System Center 2012 R2 Virtual Machine Manager (VMM) console. The Fabric workspace in the VMM
console simplifies working with a variety of storage and network technologies. Using these components,
you can build and connect your virtualization network and storage infrastructure, thereby creating the
underlying framework for deploying virtual machines, services, and clouds.
Note: For the purpose of this course, all instances of Microsoft System Center 2012 R2
Virtual Machine Manager are referred to as VMM.
Objectives
After completing this module, you will be able to:
• Manage infrastructure updates by creating update baselines, and by scanning and remediating non-
compliant servers.
8-2 Managing the Network and Storage Infrastructure in Microsoft System Center 2012 R2 Virtual Machine Manager
Lesson 1
Managing Networking Infrastructure
Managing physical network infrastructure in dynamic and complex data center environments can
be challenging. You might require multiple applications, consoles, and command-line interfaces to
administer the infrastructure. VMM provides a single console from which you can perform most of
the administrative tasks, and thus simplifies working with logical and virtual networking components.
This lesson introduces you to the VMM networking fundamentals and provides high-level overviews of
advanced concepts. This lesson also explains the VMM networking components and integration options
with other vendor networking tools. Finally, this lesson describes how to design and implement the
various virtualization options.
Lesson Objectives
After completing this lesson, you will be able to:
For example, if the DNS suffix for the host network adapter is adatum1.adatum.com, VMM creates a
logical network with the name adatum1.
When you create a logical network, you can create one or more associated network sites. A network site is
a collection of one or more subnets, VLANs, and subnet-VLAN pairs. You can control which host groups
connect to a network site. For example, if you have a Seattle host group and a New York host group, and
if you want to make the BACKEND logical network available to each, you can create two network sites for
the BACKEND logical network. You then can scope one network site to the Seattle host group (and any
desired child host groups), and the other network site to the New York host group (and any desired child
host groups).
When you associate one or more IP subnets with a network site, you can create an IP address pool. An IP
address pool is a range of IP addresses within an IP subnet. For example, the range 10.0.0.2 to 10.0.0.150
would be an address pool within the 10.0.0.0/24 subnet. A static IP address pool enables VMM to
assign static IP addresses to hosts and allows you to manage IP addresses for the virtual environment.
Configuring static IP address pools is optional and you can assign addresses automatically through
Dynamic Host Configuration Protocol (DHCP), if it is available on the network.
For more information on Logical Networks, consult the following TechNet article:
Logical Networks
Logical networks are a set of logical network
objects that you can use to model your network
environment. You can create multiple logical
networks, and then associate them with one or
more host groups. For example, you can create a
perimeter logical network, a development logical network, and a production logical network. When
administrators or application administrators deploy virtual machines and services, they will be able to
select a logical network without the need to understand the underlying networking infrastructure.
Network Sites
You can create network sites to associate subnets and VLANs with a location or department. You associate
sites with the logical network, and then assign the host group that can use the network site.
MAC address. You can use the default MAC address pools, or you can configure custom MAC address
pools that you scope to specific host groups.
Virtual IP Templates
A virtual IP template contains a load balancer and related configuration settings for a specific type of
network traffic. For example, you could create a template that specifies the load balancing behavior for
HTTPS traffic on a specific load balancer manufacturer and model. These templates represent the best
practices from a load balancer configuration standpoint. After you create a virtual IP template, users
(including self-service users), can specify the virtual IP template to use when they create a service. When
users model a service, they can choose an available template that best matches the needs of their load
balancers and type of application.
Logical Switches
You can use logical switches to apply a single configuration to multiple hosts. You configure logical-to-
Hyper-V port profiles and uplink profiles, port classification, and virtual-switch extensions. By using logical
switches, you can enforce compliance among the host servers and reduce the time required to deploy and
administer hosts.
Port Profiles
You can create and use two Hyper-V port profiles in VMM:
• Virtual network adapter port profiles. You create this type of profile for use by virtual machines and
hosts. These profiles have configurable offload, security, and bandwidth settings.
• Uplink port profiles. You configure this type of profile to use with uplink ports. You can configure the
load-balancing algorithm and teaming mode.
Port Classifications
You can create port classifications, and then use them across multiple logical switches to help identify and
group sets of features.
Network Service
A network service in VMM includes components such as gateways, virtual switch extensions, top-of-rack
switches, and network managers. To add a network service, you must first install the associated provider,
and then restart the System Center Virtual Machine Manager service. You can configure each of the
following components by using the Add Network Service Wizard:
• Gateway. In VMM, you can configure a gateway to allow network traffic in and out of a virtual
machine network that is using network virtualization. You can configure this for local network
routing which routes traffic between the virtual machine network and the physical network.
Alternatively, you can configure it for remote network routing, which first creates a virtual private
network (VPN) connection with another endpoint of a site-to-site VPN, and then routes in and out
of the virtual machine network through the VPN tunnel.
Server Virtualization with Windows Server Hyper-V® and System Center 8-5
• Virtual switch extensions. Virtual switch extensions provide non-Microsoft vendors the ability to add
monitoring, filtering, and forwarding extensions. For example, Cisco has created the Cisco Nexus
1000V for Hyper-V. This forwarding extension allows Cisco administrators to configure networking in
VMM by using familiar Cisco commands. An example of a monitoring extension is Host sFlow, which
exports performance metrics using the sFlow protocol.
• Network managers. Network managers enable you to use a non-Microsoft network management
console to configure forwarding extensions. With network managers, you can manage settings such
as logical networks, sites, and virtual machine networks.
• TOR switches. By using VMM to manage TOR switches, you can control physical switch ports. For
example, you can create the corresponding VLAN and apply it to the physical port, thus keeping both
physical and virtual switch settings synchronized.
• Internal. Creating an internal switch enables virtual machines to communicate with each other and
with the Hyper-V host. However, internal switches do not allow any communication with the physical
network.
• Private. The private virtual switch allows virtual machines to communicate with each other. You can
create multiple private virtual switches on a single Hyper-V host to isolate different groups of virtual
machines.
You can use VLAN settings and external virtual switches to share the network adapter with the virtual
guest machines. If you do this, you can then set VLAN IDs for the host server. However, this does not
control virtual machine VLAN configuration.
You can add a virtual switch in the VMM console by performing the following steps:
2. In the Fabric workspace, click Servers, or if required, navigate to the host group containing the server
to which you wish to add the virtual switch.
3. In the central workspace, right-click the server you want to add the switch to, and then click
Properties.
8-6 Managing the Network and Storage Infrastructure in Microsoft System Center 2012 R2 Virtual Machine Manager
4. In the Properties dialog box, on the left side, click Virtual Switches, click New Virtual Switch, and
then click New Standard Switch.
Note: You also have the option of creating a new logical switch. However, you can only
create a new logical switch after creating at least one logical switch elsewhere in VMM. You will
learn more about logical switches later in this module.
5. Provide a name and optional description for the switch, and then click the required switch type
(External, Internal, or Private). Define whether the host should share the adapter using VLAN 0 or
anther VLAN, and then click OK.
6. When a warning that the host may temporarily lose network connectivity displays, click OK.
When creating the logical network, you will be able to choose a single, routable network that includes the
option to allow virtualized virtual machine networks, to use VLAN-based independent networks, or to use
Private VLAN (PVLAN) networks.
1. Launch the VMM console, click the Fabric workspace, on the ribbon, click Create, and then click
Logical Network.
2. On the Name page, in the Name text box, type the required network name such as INTRANET,
and in the Description text box, type a description. Click the required network option, VLAN, PVLAN,
or leave the default option selected (One connected network). If required, click Allow new VM
networks created on this logical network to use network virtualization, and then click Next.
3. On the Network Site page, click Add, and then in the Host groups that can use this network site
section, select the host groups that will use this network site, for example, All Hosts.
4. In the Associated VLANs and IP subnets area, click Insert row, and then in the VLAN text box, type
a VLAN number, for example, 2.
Logical Switches
You can use logical switches to apply a single
configuration to multiple hosts, and you configure
them to use uplink profiles, port classification, and
virtual-switch extensions. The supported switch
extensions types are:
• Filtering. Use filtering extensions to block, modify, or defragment packets, and to block ports.
• Forwarding. Use forwarding extensions to direct traffic by defining destinations, and to capture and
filter traffic. To avoid conflicts online, only one forwarding extension can be active on a logical switch.
• Virtual switch extension manager. Use virtual switch extension manager to allow use of a vendor
network-management console and VMM together. To do this, you need to install the vendor’s
provider software on the VMM server.
Uplink Profiles
You can use native uplink profiles to configure uplink adapters. Uplink adapters must be available on
the physical network adapters to which a switch connects. You can assign uplink profiles to host groups,
and then enable them to support network virtualization in Windows operating systems. You also can use
uplink profiles to configure virtual adapters for enabling offload settings, such as Virtual Machine Queue
(VMQ), Internet Protocol security (IPsec) task offloading, and single-root I/O virtualization (SR-IOV).
Virtual network adapter port profiles allow you to reuse the same settings across multiple switches, which
simplify your virtual environment deployments.
Additionally, you can specify minimum and maximum bandwidth settings and relative bandwidth weights.
These settings define how much bandwidth a virtual network adapter can use in relation to other virtual
network adapters that connect to the same switch. The following default uplink profiles have already been
created in VMM:
• SR-IOV profile
• Host management
• Live migration
• Cluster
• Guest dynamic IP
• Internet small computer system interface (iSCSI)
• Default
Each of these profiles comes already configured with varying offload, security, and bandwidth settings.
8-8 Managing the Network and Storage Infrastructure in Microsoft System Center 2012 R2 Virtual Machine Manager
Port Classifications
You can create port classifications, and then use them across multiple logical switches to help identify and
group sets of features. The following default port classifications have already been created in VMM:
• SR-IOV
• Guest dynamic IP
• iSCSI workload
• Logical networks
• IP pools
• Logical switches
• Port classifications
You also will see how to assign logical switches to Hyper-V hosts.
Demonstration Steps
1. On LON-VMM1, launch the Virtual Machine Manager console.
2. Create a logical network named Adatum UK that permits the use of network virtualization.
3. Create two network Sites that use the All Hosts host group using the following details:
c. IP Subnet: 192.168.1.0/24
f. IP Subnet: 192.168.2.0/24
6. Using the Docklands network site and the 192.168.3.0/24 IP subnet, complete the wizard accepting
the defaults, and then close the Jobs window.
7. Create another IP pool named Gatwick IP Pool. Use the Adatum UK logical network, and the Gatwick
network site.
Server Virtualization with Windows Server Hyper-V® and System Center 8-9
8. From the Fabric workspace, create a Hyper-V Port Profile named Adatum UK Uplink. Use the
Hyper-V port load balancing algorithm.
9. On the Network configuration page, select the Docklands and Gatwick network sites, and enable
Hyper-V Network-Virtualization.
10. When setup is complete, close the Jobs window.
11. From the Fabric workspace, create a Logical Switch named Adatum UK. Enter the description
Adatum production hosts logical switch. Use the default extensions, and use the Adatum UK
uplink.
12. Add a Virtual Port using the Medium Bandwidth port classification and the Medium Bandwidth
virtual network adapter port profile.
14. From the Fabric workspace, open the properties page for lon-host1.adatum.com, click Hardware,
then click the logical network associated with your network card, (this will be connected to External
Network).
15. Click the Adatum UK logical network, read the warning about VLANs, click OK, and then click OK
again.
16. In the Fabric workspace, click LON-HOST1, click Properties, click Virtual Switches, click New
Virtual Switch, and then click New Logical Switch.
17. Notice the error message that displays stating that VMM cannot create a virtual switch without any
physical network adapters. At this point, if you have another network card, you can assign the logical
switch to a physical adapter. In the error message pop-up window that displays, click OK.
18. In the Properties dialog box, click Hardware, and then scroll down and expand Network adapters.
Click your physical network adapter, and note that you can select or clear the adapter for virtual
machine placement and management use. Click the Logical network, and on the right under Logical
network connectivity, note that you can assign the logical networks and IP subnets.
19. Click Cancel, and then click Yes to close the warning.
Network Virtualization
You can use network virtualization to isolate
virtual machines from different organizations,
even if they share the same Hyper-V host. When
you configure network-virtualization, each guest
virtual machine has two IP addresses, which
include:
• Customer IP address. The customer assigns this IP address to the virtual machine. You can configure
this IP address so that communication with the customer's internal network can occur even if the
virtual machine is hosted on a Hyper-V server that connects to a separate public IP network. Using
the ipconfig command on the virtual machine will return the customer IP address.
8-10 Managing the Network and Storage Infrastructure in Microsoft System Center 2012 R2 Virtual Machine Manager
• Provider IP address. The hosting provider assigns this IP address, which is visible to the hosting
provider and to other hosts on the physical network. This IP address is not visible from within the
virtual machine.
Note: You can create virtual machine networks after you create a logical network, because
they are associated with a logical network. You can have many isolated virtual machine networks
using one logical network, but for each logical network you can only have one virtual machine
network that does not use isolation.
VLAN Isolation
VLANs are layer 2 broadcast domains that are created by tagging packets. These tags tell the switches
and routers where the packets can travel. VLANs are widely used due to their reliability. However, they do
have some limitations that can make running a larger virtualization environment more difficult and costly,
and can result in high management overheads.
PVLAN Isolation
PVLANs enable you to separate a VLAN into multiple isolated sub-networks, which are then allocated to
different tenants. The PVLAN will share the IP subnet it that the parent VLAN allocates to it. The PVLAN
requires a router to communicate with hosts on other PVLANs and with other networks.
The table above is a rough guide, because each company differs. In networking, having many options
helps to facilitate the best design for a given scenario, application, or customer. For example, you may
have a network team who will be configuring most of the virtual networks using their preferred network
tools and switch extensions.
Note: For an example that requires both network virtualization and VLANs, review the
scenario following the end of this topic.
1. Launch the VMM console, click the Fabric workspace, on the ribbon, click Create, and then click
Logical Network.
2. On the Name page, in the Name text box, type the required network name (such as INTRANET). In
the Description text box, type a description, click the required network option—VLAN, PVLAN, or
leave the default option (One connected network) selected. Then, if required, click Allow new VM
networks created on this logical network to use network virtualization, and then click Next.
3. On the Network Site page, click Add, and then in the Host groups that can use this network site
section, select the host groups that will use this network site, for example All Hosts.
Server Virtualization with Windows Server Hyper-V® and System Center 8-11
4. In the Associated VLANs and IP subnets area, click Insert row, and then in the VLAN text box, type
a VLAN number, for example 2.
5. In the IP subnet field, type an IP subnet, for example 172.20.0.0/16, click Next, and then click
Finish.
A routable logical network in the VMM console is called One connected network. These logical networks
and any network sites can be routed to one another.
As part of their long-term vision, the organization wants one or more highly available private clouds
that have the ability to run from either data center. Extensive changes and building new sites are not
an option. A multi-year virtualization projected has started, and all new systems are required to be
virtualized. Those built using Windows 2008 R2 and newer are being virtualized using physical-to-virtual
(P2V) migrations. Many servers have the same IP addresses, and to ensure that the customized
applications on those can be accessed, Hyper-V network virtualization will be used.
A. Datum uses multiple backup technologies, and the System Center 2012 R2 Operations Manager has a
backup VLAN that isolates backup traffic. You discussed virtualizing some file servers, and will want to
make sure that these, and possible other servers can access the VLAN to be backed up.
Best Practice:
In most sections of the VMM console, you can
filter the view by entering text in the search field.
Keep this feature in mind and apply a good
naming convention to all your virtual network
components. This will help you and other administrators when you are working with and or
troubleshooting virtual networking. This also applies to everything you can label in VMM.
8-12 Managing the Network and Storage Infrastructure in Microsoft System Center 2012 R2 Virtual Machine Manager
There are a few considerations that you should be aware of before you start working with virtual
machine networks in VMM. As a first step, you should plan your network and document the proposed
configurations. You will need to determine if you should implement isolation. You then need to create the
underlying logical network components.
After you have created your prerequisite logical network, perform the following steps to create a virtual
machine network in the VMM console:
1. Open the VMM console, click the VMs and Services workspace, and then on the ribbon, click Create
VM Network.
2. On the Name page, type the name and description for your VM network, click the drop-down list
box, select the logical network, and then click Next.
3. On the Isolation page, select either Isolate using Hyper-V network-virtualization or No isolation,
choose between IPv4 and IPv6 for your VM network and logical network, and then click Next.
4. On the VM Subnets page, click Add, and in the Name text box, type the name for your VM subnet.
In the Subnet text box, type the IP address and mask for your subnet. If necessary, add and remove
further subnets, and then click Next.
5. On the Connectivity page, choose the setting for connecting directly to an additional logical
network, and specify whether that connection will use network address translation (NAT). If you
have not added a gateway, no option will be available. Review the message, and then click Next.
6. On the Summary page, review the summary, and then click Finish.
7. Close the Jobs window.
In a large host or environment, you may want to quickly discover which virtual machines connect to which
networks. Rather than investigate each virtual machine individually, you can investigate using the built-in
VMM network diagrams.
You can review hosts and virtual machine network topology by performing the following steps:
1. Open the VMM console, and then click the Fabric workspace.
2. In the Fabric navigation pane, click to expand the host group containing your hosts. In the main
section of the console, right-click the host that you want review, and then click View Networking.
3. On the left, you can select the hosts, host groups, and clouds that you want to include in the diagram.
On the ribbon, you can choose to view the following diagrams:
o VM Networks
o Host Networks
o Host/VM Networks
o Network Topology
To delegate access to virtual machine networks, you assign an owner for a virtual machine network, and
delegate access to other administrators and self-service users. You can configure access by performing the
following steps:
1. Open the VMM console, click the VMs and Services workspace, and then on the ribbon, click
Properties.
2. On the left, click Access. You can now select an owner and delegate access to the virtual machine
network.
Server Virtualization with Windows Server Hyper-V® and System Center 8-13
If you want to delete a virtual machine network, you must first confirm that there are no dependent
resources. You can review dependent resources using these steps:
1. Open the VMM console, and then click the VMs and Services workspace.
2. In the VMs and Services navigation pane, click VM Networks on the right, click to highlight a virtual
machine network, and then on the ribbon, click View Dependent Resources.
3. Review the Names and Type of resources. Make a note of them, and then click OK.
4. To delete other VMM resources that may have dependent resources, you can right-click them. If they
have dependent resources, the dependent resource option will display, and clicking on it will display
those dependencies.
Adding a Gateway
When you deploy network virtualization, you most likely will want virtual machines to communicate with
other virtual machines on other Hyper-V hosts, or with physical machines outside of the virtualization
environment. To facilitate this, you must provision a network gateway, which in VMM is configured in the
Network Service section of the Fabric workspace. The gateway connects to remote networks using a VPN
tunnel.
To add a gateway, you must first install its provider software. You can review the list of installed providers
by using the following procedure:
The default installation directory for providers is C:\Programs Files\Microsoft System Center 2012 R2
\Virtual Machine Manager\Bin\Configuration Providers.
3. Confirm that the necessary provider software for the gateway device has been installed and is listed.
For more information about gateway prerequisites and to review the setup steps, refer to:
Demonstration Steps
1. In the Virtual Machine Manager console, from the VMs and Services workspace, create a virtual
machine network named Adatum North.
2. Ensure that Adatum UK is selected as the Logical network, and enable Hyper-V network
virtualization.
3. Add the following VM Subnets:
8. From the VMs and Services workspace, create a virtual machine network IP pool for the Adatum
Finance VM Network. Name this pool Adatum Finance VM Network IP Pool.
9. Ensure the VM subnet is set to Adatum Finance (192.168.4.0/24), and accept the default settings.
11. From the VMs and Services workspace, create a virtual machine network IP pool for the Adatum
Finance VM Network. Name this pool Adatum Logistics VM Network IP Pool.
12. Ensure the VM subnet is set to Adatum Logistics (192.168.5.0/24), and accept the default settings.
13. When setup is complete, close the Jobs window.
Server Virtualization with Windows Server Hyper-V® and System Center 8-15
Windows Server 2012 R2 provides Windows Server Gateway to address this scenario. Windows Server
Gateway is a virtual machine-based software router that allows you to route network traffic between the
virtual networks on the Hyper-V hosts and the physical networks. This enables the virtual machines to
connect to other resources on the internal network and also to connect to external networks such as the
Internet.
• Multi-tenant aware NAT gateway for Internet access. In this configuration, Windows Server Gateway
provides access to the Internet for virtual machines on virtual networks. The Windows Server Gateway
is configured as a NAT device, translating addresses that can connect to the Internet to addresses
used on the virtual networks. In this configuration, Windows Server Gateway is also multitenant-
aware, so all virtual networks behind the Windows Server Gateway can connect to the Internet, even
if they use overlapping address spaces.
• Forwarding gateway for internal physical network access. In this configuration, Windows Server
Gateway provides access to internal network resources that are located on physical networks. For
example, an organization may have some servers that are still deployed on physical hosts. When
configured as a forwarding gateway, Windows Server Gateway enables computers on the virtual
networks to connect to those physical hosts.
8-16 Managing the Network and Storage Infrastructure in Microsoft System Center 2012 R2 Virtual Machine Manager
You can configure Windows Server Gateway by deploying appropriate Windows Server 2012 R2 roles, and
by configuring the network settings by using Windows PowerShell. The high-level steps for implementing
Windows Server Gateway are as follows:
1. Verify that your Hyper-V deployment meets the requirements for the Windows Server Gateway
deployment. Although you can deploy a Windows Server Gateway on a host with single network
adapter, we recommend that you configure multiple network adapters on the host. You must
configure multiple virtual network adapters on the Windows Server Gateway virtual machine. As
a best practice, configure the physical and virtual network adapter names to match the intended
use for each network.
2. Install the Remote Access role on the Windows Server Gateway virtual machine, including the Direct
Access and VPN (RAS) and Routing role service. Install the required management tools.
3. On the Hyper-V host running the Windows Server Gateway virtual machine, do the following:
a. Enable the multitenancy mode on the virtual machine network adapter by using the
Set-VMNetworkAdapterIsolation cmdlet with the –IsolationMode parameter.
b. Map the tenant’s routing domains and virtual subnets by using the
Add-VmNetworkAdapterRoutingDomainMapping parameter.
4. On Windows Server Gateway, configure the IP addresses and network routes for each tenant network.
5. On the Hyper-V hosts running the tenant virtual machines, configure the network
virtualization settings by using the New-NetVirtualizationProviderAddress,
New-NetVirtualizationLookupRecord, and New-NetVirtualizationCustomerRoute cmdlets.
When deploying a gateway in VMM, configure a gateway in the Network Service section of the Fabric
workspace. The gateway connects to remote networks using a VPN tunnel. To add a gateway, you must
first install its provider software. You can review the list of installed providers by using the following
procedure:
1. Open the VMM console.
2. Click the Settings workspace, and then in the Settings pane, click Configuration Providers. The lists
of providers displays along with information such as Type, Version, Publisher, Manufacturer and
Model.
The default installation directory for providers is C:\Programs Files\Microsoft System Center 2012 R2
\Virtual Machine Manager\Bin\Configuration Providers.
3. Confirm that the necessary provider software for the gateway device has been installed and is listed.
For more information about gateway prerequisites and to review the setup steps, refer to:
Configuring VM Networks and Gateways in VMM
http://go.microsoft.com/fwlink/?LinkID=386734
http://go.microsoft.com/fwlink/?LinkID=386732
8-18 Managing the Network and Storage Infrastructure in Microsoft System Center 2012 R2 Virtual Machine Manager
Objectives
After completing this lab, you will be able to:
Lab Setup
Estimated Time: 30 Minutes
Virtual Machines: 20409B-LON-HOST1, 20409B-LON-HOST2, 20409B-LON-DC1, 20409B-LON-VMM1,
20409B-LON-SS1, 20409B-LON-SVR1
2. In Hyper-V Manager, click 20409B-LON-DC1, and then in the Actions pane, click Start. Wait 30
seconds.
3. Click 20409B-LON-VMM1, in the Actions pane, click Start, and then click Connect. Wait until the
virtual machine starts.
o Password: Pa$$w0rd
o Domain: Adatum
5. Repeat steps 2 through 4 for 20409B-LON-SS1 and 20409B-LON-SVR1.
In this exercise, you will prepare a proof of concept for the Adatum London virtual network. You will
connect a host server with logical networks, configure network virtualization, and connect virtual
machines to a virtual machine network.
Server Virtualization with Windows Server Hyper-V® and System Center 8-19
2. Create a logical network named Adatum UK that permits the use of network virtualization.
3. Create two network Sites that use the All Hosts host group using the following details:
b. VLAN: 0
c. IP Subnet: 192.168.1.0/24
5. From the Fabric workspace, create a new IP Pool named Adatum UK IP Pool. Use the Adatum UK
logical network.
6. Using the Docklands network site and the 192.168.3.0/24 IP subnet, complete the wizard accepting
the defaults, and then close the Jobs window.
7. Create another IP pool named Gatwick IP Pool. Use the Adatum UK logical network, and the Gatwick
network site.
8. From the Fabric workspace, create a Hyper-V Port Profile named Adatum UK Uplink. Use the
Hyper-V port load balancing algorithm.
9. On the Network configuration page, select the Docklands and Gatwick network sites, and enable
Hyper-V Network-Virtualization.
11. From the Fabric workspace, create a Logical Switch named Adatum UK. Enter the description
Adatum production hosts logical switch. Use the default extensions, and use the Adatum UK
uplink.
12. Add a Virtual Port using the Medium Bandwidth port classification and the Medium Bandwidth
virtual network adapter port profile.
2. Click the Adatum UK logical network, read the warning about VLANs, click OK, and then click OK
again.
8-20 Managing the Network and Storage Infrastructure in Microsoft System Center 2012 R2 Virtual Machine Manager
3. In the Fabric workspace, click LON-HOST1, click Properties, click Virtual Switches, click New
Virtual Switch, and then click New Logical Switch.
4. Notice the error message that displays stating that VMM cannot create a virtual switch without any
physical network adapters. At this point, if you have another network card, you can assign the logical
switch to a physical adapter. In the error message pop-up window that displays, click OK.
5. In the Properties dialog box, click Hardware, and then scroll down and expand Network adapters.
Click your physical network adapter, and note that you can select or clear the adapter for virtual
machine placement and management use. Click the Logical network, and on the right under Logical
network connectivity, note that you can assign the logical networks and IP subnets.
5. In the Virtual Machine Manager console, from the VMs and Services workspace, create a virtual
machine network named Adatum South. Ensure that Adatum UK is selected as the Logical network,
and enable Hyper-V network virtualization.
8. From the VMs and Services workspace, create a virtual machine network IP pool for the Adatum
Finance VM Network. Name this pool Adatum Finance VM Network IP Pool.
9. Ensure the VM subnet is set to Adatum Finance (192.168.4.0/24), and accept the default settings.
11. From the VMs and Services workspace, create a virtual machine network IP pool for the Adatum
Finance VM Network. Name this pool Adatum Logistics VM Network IP Pool.
12. Ensure the VM subnet is set to Adatum Logistics (192.168.5.0/24), and accept the default settings.
2. Ensure that Adatum North is selected, and ensure that subnet Adatum Finance is selected.
3. Edit the properties of 20409B-LON-PROD1, and connect Network Adapter 1 to VM network.
4. Ensure that Adatum South is selected, and ensure that the subnet Adatum Logistics is selected.
10. Open Windows PowerShell, and use the ping command to verify that LON-PROD1 cannot
communicate with LON-TEST1.
11. Use the Virtual Machine Manager console to shut down LON-TEST1 and LON-PROD1.
Results: After completing this exercise, you should have created and configured a new virtual network,
configured network virtualization, and connected virtual machines to a virtual machine network.
8-22 Managing the Network and Storage Infrastructure in Microsoft System Center 2012 R2 Virtual Machine Manager
Lesson 2
Managing Storage Infrastructure
This lesson describes how to manage a storage infrastructure in VMM. VMM can use three different types
of storage: Fibre Channel, iSCSI, and file share. The lesson explains how to implement and deploy these
different types of storage, and the considerations that you need to be aware of before you implement
highly available storage.
Lesson Objectives
After completing this lesson, you will be able to:
Windows Server 2012 R2 builds upon, and introduces new storage options for virtualization, which
enables small to midsize companies to utilize highly available storage solutions. These solutions were
historically available only by investing in storage area network (SAN) technologies or non-Microsoft
software.
When planning a virtualization environment, the .vhdx file type performance can affect the virtual
machine’s performance. Servers that you otherwise provision with random access memory (RAM) and
processor capacity can still experience unsatisfactory performance if you misconfigure the storage system
or if it becomes overwhelmed with traffic. Therefore, you should ensure that the storage design provides
adequate performance, and that your design includes a plan for monitoring storage for availability and
performance.
Server Virtualization with Windows Server Hyper-V® and System Center 8-23
• Storage connectivity. You can locate .vhd or .vhdx files on local or remote storage. When you locate
these files on remote storage, you must ensure that there is adequate bandwidth and minimal latency
between the host and the remote storage. Slow network connections to storage, or connections
where there is latency, result in poor virtual machine performance.
• Storage redundancy. The volume that the .vhdx files are stored on should be fault tolerant. This
should apply whether the .vhdx file is stored on a local disk, or on a remote SAN device. Hard disks
often fail. Therefore, the virtual machine and the Windows Server 2012 Hyper-V host should remain
in operation after a disk failure. Replacement of failed disks should not affect Hyper-V host or virtual
machine operations.
• Storage performance. The storage device where .vhdx files are stored should have excellent
I/O characteristics. Many enterprises use solid-state drive (SSD) hybrid drives in a redundant array
of independent disk (RAID) 1+0 arrays. This helps with achieving maximum performance and
redundancy, particularly when multiple virtual machines are running simultaneously on the same
storage. However, this can place a tremendous I/O burden on a disk subsystem, so you need to
ensure that you select high performance storage. Otherwise, your virtual machine performance may
suffer. The assessment and planning tool measures I/O, and its output can assist in storage planning.
• Storage capacity. If you configure .vhdx files to grow automatically, it is important that there is
adequate space in which these files can grow. Additionally, you need to monitor growth carefully
so that you experience no service disruptions if a .vhdx file consumes all available space.
• Data protection. Consider the performance of your backup solution, its impact on your storage
design, and the amount of data virtual machines will host. Review existing data, and ensure that you
will be able to back up required virtual machines and their storage within an acceptable timeframe.
• Flexible storage options. Hyper-V offers flexible storage options include most of the options that
Windows Server supports, such as locally attached storage (for example, Serial Advanced Technology
Attachment (SATA), SCSI, and SSD). Hyper-V supports remotely connected Fibre Channel, iSCSI, and
Serial Attached SCSI storage. Hyper-V also supports running virtual machines in file shares using
the Server Message Block (SMB) 3.0 protocol. Shared .vhdx files allow guest virtual machines to be
clustered without needing iSCSI or Fibre Channel SANs. Hyper-V and VMM support live migration
outside of a clustered environment, sometimes referred to as shared-nothing live migration.
Note: When selecting your virtualization storage options, closely examine all the features
and components that you plan to use. Carefully review the prerequisites of each technology to
ensure compatibility. For example, if you are planning to use the Windows Server 2012 R2 .odx
feature for virtual machine SAN transfers, you cannot have Windows Server Data Deduplication
or BitLocker Drive Encryption enabled.
• Storage availability. Using VMM, you can manage both block storage and file storage for deploying
and storing your virtual machines. You can do this by using Windows Storage Management API
deployment.
The following topics will discuss the various storage types in more detail.
8-24 Managing the Network and Storage Infrastructure in Microsoft System Center 2012 R2 Virtual Machine Manager
Fibre Channel
Each Fibre Channel SAN is different. Some SANs
have built-in features such as storage tiering,
thin provisioning, volume snapshots, and volume
replication. If you are designing a Fibre Channel
SAN for high availability, you should consider the
following factors:
o You must configure the Hyper-V host with a Fibre Channel HBA.
o The Fibre Channel HBA must have a driver that supports Virtual Fibre Channel.
Virtual Fibre Channel adapters support port virtualization by exposing HBA ports in the guest operating
system. This allows the virtual machine to access the SAN by using a standard World Wide Name (WWN)
associated with the virtual machine.
Hyper-V supports multipath I/O (MPIO) to provide highly available access to the logical unit numbers
(LUNs) that have been exposed to the host. With Virtual Fibre Channel adapters, you can provide access
to LUNs directly from virtual machines that also support MPIO. You can use a combination of both in your
virtualization environment.
iSCSI
A less expensive and simpler way to configure a connection to remote disks is to use iSCSI storage. Many
application requirements dictate that remote storage connections must be redundant in nature for fault
tolerance or high availability. Additionally, many companies already have fault-tolerant networks that
make it less expensive to retain redundancy compared to using SANs.
When designing your iSCSI storage solution, you should consider the following:
• Deploy the iSCSI solution on at least a 1 gigabyte per second (Gbps) network. Review specific features
that you intend to use, and ensure that all of your hardware can support these features.
• Have a high availability design. This is crucial for your network infrastructure, because network
devices and components conduct the transfer of data from servers to iSCSI storage.
Server Virtualization with Windows Server Hyper-V® and System Center 8-25
• Involve all relevant teams in the storage implementation, and confirm whether storage deployment
automation will be possible for virtualization administrators and application administrators.
iSCSI is a protocol that supports access to remote SCSI–based storage devices over a TCP/IP network.
iSCSI carries standard small computer system interface (SCSI) commands over IP networks to facilitate
data transfers over intranets, and to manage storage over long distances. You can use iSCSI to transmit
data over local area networks (LANs), wide area networks (WANs), or even over the Internet.
iSCSI relies on standard Ethernet networking architecture. Whether you want to utilize specialized
hardware, such as HBA or network switches, is optional. iSCSI uses TCP/IP (typically, Transmission Control
Protocol (TCP) port 3260). This means that iSCSI enables two hosts to negotiate tasks, such as session
establishment, flow control, or packet size, and then exchange SCSI commands by using an existing
Ethernet network. iSCSI uses a commonly used, high performance, local storage-bus subsystem
architecture, which it emulates over LANs and WANs, thereby creating a SAN.
Unlike Fibre Channel SAN technologies, iSCSI requires no specialized cabling. You can run it over the
existing switching and IP infrastructure. However, as a best practice, you can increase the performance
of an iSCSI SAN deployment by operating it on a dedicated network or subnet.
Note: Although you can use a standard Ethernet network adapter to connect the server to
the iSCSI storage device, you also can use dedicated iSCSI HBAs.
• iSCSI targets. iSCSI target are used to present the storage, similar to controllers for hard-disk drives
of locally attached storage. However, you access this storage over a network, instead of accessing it
locally. Many storage vendors implement hardware-level iSCSI targets as part of their storage device’s
hardware. Other devices or appliances, such as Windows Storage Server 2012 devices, implement
iSCSI targets by using a software driver and at least one Ethernet adapter. Windows Server 2012
provides the iSCSI target server, which is a role service that acts a driver for the iSCSI protocol.
• iSCSI initiators. The iSCSI target displays storage to the iSCSI initiator, or client, which acts as a local
disk controller for the remote disks. Windows Server 2008 and newer Windows Server versions
include the iSCSI initiator, and can connect to iSCSI targets. Windows 7 and newer Windows client
operating systems also include the iSCSI initiator.
• iSCSI qualified name. iSCSI qualified names are unique identifiers for initiators and targets on
an iSCSI network. When you configure an iSCSI target, you must configure the iSCSI qualified
name for the iSCSI initiators that will connect to it. iSCSI initiators also use iSCSI qualified names
to connect to the iSCSI targets. However, if name resolution on the iSCSI network is a possible issue,
you can identify iSCSI endpoints (both target and initiator) by their IP addresses.
VMM can manage and deploy block storage for your virtualization environment, which can be especially
useful if you plan to build a private cloud or plan to delegate virtualization deployment rights. This is
discussed in more detail later in the lesson in the Managing Storage in Virtual Machine Manager topic.
8-26 Managing the Network and Storage Infrastructure in Microsoft System Center 2012 R2 Virtual Machine Manager
SMB 3.0
SMB file share provides an alternative to
storing virtual machine files on iSCSI or Fibre
Channel SAN devices. Hyper-V supports storing
virtual machine data, such as virtual machine
configuration files, snapshots, and .vhd files, on
SMB 3.0 file shares. If you opt to implement SMB
file shares, consider the following:
• You must ensure that network connectivity to the file share is 1 gigabyte (GB) or more.
• When creating a virtual machine in Hyper-V on Windows Server 2012, you can specify a network
share when you select the virtual machine location and virtual hard disk location. You also can attach
disks stored on SMB 3.0 file shares. You can use both .vhd and .vhdx disk types with SMB file shares.
Note: Hyper-V over SMB assigns the computer account permissions on the share, so you
can configure it only in an Active Directory Domain Service (AD DS) environment. The VMM
service account requires administrative permissions on the file server, which must be assigned
outside of VMM.
The new SMB protocol in Windows Server 2012 includes the following features:
• SMB transparent failover. The SMB protocol has the built-in ability to manage failure so that the client
and server can coordinate a transparent move that allows continued access to resources with only a
minor I/O delay. This ensures that there is no failure for applications.
• SMB scale-out. You can use the SMB scale-out feature to access shares through multiple cluster nodes
by using Cluster Shared Volumes (CSVs). By using this feature, you can balance loads across a cluster.
• SMB Direct (SMB or Remote Direct Memory Access (RDMA)). Formerly seen only on high-
performance computing scenarios, SMB Direct is available now in Window Server 2012. SMB Direct
allows an RDMA–enabled network interface to perform file transfers by using technology onboard
the network interface, without the operating system intervening.
• SMB Multichannel. SMB Multichannel, which is enabled automatically, enables SMB to detect a
network’s configuration. For example, if it detects that two network interfaces are configured and
teamed on the client and server, SMB can make use of all available bandwidth.
• SMB encryption. SMB encryption allows for encryption without the need for (IPsec. You can configure
SMB encryption per share or at the server level. Previous versions of SMB clients cannot connect to
encrypted shares or servers.
• VSS for SMB file shares. Volume Shadow Copy Services (VSS) is enhanced to allow snapshots at the
share level. Remote file shares act as a provider and integrate with a backup infrastructure.
• SQL Server over SMB. You can store Microsoft SQL Server databases on SMB 3.0 shares, which could
allow for infrastructure consolidation.
Server Virtualization with Windows Server Hyper-V® and System Center 8-27
NFS
Network file system (NFS) is a file-sharing solution that uses the NFS protocol, and which enables you
to transfer files between computers that are running Windows Server 2012 and other non-Windows
computers.
Windows Server 2012 includes an updated NFS stack, which enables it to provide transparent failover to
NFS clients by using continuously available NFS shares. You can use NFS as storage for VMware virtual
machines. However, NFS is not an option for Hyper-V storage.
Note: Each method must be supported by the storage array, and may require a license
from the storage vendor.
To configure the allocation method for a storage array, complete the following procedure:
1. Launch the VMM console, and then click the Fabric workspace.
2. In the Fabric navigation pane, click and expand Storage, and then click Arrays.
3. Right-click the storage array you want to update, and in the storage array Properties dialog box, click
Settings. You can then click either Use snapshots or Clone logical units. Only the supported
storage method will be made available.
1. Launch the VMM console, and then click the Fabric workspace.
3. Click the storage pool drop-down list box, and then click an available storage pool.
4. Confirm there is enough capacity, enter a name and optionally a description, type the size in
gigabytes, or click to use the arrows to select a size, and then click OK.
5. To view the new logical unit, click Classifications and Pools.
8-28 Managing the Network and Storage Infrastructure in Microsoft System Center 2012 R2 Virtual Machine Manager
If you allocate a storage pool to a host group, you can also create and assign logical units directly from
managed Hyper-V hosts in the host group.
Demonstration Steps
Add an iSCSI storage provider
1. On LON-VMM1, add a storage provider, and select SAN and NAS devices discovered and
managed by a SMI-S provider.
2. Click the Protocol drop-down list box, and then click SMI-S WMI.
3. In the Provider IP address or FQDN: text box, type lon-ss1.adatum.com, and then click Browse.
4. Create a Run As account with the following settings:
o Name: StorageAdmin
5. Use the StorageAdmin Run As account to create classifications, one named Gold with a description
of 15K SAS Drives, and another named Silver with a description of 7K SATA Drives.
6. Select the iSCSITarget: LON-SS1:C, check box, and from the Classification drop-down list box, click
Silver.
7. Select the iSCSITarget: LON-SS1:E check box. From the Classification drop-down list box, click
Gold, and then click Next.
8. On the Summary page, click Finish.
9. Close the Jobs window.
Deploy Block Storage
• In the Fabric workspace, create a Logical Unit using iSCSITarget: LON-SS1:E named LON-APP1_C.
Set the size to 20 GB.
Server Virtualization with Windows Server Hyper-V® and System Center 8-29
To see and work with host storage, right-click a host, and then from the Properties dialog box, click
Storage. In the Storage area, you will see areas for each disk subsystem type. If they are present, you can
expand, review, or configure them.
1. For a supported storage array, obtain a Storage Management Initiative Specification (SMI-S) storage
provider from your storage array vendor, and then install the SMI-S storage provider on an available
server as instructed by your storage vendor.
2. From the VMM console, in the storage node, connect to the SMI-S storage provider to discover and
classify the storage. Connect to the provider by using either the IPv4 address or the fully qualified
domain name (FQDN).
3. Classify storage. Classifying storage entails assigning a meaningful classification to storage pools. For
example, you may assign a classification of GOLD to a storage pool that resides on the fastest, most
redundant storage array. This enables you to assign and use storage-based classification without
actually knowing its hardware characteristics.
4. Create logical units. In the storage node, you optionally can create logical units from a managed
storage pool.
5. From either the VMM console storage node or the target host group’s Properties dialog box, allocate
either precreated logical units or storage pools to specific host groups. If you allocate storage pools,
you can create and assign logical units directly from managed hosts in the host group that can access
8-30 Managing the Network and Storage Infrastructure in Microsoft System Center 2012 R2 Virtual Machine Manager
the storage array. Additionally, if you use rapid provisioning to provision virtual machines by using
SAN snapshots or cloning, VMM can create logical units from the storage pool automatically.
6. In the Virtual Machine Manager console, from either the host or host cluster Properties dialog box,
assign logical units from the host group to specific Hyper-V hosts or to Hyper-V host clusters, as
shared CSV or available storage. If you allocated a storage pool to a host group, you can create
and optionally assign logical units directly from a host or host cluster’s Properties dialog box. If the
storage array supports iSCSI host connectivity, you can create iSCSI sessions to the storage array from
a host’s Properties dialog box.
Host group name Storage classification Storage type Host server CPU
To add storage to a host group, you must perform the following steps:
1. Right-click the host group, and then click Properties.
2. Click Storage, and then either click Allocate Storage Pools, or click Allocate Logical Units.
Note: The iSCSI Target SMI-S Provider for Windows Server is located at either of the
following locations:
• The System Center Virtual Machine Manager 2012 Service Pack 1 (SP1) Installation CD in
path:\amd64\Setup\msi\iSCSITargetSMISProvider.msi
• The VMM server at %systemdrive%\Program Files\Microsoft System Center 2012\Virtual Machine
Manager\setup\msi\iSCSITargetProv\iSCSITargetSMISProvider.msi
Server Virtualization with Windows Server Hyper-V® and System Center 8-31
Demonstration Steps
Add file storage to VMM
1. On LON-VMM1, in the Virtual Machine Manager console, add a storage device provider.
2. On the Select Provider Type page, click Windows-based file server, and then click Next.
3. In the Provider IP address or FQDN text box, type lon-svr1.adatum.com, and then click Browse.
4. On the Select a Run As account page, click Administrator, and then click OK.
5. Complete the wizard, accepting the default settings. Click Finish, and then close the Jobs window.
Create file shares from within the Virtual Machine Manager console
1. On LON-VMM1, click Fabric, and on the ribbon, click Create File Share.
2. On the Create File Share page, in the Name text box, type SVR1, click the Classification drop-down
list box, and then click Gold. In the Local path text box, type c:\SVR1_Gold, and then click Create.
Assign storage to the host server
1. On LON-VMM1, click Fabric, click All Hosts, click lon-host1.adatum.com, and then on the ribbon,
click Properties.
5. On the Storage page, click Add, and then click Add File Share. Click the File share path drop-down
list box, click \\lon-svr1.adatum.com, and then click OK.
Allocate storage to a host group
1. On LON-VMM1, click Fabric, and then click Storage.
2. On the ribbon, click Allocate Capacity, and then click Allocate Storage Pools.
3. In the Available storage pools section, click iSCSITarget LON-SS1:E:, click Add, click OK, and then
click Close.
8-32 Managing the Network and Storage Infrastructure in Microsoft System Center 2012 R2 Virtual Machine Manager
Objectives
After completing this lab, you will be able to Implement a storage infrastructure.
Lab Setup
Estimated Time: 25 Minutes
Password: Pa$$w0rd
For this lab, you will use the available virtual machine environment. Before you begin, you must complete
the following steps:
o 20409B-LON-DC1
o 20409B-LON-VMM1
o 20409B-LON-SS1
o 20409B-LON-SVR1
3. In Hyper-V Manager, click 20409B-LON-DC1, and then in the Actions pane, click Start. Wait 30
seconds.
4. Click 20409B-LON-VMM1, in the Actions pane, click Start, and then click Connect. Wait until the
virtual machine starts.
5. Sign in by using the following credentials:
o Password: Pa$$w0rd
o Domain: Adatum
Note: Because you will be using the same virtual machines in the next lab, do not revert the
virtual machines at the end of this lab.
Server Virtualization with Windows Server Hyper-V® and System Center 8-33
$Cred = Get-Credential
3. In the Windows PowerShell credential request dialog box, in the User name text box, type
adatum\administrator, in the Password text box, type Pa$$w0rd, and then click OK.
4. In the Windows PowerShell window, type the following Windows PowerShell script:
3. In the Protocol drop-down list box, click SMI-S WMI. In the Provider IP address or FQDN text box,
type lon-ss1.adatum.com, and then click Browse.
4. On the Select a Run As account page, click iSCSIRunas, and then click OK.
7. On the Select Storage Devices page, click Create Classification, and in the Name text box, type
Gold. In the Description text box, type 15K SAS Drives, and then click Add.
8. Click Create Classification, and in the Name text box, type Silver. In the description text box, type
7K SATA Drives, and then click Add.
9. Select the iSCSITarget: LON-SS1:C check box, and then in the Classification drop-down list box,
click Silver.
10. Select the iSCSITarget: LON-SS1:E: check box, in the Classification drop-down list box, click Gold,
and then click Next.
8-34 Managing the Network and Storage Infrastructure in Microsoft System Center 2012 R2 Virtual Machine Manager
11. On the Summary page, click Finish, and wait for the job to finish.
14. In the Fabric navigation pane, click Storage, and on the ribbon, click Create Logical Unit.
15. Click the storage pool drop-down list box, and then click iSCSITarget: LON-SS1:E. In the Name text
box, type LON-APP1_C, in the Size (GB) text box, clear the existing value, type 20, and then click OK.
16. In the Fabric navigation pane, click Classifications and Pools. Verify that you can now see the new
LUN listed.
2. On the Select Provider Type page, click Windows-based file server, and then click Next.
3. In the Provider IP address or FQDN: field, type lon-svr1.adatum.com, and then click Browse.
4. On the Select a Run As account page, click Create Run As Account.
5. In the Name box, type Administrator. In the User name box, type Adatum\Administrator, in the
Password and Confirm password boxes, type Pa$$w0rd, and then click OK.
6. In the Select a Run As Account box, click Administrator, and then click OK.
8. On the Gather Information page, review the discovery result, and then click Next.
9. On the Select Storage Devices page, click Next.
o Name: SVR1
o Classification: Gold
o Path: C:\
6. Click Storage, on the Storage page, click Add, and then click Add File Share.
7. In the File share path drop-down list box, click \\lon-svr1.adatum.com\SVR1_Gold, and then
click OK.
8. On LON-VMM1, from the Fabric workspace, allocate the iSCSITarget LON-SS1:E storage pool.
Server Virtualization with Windows Server Hyper-V® and System Center 8-35
9. In the Virtual Machine Manager console, create a new virtual machine using the following details:
o Name: LON-APP1
10. Deploy the new virtual machine to lon-host1.adatum.com using the virtual machine path
C:\Program Files\Microsoft Learning\20409\Drives. (Note: this path may differ on your host.)
11. Confirm that the Create Virtual Machine job completes successfully.
14. In the Migrate VM Wizard, on the Select Host page, ensure that lon-host1.adatum.com is selected,
and then click Next.
15. On the Select Path page, in the Storage location for VM configuration text box, type
\\lon-svr1.adatum.com\SVR1_Gold, click Automatically place all VHDs with the configuration,
and then click Next.
16. On the Select Network page, leave the defaults, click Next, and then click Move.
Results: After completing this exercise, you should have implemented a storage infrastructure.
8-36 Managing the Network and Storage Infrastructure in Microsoft System Center 2012 R2 Virtual Machine Manager
Lesson 3
Managing Infrastructure Updates
As is the case with physically deployed servers and software, if you do not apply software updates
to virtual machines and the applications they host, you make your virtually and physically deployed
computers more vulnerable to being exploited by attackers inside and outside of your organization.
After completing this lesson, students will be able to manage infrastructure updates in Virtual Machine
Manager.
Lesson Objectives
After completing this lesson, you will be able to:
Integrating WSUS with VMM also provides you with the ability to perform orchestrated updates of
Hyper-V host clusters. When you remediate a host cluster, VMM places one cluster node at a time in
maintenance mode, and then installs the approved updates. For clusters that support live migration,
intelligent placement moves virtual machines off the cluster node that you are updating. If a cluster does
not support live migration, VMM saves the state of the virtual machines before updating the cluster node.
Note: You must have Windows Server 2008 R2 or Windows Server 2012 installed on a
Hyper-V cluster node for live migration support.
Server Virtualization with Windows Server Hyper-V® and System Center 8-37
You can use the Update Server role in VMM to manage more complex update tasks for servers in your
private cloud infrastructure. These servers include:
• Hyper-V hosts
• Hyper-V clusters
• PXE servers
• VMM management servers
• Infrastructure servers
To determine compliance status, the System Center 2012 VMM update compliance function allows you to
scan computers managed through VMM against a baseline of approved updates. For any servers that are
noncompliant, you can perform update remediation tasks to install missing updates and restart servers, if
necessary. You also can use the VMM update compliance functionality to deploy the VMM agent to a
non-VMM server, and then use that server in the process of evaluating compliance with baselines.
3. After you add an Update Server, you can perform the following tasks from within the VMM console:
o Perform on-demand synchronization of WSUS with Windows Update.
o Configure proxy server name and port settings, which are required for connecting to the Internet
for WSUS synchronizations.
4. After you assign an update baseline, start a scan to determine compliance status. During a
compliance scan, WSUS checks each update in the assigned update baseline to determine whether
the update is applicable, and if so, whether it is installed on the target server. The target server then
reports a compliance status for each update.
5. Perform an update remediation to bring a managed server or Hyper-V host cluster into compliance.
You can choose to remediate all update baselines assigned to a computer, all noncompliant updates
in a specific update baseline, or a single update, as necessary.
8-38 Managing the Network and Storage Infrastructure in Microsoft System Center 2012 R2 Virtual Machine Manager
6. Specify which update exemptions will prevent a specific update from being installed on a server. The
computer will remain accountable for the assigned baseline, even if you exempt a specific update
from being installed.
• Library servers
• PXE servers
• VMM server
• Update Server
• When you first add the Update Server, two built-in update baselines are provided. The Sample
Baseline for Critical Updates contains all of the critical updates that synchronize initially, and the
Sample Baseline for Security Updates contains all of the security updates that synchronize initially.
Server Virtualization with Windows Server Hyper-V® and System Center 8-39
If you plan to use these built-in update baselines, you will need to maintain the updates as you
perform subsequent synchronization tasks. You also need to assign computers to the baseline before
you are able to use the baseline for compliance scanning and remediation.
You can create a new update baseline that contains the updates that you require, in addition to those that
you assign to the servers for which you want to maintain update compliance.
• If you add the WSUS server to VMM, ensure that you clear the Allow Update Server configuration
changes check box. You configure this in the VMM console, in the Update Server Properties dialog
box.
1. In the VMM console, click the Fabric workspace. On the ribbon, click Compliance, and then in the
Fabric pane, click Servers.
2. In the Managed Computers section, review the compliance status and operational status.
3. To start a compliance scan, click the server to scan, and then on the ribbon, click Scan. Optionally,
you can hold down the Shift key, select multiple servers, and then from the ribbon, click Scan. The
Operational status will change to Scanning. When the scan completes, the Compliance status will be
updated.
Note: If the Scan button is grayed out on the ribbon, then no baseline has been assigned.
Remediating Servers
You can remediate servers as follows:
1. In the VMM console, click the Fabric workspace. On the Fabric navigation pane, click Servers.
2. Click and select the server or servers for remediation, and then on the ribbon, click Remediate.
3. On the Update Remediation page, click to select the update baseline or individual updates. Choose
if you want servers to restart automatically, and then click Remediation.
2. Click and select the server or servers for exception, and then on the ribbon, click Compliance
Properties.
3. On the Compliance Properties page, click Create. Select the updates to exclude, and then click OK.
When remediating Hyper-V clusters, the nodes will be put into maintenance mode and if possible, virtual
machines will be live migrated until the upgrade is complete.
How to Perform Rolling Updates on a Hyper-V Host Cluster in VMM
http://go.microsoft.com/fwlink/?LinkID=386733
Server Virtualization with Windows Server Hyper-V® and System Center 8-41
Demonstration Steps
Integrate WSUS and VMM
1. On LON-VMM1, in the Virtual Machine Manager console, from the Fabric workspace, expand the
Infrastructure node, and then add an Update Server with the following configuration:
o Computer name: LON-WSUS
3. When the job displays as Completed w/info, close the Jobs window.
Create a Baseline
2. Expand the Update Catalog and Baselines node, and then create a Baseline using the Update
Baseline Wizard.
3. On the General page, in the Name field, type Windows Server 2012 (Demo Baseline), and then
click Next.
5. In the Add Update to Baseline dialog box, create a new baseline called Windows Server 2012. Click
the first update, on your keyboard press and hold down the Ctrl and Shift keys, and then press the
down arrow key. This will select all the filtered updates, and then click Add.
6. On the Assignment Scope page, select all of the check boxes, and then click Next.
7. On the Summary page, review the details, and then click Finish.
Objectives
After completing this lab, you will be able to:
Lab Setup
Estimated Time: 25 minutes
Virtual Machines: 20409B-LON-HOST1, 20409B-LON-HOST2, 20409B-LON-DC1, 20409B-LON-VMM1,
20409B-LON-SVR1, 20409B-LON-WSUS, 20409B-LON-SS1
2. Verify that the following virtual machines are still running. If they are not, perform steps 3 to 6.
o 20409B-LON-DC1
o 20409B-LON-VMM1
o 20409B-LON-SS1
o 20409B-LON-SVR1
o 20409B-LON-WSUS
3. In Hyper-V Manager, click 20409B-LON-DC1, and then in the Actions pane, click Start. Wait 30
seconds.
4. Click 20409B-LON-VMM1, in the Actions pane, click Start, and then click Connect. Wait until the
virtual machine starts.
o Domain: Adatum
6. Repeat steps 3 through 4 for 20409B-LON-SS1, 20409B-LON-SVR1, and 20409B-LON-WSUS.
Note: Because you will be using the same virtual machines in the next lab, do not revert the
virtual machines at the end of this lab. However, you can shut down all virtual machines after
finishing this lab.
Server Virtualization with Windows Server Hyper-V® and System Center 8-43
5. Using the Summary and Details tabs, monitor the status of the configuration job.
6. When the job displays as Completed w/info, close the Jobs window.
2. In the navigation pane, expand the Servers node, expand Infrastructure, and then click Update
Server.
6. When the job displays an error message, close the Jobs window.
Note: An error is expected because there is no Internet connection. However, this will not
affect the rest of the lab exercise.
8-44 Managing the Network and Storage Infrastructure in Microsoft System Center 2012 R2 Virtual Machine Manager
2. In the navigation pane, expand the Update Catalog and Baselines node, and then click Update
Baselines.
3. Create a Baseline with the name LON Base1 that includes all updates, and assign it to All Hosts and
LON-VMM1.Adatum.com.
5. On the Summary and Details tabs, monitor the status of the configuration job.
6. When the job displays as Completed, close the Jobs window.
7. With the Update Baselines node selected, verify that LON Base1 displays in the Baselines pane with
Assignments set to 2.
2. In the navigation pane, expand the Update Catalog and Baselines node, and then click Update
Baselines.
3. Open the Properties for LON Base1, and assign LON-WSUS.Adatum.com to it.
7. When the job displays as Completed, switch back to the Library workspace.
8. With the Update Baselines node selected, verify that LON Base1 displays in the Baselines pane with
Assignments set to 3.
4. In the Results pane, verify that the Compliance Status lists as Compliant.
Results: After completing this exercise, you should have added and configured an Update Server to
manage infrastructure updates.
Server Virtualization with Windows Server Hyper-V® and System Center 8-45
Question: Which storage types does VMM allows you to integrate with and configure
automation for?
Question: Before you can configure a virtual machine network, what other network should
you configure?
Question: You have been advised that a potential compatibility issue exists between a
Windows operating system security update and the antivirus software that you are using to
protect your Hyper-V hosts. What could you do in VMM to prevent this issue from affecting
your Hyper-V hosts?
9-1
Module 9
Creating and Managing Virtual Machines by Using Microsoft
System Center 2012 R2 Virtual Machine Manager
Contents:
Module Overview 9-1
Module Overview
One of the main tasks that administrators can perform with Microsoft System Center 2012 R2 Virtual
Machine Manager (VMM) is creating and deploying virtual machines and placing them on physical hosts.
You can also use VMM to manage existing virtual machines. This module explains how administrators can
use VMM to deploy a new virtual machine in various ways. For example, you can create a virtual machine
from the beginning, or by using a stored virtual machine from the VMM library. You can also use VMM to
manage virtual disks that virtual machines use, and to create and manage virtual machine checkpoints for
restoring virtual machines to specific points in time.
This module will describe management tasks on virtual machines, disks, and checkpoints that you can
perform in the VMM console. This module also explains how you can use VMM to convert a physical
machine to a virtual machine, and how to convert a virtual machine that you built with another platform
to a virtual machine that you host in Hyper-V on Windows Server 2012. You will also learn how to clone
existing virtual machines to build new ones. Lastly, this module explains how to use VMM to update
virtual machines, and how to use the Virtual Machine Servicing Tool for older VMM versions.
Note: For the purpose of this course, all instances of Microsoft System Center 2012 R2
Virtual Machine Manager are referred to as VMM.
Objectives
After completing this module, you will be able to:
Lesson 1
Virtual Machine Management Tasks in VMM
VMM provides the VMM console that is built on Windows PowerShell. This console is a central utility for
managing virtual machines, and you can use it to perform various tasks, such as starting and stopping
virtual machines, and modifying their properties. You can perform many tasks in VMM that you typically
would perform on virtual machines through Hyper-V Manager. However, with VMM, you can manage
virtual machines that reside on several different hosts. Because Hyper-V Manager is built on Windows
PowerShell, you can also use Windows PowerShell cmdlets to manage any VMM task that you would
manage using the VMM console.
Lesson Objectives
After completing this lesson, you will be able to:
The following table lists actions that you can perform on virtual machines both from the VMM console
ribbon, or using Windows PowerShell cmdlets.
Discard Saved Use this option to delete the saved state Stop-SCVirtualMachine
State of a virtual machine. When you do this,
the .vsv file gets deleted. This is
with the –DiscardSavedState
equivalent to stopping a virtual machine.
parameter
Demonstration Steps
1. Sign in to LON-VMM1 as Adatum\Administrator with the password Pa$$w0rd.
4. In the VMM console, in the lower left workspace, click VMs and Services.
Note: View the ribbon at the top of the console. Notice how this ribbon provides icons and
text that enable you to manage a virtual machine. Notice how some of the icons on the ribbon
are grayed out or dimmed. This is because this particular virtual machine is turned off, and
therefore these functions will not work.
6. On the ribbon, click Power On. Wait for the virtual machine to turn on, and then start up.
Note: View the various icons and their functionality, including the Power Off, Connect or
View, Manage Checkpoints, Properties, and Delete icons. Explore the other icons as time
permits.
7. Shut down the virtual machine, and review the Create icon.
Note: View the Home tab, and notice how you can create a new virtual machine with it.
• Status. On the Status page, you can view the status of your virtual machine. You can also view
refresher and deployment information, whether there have been any errors, and if the machine is
running or stopped. If there are errors, you have the option to copy them.
• Hardware Configuration. On this page, you can configure hardware settings for virtual machines. You
can configure most of the hardware components of a virtual machine only when the virtual machine
is in the stopped state. However, you can modify the Network Adapter configuration when the virtual
machine is running.
Server Virtualization with Windows Server Hyper-V® and System Center 9-9
Hardware configuration is divided into several nodes, each of which has a set of the following
configurable items:
o Cloud Compatibility Profile: You can select the VMware ESX Server, Hyper-V and/or Citrix
XenServer profile.
o General:
You can define the number of processors, and even allow migration to a virtual machine host
with a different processor version.
You can also define the floppy drives, the COM port configuration, amount of random access
memory (RAM), the Video Adapter, including the Microsoft RemoteFX 3D video adapter, and
the maximum number of monitors.
o Bus Configuration:
You can configure hard drives and CD/DVD drives, including integrated drive electronics
(IDE) and small computer system interface (SCSI).
o Network Adapters:
You can define network adapters and their configuration. There is a new option that you can
use to connect to Fibre Channel ports in existing storage arrays via a Fibre Channel Adapter.
You can therefore use your existing Fibre Channel infrastructure to support virtualized
workloads. Support for Fibre Channel in Hyper-V virtual machines provides many features,
such as virtual storage area networks (SAN), live migration, and Multipath IO (MPIO).
o Advanced:
You can configure Integration Services to allow operating system shutdown, time
synchronization, data exchange, heartbeat, and backup by using the Volume Shadow Copy
Service (VSS).
You can use availability to configure a virtual machine as highly available. Note that this
requires that you have host clustering configured.
You can use CPU Priority to control which virtual machines get first access to CPU resources
when there is contention. A virtual machine with low priority will not be allocated as much
processing power as a virtual machine with normal priority.
You can use virtual non-uniform memory access (NUMA), a memory-access optimization
method that prevents memory-bandwidth bottlenecks in servers with multiple physical CPUs.
You can use memory weight to ensure that when memory usage on a host is high, virtual
machines with a higher priority are allocated memory resources over those with a lower
priority.
Note: You also can use these settings from hardware profiles that are precreated and
stored in the Library.
• Checkpoints. Use the Checkpoints page to manage virtual machine checkpoints. You can create new
checkpoints, remove existing checkpoints, or restore a virtual machine to a specific checkpoint state.
(The next topic in this lesson details checkpoints.)
• Custom Properties. Use the Custom Properties page in the Virtual Machine Properties to assign as
many as 10 custom fields to a virtual machine. Use the custom fields to identify, track, and sort virtual
machines by any property, including department, geographic area, or function.
9-10 Creating and Managing Virtual Machines by Using Microsoft System Center 2012 R2 Virtual Machine Manager
• Settings. Use the Settings page to configure quota points for self-service. You can use the VMM self-
service feature to restrict the resource utilization of users by assigning a quota limit. VMM uses the
quota points that you define for a virtual machine to calculate how much of the quota it can use
when a user starts the virtual machine.
• Actions. On the Actions page, you can choose to specify which actions to perform on the virtual
machine when Hyper-V on the host starts and stops, which usually happens when rebooting the host
machine. You can choose for the virtual machine to start with the host, or require it to start manually
after the host is running. You also can choose what action the virtual machine will perform when the
physical server shuts down, and whether to disable Performance and Resource Optimization (PRO) for
the virtual machine.
Note: PRO has the ability to implement changes automatically, such as migrating virtual
machines between hosts for load balancing. When you enable the option to Exclude virtual
machine from optimization actions host-level for a virtual machine, any PRO actions that initiate
automatically will not affect the virtual machine. PRO is available when you integrate VMM with
System Center 2012 R2 Operations Manager.
• Servicing Windows. On the Servicing Windows page, you can manage servicing windows by applying
them to the virtual machine. Servicing windows indicate when you can take down the virtual machine
for servicing, such as for applying updates. You must first create servicing windows before you can
assign them in the virtual machine’s Properties window.
• Dependencies. On the Dependencies page, you will see the dependencies that are assigned to virtual
machines. Dependencies are resources that are necessary for the virtual machine to operate. These
resources can be as virtual hard disk drives, ISO files, and other items.
• Validation Errors. The Validation Errors page lists errors that might occur in your configuration (for
example, removing a dependency), which will make it impossible for the virtual machine to start.
• Access. On the Access page, you can select self–service owners, if they exist, and share the self-service
user roles.
• Storage. On the Storage page, you can add and remove created disk and Fibre Channel array
resources. Before doing this, you must first define those resources, or they will appear grayed out.
You learned in previous modules that virtual machines consist of files. When you create a checkpoint,
those files are disconnected from the virtual machine, and are used as base disks for newly created delta
disks (.avhd files). When you delete a checkpoint, this process is reversed. When you apply a checkpoint,
the .vhd and .avhd files are merged. For virtual machines on Hyper-V and VMware ESX server hosts, a
checkpoint also saves the hardware configuration information.
For virtual machines on Hyper-V and VMware ESX server hosts, checkpoints also are useful in a test
environment when you want to use multiple hardware configurations on a virtual machine.
You can create checkpoints by using the VMM console or by using the Windows PowerShell cmdlet New-
SCVMCheckpoint. You can create checkpoints when the virtual machine is running or when it is stopped.
You can export checkpoints together with the virtual machine, and move them to another host.
Note: You can create checkpoints only for a virtual machine that is deployed on a virtual
machine host. You cannot create checkpoints for a virtual machine that is stored in the Virtual
Machine Manager library.
When you create a checkpoint for a virtual machine, Hyper-V and VMM perform the following steps:
2. Create a new differencing disk for each virtual hard disk, and then configure the virtual machine to
use the new differencing disk (or disks), using an .avhd or .avhdx extension.
3. Create a copy of the virtual machine’s configuration file.
These steps happen so quickly that it is nearly imperceptible that the virtual machine ever paused.
When the virtual machine is running, the contents of the virtual machine’s memory are saved to the disk.
While this is happening, VMM monitors the memory activity of the virtual machine. If the guest operating
system attempts to modify memory that has not been copied, VMM intercepts the changes until the
original the memory contents are copied. After the original memory contents are copied, VMM applies all
pending changes.
After the checkpoint is complete, the virtual machine configuration file, virtual machine saved state files,
and the snapshot differencing disks (.avhd’s) are stored in a folder under the checkpoint directory of
the virtual machine. VMM then treats the checkpoint as a read-only “point-in-time” image of a virtual
machine, while all writing operations go to the .avhd file. You can change virtual machine settings after
applying a checkpoint. However, you cannot change the virtual machine settings of the checkpoint itself.
Checkpoints have different content, depending on the state of the virtual machine when VMM takes
the checkpoint. For checkpoints that you create when the virtual machine is running, the checkpoint
contains the state of the hard disks and the data in memory. On the Checkpoints page in the virtual
machines properties, (or by going to the Manage Checkpoints icon on the ribbon), you can see that the
checkpoint’s icon has a small, green triangle (known as the Play button). For checkpoints that you create
when the virtual machine is stopped, the checkpoint contains the state of the hard disks only. On the
Checkpoints page, for this type of checkpoint, the icon has a small, red square (known as the Stop button).
9-12 Creating and Managing Virtual Machines by Using Microsoft System Center 2012 R2 Virtual Machine Manager
Note: In VMM, you can create a maximum of 64 checkpoints per virtual machine. Each
time you create a checkpoint, it creates additional differencing disk files, which results in the use
of additional disk space. Having multiple disks can reduce performance, because the running
virtual machine reads data from the multiple files scattered on the physical disk. Additionally, an
increase in disk space usage can increase the time it takes to migrate a virtual machine between
hosts.
Demonstration Steps
1. Sign in to LON-VMM1 as Adatum\Administrator with the password Pa$$w0rd.
2. Open the VMM console and go to the VMs and Services workspace.
3. Start the 20409B– LON–SVR1 virtual machine.
4. Using the ribbon, create a checkpoint, with the description Demonstration of a running system’s
checkpoint.
6. Using the ribbon, create a checkpoint, with the description Demonstration of a stopped system’s
checkpoint.
Note: On the ribbon’s Manage Checkpoints icon for each virtual machine, view the
difference between the running and stopped checkpoints. Note that the running checkpoint has
a green triangle and the stopped checkpoint has a red square.
Lesson 2
Creating, Cloning, and Converting Virtual Machines
When you add a Hyper-V host to VMM, any virtual machine on that host becomes manageable on
VMM through the VMM console. However, there may be times when you wish to create a virtual machine,
either from the beginning, or based on certain configurations and properties, such as by using templates,
or by cloning existing virtual machines. When you have multiple physical hosts, you may find that some of
these hosts have less performance power or are running more virtual machines than other physical hosts.
Where you deploy virtual machines during their creation can cause your environment to have issues.
Placement of virtual machines on the various physical hosts is an important aspect of the management of
VMM. Intelligent placement guidelines will recommend the best host for initial placement of virtual
machines.
In addition to creating virtual machines, you can make a copy or clone of a virtual machine. You can also
convert a physical computer into a Hyper-V virtual machine, even if that virtual machine was created in
another virtualization platform.
Lesson Objectives
After completing this lesson, you will be able to:
• Describe the creation of virtual machines in VMM.
• A service template
9-14 Creating and Managing Virtual Machines by Using Microsoft System Center 2012 R2 Virtual Machine Manager
A virtual machine template is a library resource consisting of a guest operating system profile, a hardware
profile, and one or more virtual hard disk (.vhd) files, which you can then use to create a new virtual
machine.
When you create a new virtual machine using an existing .vhd or .vhdx template, you are essentially
creating a new virtual machine configuration that is associated with the file. VMM will create a copy of
the source file so that you do not have to move or modify the original file. In this scenario, you must use
Sysprep to prepare the operating system for duplication.
The deployment process does not affect the actual template, which you can reuse multiple times. The
following requirements apply if you want to deploy a new virtual machine from a template:
• You must first install a supported operating system on the virtual hard disk used with the template.
• For customized templates, you must prepare the operating system on the virtual hard disk by
removing computer identity information. For Windows Server operating systems, you can prepare the
virtual hard disk by using Sysprep.exe. For Linux operating systems, you can use non-Microsoft tools
that will do the same task.
Server Virtualization with Windows Server Hyper-V® and System Center 9-15
• The host for deployment. The Create Virtual Machine Wizard provides a list of potential hosts and
their ratings.
• The path of the virtual machine files on the host.
• The virtual networks used for the virtual machine. You can see a list of existing virtual networks on the
host, from which you can choose.
• When you click and drag a virtual machine onto a host or a host group in the Virtual Machines view.
• When you create a new virtual machine either directly, or by using a clone or convert process.
• When self-service users deploy virtual machines that they create by using the VMM Self-Service
Portal.
During automatic placement, VMM moves the virtual machine files to the most suitable host for a host
group, and to the most suitable volume on the selected host based on the volume’s available space. The
host ratings appear as five stars that are either gray or yellow, indicating their favorability compared to
other hosts. For example, a volume with five yellow stars indicates the highest rating, and a volume with
zero yellow stars (five gray stars) indicates the lowest rating.
Note: You must configure a default virtual machine path on the volume that VMM selects
during automatic placement, or the virtual machine placement will fail.
You can also perform placement manually. In this scenario, during the virtual machine deployment
process, you would manually select a host for the virtual machine. This method is helpful when you want
to use some hosts only for performing maintenance tasks, such as creating and updating virtual machines.
To ensure that VMM does not rate these hosts at zero yellow stars, when you deploy or migrate a virtual
machine, you can remove the hosts from placement.
9-16 Creating and Managing Virtual Machines by Using Microsoft System Center 2012 R2 Virtual Machine Manager
Intelligent Placement
VMM includes an intelligent placement capability, through which it makes recommendations on where to
run each virtual machine. You can use this feature to move a virtual machine dynamically from one host
to another. For example, you might want to use this feature if host resources are overcommitted.
The intelligent placement decisions depend on VMM’s knowledge of the virtual machine host, and its
current load from running virtual machine guests. VMM receives that knowledge from performance data
that the VMM agent collects on the virtual machine host. The VMM agent sends this data to the VMM
server every nine minutes, and the VMM server then stores the data in the VMM database.
Note: When choosing which virtual machine to move to another host, intelligent
placement does not take into account applications that are running inside a virtual machine.
When you deploy a virtual machine and select to deploy it to a host or private cloud, you can also
configure the Expected Utilization settings, which can further refine host ratings based on anticipated
resource utilization. With these settings, you can adjust the following attributes:
Demonstration Steps
1. Sign in to LON-VMM1 as Adatum\Administrator with the password Pa$$w0rd.
2. Open the VMM console, and browse to the VMs and Services workspace.
3. On the Home tab, click the Create Virtual Machine drop-down list box, and then click Create
Virtual Machine.
Note: In the Create Virtual Machine Wizard, observe all of the configurable options.
Server Virtualization with Windows Server Hyper-V® and System Center 9-17
4. Name the virtual machine Win2012test, with the description Test of create virtual machine
functionality.
6. At the end of the wizard, save the configuration in a Windows PowerShell script with the name
CreateDemoVM.ps1.
7. Once the virtual machine is created, in the console tree of the VMM console, click the LON-HOST2
host computer.
8. Verify that the virtual machine Win2012test has been created and displays here.
9. Close the VMM console, and sign out of LON-VMM1.
Note: VMM contains a new feature called Live Cloning. You can use Live Cloning to clone
virtual machines without having to stop the original virtual machine. This can significantly reduce
downtime while creating virtual machines.
When you are cloning a virtual machine, you use the New Virtual Machine wizard to specify the following
settings:
• Virtual machine identity. You use this setting to specify a name for the virtual machine, but note that
this name does not have to match the computer name of the clone. You must also specify an owner,
who must have a domain account in Active Directory Domain Services (AD DS).
• Configure Hardware. You use this setting to modify the hardware configuration of the clone. Here
you also can select most of the hardware configurable options available to new virtual machines.
• Select Destination. Use this setting to specify whether to store the clone on a host or on a library
server.
• Select Virtual Machine Host. Use this setting to view the rating system of VMM to find the most
suitable host on which to deploy the virtual machine clone.
9-18 Creating and Managing Virtual Machines by Using Microsoft System Center 2012 R2 Virtual Machine Manager
• Select Path. Here you can select the path of the folder on the host that will store the virtual machine
files. You can also specify a library server here.
• Additional Properties. Use this setting to select the behavior of the virtual machine when the host
machine stops or starts.
• Summary. Use this setting to review your configuration settings. You can also create a Windows
PowerShell script of cmdlets for all of your configuration settings.
When you create a clone of a virtual machine, the operating system is not generalized. This means that
you cannot have a cloned virtual machine running at the same time as the original virtual machine, unless
you first change the virtual network to which it is connected. However, you may clone a virtual machine
for use in a test environment. In addition, you may clone a virtual machine, use Sysprep.exe to generalize
the virtual machine at a later time, and then use the virtual machine to deploy additional virtual machines.
Remember that a cloned virtual machine is identical to the virtual machine on which it is based. This
includes its identity in the domain, its security identifier (SID), and even the media access control (MAC)
address if it is assigned statically on the original virtual machine. This can cause identity problems in Active
Directory products, in Domain Name System (DNS), and on the same network subnet.
• Consider running Sysprep on the cloned virtual machine to eliminate domain name and SID
duplication of the original virtual machine.
• When you clone a virtual machine, its virtual hard disks and all of its configuration files are copied.
Because VMM does not verify whether you have enough disk space for these files, prior to cloning
you should ensure that you do. Because virtual hard disks and configuration files can get quite large,
be aware of their size before you begin.
• Some virtual machines can have elaborate hardware configurations. If you are cloning these types of
virtual machines, be aware of their hardware configuration requirements.
• If you are using VMM, you can now clone a virtual machine that is running. However, all previous
versions of VMM (including System Center 2012 - VMM and System Center 2012 SP1 VMM) will
require that you stop the original virtual machine prior to cloning.
Server Virtualization with Windows Server Hyper-V® and System Center 9-19
Demonstration Steps
1. Sign in to LON-VMM1 as Adatum\Administrator with the password Pa$$w0rd.
2. Open the VMM console, browse to the VMs and Services workspace, and then click LON-HOST1.
3. Create a clone of virtual machine 20409B-LON-SVR2, with the description Clone of the LON-SVR2
virtual machine.
4. Use the defaults for all remaining pages in the Create Virtual Machine Wizard, but notice the various
configurable options.
Note: VMM takes several minutes to create the cloned virtual machine. During this time, a
Jobs window will open. Discuss steps that an administrator would take to ensure the cloned
virtual machine was unique before starting.
5. When the job completes, return to the VMs and Services workspace, and then click LON-HOST2.
Note that now a virtual machine named 20409B-LON-SVR2 displays. This is the clone.
6. Delete the cloned virtual machine.
Disk2vhd
http://go.microsoft.com/fwlink/?LinkID=285293
• You can use other non-Microsoft tools, and backup and mirroring technologies to migrate P2V. Some
of these technologies are created specifically for this purpose, while others may not be designed with
this in mind. Many backup technologies offer a bare-metal recovery agent or tool, which fully restore
a server to non-identical hardware, including a virtual machine.
9-20 Creating and Managing Virtual Machines by Using Microsoft System Center 2012 R2 Virtual Machine Manager
• For those with large data centers that still have older physical machines that require P2V conversion,
it is possible to create a virtualized environment with System Center 2012 with Service Pack 1 (SP1)
VMM. This environment will require an AD DS infrastructure and SQL Server, both of which can also
be virtualized. Microsoft has provided a blog posting on their TechNet website referencing this
procedure.
Microsoft Virtual Machine Converter Solution Accelerator simplifies low-cost, point-and-click migration of
certain guest operating systems from VMware to Hyper-V. These guest operating systems are:
• Windows 7
• Windows Vista
• Windows Server 2008 R2
The Microsoft Virtual Machine Converter Solution Accelerator has a wizard-driven GUI. It also has a
fully scriptable command-line interface that you can use in Windows PowerShell. The Microsoft Virtual
Machine Converter Solution Accelerator also integrates with Orchestrator workflows. It supports the
conversion of virtual machines from VMware vSphere 4.1 and VMware vSphere 5.0 hosts to Hyper-V.
This includes virtual machines that are hosted on a vSphere cluster.
Note: The Microsoft Virtual Machine Converter Solution Accelerator supports conversion of
virtual machines from VMware vSphere 4.0, if vCenter 4.1 or vCenter 5.0 are managing the host.
To convert virtual machines on vSphere 4.0, you must connect to vCenter 4.1 or vCenter 5.0
through the Microsoft Virtual Machine Converter Solution Accelerator.
9-22 Creating and Managing Virtual Machines by Using Microsoft System Center 2012 R2 Virtual Machine Manager
Lesson 3
Overview of Virtual Machine Updating
Keeping virtual machines up-to-date is as important as keeping physical hosts current. In many scenarios,
you can update virtual machines by using the same technologies as you would for physical hosts, such as
System Center 2012 R2 Configuration Manager or Windows Server Update Service (WSUS).
However, in some scenarios, you turn off your virtual machines for extended periods, such as when they
are stored in the VMM library. During these times, you cannot update these machines using regular
methods. In some cases, you can use Virtual Machine Servicing Tool 2012 to keep your offline virtual
machines current with the latest updates and patches.
Note: Virtual Machine Servicing Tool 2012 works with System Center 2012 – Virtual
Machine Manager, but has not yet been provisioned for System Center 2012 SP1 Virtual Machine
Manager or System Center 2012 R2 Virtual Machine Manager.
Lesson Objectives
After completing this lesson, you will be able to:
• Describe methods for maintaining software updates.
WSUS
The most common way to keep computers
up-to-date is to use WSUS. The most recent
version is WSUS 3.0 SP2. This version is a role
in the following operating systems:
WSUS is a free product that is helpful in providing IT environments with an efficient and centralized
update infrastructure. The main purpose of WSUS is that IT administrators can use it to deploy the latest
Server Virtualization with Windows Server Hyper-V® and System Center 9-23
Microsoft product updates to computers running Windows operating systems. Administrators can also use
WSUS to manage the distribution of Microsoft Update releases to computers on their network.
Note: Automatic Updates enables both server and client computers to receive updates
from Microsoft Update or from a WSUS server.
Configuration Manager
For more complex and demanding environments in which you need to use a single software solution to
update and deploy client and server computers, you can use System Center 2012 Configuration Manager.
Configuration Manager provides a comprehensive solution for change and configuration management for
the Microsoft platform. You can use Configuration Manager to perform tasks such as:
• Deploying operating systems.
Configuration Manager collects information in a SQL Server database, in which queries and reports
consolidate information throughout the organization. Configuration Manager can manage a wide range
of Windows operating systems, including client platforms, server platforms, and mobile devices.
Software update deployments in Configuration Manager are helpful in deploying software updates to
Configuration Manager client computers, and for distributing compatible software updates. You can use
the Deploy Software Updates Wizard in Configuration Manager to create or modify a software update
deployment, which deploys software updates to clients in the target collection. You can initiate the
Deploy Software Updates Wizard in different ways, and select the software updates from several different
locations. When you create or modify a software update deployment, clients receive the deployment
policy on their next machine policy cycle, and the updates are available for installation any time after the
configured start time.
The Configuration Manager solution is much more complex than the use of WSUS. Configuration
Manager requires thorough planning before you can deploy to sites, and use its numerous features.
Configuration Manager has the potential to affect every computer in an organization. However, if you
deploy and manage Configuration Manager with careful planning and consideration of your business
needs, it can reduce administrative overhead and total ownership cost.
9-24 Creating and Managing Virtual Machines by Using Microsoft System Center 2012 R2 Virtual Machine Manager
o Remote Administration
o Incoming Echo Request for Internet Control Message Protocol (ICMP) v4 and v6
• Configure offline virtual machines to replace existing virtual or physical servers in case of failure.
These offline virtual machines, sometimes referred to as hot spares, require extra preparation to
update with the Virtual Machine Servicing Tool. Each hot spare virtual machine requires two network
adapters:
o Configure network adapter 1 to use a dynamic IP address and a static MAC address, and connect
this adapter to an isolated virtual local area network (VLAN). The servicing job uses this adapter.
Verify that the physical server that corresponds to the hot spare virtual machine cannot connect
to this network.
o Configure network adapter 2. The hot spare uses this adapter during its normal operation as a
replacement server.
Best Practice: To be compatible with DHCP, virtual machines must use static MAC
addresses.
You must ensure that the host is registering a heartbeat signal for the virtual machine. If the heartbeat
signal is not functioning, and if Windows PowerShell cannot detect the virtual machine, verify that the
local computer name of the virtual machine matches the virtual machine’s fully qualified domain name
(FQDN).
When you create a servicing job to update a hot spare virtual machine, make sure that the servicing job
uses the isolated VLAN.
Server Virtualization with Windows Server Hyper-V® and System Center 9-25
• Ensure that the software update point has downloaded the updates.
• Ensure that the updates are packaged for deployment.
• Create deployments for the updates that include the deployment deadline. To specify that the
updates should be installed as soon as possible, (which is the next time that the virtual machines
contact the Configuration Manager database), set the deadline to the shortest possible interval, so
that the deadline has passed by the time the servicing jobs begin to run.
• The Configuration Manager deployment also must identify the virtual machine collections to which
the updates apply.
• Each virtual machine is subject to a domain Group Policy Object (GPO) that identifies the WSUS server
as the intranet update service location.
9-26 Creating and Managing Virtual Machines by Using Microsoft System Center 2012 R2 Virtual Machine Manager
Several servers are still running on physical hardware. A. Datum plans to use VMM to convert those
servers to virtual machines.
Objectives
After completing this lab, you will be able to:
• Use VMM to create a virtual machine, and then modify its properties.
Lab Setup
Estimated Time: 30 minutes
Virtual machines: 20409B-LON-HOST1, 20409B-LON-DC1, 20409B-LON-VMM1
o Password: Pa$$w0rd
o Domain: Adatum
Note: Because you will be using the same virtual machines in the next lab, do not revert
the virtual machines. However, you can shut down all virtual machines after finishing this lab.
Server Virtualization with Windows Server Hyper-V® and System Center 9-27
Task 1: Create a new virtual machine with the VMM console in Microsoft System
Center 2012 R2 Virtual Machine Manager
1. On LON-VMM1, open the Virtual Machine Manager Console.
2. In the Virtual Machine Manager Console, browse to the VMs and Services workspace.
3. Click the Home tab, click the Create Virtual Machine drop-down list box, and then click Create
Virtual Machine.
4. In the Create Virtual Machine Wizard, name the virtual machine Win2012Lab9, with the description
Lab 9 exercise, create virtual machine.
7. At the end of the wizard, save the configuration in a Windows PowerShell script with the name
CreateWin2012Lab9.ps1. Accept the defaults on all other pages.
8. When the virtual machine is created, in the console tree, click LON-HOST2. This will show that the
Win2012Lab9 virtual machine has been created.
9. Close the Virtual Machine Manager console.
Results: After completing this exercise, you should have created a virtual machine and modified its
properties.
2. Browse to the VMs and Services workspace, and then click LON-HOST1.
9-28 Creating and Managing Virtual Machines by Using Microsoft System Center 2012 R2 Virtual Machine Manager
3. Create a clone of virtual machine 20409B-LON-SVR2, with the description Clone of the LON-SVR2
virtual machine.
4. Put the new machine on lon-host2.adatum.com. Use the path E:\Program Files\Microsoft
Learning\20409\. (Note the actual drive letter may differ on your host machine.)
5. After about 10 minutes, the cloned virtual machine will be created.
6. Verify that the virtual machine was created by confirming that in LON-HOST2, the 20409B-LON-SVR2
virtual machine displays. This is the cloned virtual machine.
6. In the Virtual Machine Viewer window, click the File drop-down list box, and then click Exit.
7. In the Virtual Machine Manager Console, return to the VMs and Services workspace, and then click
LON-HOST2.
8. Click 20409B-LON-SVR2 virtual machine, power it off, and then delete it.
Results: After completing this exercise, you should have cloned a virtual machine.
Server Virtualization with Windows Server Hyper-V® and System Center 9-29
Tools
• WSUS. Provides an efficient and centralized update infrastructure, and deploys the latest Microsoft
product updates to computers running Windows Server and Windows client operating systems.
Found in: Server Manager Role
• Microsoft Assessment and Planning Toolkit 8.5. Provides reports regarding virtualization candidates.
Found in: Microsoft Download Center
• Virtual Machine Servicing Tool 2012. Use it to service:
Module 10
Configuring and Managing the Microsoft System Center
2012 R2 Virtual Machine Manager Library and Library
Objects
Contents:
Module Overview 10-1
Module Overview
One of the main components of Microsoft System Center 2012 R2 Virtual Machine Manager (VMM) is the
Virtual Machine Manager library. The Virtual Machine Manager library is a resource catalog that you can
use to build virtual machines. The Virtual Machine Manager library contains templates, operating system
profiles, files that library shares store, and hardware profiles that the Virtual Machine Manager database
stores. The Virtual Machine Manager library catalogs all resources that you use when creating new virtual
machines. Therefore, some organizations might find that it is important for the library to be highly
available.
You also store templates and profiles in the Virtual Machine Manager library. You use virtual machine
templates to create new virtual machines and configure tiers in a service template. VMM profiles contain
configuration settings that you can apply to a new virtual machine template or virtual machine. You can
create, view, and modify profiles and templates in the Virtual Machine Manager library.
In this module, you will learn how to manage the Virtual Machine Manager library and library resources
and how to make the library highly available. You will also learn about the various templates and profiles
that are available to deploy virtual machines with specific features.
Note: Various System Center 2012 versions are available. For this course, the stand-alone
acronym VMM is a reference to the Microsoft System Center 2012 R2 Virtual Machine Manager
version.
Objectives
After completing this module, you will be able to:
• Describe the Virtual Machine Manager library and library resources.
Lesson 1
Overview of the Virtual Machine Manager Library
The Virtual Machine Manager library is a catalog that provides access to file-based resources necessary for
building virtual machines. These file-based resources can be System Preparation Tool (Sysprep) scripts, .iso
images, and virtual hard disks that your library servers store. From the Virtual Machine Manager library,
you also can manage virtual machine templates, guest operating system profiles, and hardware profiles
that reside in the Virtual Machine Manager database. You also can store virtual machines in the Virtual
Machine Manager library when you are not using them.
One of the key benefits of VMM is the use of Virtual Machine Manager libraries to simplify the creation
of virtual machines. You can use the Virtual Machine Manager library to centralize all necessary resources
in one location. By doing this, when you create a virtual machine, the preconfigured components are
immediately available to you. This makes it easier and faster to create virtual machines compared with
creating them manually each time.
Lesson Objectives
After completing this lesson, you will be able to:
The Virtual Machine Manager library server hosts the library. When you install VMM, the VMM server is
configured as a default library server. The VMM server indexes files that are stored on library shares. You
cannot remove or modify the default library server that is created during the installation process.
However, you can add additional library servers if necessary.
Server Virtualization with Windows Server Hyper-V® and System Center 10-3
Each library server can have one or more library shares. A library share is a file share that contains the
resources that you use to build virtual machines. You use the Add Library Share Wizard to map a library
share to a VMM library. When you add a new library share, the Add Library Share Wizard does not create
the share for you. Instead, you must create and configure a file share before adding it as a new library
share.
You can organize content in a library share by creating subfolders. This is similar to creating folders in a
file share. However, the subfolders will not appear in the VMM console if they do not have any content.
You can copy resources such as virtual hard disks and .iso files to a file share by using File Explorer. When
you add new files to a library share, they are not immediately available. The VMM server must refresh the
content before it becomes available. Content refreshes (indexes) once per hour by default. One hour is the
minimum setting possible, but you can trigger a refresh manually.
During a Virtual Machine Manager library refresh, VMM indexes files that are stored on library shares and
then updates the Library view and resource listings. Not all files are indexed, and not all indexed files
display in the Library view.
If any of the library resources are attached to a virtual machine, when VMM indexes the configuration file
for that virtual machine, the resources display as part of the virtual machine rather than as individual
components.
You can create other resources from the VMM console, such as templates and profiles. These resources
are metadata that exist only in the Virtual Machine Manager database, and not in the library share file
system. However, they are visible in the Library view.
Question: What is the primary purpose of the Virtual Machine Manager library?
10-4 Configuring and Managing the Microsoft System Center 2012 R2 Virtual Machine Manager Library and Library Objects
o Answer files
o Driver files
o Virtual hard disks
o .iso images
You must add these files manually to the library shared folder if you want to use them in VMM.
You can also add custom resources that enable you to store information that normally would not be
indexed into the library for indexing purposes. Only those files associated with a particular Windows
Server operating system version will be discovered. For example, if a library server is running Windows
Server 2008 R2, it will only discover virtual hard disk files with the .vhd extension, but not .vhdx, which
is the file extension that is used in Windows Server 2012. VMM includes support for using Offloaded
Data Transfer .odx files that are stored in the library.
• Virtual machine templates and profiles. You can use these resources to create standardized virtual
machines. The Virtual Machine Manager database stores these configurations, but they are not
represented by physical configuration files. The types of available templates include service
deployment configurations, service templates, and virtual machine templates. In addition to the
hardware and guest operating system profiles available in earlier VMM versions, there are several new
types of profiles that you can use for service creation. These include application profiles, capability
profiles, physical computer profiles, and SQL Server profiles.
• Equivalent objects. Equivalent objects are user-defined groupings of library resources that VMM
considers equivalent to certain objects. VMM can substitute an equivalent object for a particular
virtual disk on a particular library share when you create a service or a virtual machine. In this case,
you can create templates and profiles that do not depend on particular physical resources, which
Server Virtualization with Windows Server Hyper-V® and System Center 10-5
enables you to service resources without affecting the availability of the template or profile. When
you deploy virtual machines and services, VMM only supports virtual disks, .iso files, and custom
resources as equivalent objects.
• Cloud libraries. When you create private clouds, VMM adds a private cloud library to the cloud
library’s name for that private cloud. Cloud libraries are made up of read-only library shares that
are assigned to that private cloud, if the administrator specifies the library share.
• Self-service user content. Application administrators or users who are assigned to the self-service
user role can upload their own resources to the Virtual Machine Manager library. Resources include
elements such as author templates, virtual hard disks, .iso files, application files, and scripts. Users
then can use these elements when they create templates. If they have appropriate permissions, they
can share these resources with other users in the same or a different application administrator role.
Note: You also can store VMware virtual machines, hard disks, floppy disks, and .iso images
in the Virtual Machine Manager library. The Virtual Machine Manager library recognizes the
.vmtx extension for VMware templates. If you import a VMware template, the template appears
under Templates, in the VM Templates node.
Each library server can have multiple library shares. To enhance performance and reduce network traffic
during virtual machine creation, it is important to store the files that you use to create virtual machines
near the hosts that you will use to stage virtual machine creation.
You can associate library servers with specific host groups. For example, you might have a library server
that you dedicate to the resources in a test lab environment. In this case, you will associate the library
server with the host groups that contain the hosts for the lab environment. A library server should have
fast network connectivity to the host group with which you associate it.
A library server must meet the following requirements:
• The library server must have Windows Server 2008 R2 Service Pack 1 (SP1) and newer only. For highly
available file servers, the failover cluster must have been created in Windows Server 2008 or Windows
Server 2008 R2.
• The library server must be in an Active Directory Domain Services (AD DS) domain that has a two-way
trust relationship with the VMM server’s domain.
• VMM does not support file servers that you configure with the case-sensitive option for Windows
Services for UNIX in the network file system (NFS). Case sensitivity is set to the Ignore value in NFS.
The Virtual Machine Manager library server role does not have to run any other VMM role. It just needs to
be a file server.
Host Groups
As you add more library servers, you can create host groups to help you organize library servers. VMM
uses library groups in the same manner. As a best practice, align each library server with the host group
that uses the resources on that library server. You use the Library group Properties dialog box to perform
alignment by displaying the host groups’ tree in the Library group drop-down list box.
When you select an object such as a template, virtual hard disk, or virtual machine to create a new virtual
machine, you can filter the objects by a specific host group name. Then, when you select a host on which
to place the virtual machine, you can filter the available hosts by the aligned host group name.
For example, you might create 25 geographic regions and then assign a host group to each region. If you
are creating a virtual machine for the Pacific Northwest region/host group, you will want to use library
objects from the library server associated with that region. This helps prevent large file copy operations
across long distances. To enable this, you would right-click the library file share and set the host group
equal to Pacific Northwest. Now, when you launch the New Virtual Machine Wizard, you will see that
when you select a library object with which to build a virtual machine, you can scope the objects by host
group to ensure that you use the closest copy of the file that you need.
Demonstration Steps
1. Sign in to LON-VMM1 as Adatum\Administrator with a password of Pa$$w0rd.
5. In the VMM console, add Lon-Host1 as a Library Server. In the Add Library Server Wizard, perform
the following steps:
6. After the library server is created, under the Library Servers node, review the new library server
nodes and child nodes.
7. Observe the properties of the ApplicationFrameworks item Equivalent Resource.
9. Observe that the ISOs folder does not show up in the Virtual Machine Manager console until a
resource is added to it.
Another approach is to use failover clustering technology from Windows Server 2008 or Windows Server
2012. You can use this approach to make a file server failover cluster that can provide high availability to
Virtual Machine Manager library resources.
Cluster Configuration
You typically perform much of the procedure for creating the Virtual Machine Manager library cluster in
the Failover Cluster Management Console. Before you begin installing VMM in a failover cluster, ensure
the following:
• Add both nodes to a cluster and validate your configuration by using the Validation Wizard in the
Failover Cluster Management Console. This will ensure that no compatibility issues arise during the
cluster configuration.
• Create a file server as a cluster service. During configuration, you should specify a client access point
(CAP) name and IP address. You will use this access point to connect to a clustered file server. During
this same procedure, you will configure the cluster disk that you will use as storage for the Virtual
Machine Manager library.
10-8 Configuring and Managing the Microsoft System Center 2012 R2 Virtual Machine Manager Library and Library Objects
• Add a shared folder to the cluster. After you configure a file server as a cluster service, you should add
a shared folder to that service. You will use this folder as a library share that you will add to VMM.
You must assign the shared folder name and define appropriate permissions for accessing the share.
This share should be accessible only to Administrators (who should have full access), and by the VMM
service account (with Read permission only). This step completes the Failover Clustering Management
configuration.
• Add a clustered library server. After you create the file server cluster, you should add a new Virtual
Machine Manager library server to the VMM console. When you add a new library server, you should
use the CAP name that you configured during the cluster configuration. Additionally, you will add a
share that you created on the cluster service. The Validation Wizard will discover all of the nodes in
the failover cluster and install a Virtual Machine Manager agent on each node. The highly available
library server will appear as a single library server in Library view, with the node status available in the
properties of the library server.
• At the end, you can copy resources that you want to use in the library to a shared folder on the file
server cluster.
When you plan or manage highly available Virtual Machine Manager library servers, you should consider
the following:
• VMM does not support using a failover cluster that contains the VMM server as a highly available
library server. Do not create highly available file shares for the Virtual Machine Manager library on the
same cluster as a highly available VMM management server.
• VMM does not provide a method for replicating physical files in the Virtual Machine Manager library
or metadata for objects that are stored in the Virtual Machine Manager database. You must replicate
physical files outside of VMM and transfer metadata by using scripts or other means. You can use the
Robocopy file replication command-line tool to replicate Virtual Machine Manager library files. VMM
does not support Distributed File System (DFS) namespaces, formerly known as DFS or DFS
Replication.
• In a failover cluster, when the associated file server resource goes offline, all shared folders in that
resource go offline. This means that all shared folders will be affected.
• VMM does not refresh cluster node membership after you add a highly available library server. If you
add a node to the cluster after you add a highly available library server to VMM, you must add the
node manually to the library server by using either the Add Library Server Wizard or the Windows
PowerShell Add-LibraryServer cmdlet. The new node will not display in Library view until you add a
library share to that node. To find out which nodes are in a highly available library server, view the
library server properties or use the Windows PowerShell Discover-Cluster cmdlet.
• To have high availability for the Virtual Machine Manager library server, you must provide high
availability for the Virtual Machine Manager database, which is part of Virtual Machine Manager
library. Because the Virtual Machine Manager database is based on SQL Server, you can use failover
clustering to provide high availability.
• You remove a highly available library server in the same way that you remove a stand-alone library
server. However, removing the highly available file server only removes the cluster name, not the
nodes. The nodes remain because they might support a different highly available file server.
Server Virtualization with Windows Server Hyper-V® and System Center 10-9
Lesson 2
Working with Profiles and Templates
Virtual machine templates and associated profiles are important components of rapid virtual machine
deployment. Virtual machine templates are a library resource that consists of hardware and guest
operating system profiles. You can use them to provision new virtual machines quickly. Instead of
configuring various virtual machine and operating system settings each time you deploy a new virtual
machine, you can use preconfigured values from virtual machine templates and profiles. The various
profiles are the Virtual Machine Manager library resources. System Center 2012 VMM adds several new
profiles.
System Center 2012 VMM introduces the concept of services, which includes a new template type: the
service template. The service template includes two new profiles: the application profile and the SQL
Server profile. VMM also includes the physical computer profile, which you can use to model physical
computers and the server roles with which you will deploy them. You can also create capability profiles
in the library to limit the resources that are used by virtual machines that created for deployment in a
private cloud. Capability profiles also are a new profile type in all System Center 2012 versions of VMM.
You can create virtual application packages by using Server App-V. This lesson focuses on managing these
specific types of library resources.
Lesson Objectives
After completing this lesson, you will be able to:
• Describe a hardware profile.
• Explain how to plan for Virtual Machine Manager profiles and templates.
10-10 Configuring and Managing the Microsoft System Center 2012 R2 Virtual Machine Manager Library and Library Objects
• CPU
• Memory
• Memory weight
• Virtual non-uniform memory access (NUMA)
• The priority given to the virtual machine when allocating resources on a virtual machine host
By using hardware profiles, you can ensure consistent hardware settings in virtual machines. You can
update any existing hardware profile to modify settings for one or more virtual machine hardware
components. After you make changes, any new virtual machines that you create by using that hardware
profile will use the updated hardware configuration settings. Changes do not affect existing virtual
machines that you created earlier by using this profile, nor do they affect settings on a template or virtual
machine into which this profile was previously imported. VMM maintains no association with the
hardware profile after you create a virtual machine or template.
You can create a hardware profile by using the new hardware profile action in Library view, or you can
save a new hardware profile based on the hardware configuration of a virtual machine or a template. You
also can create it while creating a new virtual machine or virtual machine template.
You can create hardware profiles that import a standard hardware configuration into either a template or
a virtual machine. The options are the same whether you update the hardware configuration of a virtual
machine, a hardware profile, or a template. You manage hardware profiles in Library view.
By right-clicking the Hardware Profiles element in the Profiles node of the Library workspace console tree,
you can create a hardware profile by using the new Hardware Profile Wizard. The wizard has two pages.
On the General page, you can enter the name and description of the new hardware profile, and on the
Hardware Profile page, you can select numerous elements to preconfigure the hardware aspects of a
deployable virtual machine.
Guest operating system profiles are Virtual Machine Manager database objects. They are not associated
with any physical files. You configure guest operating system profiles in the Library workspace, and they
display in the Profiles node. You also can view templates by selecting the Templates node in the Library
workspace console tree.
You can create a guest operating system profile by using the New Guest OS Profile Wizard in the Library
workspace, or you can specify guest operating system settings while you create a template. After you
create a template, VMM does not maintain an association between the template and the guest operating
system profile that was used with it. Any changes that you make to the guest operating system profile
only affect new templates that you create after you make changes.
The settings available to a guest operating system profile include the following:
• Operating System. Use this setting to specify the operating system of the virtual machine. VMM
provides you with a drop-down list of 37 separate operating system editions, from Windows 2000
Server to Windows Server 2012 R2 Datacenter.
• Identity Information. Use this setting to add the computer name. You can provide a pattern for the
computer name here. For example, consider a scenario where you create a profile to deploy different
virtual machines that run Server Core for Windows Server 2012. You could type W2012-Core## and
then use this as a template where the first server would be named W2012-Core01, the second
W2012-Core02, and so on. You can also let VMM assign a random name of numbers and letters by
typing an asterisk in the Computer Name text box.
• Admin Password. This setting offers you three choices. You can select No local administrator
credential required, Provide the specific password of the local administrator account, or you can use
the Run As account for the local administrator account.
• Product Key. You can use this setting to specify the product key to use for the virtual machine. If you
use a multiple activation key (MAK) take note of the number of virtual machines that you create with
this key to avoid running out. If you use a Key Management Services (KMS) key or AD DS key server,
ensure that you set up the infrastructure to support it.
• Time Zone. This setting provides a drop-down list to select a specific time zone.
• Roles. You can use this setting to select various server roles that are available in Windows
Server 2008 R2 and newer operating systems. The roles are listed alphabetically, and the various
role services that are available to that role are listed directly underneath and tabbed to the right.
• Features. Like the Roles option above, you can select from the features that are available with
Windows Server 2008 R2 and newer operating systems. If a feature has subordinate elements, these
are included underneath the feature name and tabbed to the right.
10-12 Configuring and Managing the Microsoft System Center 2012 R2 Virtual Machine Manager Library and Library Objects
• Domain/Workgroup. By default, the New Guest OS Profile Wizard selects a workgroup named
Workgroup. However, you can choose to supply a fully qualified domain name (FQDN). If you do,
you must supply the credentials of a user who is allowed to join a computer to a domain, or you can
select the Run As account credentials.
• Answer File. You use the answer file to set additional settings. You can attach a Sysprep.inf file for
Windows Server 2003 and earlier operating systems, or a Unattend.xml file for Windows Vista and
newer operating systems. The answer file must be stored on the library share.
• GUIRunOnce Commands. You can use this setting to run a command automatically the first time
a user logs on. Normally, these commands would be command-line commands, executables, and
scripts. You can add as many commands as you deem necessary.
The New Guest OS Profile Wizard also includes a Dependencies page, which is empty by default, and an
Access page, where you can share the profile with any self-service users or roles that you specify here.
Question: What is the purpose of using guest operating system profiles?
Server App-V uses the Microsoft Server App-V Sequencer to perform a sequencing operation that
captures an application’s settings and configuration prior to deployment. After sequencing, this
information, along with the runtime state information, enables you to back up a deployed Server App-V
application. You can capture the initial settings and the entire runtime state of the application. You then
can deploy this capture to another server with the application’s last runtime state intact. The Server App-V
Sequencer stores all of this information into a Server App-V package. You store the package in the Virtual
Machine Manager library.
If an application can function in a load-balanced environment, VMM can deploy the application across
additional servers and reconfigure the load balancer to use the newly deployed servers. Server App-V
allows you to virtualize and deploy many server-based applications. Server App-V can sequence several
different components. Additionally, applications such as multi-tier web applications and network service
applications lend themselves to virtualization with Server App-V.
A single application might require you to specify registry settings, modify configuration files, or create
Windows operating system services. Additionally, an application might have many other points where it
interacts with the operating system. If so, the Server App-V Sequencer needs to capture these points, or
the application might not work properly when you deploy it.
Server Virtualization with Windows Server Hyper-V® and System Center 10-13
Applications that require you to perform the following tasks might be suitable for virtualization with
Server App-V:
If an application requires another type of virtualized information that is not included on this list, it might
not work properly with Server App-V. There is no exhaustive list of applications that will work with Server
App-V. You must thoroughly test all applications that you virtualize before you run them in a production
environment.
Server App-V is flexible, and you can use it to virtualize a wide variety of server-based applications.
However, you cannot use Server App-V to virtualize a few functions. For example, applications that
require the following functionality are not supported:
• Windows drivers or other components that must load when an operating system starts up.
Just as there is no complete list of supported Server App-V virtualization application types, there also is no
exhaustive list of unsupported applications types for Server App-V. Server App-V is included with System
Center 2012 VMM, but you must install it separately.
• Scripts
SQL database developers create DACs by using one of the following methods:
• Author and build a DAC by using the SQL Server Data-tier Application project type that is available in
Microsoft Visual Studio.
• Extract a DAC from an existing database by using the Extract Data-Tier Application Wizard in the SQL
Server Management Studio.
After developers create DACs, they can import the DACs into the Virtual Machine Manager library, which
is then accessible from the application profile.
As previously discussed, you create Server App-V packages by using the Server App-V Sequencer. When
you create a Server App-V package, the Server App-V Sequencer monitors a typical application
installation and records information that is required for the application to run in a virtual environment.
After you create the Server App-V package, you can import it into the Virtual Machine Manager library so
that it is accessible from an application profile.
Web Applications
A web application is a package that is stored within the Virtual Machine Manager library. It contains
the content, websites, certificates, and registry settings of a web-based application. You can package
and deploy web applications with the Web Deployment Tool. VMM also uses this tool to deploy web
applications as a service when deploying a web application as specified in an application profile.
Scripts
When deploying a virtual machine as part of a service, you also can use the application profile to run
scripts. You use scripts during the preinstallation and the post-installation phases of a specific application.
For example, you might need to copy updated configuration files to a deployed web application, or you
might have to run specific virtual application commands to finalize a virtual application deployment. You
also can use scripts to help you with preconfiguration or post-configuration tasks when you uninstall
applications. Scripts must be available in the Virtual Machine Manager library as a resource package.
1. Open the VMM console, and then click the Library workspace.
2. In the navigation pane, expand Profiles, and then click Application Profiles.
4. In the New Application Profile dialog box, on the General page, provide a Name and Description
for the application profile.
5. In the Compatibility drop-down list box, click General to allow for all types of supported
applications in the profile. Alternatively, you can use the SQL Server Application Host selection if
you are using this application profile to deploy a SQL Server DAC to an existing SQL Server computer.
Clicking this option only allows you to add SQL Server DAC packages and SQL Server scripts.
6. On the Application Configuration page, click OS Compatibility, and then select the guest
operating systems that are compatible with the application.
7. Click Add, and then select the appropriate application type. Note that you can only add an
application script after you have added an application.
Server Virtualization with Windows Server Hyper-V® and System Center 10-15
8. For each application or script that you added, configure the appropriate settings.
You can add one or more applications as required by the service that you are configuring.
Note: You can use SQL Server 2012 with System Center 2012 SP1 VMM or System Center
2012 R2 VMM only.
2. Create a SQL Server profile. The SQL Server profile contains a number of configuration settings, such
as the instance name and ID, product key, media source, SQL Server administrators, and service
account designations.
3. Create a virtual machine template. The virtual machine template specifies the hardware, operating
system, and SQL Server profile that you plan to deploy to a new virtual machine.
4. Create a service template. A service template provides the foundation for deploying a virtual
machine and using the SQL Server profile to configure the instances that are defined within the
profile settings. A service is a set of virtual machines that you configure and deploy together to
support specific infrastructure requirements. For example, you might have a multi-tier, web-based
application that requires a SQL Server database. A service template gathers all of the configuration
settings into a single managed entity for the multiple servers. You can only configure and deploy a
virtual machine with SQL Server when you deploy the application as a service.
5. Deploy the service. Deploying the service essentially deploys and configures all servers and
applications that are associated with the service.
Before you can deploy a SQL Server .vhd image, you must prepare the image by using the SQL Server
Sysprep process. You run SQL Server Sysprep prior to running Windows Sysprep to create an image that
includes a prepared operating system and an SQL Server installation that has not been configured.
SQL Server Sysprep is a two-step installation process that begins with image preparation. During the
image preparation phase, SQL Server Setup installs the product binaries without configuring any SQL
Server settings for the instance that is being prepared. After this first step completes, Sysprep begins and
then captures the image.
10-16 Configuring and Managing the Microsoft System Center 2012 R2 Virtual Machine Manager Library and Library Objects
You perform the second step of the installation process during image deployment. After you deploy an
image to a virtual machine, you can proceed with the final installation and completion of a SQL Server–
prepared instance. VMM uses the SQL Server profile that you prepared to provide the configuration
settings for each instance in the image that was prepared with Sysprep.
The SQL Server profile provides most of the common settings for use during deployment. However, you
also can use a SQL Server configuration file to provide the additional configurations for settings that are
not available in the SQL Server profile. A SQL Server configuration file is an .ini file, which is similar to a
Windows operating system answer file (Unattend.xml). If you use a SQL Server configuration file, you must
save it to a Virtual Machine Manager library share so that it is available to the template.
You can modify the settings in an existing template. VMM incorporates the updated settings into new
virtual machines that you create from the template. However, the updated template will not affect
existing virtual machines that you created previously from the template. When you modify an existing
template, there are additional properties than those available when creating the template in the New
Template Wizard.
To modify virtual machine template settings, open the Library workspace, expand the Templates node in
the console tree, click VM Templates, and then double-click the template in the details pane.
• On the General page, you can modify following fields:
o Cost Center (optional). Specifies the cost center for a virtual machine that you create from a
template. Identifying a cost center enables you to collect data about the allocation of virtual
machines (or resources allocated to virtual machines) by cost center.
o Tag (optional). Specifies a word or phrase that you can use to group specific virtual machines as a
set. You can use the tag as a filter to search for that set of virtual machines.
• On the Hardware Configuration page, you can modify settings that are described in the “What Is a
Hardware Profile?” topic.
Server Virtualization with Windows Server Hyper-V® and System Center 10-17
• On the Operating System Configuration page, you can modify the guest operating system settings
that are described in the “What Is a Guest Operating System Profile?” topic.
• On the Application Configuration page, you can modify settings to add a compatible operating
system, SQL Server DACs, virtual applications, web applications, and scripts.
• On the SQL Server Configuration page, you can modify a SQL Server instance, the configuration of an
instance in the service account, and the agent that SQL Server uses to run its various services.
• On the Custom Properties page, you can add or modify the custom fields (optional). You can add up
to 10 custom properties to each virtual machine that you create by using this template.
• On the Settings page, you can add or modify quota points (optional). You can use quota points to
limit the number of virtual machines that self-service users can deploy at one time. Only self-service
users who share a self-service policy use quota points. You can specify a value for the Quota Points
setting if the virtual machines that you will create by using this template are for self-service users. The
quota applies to all virtual machines that you deploy on a host, including virtual machines that are
not running.
• On the Dependencies page, you can select and modify properties of the dependencies listed by
clicking on the hyperlinks that make up their name and modifying the various properties.
• The Validation Errors page will display any validation errors that the template might encounter.
• On the Access page, you can modify the self-service owner, and add or remove self-service user roles
with which you share the template.
Demonstration Steps
1. Sign in to LON-VMM1 as adatum\administrator with a password of Pa$$w0rd.
2. Start the Virtual Machine Manager console.
3. Navigate to the Library workspace, and then create both a Guest OS and a Hardware Profile with
the following settings:
o Guest OS Profile:
Name: DemoGuestOS
Description: Demonstration creating a Guest OS profile
Operating System: 64-bit edition of Windows Server 2012 Standard
Identity Information, Computer name: WS2012-Core###
Admin Password: Specify the password of the local administrator account: Pa$$word
o Hardware Profile:
Name: DemoHWProfile
Description: Demonstration creating a hardware profile
Compatibility: Hyper-V
Memory: Dynamic with 1024 Maximum memory set
Network Adapter 1: External Network
10-18 Configuring and Managing the Microsoft System Center 2012 R2 Virtual Machine Manager Library and Library Objects
o Name: DemoVMTemplate
o Configure Operating System: Use the DemoGuestOS profile that you created earlier
5. After the DemoVMTemplate is created, open its properties, and then review all pages in the console
tree.
6. Close all open windows.
• Fabric Capability. Selected targets with this hardware profile will be used. VMM will ensure that the
provided settings are compatible with these destination locations. There are three selections in this
setting: Hyper-V, ESX Server, and XenServer virtualization hosts.
• Processor Range. Use this option to select the number of processors that the host will use. You can
use a default range or select a minimum and maximum number of processors. You can also provide
compatibility with different processor versions, and VMM can limit the processors that a virtual
machine can use. You have the option of using the default setting, selecting a user-defined or
required processor compatibility, or disabling the capability altogether.
• Memory Range. Use this setting to specify how much memory to allocate to the virtual machine, or
let the virtualization host manage the amount dynamically within a range.
• DVD Drive Range. Use this option to set the number of DVD drives that you can use.
• Shared Image Mode. Use this option to enable virtual machines to share .iso image files that are
stored in the Virtual Machine Manager library.
• Hard Disk Count. This option sets the number of virtual hard disks in use. The maximum number
allowed is 255.
• Disk Size Range. Use this option to set the size of virtual hard disks. The maximum size is 64 terabytes
(TB).
• Fixed Disk Mode. Use this option to select fixed, dynamic, or differencing virtual hard disk options.
• Dynamic Disk Mode. This option is identical to the Fixed Disk Mode option.
• Differencing Disk Mode. This option is identical to the Fixed Disk Mode option.
• Network Adapter Range. This option allows you to select up to 12 network adapters.
• Availability. This option allows you to select a highly available virtual machine mode. When you
configure VMM to be highly available, VMM attempts to place the virtual machine on a clustered
server.
• General. Provide a name and an optional description for the physical computer profile. You also have
the ability to select the role of virtual machine host or Windows file server.
• OS Image. On this page, you can select a virtual hard disk with an operating system image. The image
must have a Windows Server version that can start from a virtual hard disk. The Hyper-V role in this
operating system will be installed by default. For best results, allow for enough free space on the
partition to contain the recommended page file size, which is determined by the amount of memory
on the host system.
10-20 Configuring and Managing the Microsoft System Center 2012 R2 Virtual Machine Manager Library and Library Objects
• Hardware Configuration. On this page, you can configure the following settings:
o Network Adapters. Includes the ability to configure a physical network adapter as the
Management NIC. It also allows you to set the use of Consistent Device Naming for the adapter
and to use a dynamically assigned IP address or a static IP address.
o Disk and Partitions. You can use this setting to add a new disk requirement and to add a petition
to this disk by using the master boot record (MBR) or the GUID partition table (GPT). You can
also assign the Primary, NTFS file server, and all remaining space on the operating system
volume.
o Driver Options. You can filter the list of drivers so that only the appropriate drivers apply to an
operating system as part of a virtual machine host deployment. VMM automatically applies the
drivers that match Plug and Play IDs discovered on the computer.
o Domain. Specify the domain that the virtual machine host should join. To join a domain, the
computer must have at least one network adapter that has access to the network.
o Admin Password. Specify the credentials for the local administrator account.
o Identity Information. You can add the full and organizational name of the host configuration.
o Product Key. Specify the product key use for the virtual machine.
o Time Zone. Specify the time zone for the virtual machine.
o Answer File. To set additional settings, you can attach an Unattended.xml file to the host profile.
The answer file script must be stored on a library share.
• Summary. This page allows you to confirm the selected settings and view a script of Windows
PowerShell cmdlets that you can use to create the physical computer profile made with this wizard.
Service Template
A service template is a logical component that
defines and connects all necessary components
for service deployment and functionality. A
service template encapsulates everything that
you require to deploy and run a new instance of
an application. Deploying a new service requires
a high level of automation and predefined
components, and it requires management software support. Service templates in VMM simplify
deployment of services. Just as a private cloud user can create new virtual machines on demand, a user
can also use service templates to install and start new applications on demand.
Server Virtualization with Windows Server Hyper-V® and System Center 10-21
When creating service templates, you can select either the Single Machine pattern, the Two-tier
Application pattern, or the Three-tier Application pattern. Deploying tiers actually defines the levels of
your application. For example, one tier of your application can be a Web server (or servers), while a
second tier could be database servers.
A machine tier is not an equivalent of a virtual machine, but rather contains one or more virtual machines
of a particular type. When creating a tier, you can select the configuration settings for this collection. The
New Service Template Wizard uses the Service Template Designer GUI to set and order these
configuration settings quickly.
After you type the name and select a destination for a service, VMM performs placement evaluation.
Following the evaluation, the Deploy Service console opens, displaying the deployment diagram and the
selected host machine or private cloud. Here you can configure a virtual machine name and a computer
name for the virtual machines that deploy as a part of service. By default, VMM generates names in the
format ServiceVM0000X.domain for both virtual machine name and computer name. However, you can
change this for each service deployment.
When you click the Deploy Service button in the Deploy Service console, you actually initiate the
deployment process. You can monitor deployment progress in the Jobs window. Depending on the
number of virtual machines deployed and the network and storage speed, this process can take between
10 minutes to a few hours. For long-running service deployments, we recommend that you also monitor
the VM Manager log in Event view, and the System log on the VMM management server. You can find
additional, detailed information about tasks in the Event Viewer.
After the service deploys, you can update the service template and then deploy those updated changes
to the already deployed service. Alternatively, you can deploy additional virtual machines to an existing
service to provide additional resources for the deployed service.
Note: Module 12, “Managing Services in Microsoft System Center 2012 R2 Virtual Machine
Manager and App Controller,” covers service templates and service deployment configuration in
detail.
10-22 Configuring and Managing the Microsoft System Center 2012 R2 Virtual Machine Manager Library and Library Objects
• If you need to have the same templates and files across multiple Virtual Machine Manager libraries,
you can send large files offline and then import them where required. If you need to avoid using
small wide area network (WAN) links, set up equivalent objects at multiple locations for virtualization
deployment resources that you need and do not want to deploy over a WAN.
• Performance. Consider the impact of servicing many offline files. If you update them, consider
collaborating in larger organizations to ensure that someone is not servicing images while someone
else is trying to deploy those same images.
• Consider a standard hardware profile. If you set the base configuration for all of your virtual servers
with more memory, processors, and disk space than necessary, you will not achieve the full value of
virtualization, and you will waste resources.
• Licensing. You can use guest operating system profiles to help enforce licensing requirements. For
example, you can preconfigure an image for the Microsoft Developer Network (MSDN) website and
then assign this to the developers who have the MSDN agreement. Consider licensing when using a
template that is based on another machine; ensure that only the people that should use a template
are using it.
• Systems integration, automation, and self-service. VMM and its libraries are the source from which
other applications deploy. If necessary, create multiple libraries with appropriate security and ensure
that the deployed files and images are up to date.
• Service templates. When building services for applications that scale out, consider versions and
revisions, and try to keep them consistent. For example, if you have a template for a three-tier
application, when you are updating the tiers, you need to remember to increment the revisions
appropriately.
Server Virtualization with Windows Server Hyper-V® and System Center 10-23
To optimize this management process, you need to configure the Virtual Machine Manager library and
deploy components in the library.
Objectives
After completing this lab, you will be able to:
• Configure and manage the Virtual Machine Manager library.
• Create and work with Virtual Machine Manager profiles and templates.
Lab Setup
Estimated Time: 30 minutes
Virtual machines: 20409B-LON-HOST1, 20409B-LON-DC1, 20409B-LON-VMM1
3. Click 20409B-LON-VMM1, in the Actions pane, click Start, and then click Connect. Wait until the
virtual machine starts.
o Password: Pa$$w0rd
o Domain: Adatum
Note: Because you will be using the same virtual machines in the next lab, do not revert
the virtual machines at the end of this lab. However, you can shut down the virtual machines
after finishing this lab.
10-24 Configuring and Managing the Microsoft System Center 2012 R2 Virtual Machine Manager Library and Library Objects
3. Examine the library server shared folder resources, and create an additional subfolder on LON-HOST1.
Task 1: Examine the Library workspace defaults, and create the shared folders on the
virtualization host computers
1. Sign in to LON-VMM1 as Adatum\Administrator with a password of Pa$$w0rd.
2. On the desktop, on the taskbar, click the Virtual Machine Manager Console icon.
3. On the Connect to Server page, click the Connect button.
5. On LON-HOST1, in the root directory of drive C, make a shared folder called Host1Library. Share
with the Everyone group, having Read access.
6. On LON-HOST2, in the root directory of drive C, make a shared folder called Host2Library. Share
with the Everyone group, having Read access.
Task 2: Add LON-HOST1 and LON-HOST2 as Virtual Machine Manager library servers
• In the Virtual Machine Manager console, add both LON-HOST1 and LON-HOST2 as Library Servers.
In the Add Library Server Wizard, do the following:
Task 3: Examine the library server shared folder resources, and create an additional
subfolder on LON-HOST1
1. After you create the library servers, under the Library Servers node, review the new library server
nodes and child nodes.
3. In Host1Library, add a new folder named ISOs. In this folder, create a text file named Test.iso. Make
sure to have the .iso extension, as this will simulate a real .iso file.
4. Switch back to LON-VMM1, and then examine the Host1Library again. The ISOs folder should
display. If not, refresh Host1Library.
Server Virtualization with Windows Server Hyper-V® and System Center 10-25
o Admin Password: Specify the password of the local administrator account: Pa$$word
2. After the LabVMTemplate is created, open its properties and review all pages in the console tree.
Question: Why did you copy an .iso file into the newly created ISOs subfolder?
Question: What was the purpose of using WS2012-Core### in the Computer name section
of the Guest OS Profile?
Server Virtualization with Windows Server Hyper-V® and System Center 10-27
Tools
• VMM console
• Server App-V
Module 11
Managing Clouds in Microsoft System Center 2012 R2
Virtual Machine Manager
Contents:
Module Overview 11-1
Module Overview
Many IT professionals today consider cloud computing to be one of the most important technical
inventions in recent years. Cloud computing can reduce IT costs by increasing the availability of services
and applications without administrative intervention. Although cloud computing has been in use for a
few years, organizations require new virtualization and management tools to fully utilize its benefits.
These tools enable administrators to implement cloud computing within private networks, thereby
creating private cloud infrastructures.
You can use Microsoft System Center 2012 R2 Virtual Machine Manager (VMM) to build cloud
computing services. VMM includes several new and improved tools and features that you can use to
create an internal infrastructure that will support cloud computing within your organization. In this
module, you will learn about cloud computing, private clouds and public clouds, and how to use VMM
to create them.
Note: For the purpose of this course, all instances of Microsoft System Center 2012 R2
Virtual Machine Manager are referred to as VMM.
Objectives
After completing this module, you will be able to:
• Explain the concept of a private cloud and a public cloud, and describe how you can use VMM to
create these cloud services.
• Create and manage a private cloud or a public cloud.
Lesson 1
Introduction to Clouds
Cloud computing is changing the way businesses develop services and applications. The on-demand
model of cloud computing provides new ways to scale services, and provide better availability to those
services. Most organizations today experience a continuous increase in data, platforms, and users. The
result is a growing requirement for services, which creates a need for a more robust platform with an
almost unlimited capacity to manage the ever-increasing loads. In this lesson, you will learn about cloud
computing and its benefits. You will also learn how you can use VMM to implement cloud computing.
Lesson Objectives
After completing this lesson, you will be able to:
What Is a Cloud?
For many years, traditional computing has
involved a rapid growth of data centers with a
great deal of server inefficiency. Historically, IT
professionals would purchase individual physical
servers, and then typically assign one workload
to each server. With the ability to run multiple
workloads on a single server, some application or
hardware-based resource consolidation occurred,
but IT professionals would typically use single
workloads or functions on servers. The result
was servers using less than 10 percent of their
available resources. This meant that in a data
center, hundreds or thousands of servers were consuming large amounts of space and power, while
providing low overall usage.
About 10 years ago, technology improved enough to enable data centers to isolate workloads operating
systems within a virtual machine. IT professionals could now consolidate multiple virtual machines on one
server. This led to a significant increase in resource usage with reduced physical hardware costs and power
consumption.
The National Institute of Standards and Technology (NIST) defines cloud computing as a model for
enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing
Server Virtualization with Windows Server Hyper-V® and System Center 11-3
resources such as networks, servers, storage, applications, and services. Using cloud computing, you can
rapidly provision and release these resources with minimal management effort or service provider
interaction.
For example, an application owner can deploy a developed application to a private cloud infrastructure,
knowing that the infrastructure will adjust resources dynamically for the application, scale the application,
and enable the application to migrate across servers based on the best resource match.
This current cloud-computing model ultimately provides elasticity, design scalability, and accountability
for the actual resource use that the application is employing. Additionally, cloud computing makes
maximum use of the resources that are available in a data center.
• Virtualized data center. Cloud computing provides methods to access computing services that are
independent both of your physical location, and the hardware that you use to access it. With cloud
computing, you no longer need to store data or applications on your local computer. The data
center remains a key component of the cloud computing infrastructure. However, cloud computing
emphasizes virtualization technologies that focus on delivering applications rather than supporting
the data center infrastructure.
• Reduced operational costs. Cloud computing helps mitigate issues such as low system use,
inconsistent availability, and high operational costs, by providing pooled resources, elasticity, and
virtualization technology.
• Server consolidation. Cloud computing enables you to host multiple virtual machines on a
virtualization host, which helps you to consolidate servers across a data center.
• Improved resilience and agility. With products such as System Center 2012, cloud computing can
reduce costs and improve efficiency.
Businesses using cloud computing and cloud services can see a substantial decrease in maintenance and
support costs. This is because to a great extent they are no longer involved in maintenance and support.
These costs are borne by the cloud services vendor, which allows the business to use its funds on the
actual service being provided.
• Public cloud.
• Private cloud.
• Hybrid clouds.
Public Cloud
With public cloud computing, a cloud vendor
(also known as a hosting provider) provides
cloud resources for an organization. The cloud
vendor may share its resources with multiple
11-4 Managing Clouds in Microsoft System Center 2012 R2 Virtual Machine Manager
organizations, or with the public. The main feature of a public cloud is that the resources that the
organization uses, such as storage, processing power, various web-based applications, and other
components, do not belong to the organization that is utilizing the resources, but rather to the cloud
vendor.
With public cloud services, the tenant organization has less management overhead than organizations
that use private clouds. This means the renting organizations are not responsible for maintaining or
supporting those resources, they just use them. However, this also means that control of the public
infrastructure and services is greatly reduced because the service provider manages this for the tenant
organization. In addition, the public cloud hosts the infrastructure and services for multiple organizations
(multitenant), which introduces security implications that you need to review.
In most cases, the cloud vendor will provide the renting organization with a service level agreement (SLA).
The SLA specifies the following items:
The SLA is a very important structural component of the public cloud. Without an SLA, many businesses
would feel that they still need to deploy their own resources.
Private Cloud
The key difference between a public cloud and a private cloud is that an organization typically owns
and manages its own cloud resources infrastructure and assets. Private clouds are cloud services that are
controlled by one organization, are not shared with other organizations, and therefore typically are more
secure.
One of the key benefits of a private cloud is that the organization has complete control over the cloud
infrastructure and services that it provides. However, the organization also has the management overhead
and costs that are associated with this model.
In most instances, private clouds are owned by their respective organizations. In this scenario, the
organization’s data center manages and maintains the cloud infrastructure. However, external service
providers can provide private cloud resources in a variety of ways.
Hosted private clouds are private clouds that hosting companies manage specifically for a particular
organization. This means that no other companies or applications are running on the infrastructure other
than your own. On-premises private clouds are built from components within the organization’s data
centers, while off-premises private clouds are built with components that are hosted outside the business
by an external provider.
Hybrid Cloud
A hybrid cloud allows you to blend your private cloud infrastructure with infrastructure and resource
elements from a public cloud. For example, an organization might use an on-premises Microsoft
Exchange Server messaging solution, but decide to store additional mailboxes on Microsoft Office 365
Exchange Online. Similarly, an organization could make use of Microsoft SQL Server databases hosted on
Windows Azure while also continuing to host databases within its private cloud.
Server Virtualization with Windows Server Hyper-V® and System Center 11-5
• Cloud service models. You can choose infrastructure as a service (IaaS), software as a service (SaaS),
or platform as a service (PaaS) for your cloud service model. You should understand the difference
between these models so that you can select the model that is the best for your organization.
o IaaS. IaaS is a cloud-computing model in which you manage your virtual server within your
organization. For example, creating a private cloud with System Center 2012 provides you with
the IaaS model.
o SaaS. SaaS is a cloud-computing model in which you receive a service over the Internet, such as
email messaging. For example, Office 365 is a SaaS offering.
o PaaS. PaaS is a cloud-computing model that is between IaaS and SaaS. This model provides a
computing platform that you use, and upon which you manage your applications. For example,
Windows Azure is a PaaS.
• Internet connection. Your Internet connection can become a single point of failure when using your
line-of-business (LOB) applications. Whether moving to a public cloud or a private cloud, you need to
ensure that the connectivity between your on-premises computers and the cloud-based applications
are always available. Network latency is also a major factor. If you spread your infrastructure across
multiple sites and site links, and over wide areas, this can have a detrimental effect on the
performance and availability of your applications.
• Data protection and recovery. Although you will already have methods in place to protect and
recover your mission-critical data, you need to consider the following questions when moving to a
cloud computing model:
o Are the current protection and recovery methods compatible with the virtualization technologies
that the public cloud or private cloud uses?
o Is data being stored securely?
o Do you need a local backup of your data in the event of an Internet connection failure? In this
case, how is the data transferred back to your organization, and how is the data restored in the
event of a catastrophic failure?
o Do you have mirrored sites? If so, how will data synchronize between these sites?
o How will mirrored sites and data synchronization affect the cloud-computing model that you
choose?
• Performance and availability. Application performance and availability are key factors to consider
when adopting any cloud-computing model. With a public cloud, you need to ensure that the service
provider can meet the performance and availability requirements of your applications. You need to
consider the SLAs that the service provider includes with their services.
Question: What is the main difference between on-premises private clouds and off-premises
private clouds? How do off-premises private clouds differ from hybrid clouds?
11-6 Managing Clouds in Microsoft System Center 2012 R2 Virtual Machine Manager
• Server consolidation
• Simplified deployment
• Multitenancy
Server Consolidation
Server consolidation is one of the primary reasons for implementing virtualization. You can deploy
multiple virtual machines and server roles on a single physical server, and thus utilize that physical server
more efficiently. Furthermore, by using multiple hosts in VMM, you can manage those physical servers
and their virtual machines more efficiently.
Easy Deployment
Virtualization makes deploying new services much simpler. Virtual machines are based on virtual hard
disks, which you can copy, clone, and start quickly, in some cases within seconds. This is faster than any
single physical server, whose deployment is measured in hours. Cloned virtual machines can have many
iterations. Therefore, you can dispatch more than a single copy.
Consider another example of an event-based model involving a website that experiences increased traffic
closer to the date for a particular event, such as a conference or a holiday. You could attach and start
multiple virtual machines hosting the website and the various web applications to add capacity and
performance as traffic increases. After the event, when you would expect traffic to decrease considerably,
you can begin removing those virtual machines that you no longer need. The resources that the virtual
machines consumed can now be reallocated for other functions. Such events can happen very quickly,
often within minutes. However, by using virtual machines in cloud services, these events will be managed
automatically based on the traffic being generated.
Multitenancy
Virtual machines also provide the ability to segregate and isolate applications that run on different virtual
machines. You can have multiple tenants on the same virtual machines. Consider a scenario where you
have code that was originally written to run on SQL Server 2008. Due to new functionality, you now have
updated code that runs on SQL Server 2012, and you wish to compare functionality and results between
the two code implementations. Traditional testing would require multiple physical servers with various
version levels of SQL Server installed on them. However, virtualization simplifies this testing.
Server Virtualization with Windows Server Hyper-V® and System Center 11-7
In another example, suppose you have macros written for Microsoft Office Word 2010 and you now want
to develop similar functionality on Word 2013. Normally, you would not be able to run both versions of
Word on the same computer. However, you can easily implement this with virtualization.
Another key feature of virtualization is the ability to immediately present a functional duplicate of a virtual
machine on another host so that a connected user does not experience a disruption in service. You can
place a virtual machine on another physical server, even one thousands of miles away, within seconds.
When you implement these virtualization features in a private cloud, you should be aware of several key
considerations:
• Automated management. Certain decisions, such as instantaneous failover, do not require human
intervention. Rather, an administrator creates a failover cluster with key decision points that allow
the cluster to switch to another virtual machine automatically, even on another physical server. Based
on the decision tree, the cluster fails over automatically. Without automated management, a private
cloud would be too difficult to manage. In this case, the administrator still provides the top-level
guidance, but the automation enables a greater amount of control than what a person could do
sequentially.
• Pools of compute resources. When you do not require a particular functionality or at least a large part
of that functionality, you can turn off specific virtual machines and reallocate the resources they were
consuming. Pools of compute resources include aspects of the physical server, such as disk space,
memory, CPU cores, and available bandwidth. Available bandwidth is a feature of not just the physical
computer, but of the overall network as well. By using VMM, you can more easily administrate a very
complex infrastructure of virtual machines, their availability, their use of resources, and a host of other
factors.
• Self-service provisioning. The recent versions of VMM include self-service provisioning. The
management capabilities of VMM include the Virtual Machine Manager Self Service Portal that allows
VMM to make use of private cloud storage space at the business unit level. This allows individual
business units with specific virtualization needs to consume that storage space rather than waiting for
an administrator to make storage available. This enables faster provisioning of virtual machines.
• Usage-based chargeback. Different business units within an organization might have different
needs for virtualization services in a private cloud. The usage-based chargeback concept means
that IT within an organization can ascertain the specific costs associated with provisioning a separate
business unit’s virtualization costs. This enables management to make knowledgeable decisions about
the allocation of resources within an organization.
11-8 Managing Clouds in Microsoft System Center 2012 R2 Virtual Machine Manager
Creating a private cloud is not a requirement for using VMM. For small businesses and organizations,
having a few physical hosts with multiple virtual machines may be enough, and they may never require
cloud services in their infrastructure. However, a small business can conceptualize the infrastructure into
the fabric, and then use that fabric to offer private cloud capability. Even if just the IT department uses the
cloud services to run applications for the rest of the business, it can be a step towards enhanced
management, lower costs, and increased efficiency for the administrators.
When you use a private cloud, all details of the infrastructure are hidden, and you can use role-based
access (RBAC) to allocate capacity. Users with role-based access control (RBAC)–assigned permissions
can use the consoles in either System Center 2012 Service Pack 1 (SP1) VMM and newer versions, or the
System Center 2012 - App Controller and newer versions to provision and manage virtual machines and
their services. To do this, users do not need to be aware of any factors relating to fabric, storage,
networking, or other IT related infrastructure.
You can define quota limits for private clouds at the individual, group and cloud levels. You can create
quota definitions for memory, CPUs, storage, and number of virtual machines. For example, suppose you
have a small group of seven developers. You could create a quota that allows each developer create up to
three virtual machines, but limit the developer’s group to only 18 virtual machines. This would balance the
needs of the developer’s group with the potential for over-allocating resources.
System Center 2012 SP1 VMM and newer versions include a new role called Tenant administrator. You
use this role to assign delegated rights, including the ability to create additional users with specific
permissions. The Tenant administrator role also enables more automation with System Center 2012 -
Orchestrator and System Center 2012 - Operations Manager and newer versions.
Unless an organization is using a hosted private cloud, all the infrastructure resources that make up
the private cloud are owned by the organization. These resources are named on-premises, which mean
that the resources are located in a facility that the organization owns. However, organizations can have
facilities in multiple locations, including other cities, provinces, or countries. In this scenario, the only thing
public about a private cloud would be the wide area network (WAN) connections over the Internet that
the organization utilizes.
Organizations also have the ability to create hybrid clouds by moving virtual machines from on-premises
servers to Windows Azure. Using the Network Virtualization feature in Windows Azure, you can allow the
virtual machine to keep its current IP address, and then using the new gateway functionality, you can link
your network to Windows Azure. The virtual machine then appears as if it were part of your network even
if you host it elsewhere. You could also obtain certain services directly from a public cloud vendor, which
abstracts the infrastructure management. In a hybrid cloud, resource and infrastructure management
varies, while in a public cloud, organizations have no resource and infrastructure management.
Server Virtualization with Windows Server Hyper-V® and System Center 11-9
Network virtualization separates virtual networks from the physical network and removes both
hierarchical and virtual local area network (VLAN) IP address assignment restrictions from virtual machine
deployment. This flexibility makes it easier for organizations to move to cloud computing, and makes
managing infrastructure more efficient for cloud vendors and data center administrators. In addition,
network virtualization ensures the necessary multitenant isolation, security requirements, and overlapping
virtual machine IP addresses.
11-10 Managing Clouds in Microsoft System Center 2012 R2 Virtual Machine Manager
IP Addressing Management (IPAM) is a built-in framework for discovering, monitoring, auditing, and
managing the IP address space used on a corporate network. IPAM has been significantly enhanced in
VMM. For example, you can now use it for administration and monitoring of servers running Dynamic
Host Configuration Protocol (DHCP) and Domain Name System (DNS). The following table lists the new
functionalities in VMM.
New or
Feature/functionality improved in Description
VMM
Enhanced DHCP server Improved IPAM has several new available operations to
management enhance the monitoring and management of the
DHCP server service on the network.
Upgrade and migration New If you install IPAM on Windows Server 2012,
support your data is maintained and migrated when you
upgrade to Windows Server 2012 R2.
Lesson 2
Creating and Managing a Cloud
A private cloud is one of the main concepts in VMM, including System Center 2012 SP1 VMM. By defining
a private cloud, you define a set of resources and technologies that are available to users. To create and
manage private clouds, you need to understand the private cloud concept, in addition to its properties
and components. You also need a clear understanding of how to create and manage private cloud
services and technologies to provide end users with private cloud accessibility.
Lesson Objectives
After completing this lesson, you will be able to:
A private cloud can utilize physical resources either from host groups or from VMware resource pools.
Host groups can contain some combination of physical servers running Hyper-V, VMware ESX, VMware
ESXi, or Citrix XenServer. The VMware resource pool contains only servers running VMware ESX or
VMware ESXi. When you build a private cloud, you cannot select specific physical servers. Instead, you can
select a host group or resource pool. After you select the specific host group or resource pool that you
want to use to build a private cloud, you are presented with resources that belong to that group or pool.
11-12 Managing Clouds in Microsoft System Center 2012 R2 Virtual Machine Manager
If you create a load balancer, you can also add it to the private cloud. Adding a load balancer is not
mandatory. However, the Microsoft Network Load Balancing load balancer is installed by default. With a
load balancer, you can add a virtual IP template to your private cloud. The virtual IP template contains
load balancer-related configuration settings for a specific type of network traffic. For example, you can
create a virtual IP template to define load balancing for HTTP traffic that passes through port 80.
In VMM, you can also manage storage classifications and assign it to your private cloud by defining
storage pools and classifications. Storage classifications enable you to assign user-defined storage
classifications to discovered storage pools, typically by Quality of Service (QoS) that storage offers. For
example, you can assign a classification of gold to storage pools that have the highest performance and
availability, or silver for Fibre Channel serial attached small computer system interface (SCSI) storage
redundant array of independent disks 5 (RAID 5), or bronze to Serial ATA (SATA) disks.
To enable the new storage features, VMM uses the new Microsoft Storage Management Service to
communicate with external arrays through a Storage Management Initiative - Specification (SMI-S)
provider. The Storage Management Service is installed by default during the installation of VMM.
However, you must install a supported SMI-S provider on an available server, and then add the provider
to VMM management.
The Virtual Machine Manager library is also a very important part of configuring cloud resources. Most
VMM–managed objects (such as virtual machines or services) deploy from the Virtual Machine Manager
library. While configuring a cloud, you can add a stored virtual machine path and read-only library shares.
Users can store the virtual machines they create in a stored virtual machine path. To provide self-service
users the ability to store virtual machines in the Virtual Machine Manager library, you can create a library
share. Alternatively, you can create a folder in a library share that serves as the storage location. However,
be aware that the library share location you designate for stored virtual machines must be different from
the shares that you designate as read-only resource locations for the private cloud. Read-only library
shares can provide a place where administrators store read-only resources such as any .iso files that they
want to make available to self-service users.
The following table describes categories and quotas that you use to set up private cloud capacity.
Virtual CPUs The virtual CPU quota sets a limit on processing capacity within the private
cloud. This quota is expressed as capacity provided by a specified number of
CPUs and the quota is applied against virtual machines that are running. Setting
a virtual CPU quota does not guarantee contiguous capacity. Only the total CPU
capacity that is available among hosts in the private cloud is guaranteed.
Memory The memory quota sets a quota in gigabytes (GB) on memory that is available
for virtual machines that you deploy on the private cloud. This quota is applied
against running virtual machines only. When you set a memory quota, it does
not guarantee contiguous capacity. For example, the private cloud might have
2 GB of memory available on one host, and 2 GB of memory available on
another.
Storage The storage quota sets a quota on storage capacity in gigabytes that is available
to virtual machines that you deploy in your private cloud. For dynamic virtual
hard disks, quota calculations are based on maximum size. However, we
recommend that you use fixed-size disks.
Custom quota A custom quota sets a quota on virtual machines that you deploy in a private
(points) cloud. This quota is based on total quota points that you assign to the virtual
machines using their virtual machine templates. You assign quota points as an
arbitrary value to a virtual machine template based on the anticipated size
of the virtual machines. Custom quotas are available to provide backward
compatibility with self-service user roles that were created in System Center
Virtual Machine Manager 2008 R2 (VMM 2008 R2).
Virtual machines The virtual machines quota limits the total number of virtual machines that you
can deploy in a private cloud.
If the private cloud capacity already equals the capacity of the underlying private cloud infrastructure,
you must first add hosts or other private cloud infrastructure resources, then make them available to the
private cloud, and then increase private cloud capacity. To modify any private cloud resource settings,
open the private cloud properties, and then click the desired tab.
• Fabric Compatibility. Fabric compatibility options include Hyper-V virtualization host, VMware
virtualization host, and XenServer virtualization host.
• Processor Range. This may vary from hypervisor to hypervisor. Hyper-V currently is limited to a
maximum of four virtual CPU, while VMware and Citrix XenServer supports as much as 8 virtual CPU.
• Bus Configuration. This option contains virtual disk configuration information. For example, to control
whether or not you want your users to create virtual machines with differential disks on your private
cloud, you could specify either Fixed Disk Mode or Dynamic Disk Mode in the profile.
• Network Adapters. You use this option to set the minimum and maximum number of virtual network
interface cards (NICs).
In the library workspace, you can also create custom capability profiles and use them to limit the
resources that the virtual machines in the private cloud use. To view the settings associated with a built-in
capability profile, open the virtual library pane, expand Profiles, and then click Capability Profiles. You can
then view the properties of a capability profile. To create a new profile, on the Home tab, in the Create
group, click Create, and then click Capability Profile.
Server Virtualization with Windows Server Hyper-V® and System Center 11-15
Demonstration Steps
1. Sign in to LON-VMM1 as adatum\administrator with a password of Pa$$w0rd.
2. On the desktop, on the taskbar, click the Virtual Machine Manager Console icon.
4. In the Virtual Machine Manager console, in VMs and Services, create a private cloud with the
following properties:
a. Name: DemoCloud
c. Resources: LocalGroup
7. After DemoCloud is created, in the details pane, open and review the Overview information.
Managing a Cloud
resources differently in their various private clouds to reflect this. As business units create Cloud Resource
Subscriptions to allocate capacity, VMM and Windows Server 2012 capture cost records in System Center
2012 Service Manager.
You can use the data center application management and System Center 2012 monitoring capabilities to
help provide a highly productive application and service experience to application owners.
System Center 2012 SP1 and System Center 2012 R2 provide application management across four key
private cloud capabilities:
• Application Self-Service
• The server-side components of the application. The execution performance of the application inside
the service template.
• A set of synthetic workloads designed to highlight failures in situations that might not otherwise be
caught.
Aggregating this information enables the data center administrator to build rich dashboards and
visualizations to quickly see how applications are performing against the defined service levels.
Administrators can delegate these dashboards to application owners and operators to give them
quick and detailed visibility of application performance and availability.
Deleting a Cloud
Before you can delete a private cloud, you must ensure that the private cloud has no objects that
reference it, such as services, service deployment configurations, and deployed or stored virtual machines.
You should pay specific attention to any user roles that are assigned as part of a scope for that cloud. You
must remove any user roles associated with the private cloud that you wish to delete. This does not delete
the user role itself.
11-18 Managing Clouds in Microsoft System Center 2012 R2 Virtual Machine Manager
2. In the User Roles details pane, select the user role you want to remove.
5. In the Scope tree list, clear the cloud that you want to delete, and then click OK.
2. In the VMs and Services pane, expand Clouds. Locate and then click the private cloud that you want
to delete.
3. On the Folder tab, click Delete.
4. When you are prompted whether you want to remove the private cloud, click Yes.
5. Open the Jobs workspace to view the job status.
Lesson 3
Working With User Roles in Virtual Machine Manager
After installation, most products are available immediately to the administrator. However, you might need
to modify the system’s default configuration to make it more usable for other users. As with any system,
you must implement security in VMM to lock down the functionality and to provide an audit trail for
security.
Configuring and enabling user roles in VMM is a relatively straightforward process, but it is a critical step
that you should consider carefully. Because you are enabling access to a virtual environment that many
users may use, you must plan user delegation to limit which actions users can perform. This lesson
provides details on how role-based security works in VMM, and how to implement user roles in VMM.
Lesson Objectives
After completing this lesson, you will be able to:
• Members. The members list specifies the Active Directory Domain Services (AD DS) user accounts and
security groups that you assign to the role.
• Scope. The scope outlines which objects the user can manage. You can limit the scope by using a
private cloud, and depending on the profile, host groups and library servers.
• Cloud quotas. Depending on the profile, you can specify cloud resource usage at a particular level.
• Permissions. Depending on the profile, you can assign detailed permission levels.
One of the main characteristic of the private cloud is self-service. Using self-service, end users can request
services in a controlled and guided manner. An automation process then either approves or denies the
request, and if approved, executes the request in a consistent and predictable way. You can ensure that
11-20 Managing Clouds in Microsoft System Center 2012 R2 Virtual Machine Manager
only certain people have the ability to place requests for particular offerings by using groups from AD DS.
Active Directory groups enable you to segregate roles, which you can then apply settings to, limiting the
types of services that users can request.
Additionally, you can use user roles to consider not only who is using resources, but also how and why
they are using the resource. By establishing user roles, you can predefine what you will allow users to
do based on business needs, and what you will not allow them to do based on security needs. After you
establish these user roles, you then add the Active Directory users or groups, depending on your needs.
A user can be a member of more than one user role, in which case VMM grants the user the rights
associated with all their roles. In some cases, you may need a different user profile with specific
permissions on a group of hosts or even a cloud. This type of object in the VMM is called a Run As
Profile, which is a service account that group members can use.
• Private clouds
• Host groups
• Library servers
• Virtual machines
A private cloud requires changes to the way that you manage information security. A private cloud can
host applications and services for multiple tenants. Although all of these tenants will belong to the same
organization, it is still necessary to maintain strict isolation between the virtualized private cloud resources
allocated to different tenants. By doing this, you maintain the confidentiality and integrity of the data
kept by the tenants in the private cloud.
The infrastructure of a private cloud is designed to maintain this isolation between virtual environments at
run time. However, you should monitor the environment for attempts to break through the isolation, or
for evidence that confidential information has been exposed or data tampered with.
Operational activities such as those that relate to service continuity, availability management, and incident
management may be designed to operate at the physical tier. An example of such an activity includes
detecting and replacing a faulty server. However, these operations must maintain the isolation between
different tenant's resources in the virtual environments in the cloud.
Private Clouds
The resources available in a private cloud are:
• Virtual CPUs
• Memory
• Storage
• Custom quotas (points)
Server Virtualization with Windows Server Hyper-V® and System Center 11-21
• Virtual machines
• Data paths
The actions you can allow for these resources in a private cloud are to:
• Author
• Checkpoint (snapshots)
• Checkpoint (restore only)
• Deploy
• Deploy (from template only)
• Local Administrator
• Pause and resume
• Receive
• Remote connection
• Remove
• Save
• Share
• Shut down
• Start
• Stop
• Store
Host Groups
If you are delegated to a host group, you can administer hosts and virtual networks that are in the
assigned host groups. This includes virtual hard disks, virtual network adapters, SCSI adapters, and
anything configured on virtual machines within the hosts. This can be useful if you want to group hosts
based on your network’s administrative areas. For example, you might choose to group Hyper-V hosts
based on the types of virtual machines that the servers host. This also can be useful if you group servers
based on physical office locations, and then delegate administration accordingly.
Library Servers
A library server’s objects include virtual hard disks, virtual floppy disks, .iso image files, Windows
PowerShell scripts, Sysprep answer files, and VMware templates. These objects are stored in all library
shares on the library servers. You can delegate administrative control to each library server object. This
can be useful if you distribute library servers in multiple locations, and you want to ensure that local
administrators can work only with objects in the local library.
Virtual Machines
You can delegate permissions to virtual machines on a one-by-one basis. To enable users or groups to
manage a specific virtual machine, you can add the user or group as the virtual machine owner in the
VMM Administrator Console, or through the Self-Service Administration Portal site. You might choose to
delegate permissions at the virtual machine level if you want to restrict which virtual machines in a host
group that self-service users can manage.
11-22 Managing Clouds in Microsoft System Center 2012 R2 Virtual Machine Manager
• Only administrators can add stand-alone Citrix XenServer hosts and Citrix XenServer clusters (known
as pools) to VMM management.
• Only administrators can add a Windows Server Update Services (WSUS) server to VMM, which enables
VMM fabric updates through VMM.
Profiles
You can create user roles by assigning one of four types of user role profiles in VMM:
• Fabric Administrator
• Read-Only Administrator
• Tenant Administrator
• Application Administrator
In System Center VMM 2008, the Fabric Administrator role was known as the Delegated Administrator
role. This name may still show up in technical references
Note: In System Center VMM 2008 and older VMM versions, the Application Administrator
role was known as the Self-Service User role. This name may still show up in technical references.
When using the Create User Role Wizard, complete the following steps to create a user role:
2. Name the user role, and provide a description. When given a choice about what type of user role you
want to create, select the user role type.
3. If you choose to create a Fabric or Read-Only Administrator role, provide the following information:
a. Members. You can add Active Directory user or group accounts to the user role. (You do not
need to add members to the user role when you create it. You can do this later.)
Note: As a best practice, you should avoid adding user accounts directly to the user roles.
Use Active Directory groups instead.
11-24 Managing Clouds in Microsoft System Center 2012 R2 Virtual Machine Manager
b. Scope. You can specify the private cloud and host groups that the delegated administrator can
administer. By default, no objects are selected. When you select an option, the administrator
receives permissions for all child objects. For example, if you grant a fabric administrator
permission to a host group, the administrator can manage all hosts and virtual machines within
the host group.
c. Library servers. Each member of this user role can use only the library servers that you specify.
d. Run As accounts. Each member of this user role can use only the Run As accounts that you
specify. (A Run As account is a container for a set of stored credentials.) Only administrators and
fabric administrators can create and manage Run As accounts. Read-only administrators can see
only the account names associated with Run As accounts that are in the scope of their user role.
4. If you choose to create a Tenant or Application User role, you will need to provide the following
information as you complete the wizard:
a. Members. You can add Active Directory user or group accounts to the user role. (You do not
need to add members to the user role when you create it. You can do this later.)
b. Scope. The scope of the user role determines the objects on which the member of user role can
perform actions. For the Tenant and Application Administrator profile, you only can specify a
private cloud in their scope page. If no private cloud exists then the user role cannot perform
actions.
c. Quotas for the cloud name cloud. This setting is only for Tenant Administrators. Once you create
a private cloud, you can specify whether it can use the maximum of any or all resources, or a
subset of those resources, by setting a quota for the various resources. When you create a user
role, you have the ability to further set limits on the resources for the specified private cloud. You
can first set quotas at the root level, which will set all members of the role to the same standard.
Next, you can set quotas at the member level, which means that each member of this user role
has the same standard.
d. Networking. Each member of this user role can use only the specified virtual machine networks.
The administrator creating this user role can either select an existing virtual machine network, or
create a new one.
e. Resources. By default, users cannot save virtual machines in a library, and cannot connect the
.iso files in the library to virtual machines. If you enable this option, you can limit user access to
specific shared folders in the library of your choice. You can also choose whether users can use
only the resources that you specify. To do this, you establish a user role data path, which is path
to the library that you choose. This path enables the user role members to store virtual machines
in the designated library share. It also determines whether users can access the .iso files stored in
that specific library.
f. Permissions. You can enable the user role to have a wide variety of permissions globally or on a
private cloud, or you can apply more restrictive permissions that limit the actions that the user
can perform. For example, you can enable users to start and shut down virtual machines, but can
prevent them from creating checkpoints or stopping the virtual machines. You also can choose
whether users can create their own virtual machines.
Server Virtualization with Windows Server Hyper-V® and System Center 11-25
In RBAC, dynamic collections of object instances (such as hosts or virtual machines), determine the
available targets for a particular operation that a user performs. For example, when a user with a specific
user role attempts to start a virtual machine, VMM first checks whether the user role has permission to
perform the Start action on virtual machines. VMM then verifies that the user role has the right to start
the selected virtual machine.
The objects in RBAC are hierarchical. Providing access to a particular instance provides access to all
instances contained in that instance. For example, providing access to a host group provides access to all
hosts within the host group and to all virtual networks on the hosts.
System Center 2012 VMM adds private cloud management capabilities to the Fabric Administrator user
roles, and enhances the capabilities granted to Application user roles.
In addition to using the Create User Role Wizard, you can create and manage user roles by using
Windows PowerShell:
• To create a new user role, use the New-SCUserRole cmdlet.
• To get information about the user roles for a specified user, use the Get-SCUserRoleMembership
cmdlet.
Demonstration Steps
1. Sign in to LON-VMM1 as adatum\administrator with a password of Pa$$w0rd.
2. On the desktop, on the taskbar, click the Virtual Machine Manager console icon.
3. On the Connect To page, click Connect.
4. In the Virtual Machine Manager console, in the lower left Workspace area, click Settings. In the
Settings console tree, click the User Roles node.
5. Review all of the icons and buttons on the ribbon.
11-26 Managing Clouds in Microsoft System Center 2012 R2 Virtual Machine Manager
6. On the ribbon, click the Create User Role icon. Create a User Role named DemoRole, with a
description of User role created for demonstration. Choose the profile Fabric Administrator
(Delegated Administrator).
7. Add the ADATUM\IT Active Directory domain group as Members, and the DemoCloud and
LocalGroup as the scope.
9. On the Summary page, review the Windows PowerShell cmdlets but do not save them. Finally, create
the user role.
Although IT management would like to enable business groups to manage their own virtual machines,
they are concerned about the impact to the rest of the virtualization environment. You need to
implement a solution that will enable this functionality, but also limit the impact that any business group
can have on the rest of the infrastructure. You will implement this solution by creating private clouds
within VMM.
Objectives
After completing this lab, you will be able to:
Lab Setup
Estimated Time: 25 minutes
Virtual machines: 20409B-LON-HOST1, 20409B-LON-DC1, 20409B-LON-VMM1, 20409B-LON-CL1
3. Click 20409B-LON-VMM1, in the Actions pane, click Start, and then click Connect. Wait until the
virtual machine starts.
o Password: Pa$$w0rd
o Domain: Adatum
Note: Because you will be using the same virtual machines in the next lab, do not revert
the virtual machines. However, you can shut down all virtual machines after finishing this lab.
11-28 Managing Clouds in Microsoft System Center 2012 R2 Virtual Machine Manager
Email
From: Ed Meadows
To: IT department
2. Both the Development and Research departments of A Datum should have ability to create and
manage virtual machines and other resources for testing purposes.
3. Please create private cloud space for these departments, and that ensure their personnel can create
virtual machines, use them, and then delete them within their own private cloud.
4. As discussed in our meeting on Tuesday, we need to ensure that our available resources are not
overwhelmed, so consider limiting the total number of virtual machines and the resources devoted to
these departments within each cloud. However, I’d like you to test it by letting them create only one
virtual machine, and then do further testing to ensure that they cannot create another by further
testing.
1. Review the scenario and the email from Ed Meadows, and then answer the questions.
2. Create the Development private cloud.
Task 1: Review the scenario and the email from Ed Meadows, and then answer the
questions
Review the scenario and the email from Ed Meadows, and then answer the following questions:
3. How will you fulfill the requirement to ensure the resources are not overwhelmed?
4. In the Virtual Machine Manager console, in VMs and Services, create a cloud with the following
properties:
a. Name: DevCloud
c. Resources: LocalGroup
g. Port Classifications:
Host management
Guest Dynamic IP
High bandwidth
Medium bandwidth
Low bandwidth
h. Storage: Local Storage
i. Library: (none) Default
Results: After completing this exercise, you should have created a private cloud based in a host group,
and you should have reviewed its properties.
3. Use the Create User Role button to create a User Role named DevRole, with a description of User
role created for the Development Department. Choose the profile Application (Self-Service
User) Administrator.
4. Add the ADATUM\Development Active Directory domain group as members.
6. On the Quotas for the DevCloud cloud page, in the Member level quotas section, clear the Use
Maximum column check box in the Virtual Machines row, and then in the Assigned Quota column,
type 1.
9. On the Permissions page, under the Name column, select all check boxes except for Receive and
Share.
10. On the Summary page, create the User Role.
Server Virtualization with Windows Server Hyper-V® and System Center 11-31
3. Use the Create User Role button to create a user role named ResearchRole, with a description of
User role created for the Research Department.
7. On the Quotas for the ResCloud cloud page, in the Member level quotas section, in the Virtual
Machines row, clear the Use Maximum column check box, and then in the Assigned Quota
column, type 1.
9. On the Resource page, in the Specify user role data path, select the Host1Library.
10. On the Permissions page, under the Name column, select all check boxes except the Receive and
Share check boxes.
13. Click the ResearchRole object, and then on the ribbon, click the Properties button.
14. In the ResearchRole Properties dialog box, review the various properties, and then click Cancel.
Results: After completing this exercise, you should have created several user roles, explored different
configuration options, and then connected VMM as a member of different roles to confirm which actions
they can perform.
2. Use the Virtual Machine Manager console on LON-CL1 to create virtual machines as a Research
department user.
Task 1: Use the Virtual Machine Manager console on LON-CL1 to create virtual
machines as a Development department User
1. Sign in to LON-CL1 as adatum\ben with a password of Pa$$w0rd. You may have to wait a moment
while the user’s profile is created.
11-32 Managing Clouds in Microsoft System Center 2012 R2 Virtual Machine Manager
2. Navigate to the Apps by name start screen, and pin the Virtual Machine Manager Console tile to
the desktop taskbar.
b. Identity:
Name: 1stDevCloudVM
Description: First virtual machine in the DevCloud
c. Configure Hardware: select the Hyper-V check box
7. Verify that 1stDevCloudVM now displays in the DevCloud VMs details pane.
8. Attempt to make another virtual machine, using step 6 above, but change the name to
2ndDevCloudVM and the description to Second virtual machine in the DevCloud.
10. On Ratings Explanation tab, note the line that says, “The operation results in a violation of the
virtual machine count quota for the private cloud.”
11. With the DevCloud selected, right-click 1stDevCloudVM, and then click Delete. When a
confirmation pop-up displays ,click Yes.
12. Close the Virtual Machine Manager console, and sign out of LON-CL1.
Task 2: Use the Virtual Machine Manager console on LON-CL1 to create virtual
machines as a Research department user
1. Sign in to LON-CL1 as adatum\hani with a password of Pa$$w0rd. You may have to wait a moment
while the user’s profile is created.
2. Navigate to the Apps by name start screen, and pin the Virtual Machine Manager console tile to
the desktop taskbar.
a. Select Source: Create the new virtual machine with a blank virtual hard disk
b. Identity:
Name: 1stResCloudVM
Description: First virtual machine in the ResCloud
Server Virtualization with Windows Server Hyper-V® and System Center 11-33
g. Summary: Create
9. The task will fail at step 6e. On the Ratings Explanation tab, note the line that says, “The operation
results in a violation of the virtual machine count quota for the private cloud.”
10. With the ResCloud selected, right-click 1stResCloudVM, and then click Delete. When the
confirmation pop-up displays, click Yes.
11. Close the Virtual Machine Manager console and sign off LON-CL1.
Results: After completing this exercise, you should have used the VMM console to create virtual machines
as a Development department user, and as a research department user.
11-34 Managing Clouds in Microsoft System Center 2012 R2 Virtual Machine Manager
Question: What considerations do you need to make before you delete a private cloud?
Question: You need to allow non-IT users to make their own virtual machines, but host
server space is limited. What would be the appropriate user role profile to use, and what
specific settings should you set?
Tools
• Use the Create Cloud Wizard to create a private cloud in VMM 2012.
• Use the Create User Roles Wizard to create collections of users that can be assigned permissions to all
or some private clouds, and select permission to what can be done by the user role on resources in
that private cloud.
• Use System Center 2012 - App Controller to provide a common self-service experience that can help
you configure, deploy, and manage virtual machines and services across private and public clouds.
Module 12
Managing Services in Microsoft System Center 2012 R2
Virtual Machine Manager and App Controller
Contents:
Module Overview 12-1
Module Overview
Deploying services in the private or public cloud environment is key to managing your cloud
environment. Microsoft System Center 2012 R2 Virtual Machine Manager (VMM) introduces several
new tools for creating, managing, and deploying services in your cloud environment. These new tools
integrate with System Center 2012 R2 App Controller (App Controller), which end users can use to
deploy services for their own use. In this module, you will learn about VMM services and managing
services by using VMM. You will also see how you can configure and deploy both services and the service-
management feature. You will see how to use App Controller to configure, deploy, visualize, and update
multitier application components in the context of holistic service delivered to a business. You will also
learn how service consumers can view all the applications for which they are responsible in one window.
Note: For the purpose of this course, all instances of Microsoft System Center 2012 R2
Virtual Machine Manager are referred to as VMM.
Objectives
After completing this module, you will be able to:
Lesson 1
Understanding Services in VMM
One of the most important tasks in cloud technology is deploying and managing services in the private or
public cloud environment. VMM includes several new tools that you can use for creating, managing, and
deploying services. These new tools integrate with App Controller, which end users can use to deploy
services for their own use. In this lesson, you will learn about services and service management in VMM,
and you will see how you can configure and deploy them.
Lesson Objectives
After completing this lesson, you will be able to:
What Is a Service?
Services are a new concept in VMM. Therefore,
it is very important that you understand
services fully before deploying a private cloud
infrastructure. The concept of a service in VMM
differs from traditional service scenarios.
A service often includes several computers that must work together to provide a service to end users.
For example, a web-based service is usually an application that deploys on a web server, connects to a
database server (which can be hosted on another machine), and performs authentication on an Active
Directory domain controller. Enabling this application requires three different roles, and possibly
three different computers: a web server, a database server, and a domain controller. Deploying a test
environment for a service such as this can consume time and resources. Ideally, developers work with
IT administrators to create an environment where they can deploy and test their web application.
In VMM, a service is a set of one or more virtual machines that you deploy and manage together as a
single entity. You configure these machines to run together to provide a service. In VMM 2008, users were
able to deploy new virtual machines by using the Virtual Machine Manager Self-Service Portal. System
Center 2012 VMM enhances this feature to allow users to deploy new services. In System Center 2012
Service Pack 1 (SP1) VMM, the functionality of the Self-Service Portal is in the System Center 2012 App
Controller, which also can deploy services. By deploying a service, users actually are deploying the entire
infrastructure, including the virtual machines, network connections, and applications that make the service
work. However, you can use services to deploy only a single virtual machine without any specific purpose.
You now can use App Controller to create a service that will deploy a virtual machine that is joined to a
domain. That virtual machine could have several roles and features preinstalled, such as Windows Server
2008 R2. This simplifies the process of creating and updating new virtual machines. You also can deploy
sets of preinstalled virtual machines that work together to support a distributed application, such as a web
application.
2. The application owner, such as a developer who needs to deploy the application environment,
opens the App Controller portal, and requests a new service deployment based on available service
templates that he or she can access. The user can then deploy the service to a private cloud where a
user has access. As an alternative to App Controller, the user also can use the VMM console.
3. A request is submitted and the VMM management server evaluates the request. VMM searches for
available resources in the private cloud, then calculates the user quota, and verifies that the cloud is
capable for the requested service deployment.
12-4 Managing Services in Microsoft System Center 2012 R2 Virtual Machine Manager and App Controller
4. VMM creates the service automatically, and then deploys the virtual machines and applications (if
any) on the host that it chooses.
5. The application owner gains control over service virtual machines through the App Controller portal,
or by Remote Desktop Protocol (RDP).
If there is a need for manual approval for resource creation, you can use Microsoft System Center 2012 -
Service Manager to create workflows for this purpose.
You use Server App-V to create virtual application packages that you can deploy to computers that
are running a Windows Server operating system and have the Server App-V agent installed. You
create virtual application packages by sequencing the application using Server App-V. You then
create an application profile and add it to a service template, which can then deploy out the
application.
• Deploy an instance of SQL Server to a virtual machine. Many web-based applications and multitier
services use SQL Server for database functionality. You often have to deploy database applications to
support virtualized services within the private cloud. You can use a SQL Server profile as a building
block for deploying instances of SQL Server onto virtual machines. You first create a virtual hard disk
that contains a sysprepped version (prepared instance) of SQL Server. From this virtual hard disk, you
will create a SQL Server profile that contains instructions for customizing an instance of SQL Server for
a SQL Server data-tier application. You then can deploy this instance to a virtual machine as part of a
service.
For more information about these common scenarios, refer to:
Application Profiles
When you deploy a virtual machine as part of a
service, application profiles provide configuration
instructions for installing specific application
types. Application profiles support the following
application types:
• Web applications
• Scripts
Hardware Profiles
A hardware profile contains specifications for various hardware components such as the number of
processors, memory allocation, integrated drive electronics (IDE) devices, small computer system interface
(SCSI) adapter configurations, and network adapter configurations. Although, you can deploy a virtual
machine without a hardware profile, using a hardware profile in conjunction with a virtual machine
template ensures that your virtual machine deployment uses a consistent hardware configuration.
Guest OS Profiles
In the virtual machine template, you can configure the guest operating system profile settings manually,
or you can import settings from a preconfigured guest OS profile. If you do not need to customize the
operating system, you can select None – customization not required.
Note: If you choose not to include a guest OS profile in the virtual machine template, VMM
removes all other application and SQL Server profile settings so that they are not available for
configuration in the virtual machine template.
VM Template
When you create a new virtual machine, either you can derive the source of the new virtual machine from
an existing virtual machine or hard disk, or you can base the new virtual machine on a VM template. If
you use a stored virtual machine or a virtual hard disk, you can only customize the hardware settings;
there is no option for adding additional information such as the operating system configuration or
applications.
A VM template provides additional flexibility and efficiency for virtual machine deployment. The
advantages of using a VM template include the following:
• You can configure hardware, operating system, applications, and SQL Server specifications.
• You can use them to create new virtual machines or service templates.
• You can share them with self-service users or roles to provide a consistent virtual machine
deployment process.
Each service template that you create in VMM has several settings that you can configure. You access
these settings by opening the Properties dialog box of the service template that you are creating.
The following list provides explanations for the most important service template settings:
• Name. Specify the name for the service template. This name will appear in the virtual machine and in
the Services workspace. Additionally, this is the name that self-service users will see, so use descriptive
names.
• Release. Specify a value that indicates the service template’s version. The release value is important
when you update a service. The release value helps you to identify the version of the service template.
Each time you create a service template and make a deployment based on the template, you can
make no further changes to it. If you want to make changes, you must first create a new version.
• Dependencies. Specify the location in which you can view objects that derive from a specific service
template, and library resources that the template references. You cannot make any changes here.
• Access. Define the service template’s owner. You also can list self-service users that can use this
service template to deploy a service. If you want to provide self-service users with the ability to
deploy services by using the VMM console or by using App Controller, you must add them to the
access list for the service template.
You should configure all service template settings before you begin deploying services from a specific
template.
Server Virtualization with Windows Server Hyper-V® and System Center 12-7
3. You can create operating-system images and applications dynamically when you deploy them, as
necessary. This means that deployment consumes fewer resources unless they are necessary at a
specific moment.
4. Application administrators can change service instances dynamically by updating the service template
as necessary.
2. Use the virtual machine template to create a service template from which VMM can derive service
instances.
Deploying the template makes it available to application users who can create their own service instances.
At this point, an organization is using a service. This would be part of normal operations, which can
continue for months or even years. The organization benefits from the speed with which it can deploy a
service and that service’s dependability.
At some point, modifications may be necessary. Perhaps you no longer need a running service, or you
require a new version. When this happens, you can update the service. To update a service, you update
the template by reconfiguring the service instance with the new requirements. You then change or update
the profiles, and repackage them into an updates template, from which you can redeploy the service until
the next update occurs.
12-8 Managing Services in Microsoft System Center 2012 R2 Virtual Machine Manager and App Controller
For example, suppose your organization wants to promote its products up to, and cumulating with, an
advertisement during a global sporting event. You might announce a website to which customers can
navigate to enter a prize drawing, but only during that specific sporting event. Your organization would
expect to get millions of visits to that webpage during the event, but very few, if any, after. Therefore, you
could use a service for this promotion. Once the event is complete, you could turn off the service and
delete the service template.
Server Virtualization with Windows Server Hyper-V® and System Center 12-9
Lesson 2
Creating and Managing Services in VMM
Services are essentially a set of virtual machines that you configure and deploy together and then
manage as a single entity. You can create and modify service templates that allow this deployment and
management. Additionally, System Center 2012 VMM introduces the Service Template Designer that
offers a graphical management tool to create and configure virtual machine templates. In addition, you
might want to change the scale of a service, update a service, or even import a service template into
another VMM infrastructure.
In this lesson, you will focus on creating service templates and deploying them out as services, including
virtual machines.
Lesson Objectives
After completing this lesson, you will be able to:
The simplest way to add a tier is to use the Service Template Designer. In the Service Template Designer,
a list of available virtual machine templates displays in the left pane. Select the virtual machine template
that you want to use to create a tier, and then drag the virtual machine template on to the canvas. Service
Template Designer then creates the tier using the properties of the virtual machine template that you
selected.
For each tier that you have in your service template, you can configure options such as name, scale-out
capabilities, hardware configuration, operating system configuration, and application configuration. If
you created a service template with a pattern that creates default tiers for you, you can drag the virtual
machine template on to one of those default tiers. The service template then configures the tier with its
properties. Additionally, you can add tiers.
However, be aware that the service template does not create a link or relationship between the virtual
machine template and the tier that you create. Any subsequent changes that you make to the virtual
machine template in VMM do not propagate to the tier in the service template. Furthermore, any
configuration settings that you make to the tier do not propagate to the virtual machine template. The
virtual machine template that you drag to the tier in the Service Template Designer provides you with a
configuration template that you can modify. However, it establishes no permanent connection between
the virtual machine template, tier, or service template.
• Release. Specify a value that indicates the service template’s version. The release value is important
when you update a service, because it identifies the version of the service template. Each time you
create a service template, and perform a deployment based on that template, you can make no
further changes to it. If you want to make changes, you must first create a new version.
• Dependencies. Specify the location at which you can view objects that derive from a specific service
template, and library resources that the template references. You cannot make any changes here.
• Access. Specify the template’s owner. You also can list self-service users that can use this service
template to deploy a service. If you want to allow self-service users to deploy services by using the
VMM console, or by using App Controller, you must add them to the service template’s access list.
We recommend that you configure all service template settings before you begin deploying services
based on that template.
Server Virtualization with Windows Server Hyper-V® and System Center 12-11
Demonstration Steps
1. Sign in to LON-VMM1 as adatum\administrator with the password Pa$$w0rd.
a. General page:
Name: DemoServiceVM
b. Hardware Configuration page:
Compatibility: Hyper-V
Select a virtual hard disk: SmallCore.vhd
Network Adapter 1 (Legacy) details pane: Connected to a VM network: External Network.
c. Operating System Configuration: In the Operating system drop-down list, click 64-bit
edition of Windows Server 2012 Standard.
By default, VMM generates names in format ServiceVM0000X.domain for both virtual machine name and
computer name. However, you can change this for each service deployment.
When you click the Deploy Service button in the Deploy Service console, you initiate the deployment
process. You can monitor deployment progress in the Jobs window. Depending on the number of virtual
machines that you deploy, and the network and storage speed, this process can take ten minutes and up
to a few hours. For long-running service deployments, we recommend that you monitor the VM Manager
log in Event viewer, and the System log on the VMM management server. Event Viewer provides detailed
information about the tasks performed.
After the service deploys, you can update the service template, and then deploy those updated changes
to the already deployed service. Alternatively, you can deploy additional virtual machines to an existing
service to provide additional resources for the deployed service.
You can also start a deployment from the App Controller portal. If you provide a self-service user role with
access to a service template, self-service users can initiate a service deployment by using App Controller.
Optimally, in a private cloud environment, end users should use App Controller to deploy services and
applications without ever having to know a virtual machine’s number, configuration, or location.
Note: The VMM Self-Service portal has been removed in System Center 2012 SP1.
Demonstration Steps
1. Use your mouse to drag the External Network box next to the NIC 1 box.
2. Click Save and Validate the service, and then click the Configure Deployment icon. Provide the
name of the service as follows:
4. Click Deploy Service, and in the Deploy service pop-up window, click Deploy. On LON-HOST2, in
Microsoft Hyper-V Manager console, connect to the new virtual machine, and then Skip the product
key input page.
2. Select the private cloud or host group to which you deployed the service.
6. The first page of the wizard is the Select Tier page. The Tier details section shows the number of
virtual machines currently deployed, and the minimum and maximum tier sizes.
7. On the Select Tier page, click the Tier drop-down list box, click the tier that you want to scale out,
and then click Next.
8. On the Specify Virtual Machine Identity page, type a name for the new virtual machine that you
are creating, and then click Next.
9. Depending on whether the tier is in a service that is deployed to a private cloud or to a host already,
do the following:
ii. Update any other virtual machine settings as needed, and then click Next.
10. On the Add Properties page, select any actions to take when the host server starts or stops, and then
click Next.
12-14 Managing Services in Microsoft System Center 2012 R2 Virtual Machine Manager and App Controller
13. When the Create virtual machine task finishes, return to the VMs and Services workspace, and verify
that the new virtual machine is in the service’s tier.
Updating a Service
Requirements should dictate whether a particular
service is current and practical to those who use it.
Over time, requirements change and may require
updating. You can make changes to a deployed
service by updating that service. In VMM, you use
a service template to deploy a service. You can
make updates to a service template, which then
makes changes to the deployed service.
You can set the number of upgrade domains that you need to use, and VMM will arbitrarily assigned
virtual machines to an upgrade domain. When you need to update a tier in a service, VMM updates
the virtual machines in the tier according to the upgrade domain to which they belong. The upgrade
domains are updated one at a time, and the virtual machines being updated in that upgrade domain are
shut down, updated, and then brought back online. VMM then moves to the next upgrade domain and
repeats the process. This means that updates can take place with the least possible impact to the running
service.
Alternatively, you can use VMM to update a deployed service by creating new virtual machines with the
updated settings. This option takes more time than upgrading, as you are replacing the existing virtual
machines with new virtual machines. However, this would be the preferred way to deploy operating
system updates such as service packs on the virtual machine. You can use a script to save the state of
certain applications before removing the virtual machines, and then restore the application state to the
new virtual machines when you deploy them. You also can use Server App-V, which supports automatic
saving and restoring of application states without scripting.
Server Virtualization with Windows Server Hyper-V® and System Center 12-15
• Tier definitions
• Hardware settings
• Network configurations
VMM saves these settings to an .xml file. Optionally, you can add sensitive data that is marked as secure,
such as passwords, an application’s product keys, and global settings that require action. You can encrypt
sensitive data settings and protect them with an encrypted password.
When you import a service template, you can choose to either exclude or include sensitive settings. If you
decide to include these settings, you must use an encrypted password to do so.
You can also choose to export some or all of the physical resources that are associated with the service
template, such as base virtual hard drives, scripts, or application packages along with the .XML file.
During a service template import, VMM validates physical and logical resources that the service template
references. You can then update references to any missing resources, such as logical resources in logical
networks and virtual hard disks.
You should store the .xml file in a Virtual Machine Manager library share, which ensures that
administrators have access to the file for the service template imports. You can also store the file in a
file share, or copy it and then deploy it to administrators for import into different VMM installations.
The account requirements for exporting and importing service templates are straightforward. VMM
administrators can import and export service templates. Application administrators, or self-service users,
to whom you assign the Author action to their user role, can import and export service templates to which
you provide them with access. This is regardless of who owns the service template. When authorized
application administrators import a service template, they become the service template owners.
12-16 Managing Services in Microsoft System Center 2012 R2 Virtual Machine Manager and App Controller
Lesson 3
Using App Controller
You can use App Controller to provide a means of self-service that enables users to easily configure,
deploy, and manage virtual machines and services across private cloud and public clouds. App Controller
helps you meet consumer and service provider expectations by providing an effective way to deliver IT as
a service (ITaaS).
App Controller is the end user’s single view to manage applications and services across Microsoft cloud
services and the Windows Azure public cloud. You can use App Controller to configure, deploy, visualize,
and update multitier application components as a holistic service delivered to the business. In one
window, service consumers can view all applications for which they are responsible.
In this lesson, you will learn about App Controller and its capabilities.
Lesson Objectives
After completing this lesson, you will be able to:
• Describe the purpose and functionality of App Controller.
• Explain how to use an App Controller to deploy VMM and App Controller.
App Controller provides the self-service component of this solution by enabling application owners to:
• Configure, deploy, and manage services through an intuitive, unified, and service-centric interface,
while using a library of standard templates.
• Provide self-service application management, visibility, and control across both the Microsoft private
cloud services and the Microsoft public cloud services (such as Windows Azure).
• Create, manage, and move services using a web-based interface that presents a customized view of
resources based on your role in the organization, and enables you to manage services rather than
servers. This lets application owners focus on improving business value. View virtual machines, and
both private and public cloud services. Control components at each layer, track jobs, and maintain a
detailed history of changes.
App Controller also enables data center administrators to delegate authority to application owners.
Predefined templates help ensure compliance with company IT standards and policies. Using App
Controller, data center administrators can create for application owners a customized, role-based view of
private and public cloud services, and a consumed and available resources view. In addition, application
owners can customize all service components, including virtual machines, network resources, and load
balancing.
You also can use App Controller to move applications and components within public and private cloud
environments, including:
• .vhd and .vhdx files among Windows Azure subscriptions and the private cloud’s storage.
• Copy service templates and resources.
App Controller now works with VMM. It can connect to the Service Provider Foundation versions that
shipped with System Center 2012 SP1 and System Center 2012 R2.
• VMM administrator
After you import all of the data, you should be able to connect to both your private clouds and your
VMM server.
For example, in the App Controller console, on the Clouds tab, a self-service user can view both private
clouds and public clouds to which that user has appropriate permissions. On this tab, a self-service user
will also see an option to deploy resources to cloud services. Based on templates provided in the Virtual
Machine Manager library that are available to the self-service user, it is possible to deploy a new service or
virtual machine. Self-service users can also access a library view, where they can view available templates,
shares, and other resources. From this point, it is also possible to deploy a new service or virtual machine.
However, unlike VMM where new virtual machine or service deployment requires several steps and
several decisions, the App Controller process is a more straightforward. From App Controller, each self-
service user can see his or her active jobs, job progress, and state.
Server Virtualization with Windows Server Hyper-V® and System Center 12-19
Demonstration Steps
1. On LON-VMM1, sign in as adatum\administrator with the password Pa$$w0rd.
a. Click the hyperlinks 1 Virtual Machine Manager server, and 1 Virtual Machine Manager
clouds.
b. Explore the console tree by clicking every node in the tree, and then examining the details pane
of each node.
c. Expand all child nodes, and then explore those nodes and their details pane as well.
5. Sign out of App Controller, close Internet Explorer, close all open windows, and then sign out of
LON-VMM1.
Hardware Requirements
From a hardware perspective, App Controller is
not a very demanding service. You must have at
least a Pentium 4 CPU running on 2 gigahertz (GHz). Additionally, the recommended amount of random
access memory (RAM) is 4 GB (with a 1 GB minimum), and 1 GB or a minimum of 512 megabytes (MB), of
hard-disk space. Because of the low hardware requirements, you can run App Controller in a virtual
machine to optimize resource usage.
Software Requirements
App Controller has software requirements that you must meet prior to installation. You can install App
Controller only on Windows Server 2008 R2 SP1 and newer. You must also install a Web Server role, that
is, Windows Internet Information Services (IIS). There are several Web Server role services required for
App Controller, but the App Controller Setup Wizard will install all of them during setup. You also should
install Microsoft .NET Framework 4 (4.5 on Windows Server 2012 R2) before installing App Controller, or
you can let App Controller setup install it for you.
12-20 Managing Services in Microsoft System Center 2012 R2 Virtual Machine Manager and App Controller
To run successfully, App Controller also requires SQL Server 2008 Service Pack 2 (SP2) or SQL Server 2008
R2 or newer. SQL Server does not require a dedicated server. Instead, you can use the SQL instance that
VMM is using. Additionally, you must install the VMM console on the server that is running App
Controller. However, it does not have to be on the VMM management server. You must install VMM
locally or remotely, because the App Controller is a portal to the data and services that VMM provides.
If you want to use Windows PowerShell for App Controller, at a minimum, you should install .NET
Framework 3.5.1 (available as feature in Windows Server 2008 R2) and Windows PowerShell 2.0 (built in
Windows Server 2008 R2). Windows Server 2012 comes with .NET Framework 4 and Windows
PowerShell 3.0.
Installation Considerations
To install the App Controller, you must be logged on to the computer that you are configuring, as a
domain user with membership in the local Administrators group. This account also must have at least
database-owner permission on the database that it will use.
While running the App Controller Setup Wizard, you must provide a service account that App Controller
can use to run. You can choose between Network Service and domain account. We recommend that you
create a dedicated account just for this purpose, or that you use the Managed Service Account feature.
You also should configure the port on which App Controller services will work. This port is for internal
purposes only, so you do not need to configure it on a firewall.
If you are installing multiple App Controller servers behind a load balancer, you will be required to
configure an encryption key that the servers share. After installing the first App Controller server, you
export the encryption key by using the Export-AppControllerAesKey cmdlet, which you then provide
key when installing subsequent servers.
If there is a problem with the setup completing successfully, consult the log files that are in the
%LOCALAPPDATA%\AppController\Logs folder.
Deployment Considerations
When deploying App Controller, it is important that you configure certificates properly. You cannot
request a certificate during setup, so you should prepare the certificate using the Internet Information
Services (IIS) console prior to running setup. An alternative to your internal public key infrastructure (PKI)
is to use a self-signed certificate. However, using self-signed certificates can cause potential trust issues.
App Controller is not a cluster-aware service, but you can make it highly available by making:
• The database highly available, which you can do by installing the database on a clustered SQL Server.
By default, App Controller prompts users to sign in by entering their AD DS user name and password.
If you want to configure App Controller to use the user’s current Windows credentials to sign in
automatically, you should enable Windows Authentication on the /api virtual directory on the App
Controller website.
Server Virtualization with Windows Server Hyper-V® and System Center 12-21
Measure Value
To deploy a service to a private cloud, access the Clouds node in the App Controller console tree. Right-
click a named cloud in the Clouds details pane, and then click Deploy, or in the control bar at the top of
the Clouds details pane, click the Deploy button. App Controller allows you to use the New Deployment
diagram view to configure the settings for the service deployment. The Deploy button is not available
until you supply all required settings.
You also can manage deployed services by selecting the Services node in the App Controller console
tree. The All Deployed Services details pane has a list of the various available deployed services. A VMM
administrator creates service templates in the VMM console, and then delegates them to a user role. Then,
they appear as deployed services in the All Deployed Services details pane. You can right-click a deployed
service name, or you can select the name, and then use the various buttons on the control bar above.
The Open Diagram button brings up a diagram view in which you can change settings for a particular
deployed service. You also can start, stop, suspend, and resume a deployed service. A Servicing item lets
you upgrade and delete deployed services, and resolve any issues.
12-22 Managing Services in Microsoft System Center 2012 R2 Virtual Machine Manager and App Controller
If your organization has a subscription to Windows Azure, you can add the items in that subscription to
the App Controller console. You can find Windows Azure items in in the App Controller Library. To deploy
a service to Windows Azure, you will have to create a Windows Azure configuration and package file. You
then must upload this file to the Windows Azure storage account, and then select the particular
configuration file. The diagram view then will load with the proper information, and you can click
hyperlinks to configure settings. After this, the Deploy button in the diagram view becomes available.
The Virtual Machines node of the App Controller console also has a Deploy button. When selected, it
brings up a New Deployment diagram view, which you can use to create a virtual machine. You click the
hyperlinks to configure the various settings. Once all the required configuration of the various settings is
complete, the Deploy button will become available. You can also use the Virtual Machines node to select
a listed virtual machine and then right-click it, or choose an item from the control bar above to manage it.
The functionality allows you to:
Demonstration Steps
1. On LON-VMM1, sign in as adatum\administrator with the password Pa$$w0rd.
2. Start the App Controller web portal page, and sign in as ADATUM\Administrator with the
password Pa$$w0rd.
5. In the Virtual machine node of the console tree, verify that the Status changes from Under Creation
to Running.
Server Virtualization with Windows Server Hyper-V® and System Center 12-23
8. If you get a connection failure warning, click the Reconnect button at the top of the console. If this
fails, return to the VMM Console, use Connect via Console to connect, and then exit the virtual
machine.
9. Sign on to the virtual machine from the App Controller web portal. Note that the virtual machine is
running Windows Server 2012 Core. Sign out of the virtual machine, and then close the console page.
10. Sign out of App Controller, and then close Internet Explorer.
11. Close all open windows, and then sign out of LON-VMM1.
12-24 Managing Services in Microsoft System Center 2012 R2 Virtual Machine Manager and App Controller
Objectives
After completing this lab, you will be able to:
Lab Setup
Estimated Time: Duration: 75 minutes
Password: Pa$$w0rd
For this lab, you will use the available virtual machine environment. Before you begin, you must complete
the following steps:
3. Click 20409B-LON-VMM1, and in the Actions pane, click Start, and then click Connect. Wait until
the virtual machine starts.
o Password: Pa$$w0rd
o Domain: Adatum
a. Click the Library workspace, and then in the navigation pane, click LON-VMM1.Adatum.com.
e. Right-click the SmallCore.vhd file and select Cut. Ensure that a cut rather than a copy is done, as
you are moving the file, which makes the process much faster.
f. Click the back button to go back to the \\LON-VMM1.Adatum.com\MSSCVMMLibrary\VHDs
folder.
Note: Because you will be using the same virtual machines in the next lab, do not revert
the virtual machines. However, you can shut down all virtual machines after finishing this lab.
1. Open the Virtual Machine Manager Service Template Designer with a new service template.
2. Use the Service Template Designer to modify a single tier virtual machine.
Task 1: Open the Virtual Machine Manager Service Template Designer with a new
service template
1. Sign in to LON-VMM1 as adatum\administrator with the password Pa$$w0rd.
2. On the desktop, on the taskbar, click Virtual Machine Manage Console.
6. In the New Service Template dialog box, in the Name field, type Lab 12 Service Template, and
then in the Release field, type 1. In the Patterns section, click Single Machine, and then click OK.
This will bring up the Virtual Machine Manager Service Template Designer console.
7. Note the name selected, Lab 12 Service Template, is part of the overall name, because this is what
you are currently designing. The numeral 1 beside it is the release version.
Task 2: Use the Service Template Designer to modify a single tier virtual machine
1. In the Virtual Machine Manager Service Template Designer, create a service template with the
following properties:
a. General page:
Name: Lab12ServiceVM
b. Hardware Configuration page:
Compatibility: Hyper-V
Select a virtual hard disk: SmallCore.vhd (You may have to click Refresh (F5) to see it.)
Network Adapter 1 (Legacy): Connected to a VM network External Network
12-26 Managing Services in Microsoft System Center 2012 R2 Virtual Machine Manager and App Controller
c. OS Configuration page:
Operating system: 64-bit edition of Windows Server 2012 Standard
d. Application Configuration page: Select the None – do not install any applications
2. At the bottom of the Single Tier Properties dialog box, click OK.
3. Use your mouse to drag the External Network box beside the NIC 1 box.
Results: After completing this exercise, you should have created a service template by using the Service
Template Designer.
3. When the Deploy Service – Lab 12 Service displays, if you get a pink shaded area in the Deploy
Service – Lab 12 Service console, which indicates that it could not find a host, click Refresh Preview.
4. Click Deploy Service, and in the Deploy service pop-up windows, click Deploy, and then name the
virtual machine Lab12ServiceVM.
5. The Jobs window will display. This will take approximately 30 minutes to complete.
6. When the job completes, close the Jobs window, and then confirm that the Lab12ServiceVM virtual
machine is running.
Server Virtualization with Windows Server Hyper-V® and System Center 12-27
2. Click the Lab 12 Service Template service template, and in the Properties page, select the Access
page in the console tree, and then add the DevRole user role.
Note: Due to the ongoing creation of the Lab12ServiceVM virtual machine from Task 1
above, step 5 may take longer than expected or fail. If that happens, you cannot run Exercise 4,
Task 1.
Results: After completing this exercise, you should have configured service deployment, and then
deployed the service. You also should have modified the template, and then updated the service.
2. In Internet Explorer, on the App Controller sign in webpage, type Adatum\Administrator as the
User name and Pa$$w0rd as the Password.
3. On the Overview page, under Private Clouds, click Connect a Virtual Machine.
4. On the Add a new VMM connection page, provide the following settings, and then click OK:
5. Notice that the App Controller webpage loads with data shown under the Private Clouds section.
12-28 Managing Services in Microsoft System Center 2012 R2 Virtual Machine Manager and App Controller
2. Add the Ben Martens and Hani Loza domain user accounts to the Remote Desktop Users group by
using the System \Remote settings located in the Control Panel.
3. Close all windows and sign off of LON-CL1.
5. On the desktop, start Internet Explorer, and then in the address bar, type
https://lon-vmm1.adatum.com/.
6. In the There is a problem with this websites security certificate, click Continue to this website.
7. If a warning displays stating that Microsoft Silverlight is not compatible, click Run add-on, and then
click Continue to this website.
8. On the App Controller web portal page, use the following credentials:
o Password: Pa$$w0rd
b. Return to LON-CL1, and then refresh the Virtual Machine list in App Controller.
3. Explore the console tree by clicking the nodes in the tree, and then examining the details pane of
each node. Expand all second level nodes, and then explore those nodes and their details panes.
Results: After completing this exercise, you should have configured App Controller to connect to a
private cloud.
Server Virtualization with Windows Server Hyper-V® and System Center 12-29
4. Click the Service box, and then click the Configure hyperlink.
5. In the Properties of Lab 12 Service Template, set the Service name to AppCServiceDevCloud.
6. In the Instance box, click the Configure hyperlink, and then click OK.
7. In the New Deployment window, click Deploy, and then click the VMM service deployment started
hyperlink.
8. Leave the Jobs node alone for approximately 15 to 20 minutes, which is how long it should take the
deployment to finish. You can continue to the next step while the deployment continues.
9. Open the LON-VMM1 VMM console, and then click the Jobs workspace. Verify that you see a Create
Service Instance that is running. This job takes a long time to finish. Do not wait for it to finish, but
proceed to the next step.
10. In App Controller, in the Virtual Machines node, verify that you see a new virtual machine with a
name that is a long string of letters and numbers. This is a name that it generated randomly. If the
service instance takes a long time, switch to the host machine that is hosting the new service, and
then view the virtual machine in Hyper-V Manager. You may need to click Skip to skip past the
license key information on the installation. Normally an answer file would address this.
11. On the App Controller web portal, in the upper-right corner, click the Sign out hyperlink.
13. On LON-VMM1, close all open windows, and then sign out of LON-VMM1.
Results: After completing this exercise, you should have deployed a virtual machine by using App
Controller.
12-30 Managing Services in Microsoft System Center 2012 R2 Virtual Machine Manager and App Controller
Question: Can a user deploy new virtual machines by using App Controller?
Best Practice: Best Practices Related to a Particular Technology Area in this Module
• Make a detailed plan for private cloud capacity, capability, and resources for each private cloud that
you create.
• Use App Controller rather than single virtual machines for deploying services.
• Test service templates before publishing them to users.
Module 13
Protecting and Monitoring Virtualization Infrastructure
Contents:
Module Overview 13-1
Lesson 1: Overview of Backup and Restore Options for Virtual Machines 13-2
Module Overview
Highly available technologies such as clustering and Windows Server 2012 Hyper-V replication provide
efficient solutions for high availability and offsite disaster recovery. However, you still need to monitor
those technologies, and you also need to back up the virtual machines and their data. How you monitor
and protect your virtualization infrastructure is a crucial part of the design process. This module provides
insight on the data protection options and methods available with Windows Server Backup, and Microsoft
System Center 2012 R2 Data Protection Manager (DPM). The module also describes how to integrate
monitoring with System Center 2012 R2 Operations Manager.
Note: For the purpose of this course, all instances of Microsoft System Center 2012 R2
Virtual Machine Manager are referred to as VMM.
Objectives
After completing this module, you will be able to:
• Describe the backup and restore options that are available for virtual machines.
• Integrate System Center 2012 R2 Virtual Machine Manager (VMM) and Operations Manager.
13-2 Protecting and Monitoring Virtualization Infrastructure
Lesson 1
Overview of Backup and Restore Options for Virtual
Machines
In this lesson, you will see how to build a protection strategy for the entire virtualization infrastructure.
You will also see how to implement this protection strategy by using the backup services in Windows
Server 2012 R2. This lesson also describes VMM components, and how you can protect them.
Lesson Objectives
After completing this lesson, you will be able to:
• Describe the purpose and features of the Windows Server Backup infrastructure.
• Explain the options for backing up virtual machines.
What Is VSS?
Beginning with Windows Server 2003 R2,
Microsoft introduced Volume Shadow Copy
Service (VSS), a Windows service that helps
application vendors create consistent backups of
Windows operating systems, Windows services,
and Windows applications. VSS coordinates VSS components to create data-consistent shadow copies of
one or more volumes. A shadow copy is often referred to as a snapshot, which is not the same as Hyper-V
checkpoints that were also referred to as snapshots in earlier versions of Hyper-V. The shadow copy is a
copy of data blocks that is taken after VSS ensures that the application or role service is in a data or
application-consistent state.
Server Virtualization with Windows Server Hyper-V® and System Center 13-3
Component Description
Requestor A backup application or backup agent that requests VSS to take a volume shadow
copy.
Writer The application vendor creates this component. For example, in Hyper-V, Microsoft
SharePoint Server, or AD DS, the writer is used to back up the application in a way
the vendor can support the process.
Provider The component that creates and maintains the shadow copies. These can be
hardware for storage arrays, software, or the system that is included with the
Windows operating system.
If you wanted to back up a Remote Desktop Session host server, a host-level backup would most likely
be more useful than an in-guest backup. The host-level backup enables you to recover the entire virtual
machine quickly, whereas the in-guest backup would require you to build a virtual machine and install
Windows Server before you could attempt a recovery.
• Each disk that the virtual machine uses is running NTFS file system basic disks.
• The VSS service is enabled on all volumes within the virtual machine, and snapshots for each volume
are stored on the same volume. For example, volume D must store shadow copies on volume D.
For detailed information regarding Windows Server backup and Storage Pools, refer to the following link:
Windows Server Backup and Storage Pools
http://go.microsoft.com/fwlink/?LinkID=386742
Note: In the Windows Server Backup Wizard in Windows Server 2012, when you select the
Hyper-V virtual machines to back up, the backup types available are either Backup Using Saved
State (Offline), or Backup Using Child Partition Snapshot (Online). This has been changed in
Windows Server 2012 R2 to Offline and Online.
2. On the taskbar, click the Server Manager icon, and on the dashboard, click Add Roles and Feature.
3. In the Add Roles and Feature Wizard, on the Before you begin page, click Next.
4. On the Installation Type page, click Role-based or feature-based installation, and then click Next.
5. On the Server Selection page, click LON-HOST1.Adatum.com, and then click Next.
7. On the Select feature page, scroll down and click to select Windows Server Backup, and then click
Next.
3. In the navigation pane on the left, click Local Backup, and in the Actions pane on the right, click
Backup Schedule.
4. In the Backup Schedule Wizard, on the Getting Started page, click Next.
5. On the Select Backup Configuration page, review the warning, and then click Next.
8. On the Specify Backup Time page, enter the schedule details, and then click Next.
9. On the Specify Destination Type page, select where you will store the backup, and then click Next.
10. On the Select Destination Volume page, click Add. Review the volumes for sufficient free space.
Click the desired volume, click OK, and then click Next.
11. On the Confirmation page, click Finish. The status should update to “You have successfully created
the backup schedule.” The status will also confirm the schedule backup time.
Note: A warning during the procedure will remind you that you cannot mix virtual volume
backups with physical disk backups.
Advanced Settings
When you schedule or modify a backup using the Backup Schedule Wizard, you can modify the following
settings:
• Exclusions. You can exclude file types within specific folders and optionally their subfolders. For
example, if you back up a Hyper-V host with several virtual machines, you may not want to back up
any .iso files that have been attached.
• VSS backup. With VSS backup options, you can select either a VSS full back up or VSS copy backup.
The full backup updates the backup history and clears the log file. However, if you use other backup
technologies that also use VSS, you might want to choose the VSS copy backup, which retains the VSS
writer log files.
13-6 Protecting and Monitoring Virtualization Infrastructure
Demonstration Steps
Install Windows Backup
1. Sign in to LON-HOST1, launch the Add Roles and Feature Wizard, and install the Windows Server
Backup feature.
2. When the installation completes, click Close, and then close Server Manager.
Perform an online backup
1. Launch Windows Server Backup.
2. In the navigation pane on the left, start the Backup Schedule Wizard.
3. On the Select Items page, expand the Hyper-V hosts, and select 20409B-LON-DC1 (Online). Add
an exclusion for files with the .iso extension. For the destination, select Local Disk C:
4. Start the backup. The backup may take as long as 15 minutes. On the Backup Progress page, the
Status should be Creating shadow copy of volume.
VMM Library
You can back up everything that is stored in the Virtual Machine Manager library by using normal file
service-level backups. If the Virtual Machine Manager Library is virtual, then you can back up the entire
virtual machine. While you can run more infrequent backups of legacy .iso files and virtual machine
templates, you should configure more regular backups for commonly created and used library items.
VMM Server
If your VMM management server is virtual, you should protect it as a virtual machine. Otherwise, when
recovering a VMM management server, you should perform a clean installation, and then import the
database.
You should also review individual support backup methods and recommendations for other components
such as the Windows Deployment Services (Windows DS) and Windows Server Update Services (WSUS)
servers.
You configure the Virtual Machine Manager database backup from the VMM console by using the
following steps:
2. In the VMM console, click the Settings workspace, then on the ribbon, click Backup.
3. In the Path field, type a path, either local to the SQL server that VMM is using, or to a network share
that the SQL Server can access, and then click OK.
• System state.
• Individual virtual machines on a Hyper-V host.
• CSVs.
13-8 Protecting and Monitoring Virtualization Infrastructure
• Perform a bare-metal restore. A bare-metal backup contains all critical volumes, and allows you to
restore without first installing an operating system. You do this by using the product media on a DVD
or USB key, and the Windows Recovery Environment (Windows RE). You can use this backup type
with Windows RE to recover from a hard-disk failure, or if you have to recover the entire computer
image to new hardware.
• Use system state. The backup contains all information to roll back a server to a specific point in time.
However, you must install an operating system prior to recovering the system state.
• Recover individual files and folders or volumes. The Individual files and folders option enables you to
back up and restore specific files, folders, or volumes, or you can add specific files, folders, or volumes
to your backup when you use an option such as critical volume or system state.
• Exclude selected files or file types. You can exclude selected files (such as temporary files) or file types
from the backup.
• Select from more storage locations. You can store backups on remote shares, or on non-dedicated
volumes.
• Use the Windows Azure Online Backup. The Windows Azure Online Backup is a cloud-based backup
solution for Windows Server 2012 that enables you to back up and recover files and folders off-site,
from cloud services.
Server Virtualization with Windows Server Hyper-V® and System Center 13-9
Lesson 2
Protecting Virtualization Infrastructure by Using DPM
Building a robust protection solution for your virtualization infrastructure is as important as building the
solution itself. This lesson provides insight into the capabilities of System Center 2012 R2 Data Protection
Manager (DPM), specifically in relation to server virtualization. DPM along with server virtualization
provides a framework on which you can build a protection solution. This lesson provides details on both
core and optional DPM components, their usage, and requirements.
Lesson Objectives
After completing this lesson, you will be able to:
• Back up multiple Hyper-V hosts and virtual machine servers at the same time, and use one or more
schedules.
• Protect workloads such as Microsoft Office SharePoint, AD DS, SQL Server, Microsoft Exchange Server,
Linux and Windows client operating systems such Windows 7 and Windows 8.
13-10 Protecting and Monitoring Virtualization Infrastructure
• Received detail reports on data churn, growth, forecasting and the Data Protections Manager Health
status.
DPM offers the following feature and or benefits:
• Uses SQL Server, and includes support for clustered servers that are running SQL Server. This allows
for scalability and availability of your backup solution.
• Supports full and incremental backups. After a full synchronization has occurred, you can optionally
back up only the block changes, thereby providing faster backups.
• Can be deployed to a virtual machine; this enhances its own protection and flexibility.
• Provides self-service for workloads such as SQL Server databases. For example, a developer could
restore a database to the same location, to a folder, or to an alternate server that is running SQL
Server. An end user also could recover files they have deleted from within a protected share.
• Integration with System Center 2012 Orchestrator. This enables you to build automation into your
virtualization or cloud computing environment.
• Integration with System Center 2012 Service Manager. This enables you to offer backup as part of a
service catalogue, and align with business processes.
• Integration with Operations Manager. You can administer DPM from within the Operation console.
This provides a single console to administer multiple DPM servers, and allows granular delegation of
tasks to operators and administrators, such as bulk restart of failed backup jobs.
• Supports item-level Recovery. Item-level recovery allows you to back up a virtual disk of a virtual
machine on the Hyper-V host server. You can then recover individual items from within the protected
virtual machine’s virtual disk.
• Supports automation. Supports automation using either the DPM Management Shell, which is built
on Windows PowerShell, or by using the System Center Integration Pack that integrates Orchestrator
and DPM.
• Supports bare-metal restores. This enables you to restore an entire server using the Repair your
computer option located on the Windows Server setup media.
• Online backup. DPM makes use of VSS on the Hyper-V host and on a virtual machine. If a virtual
machine is running Windows 2003 or newer, and if the virtual machine receives a backup request
from the Hyper-V host, it uses VSS and places the guest operating system in a suitable state for
backup.
• Provides several disaster recovery options. For disaster recovery you can back up all the DPM-
protected data to a secondary site, or back up to Windows Azure Online Backup.
• SQL Server
• Hyper-V
• AD DS
• SharePoint Server
• Exchange Server
• Virtual Machine Manager database
For a comprehensive list of protected workloads and their recoverable data types, refer to the following
link:
Other DPM benefits include support for the protection of virtual machines that are running on CSV, and
for virtual machines that are running from Server Message Block (SMB) 3.0 file shares. To improve backup
performance, DPM can exclude virtual machine page files from incremental backups. DPM also supports
backups for machines during live migration.
• DPM database. The DPM database stores the DPM configuration and reporting data. When using a
remote SQL Server, DPM requires that the SQL Server database engine and SQL Server Reporting
Services components are installed. DPM supports SQL Server 2008 R2 and SQL Server 2012.
• DPM protection agents. A protection agent is the software that you install on the target servers or
computers that you intend to protect. Protection agents allow the DPM server to identify and transfer
the data for backup and restore. DPM has only a single agent type. Whether you are protecting
SQL Server, Hyper-V, Exchange Server, or AD DS, you only need to deploy a single agent type.
• Protection groups. Protection groups define storage pools, retention settings, and data sources that
need protecting. All data sources in the same protection group share storage allocation, replication
creation methods, and compression settings.
• Central console. The central console allows monitoring of multiple DPM servers including differing
versions from a single console. You must install the central console on an Operations Manager server.
The console provides remote administration, role-based access, remote remediation, service level
agreement (SLA) alerts, scripting support, and alert consolidation.
• Storage pool. The storage pool consists of disks that attach to the DPM server, and that DPM uses to
store its data replicas and recovery points. DPM can use direct-attached storage (DAS), Fibre Channel,
and Internet small computer system interface (iSCSI). However, it cannot use USB storage or the
Storage Spaces feature in Windows Server.
13-12 Protecting and Monitoring Virtualization Infrastructure
• Tape libraries. You can attach tape drives and tape libraries to the DPM server either directly, or
through your SAN. (Refer to TechNet DPM documentation to search for compatible tape devices.)
You can also use a virtual tape library. A virtual tape library emulates a physical tape library but stores
data on disk.
• Secondary DPM server. The secondary DPM server is the same as the primary DPM server with the
exception that you use it to provide protection for you primary DPM servers.
• Windows Azure Backup Agent. When using the Windows Azure Backup feature, you must download
and install a Windows Azure Backup Agent on to each DPM server (both primary and secondary).
After you create the protection group, DPM creates a volume in the storage pool in which to store a
replica of each server or client that is part of the protection group. When the DPM protection agent on
the protected server or client tracks data changes, DPM synchronizes the protected data to the replica,
and transfers the changed data to the DPM server.
• For file data, DPM can store a maximum of 64 recovery points, which is the limit for VSS. For example,
if you schedule two recovery points per day, the maximum retention will be 32 days.
• For application data, DPM can store a maximum of 512 available recovery points. However, DPM
reserves 64 recovery points for VSS, so you can only select up to 448 recovery points for your
applications.
• For longer term recovery options, you should consider using tapes or virtual tapes.
Server Virtualization with Windows Server Hyper-V® and System Center 13-13
• Perform an online backup. This type of backup ensures that data has been backed up without
interrupting a production environment. If the product installed in your virtualized environment
supports this type of backup, we recommend that organizations utilize online backup so that their
servers can continue to work during the backup process.
• Perform an offline backup. This type of backup requires that you stop the virtual machine until the
backup is complete. The virtual machines then can resume working. We do not recommend this
type of backup because it will cause a downtime of services that are running on the virtual machine.
Instead, consider performing an offline backup if no other type of backup is supported or is possible
in your organization.
Firewall Settings
Before you deploy DPM protection agents, you should ensure that the DPM server can communicate with
the protected computer through any firewalls. On the DPM server, you should ensure that port 135 is
open for TCP traffic, and that the DPM service (Msdpm.exe) and the DPM protection agent (DPmra.exe)
can communicate through the firewall.
2. In the Protection Agent Installation Wizard, on the Select Agent Deployment Method page, click
Install agents, and then click Next.
3. On the Select Computers page, in the Computer name section, click to highlight one or more
computers that you want to protect, and then click Add. You can install earlier versions of the agent
by clicking Advanced, and then selecting the version from the drop-down list box. When you have
finished selecting computers, click Next.
4. On the Enter Credentials page, enter credentials with administrative rights for the server or client
you will be protecting. You domain will be listed as default. After entering your credentials, click
Next, and wait for the cluster-checking phase to complete.
5. On the Choose Restart Method page, click Restart the protected computer manually or
automatically, and then click Next.
6. On the Summary page, review the note about computers possibly losing network connectivity during
installation, and then click Install.
DPMAgentInstaller_x64.exe LON-DPM1.adatum.com
3. On the server you wish to protect, sign in, open a command prompt, and type the following
command:
netsh advfirewall firewall add rule name="Allow DPM Remote Agent Push" dir=in
action=allow service=any enable=yes profile=any remoteip=<IPAddress>
4. On the DPM server, launch the DPM Administrator Console. Click the Management workspace and
then on the ribbon click Install.
5. In the Protection Agent Installation Wizard, on the Select Agent Deployment Method page, click
Attach agents, click Computers on trusted domain, and then click Next.
6. On the Select Computers page, in the Computer name section, click to highlight one or more
computers that you want to protect. Alternatively, you either can type the FQDN of the DPM server,
or you can select to import from a text file, and then click Add. When you have finished selecting
computers to protect, click Next.
Server Virtualization with Windows Server Hyper-V® and System Center 13-15
7. On the Enter Credentials page, enter credentials with administrative rights for the server or client
you will be protecting. Your domain will be listed as the default. After entering your credentials, click
Next, and wait for the cluster checking phase to complete.
8. On the Summary page, review the note about computers possibly losing network connectivity during
installation, and then click Attach.
DPM performs an automatic discovery to identify new computers that have been added to the Active
Directory domain of which the DPM server is a member. By default, auto discovery runs at 01:00 A.M
daily, but you can modify this schedule. Discovered servers and clients are listed in the Protection Agent
Installation Wizard, or in the Create New Protection Group Wizard.
For a list of ports and agent network troubleshooting steps, use the following article as a guide:
• A group for specific virtual machines and physical servers such as SQL Server databases or domain
controllers.
1. On the DPM server, launch the DPM Administrator Console, and then click the Protection workspace.
On the ribbon, click New.
2. In the New Protection Group Wizard, on the Welcome page, click Next.
3. On the Select protection group type page, click Next.
13-16 Protecting and Monitoring Virtualization Infrastructure
4. On the Select group members page, in the Available members section, select the data sources. For
example, if your Hyper-V host server is named LON-HOST1, expand LON-HOST1, and then click to
select each virtual machine that you want to protect. When you are finished selecting data sources,
click Next.
5. On the Select Data Protection Method page, in the Protection group name text box, type a
descriptive name for the protection group name. Click to select the protection method or methods.
For example, click I want to short-term protection using: Disk. If you have configured online
protection with Windows Azure Backup or if you have configured a tape library, you can select these
now. When you are finished selecting the protection methods, click Next.
6. On the Select Short-term Goals page, select the number of retention days for the protection group,
and then click Modify.
7. On the Express Full Backup page, you can optimize the number of recovery points by amending the
express full backup schedule. When done, click Next.
8. On the Review Disk Allocation page, click Modify. Here you can review and change the replica and
recovery point volumes. Click Cancel, and note that Automatically grow the volumes is selected by
default. Click Next.
9. On the Choose Replica Creation Method page, for the data that you select, you can choose either
to replicate now, or to replicate later. Alternatively you can perform a manual data transfer using
removable media. Leave the default settings, and then click Next.
10. On the Consistency check options page, you can choose to run consistency checks when replicas
become inconsistent (this is the default). Additionally, you can create a scheduled daily check. Leave
the default settings, and then click Next.
11. On the Summary page, review your protection group settings, then click Create Group.
12. On the Status page, review the results of the tasks, and then click Close.
Within protection groups, you can configure recovery points separately for application members and file
members. For example, you can schedule daily express full backups for a file server, and multiple daily
backups for SQL databases in the same group. Where separate applications such as Exchange Server and
SQL Server are within the same group, they will be grouped on the same schedule. Therefore, if this
option is not suitable, you should create a separate protection group for another application type.
You can enable compression for each protection group. Compression reduces the amount of data that
transmits over the network for replica creation, synchronization, consistency checks, and recovery
operations. By enabling compression, you incur a slight additional CPU overhead for both the DPM server
and the protected server or client.
You can enable compression by using the following steps:
1. Sign in to the DPM server and launch the DPM Administrator Console. Click the Protection
workspace. In the central section under Protection Group Member, click the Protection group, and
then on the ribbon, click Optimize.
2. In the Optimize Performance dialog box, click the Network tab. In the Network section, click
Enable on-the-wire compression.
You can add and remove members from a protection group, and you can modify group settings by using
the Modify Group Wizard. Use the following steps to access the Modify Group Wizard:
1. Sign in to the DPM server, and launch the DPM Administrator Console. Click the Protection
workspace, then in the central section under Protection Group Member, click the Protection group.
On the ribbon, click Modify.
Server Virtualization with Windows Server Hyper-V® and System Center 13-17
2. In the Modify Group Wizard, on the Select Group page, you can add and remove members.
A consistency check verifies that replica data is valid. Consistency check settings are shared with all data
members in a protection group. Running consistency checks can create a slight overhead on the DPM
server and the protected computer, and consume network bandwidth.
You cannot throttle bandwidth at the protection group level. Bandwidth throttling is set in the DPM
protection agent settings for each protected server or client.
• Item-level recovery, which allows you to restore a single file from within a virtual hard disk that was
backed up at host level
• Scale-out protection. In some scenarios, you can have multiple DPM servers to provide protection to
a large Hyper-V cluster. The host must be running a clean installation of Hyper-V on Windows 2012,
and System Center 2012 SP1 DPM or System Center 2012 R2 DPM
• Select to back up Hyper-V as a host-level workload in a protection group. This ensures that all future
virtual machines that you create on that host or cluster will also be backed up
When designing a backup solution, you will need to consider options such as the following:
Remember that you can use DPM in conjunction with other technologies such as Hyper-V Replica, and
that DPM can help form part of an overall solution. While it is imperative that you implement a good
data protection strategy, it is also important that you not overcomplicate protection and recovery. The
following topics are protection options for different Hyper-V host scenarios.
13-18 Protecting and Monitoring Virtualization Infrastructure
CSVs
DPM can provide protection for virtual machines that reside in CSV by using a hardware VSS provider,
or an integrated software provider. There is a significant difference between Windows Server 2008 R2
Hyper-V CSVs and Windows Server 2012 R2 CSVs. Without a hardware-based VSS provider, you can
only run one backup job at a time per CSV volume. In addition, the backup job places the cluster into
a redirected I/O mode, which significantly reduces overall cluster performance. With CSV 2.0, this is no
longer the case. By default, you can run three parallel backups or more with a registry key update. I/O
redirection no longer occurs during backup. To perform CSV backups, you must install the DPM
protection agent on each node in the Hyper-V host cluster.
Item-Level Recovery
Item-level recovery allows you to protect virtual machines at the host level. It also allows you to recover
individual files and folders from within the virtual hard disk of the virtual machines. Unfortunately, you
cannot restore these items directly to their original location. However, you can restore them locally to the
DPM server or to a network location, and then copy them to their original location. Item-level recovery is
very useful in many situations. However, you may want to use the in-guest backup method for a file
server, which will enable end-user self-service recovery.
You can use each of these to protect an entire virtual machine at the host level. When you build your
protection solution, ensure that you take into consideration the workloads that you need to protect.
Where appropriate, you should schedule virtual machine–level backups.
Using both item-level recovery and virtual machine–level backup provides the best solution. For example,
you may have a critical database server that requires hourly backups. However, you could schedule the
virtual machine that is hosting the database to be backed up daily. In this scenario, you would configure
two scheduled backups, and then set the start times.
Best Practices
As a best practice, you should:
o Storage technology.
Server Virtualization with Windows Server Hyper-V® and System Center 13-19
• Where possible, use a proof of concept on hardware that is as similar as possible to the end solution.
o Backup volumes
o Network throughput
• Be sure to test recovery from backups, and where possible, randomize the recovery testing.
• Define who will receive the backup reports, and make sure that they receive them.
• Have an action plan that is subject to the content of the backup reports, such as increasing storage
space, modifying schedules, or throttling bandwidth.
• xyz is the state of the server when it was backed up, for example: Saved State, or Online.
1. Launch the DPM Administrator Console.
3. In the navigation pane, expand Recoverable Data\DomainName\ServerName, and then click All
Protected HyperV Data.
4. In the results pane, under Recoverable Item, select and right-click Backup Using xyz State
\ServerName, and then click Recover.
5. In the Recovery Wizard, on the Review Recovery Selection page, click Next.
6. On the Select Recovery Type page, click Recover to original instance, and then click Next.
9. On the Recovery Status page, verify that the Recovery status is Successful, and then click Close.
As a best practice, you should always test recovery scenarios as part of your overall backup strategy. When
testing, note the amount of time it takes to recover the data, and the integrity of data. Consider that as
the backup sizes grow, the recovery time will also grow. While an incremental backup may take 10
minutes, a full server restore may take an hour or longer.
Note: Be aware of any performance impact from recovering virtual machines to production
Hyper-V hosts. During the proof of concept phase of a virtualization deployment, you should
determine whether recovering full virtual machines is acceptable during business hours. To
determine this, review network, storage, and processor performance.
• You must have a Windows Azure account with the Windows Azure Backup feature enabled. (You can
create a trial account to test this feature.)
• The Windows Azure Backup Agent must be installed on the DPM servers that you want to back up.
• The DPM servers must have at least 2.5 gigabytes (GB) of local free storage space for cache location
(15 GB recommended).
• You must have a management certificate that you will upload to the backup vault in Windows Azure.
One consideration when you import data is that during the initial data transfer, you must send the full
copy of the data, which will use your Internet connection. Ensure that any other production traffic that
uses this connection will not be impacted during the initial or subsequent synchronizations.
For more detailed information on configuring Window Azure Backup for DPM, refer to the following link:
Backing Up DPM using Windows Azure Backup
http://go.microsoft.com/fwlink/?LinkID=386745
Server Virtualization with Windows Server Hyper-V® and System Center 13-21
Lesson 3
Using Operations Manager for Monitoring and Reporting
Every administrator strives to keep their virtualization environment in a good state of health. Where
possible, you should maintain sufficient reporting information about availability, performance, and
capacity. Ideally, you will use this information for forecasting. Keeping your environment in a good state
of health can consist of remediating issues automatically, or being alerted instantly to any issues and
having immediate knowledge of details and the steps necessary to resolve them. Operations Manager is
designed to do this for virtualized environments, and for many other technologies. This lesson introduces
you to Operations Manager and its components, and provides basic information about monitoring and
alerting.
Lesson Objectives
After completing this lesson, you will be able to:
• Network monitoring. Operations Manager supports the discovery of network routers and switches.
This provides a platform for you to monitor networks, from desktop to servers.
• Application code monitoring. Operations Manager provides detailed monitoring information for
applications, including Microsoft .NET Framework, and Java Platform, Enterprise Edition applications.
Operations Manager also provides the ability to identify and pinpoint problems with applications.
13-22 Protecting and Monitoring Virtualization Infrastructure
• Dashboard widgets. Operations Manager offers predefined and easily customizable dashboard
widgets for monitoring key statistics, alerts, and issues, from a single management console.
Operations Manager uses management packs that contain information about the objects that you
monitor. These management packs are usually developed by application vendors. For example, Microsoft
creates management packs for each version of its operating systems and server application products, such
as SQL Server and Exchange Server.
• Management server. Each management group has one or more management servers that are
responsible for reading and writing data to the operational database. To service requests,
management servers are combined into resource pools.
• Operational database. The operational database is a SQL Server database that stores recently
collected information. By default, this database keeps data for seven days. Each management group
has only one operational database.
• Data warehouse database. The data warehouse database is a SQL Server database that stores
historical data for reporting and long-term performance monitoring. Operations Manager
simultaneously writes data to the data warehouse database and the operational database. Each
management group has only one data warehouse database.
• Operations Manager reporting server. The Operations Manager reporting server runs SQL Server
Reporting Services (SSRS). Operations Manager generates reports from data located in the data
warehouse database, and then stores reports on the Operations Manager reporting server.
• Agents. In most cases, monitored servers have an Operations Manager agent installed. The
Operations Manager agent is responsible for transmitting data to the management server. The
management server configures the agent with rules for reporting data. Based on these rules, the
Operations Manager agent is responsible for identifying the data for transmittal to the management
server.
• Web console. The web console is an optional component that provides access to Operations Manager
data through a web-based interface. This avoids the need to install the Operations console on each
computer where alerts are accessed and resolved.
• SharePoint Portal. The SharePoint Portal, a feature of Microsoft SharePoint 2010, allows you to display
dashboard views in a SharePoint site. This can be useful for displaying Operations Manager data in an
existing SharePoint site for a workgroup.
Server Virtualization with Windows Server Hyper-V® and System Center 13-23
• Audit Collection Services. Operations Manager includes Audit Collection Services (ACS), which collects
and stores data from security logs. ACS has a separate infrastructure that integrates with other
Operations Manager components. This allows you to secure ACS data separately from the other
Operations Manager data. You can use ACS to monitor security on computers that are running
Windows Server, Solaris, AIX, UNIX, and Linux. ACS components include:
o ACS collector. The ACS collector is a service that runs on a server and accepts events that are
being archived. The ACS database stores all collected events.
o ACS database. The ACS database is a SQL Server database that stores the events that the ACS
collector collects.
o ACS forwarder. The ACS forwarder is a service that runs on monitored computers. The forwarder
collects security events, and then passes them to the ACS collector.
o ACS reporting server. The ACS reporting server runs SSRS. This can be the same SSRS instance
that functions as the reporting server for Operations Manager, or a different SSRS instance. If you
use the same SSRS instance, Operations Manager controls the security for the reports. If you use a
different SSRS instance, you must configure SSRS security to control access to the reports.
• Authoring
• Reporting
• Administration
Demonstration Steps
1. On LON-OM1, launch the Operations Manager console.
2. Review the Monitoring Overview page, including the States and Alerts sections. Review the
Required Configurations tasks.
3. Click Active Alerts, and review an alert, including the Alert details section at the bottom of the
screen. Explore the actions and tasks pane.
4. Right-click an alert, review the options that display, and then click Properties.
5. In the Alert Properties dialog box, review some of the Alert Property tabs.
6. Click the Authoring workspace. Review the options where you can create your own customized
management packs, which may include components such as discoveries, tasks, knowledge, Run As
profiles, reports monitors, rules, and groups.
7. Click the Reporting workspace. Review how you can read and schedule reports, which are often
included in management packs.
8. Click the Administration workspace, and review the list of items in the navigation pane.
9. Click My Workspace, review how you can customize and save console settings.
• Monitors. Monitors are responsible for monitoring the state of each instance of a class. For example,
you can monitor the health state of a server or application. The management pack author controls
the health states that are reported by the monitor. For example, a monitor can indicate that a Hyper-
V host’s memory state is in a warning state when it reaches 80 percent utilization for more than a few
minutes.
• Rules. Rules identify events and data that are collected from monitored servers and devices. Rules
define what actions are performed based on the collected events or data. For example, Operations
Manager can send alerts when a specific event appears in the event log, or when a monitored state
changes.
• Views. Views display information in the Operations console. Management packs can include views
that organize information about the application they are monitoring. You can create and save your
own customized views in the Operations console.
• Knowledge. Knowledge is content that the management pack author adds to provide operators and
administrators with information regarding problem resolution. The knowledge that the author adds is
known as product knowledge. In addition to product knowledge, you can add company-specific
knowledge for your organization’s specific environment.
• Object discoveries. Object discoveries locate the objects that you can monitor, such as servers,
devices, or applications. To find specific objects, object discoveries can use the registry, Windows
Management Instrumentation (WMI), scripts, OLE DB, or custom code. The object types that you can
monitor are called classes.
• Tasks. Tasks are executable code or scripts that can run on the management server, or on the device
or server that you are monitoring. You can run tasks by using automation. For example, when
monitoring disk fragmentation, you can run a task for using defragmentation. Tasks can display in the
Operations console. For example, when integrating DPM and Operations Manager, certain tasks
become available that enable administrators to interact with backup jobs without the need to log on
to a DPM server and launch the DPM Administrator Console.
• Reports. The management pack author creates reports, which contain information that is specific to
monitoring for that product. For example, a report may contain graphs showing a Hyper-V host
server’s utilization over time, or it may contain forecasting, which you can use for capacity planning.
• Run As profiles. Run As profiles can be used by monitors, rules, and tasks to carry out actions. The Run
As profile contains the credentials used to access system resources and perform actions.
Server Virtualization with Windows Server Hyper-V® and System Center 13-25
Creating Overrides
You create overrides to customize management
pack functionality for the specific requirements of
your environment. This helps you to control the
amount of data that Operations Manager collects.
You can create overrides for the following:
• Monitors
• Attributes
• Object discoveries
• Rules
Note: Do not save settings, changes, or elements of the default unsealed management
packs that you install when you first install Operations Manager. Instead, create a management
pack in which to save your modifications.
1. Launch the Operations console, and then click the Authoring workspace.
2. In the Authoring workspace, expand Management Pack Objects, and then click Monitors.
3. In the Monitors pane, expand an object type, and then click on a monitor.
4. On the Operations console toolbar, click Overrides, click Override the Monitor, and then choose to
override for all objects of a class, group, or specific object.
5. After you choose and click on the group of object types that you want to override, the Override
Properties dialog box opens. Here, you can view and edit the default settings contained in this
monitor.
6. Click in the Override column next to each parameter that you want to override, and then edit the
Override Value.
7. At the bottom of the Override Properties page, you can select a destination management pack from
the list, or you can create a new unsealed management pack by clicking New.
8. When you finish editing the management pack, click OK.
13-26 Protecting and Monitoring Virtualization Infrastructure
Configuring Notifications
You can enable notifications in Operation a
Manager to alert administrators, users, or groups
of users to an event, issue, or state change of a
monitored object. There are several components
required to enable notification: notification
channels, notification subscribers, notification
subscriptions, and Run As profiles.
Notification Channels
A notification channel is a channel used to
deliver specific alerts that display in the alert view
of the Operations console. The alerts are sent to
administrators or users that you designate. The
types of notification channels that you can configure are:
• Email. An email channel can send a message to a Simple Mail Transfer Protocol (SMTP) server. The
SMTP server can be an Exchange server or another SMTP server.
• Instant Messaging (IM). An IM channel delivers an instant message through Microsoft Office Live
Communications Server, Office Communications Server, or Microsoft Lync.
• Text Message (SMS). An SMS is used for delivering messages to mobile phones. The phone provider
network delivers the messages. You must provide a compatible modem that supports SMS message
Application Protocol Data Unit (APDU) mode.
• Command. The command channel allows you to create customized notifications by running scripts or
an executable that generates a notification.
Notification Subscribers
To begin sending notifications to users, you must first set up notification subscribers. Notification
subscribers are lists of people that can be notified. The notification subscriber allows you to configure
the delivery addresses and channel for notifications. You can choose multiple channels to allow each
subscriber to be notified using multiple methods. You can configure a subscriber schedule by setting a
time zone, a date range, days of the week, and times that the subscriber will received alerts.
Notification Subscriptions
After creating notification channels and notification subscribers, you can configure notification
subscriptions. Notification subscriptions determine which alerts will be sent to which subscribers, and
through which channels. By selecting subscription criteria, you can define which alerts a subscription can
use. If you do not define any criteria, all alerts that the Operations Manager generates will be sent. When
creating a subscription, you can select multiple subscribers, and you must include which channels the
subscription will use to send alerts.
Alert Aging
You can use alert aging to suppress notifications until an alert has remained active for a specified period.
For example, you may use this mechanism to allow automation to resolve an alert or to provide service
desk staff sufficient time to resolve an issue, before it is escalated.
When defining and implementing notifications, make sure that everyone involved is in agreement with
what you will send to them. Do not enable more notifications than what is necessary. For example, send
the Backup team backup notifications, and send the Virtualization team their notifications.
Server Virtualization with Windows Server Hyper-V® and System Center 13-27
Note: If you use Operations Manager to monitor and alert for business-critical systems,
consider ensuring that the Operation Manager components are monitored, potentially by
another Operations Manager, or by an external system. Consider monitoring the notification
channels. For example, if SMTP and SMS are the notification channels and they stop working, you
will not be notified by Operations Manager for any notifications, as its notification channels are
down.
Demonstration Steps
Create a notification channel
2. From the Administration workspace, create a new channel, click Email (SMTP), and leave the
default name and description.
o Port number: 25
4. On the Schedule page, accept the default settings, and then click Next.
3. In the Subscription name text box, type Windows Server 2012 notifications, and then click Next.
4. For the criteria, type raised by any instance in a specific group, and choose the Windows Server
2012 Computer Group.
5. Use Adatum\Administrator as the subscriber, and E-mail as the channel. Enable Delay sending
notifications if conditions remain unchanged for longer than (in minutes), enter 10 as the value,
and then complete the wizard.
Prior to System Center 2012 VMM, integrating Operations Manager and VMM enabled some reporting
functions from within the VMM console. However, Beginning with System Center 2012 VMM, the reports
are now enabled inside the Operations Manager Console.
Reports are often included in management packs. For example, when integrating VMM and
Operations Manager, the virtualization reports are enabled with the management packs that VMM
imports automatically. You can run reports and then view them immediately in the Operations console, or
you can schedule and deliver them automatically.
Server Virtualization with Windows Server Hyper-V® and System Center 13-29
Lesson 4
Integrating VMM with Operations Manager
You can integrate VMM with Operations Manager to create an effective monitoring solution for your
virtualization environment. Integrating VMM with Operations Manager provides several benefits,
including monitoring health and availability, and viewing virtualization infrastructure diagrams. You
can also implement Performance and Resource Optimization (PRO) tips, which are Operations Manager
management packs that can perform actions automatically in VMM in response to monitored events. This
lesson describes how to configure integration of VMM and Operations Manager, and how to implement
advanced monitoring for virtualization components.
Lesson Objectives
After completing this lesson, you will be able to:
• Integrate Operations Manager and VMM to enable the reporting functionality in VMM.
• Integrate SSAS. By integrating SSAS, you can run forecasting reports that can predict host activity
based on history of disk space, memory, network I/O, disk I/O, and CPU usage. This option also
supports SAN usage forecasting.
• Install Operations Manager agents on the VMM management server, and on all hosts that VMM
manages.
• Install the SQL Server management pack in Operations Manager.
The PRO tips implementation is more granular for System Center 2012 Operations Manager and System
Center 2012 VMM, than for previous versions of these products. You can enable or disable PRO tips all
the way down to individual virtual machines. This allows for better control of PRO tip implementation and
delegation. For example, you can configure PRO tips so that self-service users are notified when PRO tips
are available for any virtual machines that they own.
After configuring integration between Operations Manager and VMM, you can verify functionality by
viewing discovered VMM servers, and by viewing diagrams that show virtualization hosts and the virtual
machines that they host. Additionally, you can use Windows PowerShell cmdlets. To manually initialize
PRO tip diagnostics from Windows PowerShell, use the following command:
Test-SCPROTip
To manually push all VMM objects discovered from Windows PowerShell use the following command:
Write-SCOpsMgrConnection
Server Virtualization with Windows Server Hyper-V® and System Center 13-31
Demonstration Steps
Install the Operations console on a VMM server
5. Use the default installation location, agree to the license terms, choose not to Help improve System
Center 2012 - Operations Manager, and choose not to participate in both Customer Experience
Improvement Program and Error Reporting.
6. Do not use Microsoft Update, and do not opt to start the Operations console when the wizard closes.
7. Complete the installation wizard, and then close all open windows.
Enable VMM integration with Operations Manager
2. From the Settings workspace, click System Center Settings, right-click Operations Manager
Server, and then click Properties.
3. On the Connection to Operations Manager page, use lon-om1.adatum.com for the server name.
4. On the Connection to VMM page, use the following:
o Password: Pa$$w0rd
5. Complete the wizard.
6. In the Jobs window, click New Operations Manager connection, and wait for the job to complete.
This takes approximately five minutes.
2. In the Settings pane, click System Center Settings, and then click Operations Manager Server.
3. On the Home tab, in the Properties group, click Properties.
4. On the Details page, under Connection Settings, select Enable Performance and Resource
Optimization (PRO), and then click OK.
To configure PRO for hosts, use the following procedure:
2. In the Fabric navigation pane, click the host group containing the server you will configure. In the
main section, click the host, and then on the ribbon, click Properties.
3. On the left of the host Properties page, click PRO State. You can click to enable Monitoring and
Remediate for each of the Host PRO Monitors available. The default monitors are Virtual Machine
Manager Dynamic Memory VM Pressure, and Virtual Machine Manager Maximum Dynamic Memory
Monitor
Note: You also can author your own PRO tip. To do this, you need to understand
Operations Manager management pack authoring, and have an understanding of Windows
PowerShell and XML.
Microsoft provides a programmer’s guide to creating PRO tips. If you do not have the required
knowledge or would like assistance with creating PRO tips, contact your regional Microsoft office
and locate a System Center Partner to develop the management pack and PRO tips that you
need.
Server Virtualization with Windows Server Hyper-V® and System Center 13-33
• Receive alerts about a predictive physical hard disk failure. This enables you to replace a disk in a
redundant array of independent disks (RAID) array before it actually fails.
• Receive alerts about a storage controller failover or path status degradation in a multipath SAN.
In addition to monitoring hardware, you can obtain Microsoft management packs for much of your
environment. For example, you can download management packs for SQL Server, WSUS, and File
Servers services. You can use these management packs to monitor some of the VMM components
more granularly. Apart from management packs authored by Microsoft, there is a large community of
developers that are creating free management packs, including management packs for virtualization.
You can search for management packs online using an Internet search engine.
2. In the Monitoring navigation pane, click and expand Microsoft System Center Virtual Machine
Manager, expand Cloud Health Dashboard, and then click Cloud Health.
3. Select the cloud you want to review, and then in the tasks pane, click Fabric Health Dashboard.
• Host State: This feature monitors the health state of host groups, or the resource aspects of the
private cloud, such as CPU, memory, disks, and network adapters.
• Storage Pools State File Share and LUN State. This feature monitors the health state of storage,
including disk allocation and capacity.
13-34 Protecting and Monitoring Virtualization Infrastructure
• Network Node State. This feature monitors the health state of network nodes (devices) for the
selected private cloud. Only physical network devices within a hop of the hosts display. To view
physical network devices, enable Network Monitoring in Operations Manager, and then monitor
the physical network devices that are connected to your hosts.
• Active Alerts and Number of VMs. The Active Alerts and Number of VMs fields in the Fabric Health
Dashboard can depict what issues are having the highest impact on your private cloud.
To provide this level of monitoring and reporting, you must configure integration between VMM and
Operations Manager. You will then use Operations Manager to provide IT management with better
reports regarding the virtualization infrastructure, including performance monitoring.
Objectives
After completing this lab, you will be able to:
Lab Setup
Estimated Time: 60 minutes
Virtual machines: 20409B-LON-HOST1, 20409B-LON-DC1, 20409B-LON-VMM1, 20409B-LON-OM1
o Password: Pa$$w0rd
o Domain: Adatum
5. Repeat steps 3 and 4 for 20409B-LON-OM1.
6. In the 20409B-LON-VMM1 on LON-HOST1 – Virtual Machine Connection, click the Media drop-
down list box, click DVD Drive, and then click Insert Disk.
Note: Shut down all virtual machines after finishing this lab.
13-36 Protecting and Monitoring Virtualization Infrastructure
7. Run the discovery, and then click LON-HOST1.adatum.com as the object to manage.
8. Complete the wizard, wait for the task to complete successfully, and then click Close.
4. In the Microsoft Monitoring Agent Setup Wizard, enter Adatum for the Management Group name.
Enter LON-OM1 for the Management Server name, and then complete the wizard.
5. On LON-OM1, in the Operations Manager console, in the Administration workspace, locate the
Pending Management node, and then approve LON-VMM1.adatum.com.
6. In the Manual Agent Install window, read the information, and then click Approve.
Results: After completing this exercise, you should have deployed Operations Manager agents to a
virtualization host and to a virtual machine.
Server Virtualization with Windows Server Hyper-V® and System Center 13-37
2. From the Notifications node, create a new channel, select Email (SMTP), and leave the default name
and description.
3. Use the following information:
8. In the Notification Subscriber Wizard, on the Description page, accept the default name, and then
click Next.
9. On the Schedule page, accept the default settings, and then click Next.
10. On the Addresses page, click Add to create a new subscriber address.
15. In the Subscription name text box, type Windows Server 2012 notifications, and then click Next.
16. Enter raised by any instance in a specific group for the criteria, and choose the Windows Server
2012 Computer Group.
13-38 Protecting and Monitoring Virtualization Infrastructure
17. Use Adatum\Administrator as the subscriber, and E-mail as the channel. Enable Delay sending
notifications if conditions remain unchanged for longer than (in minutes), enter 10 as the value,
and then complete the wizard.
18. When finished, close the Operations Manager console.
Results: After completing this exercise, you should have deployed and configured monitoring
components including management packs, notifications, and reports.
4. Use the default installation location, agree to the license terms, and on the Help improve
Operations Manager page, click No, I am not willing to participate for both Customer
Experience Improvement Program and Error Reporting.
5. Do not use Microsoft Update, and do not Start the Operations Manager console when the wizard
closes.
6. Complete the installation wizard, and then close all open windows.
8. From the Settings workspace, click System Center Settings, right-click Operations Manager
Server, and then click Properties.
9. On the Connection to Operations Manager page, use lon-om1.adatum.com for the server name.
12. In the Jobs window, click New Operations Manager connection, and wait for the job to complete.
This takes approximately ten minutes.
2. In the Add Operations Manager Wizard, on the Connection Details page, under the Diagnostics
section, click Test PRO, and then click OK.
3. In the PRO window, click the PRO Diagnostics alert, review the information, and then close the PRO
window.
4. In the JOBS workspace, click the PRO diagnostics job, and then monitor the progress of the job.
3. Review the From and To criteria, which should be First day of this month – Today and the current
time and time zone.
4. On the right, click Add Group. In the Group Name drop-down list box, ensure that Contains is
selected, in the Filter 3, type all hosts, and then click Search.
5. Under the Available items section, click All Hosts, click Add, and then click OK.
6. Run the report. When the report finishes loading, review the report description, and then review the
report.
7. Click File, review the export options, and then when done, click Close
3. Review the state and details of the DevCloud, then in the navigation pane, click Fabric Health
Dashboard,
4. Review the Fabric Health Dashboard, and when done, close the dashboard.
Results: After completing this exercise, you should have configured the integration of Operations
Manager with VMM. You should have installed the Operations Manager console, imported management
packs, and verified the effects of the integration.
13-40 Protecting and Monitoring Virtualization Infrastructure
Question: Although the on-call team members no longer receive SMS alerts during business
hours, they also no longer receive email notifications during the day. What could be the
reason for this issue, and what can you do to resolve it?
Question: When performing a recovery by using DPM, what are the three options for virtual
machines?
Question: Your data protection strategy calls for an offsite copy of your backups. What
features does DPM provide to facilitate this?
Server Virtualization with Windows Server Hyper-V® and System Center 13-41
Course Evaluation
Your evaluation of this course will help Microsoft
understand the quality of your learning experience.
Remote workers will be required to use their own devices, although they should run the company’s
applications, and ideally keep data such as documents, reports, and spreadsheets within the company
network.
1. Which virtualization technology can assist with the remote worker requirements?
Answer: Presentation virtualization: Remote Desktop Services is the best candidate for this solution.
2. What are three of the components required to deliver the remote worker solution?
Answer: Any three of the following components can deliver a remote worker solution.
3. Approximately four months after A. Datum has gone live with the remote worker solution, users
begin to complain they cannot access the company systems from home. What could be a likely
problem?
4. When designing the virtualization solution, you must be able to accommodate a physical server
failure by providing reasonable fast recovery. What are the options to achieve a fast recovery?
Answer:
Option 1
You can build more than one Remote Desktop Session Host server, and incoming users will be load-
balanced by the session broker. During a hardware failure, some of the users will lose their remote
session, but when they attempt to connect again they will be directed to working servers.
L1-2 Evaluating the Environment for Virtualization
Option 2
You can build a virtual server that runs Windows Server 2012 Remote Desktop. You can then place
this server on a Windows Server 2012 Hyper-V host cluster, which would permit hardware failure.
While users will lose their remote session when the server fails, when reconnecting they should be
able to use the virtual machine that has started on another cluster node.
Remote workers will need to have access to both Office 2010 and Office 2013.
Providing separate computers is not an option, and you have heard about application compatibility issues
between different versions of Microsoft Office.
Answer: Microsoft System Center 2012 R2 Application Virtualization (App-V) can help deliver the
required solution.
o Windows 7 Professional
o Windows 8 Professional
For which other operating system do you need to create packages?
Answer: You should create packages for Windows Server 2012 so that the remote workers can access
both versions of Microsoft Office from the same servers.
1. Which virtualization and management technology could you implement to improve the development
department infrastructure?
3. Which System Center 2012 R2 component could help you delegate some virtual machine
administration, and provide some elements of self-service to the developers?
Answer: You can use System Center 2012 R2 Virtual Machine Manager (VMM) to provide delegated
administration and self-service.
Server Virtualization with Windows Server Hyper-V® and System Center L1-3
• List a few suggestions that could form part of a report to the CEO.
Answer:
o Migrating from physical to virtual machines for most of the company’s server workloads should
be a key factor in the green initiative.
o Selecting low-power processors and memory in some, or all virtualization hosts will help with
energy consumption.
o Windows Server 2012 R2 deduplication could help reduce the storage footprint, in turn making
the company greener.
o Consolidate some of the data centers. You could reduce the data centers from five to three by
using one subsidiary as secondary data center to the head office main data center.
Results: After completing this exercise, you should have evaluated a given scenario and selected the
appropriate virtualization method for that scenario.
4. On the License Agreement page, review the license agreement, click I accept the terms of the
license agreement, and then click Next.
5. On the Installation Folder page, review the installation path, and then click Next.
6. On the Customer Experience Improvement Program page, click I don’t want to join the
program at this time, and then click Next.
8. On the Installation Successful page, ensure the Open the Microsoft Assessment and Planning
and Toolkit check box is selected, and then click Finish.
9. On the Datasource page, in the Create or select a database section, in the Name text box, type
Demo, and then click OK.
10. Leave the MAP console open for the next task.
L1-4 Evaluating the Environment for Virtualization
11. On the desktop, move the mouse to the bottom left of the screen, right-click the Windows icon, and
then click Run.
12. In the Run text box, type \\lon-dc1\e$\labfiles, and then click OK.
13. Right-click the file MAP_Training_Kit.zip, and then click Extract All. In the destination text box,
type C:\map, and then click Extract.
14. When the file finishes extracting, close the two File Explorer windows.
15. From the menu at the top of the MAP overview window, click File, and then click Manage
Databases. In the databases section, click Import, next to the Backup File text box, click the Browse
icon, in the File name text box, type c:\map\map_sampleDB.bak, and then click Open.
16. In the Database Name text box, type MAPDEMO, and then click OK.
17. When a warning displays, saying that the imported databases needs to be upgraded, click Yes. Note
that this process may take a minute or two.
18. When the import shows as having been successfully imported and upgraded, click OK, and then click
Close.
19. Click File, click Select a Database, click MAPDEMO, and then click OK.
2. Under the Steps to complete section, click Run the Server Consolidation Wizard.
3. In the Server Virtualization and Consolidation Wizard, on the Virtualization Technology page, click
Windows Server 2012 Hyper-V, and then click Next.
4. On the Hardware Configuration page, click Sample host, and then click Next.
5. On the Utilization Settings page, in each text box, type 75, and then click Next.
6. On the Choose Computers page, click Choose the computers from a list on the next step of the
wizard, and then click Next.
7. On the Computer List page, select the Computer Name check box, and then click Next.
8. On the Summary page, review the settings, and then click Finish.
10. In the MAP console, on the Server Virtualization page, under Scenarios, click Server
Consolidation, and review the Details section.
11. Under the Options section, click the Server Virtualization Report, and when the proposal is
generated, click Close.
12. On the MAP console menu, click View, and then click Saved Reports and Proposals.
13. In the File Explorer window, right-click the ServerVirtRecommendation workbook, and then click
Open.
14. In the Microsoft Office Activation Wizard, click Close, click Next three times, and then click All done!.
15. At the bottom of the Microsoft Excel workbook, click each tab, and review the information in the
report.
Server Virtualization with Windows Server Hyper-V® and System Center L1-5
16. When you finish reviewing the information, close Excel, and then close File Explorer.
17. Review the MAP toolkit. Review at least three of the scenarios for which the MAP toolkit provides
information.
18. Be prepared to answer discussion questions based on your results.
Results: After completing this exercise, you should have installed MAP and assessed a virtualization
environment.
L2-7
Note: One of the students in a pair will be working on LON-HOST1, and the other student
will be working on LON-HOST2.
• Write down your LON-HOST number on a piece of paper. If your LON-HOST number is 1, your
partner’s number will be 2, and vice-versa.
Task 2: Verify that the LON-HOST2 computer does not have the Hyper-V role
installed
1. Verify that the Hyper-V role is not yet installed on LON-HOST2. On LON-HOST2, in Server Manager,
in the menu bar, click Manage, and then click Add Roles and Features.
2. In the Add Roles and Features Wizard, on the Before you begin page, click Next.
3. On the Select installation type page, ensure that the Role-based or feature-based installation
option is selected, and then click Next.
4. On the Select destination server page, ensure that Select a server from the server pool is
selected, and then click Next.
5. On the Select server roles page, in the Roles section, verify that Hyper-V is not selected (which
means that it is not installed).
6. Click Cancel to close the Add Roles and Features Wizard.
7. On LON-HOST2, on the desktop, on the taskbar, click the Windows PowerShell icon.
Get-WindowsFeature *Hyper*
9. Verify that the output shows that neither Hyper-V nor Hyper-V Management Tools are installed.
bcdedit.exe
13. Verify that in the output, in the Windows Boot Loader section, there is no line with
hypervisorlaunchtype Auto.
L2-8 Installing and Configuring the Hyper-V Role
15. Open the Start screen, and search for programs that contain the word hyper. Confirm that no
program is found.
16. On the Start screen, search for and open Event Viewer.
17. In Event Viewer, in the navigation pane, expand the Applications and Services Logs node, expand
Microsoft, expand Windows, and verify that there is no node that starts with word Hyper-V.
19. On the Start screen, search for and open Performance Monitor.
20. In Performance Monitor, in the navigation pane, click Performance Monitor, and then in the details
pane, on the toolbar, click the Add (green +) icon.
21. In the Add Counters window, ensure that <Local computer> is selected, and then verify that there is
only one counter that starts with the word Hyper-V, Hyper-V Dynamic Memory Integration
Service.
22. In the Add Counters window, click Cancel, and then close Performance Monitor.
23. On the Start screen, search for and open Windows Firewall with Advanced Security.
24. In the Windows Firewall with Advanced Security window, in the navigation pane, click Inbound
Rules.
25. In the details pane, verify that there are no rules that start with the word Hyper-V.
28. In Control Panel, in the Search text box, type services, and then click View local services.
29. In the Services window, verify that seven services that start with the word Hyper-V display, but that
Hyper-V Virtual Machine Management service is not present.
30. Close Services, and then close the Services – Control Panel window.
2. In Server Manager, in the menu bar, click Manage, and then click Add Roles and Features.
3. In the Add Roles and Features Wizard, on the Before you begin page, click Next.
4. On the Select installation type page, ensure that the Role-based or feature-based installation
option is selected, and then click Next.
5. On the Select destination server page, ensure that Select a server from the server pool is
selected, and then click Next.
6. On the Select server roles page, in the Roles section, click Hyper-V.
7. In the Add Roles and Features Wizard, verify that Include management tools (if applicable) is
selected, and then click Add Features.
14. On the Confirm installation selection page, select the Restart the destination server
automatically if required option.
15. In the Add Roles and Features Wizard, click Yes, and then click Install.
16. Wait until LON-HOST2 restarts, and then sign in with the user name Adatum\Administrator and
password Pa$$w0rd.
3. In the Remove Roles and Features Wizard, on the Before you begin page, click Next.
4. On the Select destination server page, ensure that Select a server from the server pool is
selected, and then click Next.
5. On the Remove server roles page, verify that in the Roles section Hyper-V is selected (which
indicates that the role is installed).
6. Click Cancel to close the Remove Roles and Features Wizard.
8. On LON-HOST2, on the desktop, on the taskbar, click the Windows PowerShell icon.
9. In Windows PowerShell, run the following cmdlet:
Get-WindowsFeature *Hyper*
Note: The output shows that both Hyper-V and Hyper-V Management Tools are installed.
Note: The output returns many cmdlets, which confirms that the Hyper-V module is
installed and available.
bcdedit.exe
L2-10 Installing and Configuring the Hyper-V Role
12. Verify that in the output, in the Windows Boot Loader section, there is a hypervisorlaunchtype
Auto line.
14. Open the Start screen, and search for programs that contain the word hyper. Confirm that two
programs are discovered: Hyper-V Manager, and Hyper-V Virtual Machine Connection.
15. On the Start screen, search for and open Event Viewer.
16. In Event Viewer, in the navigation pane, expand Applications and Services Logs node, expand
Microsoft, expand Windows, and verify that multiple nodes that start with word Hyper-V display.
17. Close Event Viewer.
18. On the Start screen, search for and open Performance Monitor.
19. In Performance Monitor, in the navigation pane, click Performance Monitor, and then in the details
pane, on the toolbar, click the Add (green +) icon.
20. In the Add Counters window, ensure that <Local computer> is selected, and then verify that there
are multiple counters that start with the word Hyper-V.
21. In the Add Counters window, click Cancel, and then close Performance Monitor.
22. On the Start screen, search for and open Windows Firewall with Advanced Security.
23. In the Windows Firewall with Advanced Security window, in the navigation pane, click Inbound
Rules. In details pane, verify that multiple rules that start with the word Hyper-V display.
27. In the Services window, verify that multiple services that start with the word Hyper-V display.
Note: Hyper-V Virtual Machine Management service is one of services that display in the
Services window, and the status of this service is Running.
28. Close the Services window and the Services - Control Panel window.
Results: After completing this exercise, you should have installed the Hyper-V role.
Server Virtualization with Windows Server Hyper-V® and System Center L2-11
2. In Server Manager, in the navigation pane, click File and Storage Services, and then click Shares.
3. In the Shares section, click Tasks, and then click New Share.
4. In the New Share Wizard, on the Select the profile for this share page, in the Select share profile
section, click SMB Share – Applications, and then click Next.
5. On the Select the server and path for this share page, click Next.
6. On the Specify share name page, in Share name text box, type VHDs, and then click Next.
7. On the Configure share settings page, click Next.
9. In the Advanced Security Settings for VHDs dialog box, click Add, click Select a principal, in the
Enter the object name to select text box, type Domain users, click OK, select the Full control
check box, and then click OK twice.
2. Verify the default location for creating new virtual hard disks. In Hyper-V Manager, in the Actions
pane, click New, and then click Hard Disk.
3. In the New Virtual Hard Disk Wizard, click Next three times.
4. In the New Virtual Hard Disk Wizard, on the Specify Name and Location page, verify that the
Location field is set to C:\Users\Public\Documents\Hyper-V\Virtual Hard Disks\, and then click
Cancel.
7. On the Hyper-V Settings for LON-HOSTx page, in the Location field verify that the same location
that was used in the New Virtual Hard Disk Wizard is listed.
8. Click Browse, and in the navigation pane, click Local Disk (C:). In the details pane, click Users, and
then click Select Folder.
L2-12 Installing and Configuring the Hyper-V Role
10. Verify that C:\Users is set as a default location for creating new virtual hard disks.
11. In Hyper-V Manager, in the Actions pane, click New, and then click Hard Disk.
12. In the New Virtual Hard Disk Wizard, click Next three times.
13. In the New Virtual Hard Disk Wizard, on the Specify Name and Location page, verify that the
Location field is set to C:\Users\, and then click Cancel.
Note: This is the same location as you configured for Virtual Hard Disk location.
15. In Windows PowerShell, run the following cmdlet, where y is number of your partner host. For
example, if you are using HOST1, y represents 2. If you are using HOST2, y represents 1:
16. In Hyper-V Manager, in the Actions pane, click Hyper-V Settings, and verify that
\\LON-HOSTy\VHDs is specified as the Virtual Hard Disk location.
3. On the Hyper-V Settings for LON-HOSTx page, in the left pane, click NUMA Spanning, and in the
details pane, verify that NUMA Spanning is set to Enabled.
4. In the left pane, click Storage Migrations, and verify that 2 simultaneous storage migrations are
allowed.
5. In the left pane, click Enhanced Session Mode Policy, and in the details pane, verify that Allow
enhanced session mode is disabled.
6. Close the Hyper-V Settings for LON-HOSTx page.
Note: You can ignore the message that states that you must restart the Hyper-V Virtual
Machine Management Service to apply the NUMA Spanning configuration.
Server Virtualization with Windows Server Hyper-V® and System Center L2-13
10. Maximize Hyper-V Manager, and in the Actions pane, click Hyper-V Settings.
11. On the Hyper-V Settings for LON-HOSTx page, click Virtual Machines, and verify that
\\LON-HOSTy\VHDs is specified as the Virtual Machine location.
Note: This is the location that you set using Windows PowerShell.
12. In the left pane, click NUMA Spanning, and verify that NUMA Spanning is disabled.
Note: NUMA Spanning is disabled because you set it to disabled using Windows
PowerShell.
13. In the right pane, select the check box to allow NUMA Spanning.
14. In the left pane, click Storage Migrations, and then verify that the number of simultaneous storage
migrations allowed is set to 4.
Note: This value is set to 4 because you set the value using Windows PowerShell.
15. In the left pane, click Enhanced Session Mode Policy, and verify that Policy is enabled. In the details
pane, clear the Allow enhanced session mode check box to disable Enhanced Session Mode
Policy.
Results: After completing this exercise, you should have configured Hyper-V settings.
3. On LON-CLx, on the Start screen, search for programs that contain the word hyper. Confirm that no
program is found.
6. Verify that no cmdlet is listed, and then minimize the Windows PowerShell window.
L2-14 Installing and Configuring the Hyper-V Role
7. On LON-CLx, on the Start screen, search for and then click Turn Windows features on or off.
8. In the Windows Features window, expand the Hyper-V node, click Hyper-V Management Tools,
and then click OK.
9. Wait until the Windows operating system completes its required changes, and then click Close.
10. Maximize the Windows PowerShell window, and again run the following cmdlet:
Note: This time many cmdlets display, because the Hyper-V module is now installed.
12. On LON-CLx, on the Start screen, search for programs that contain the word hyper. Confirm that two
programs, Hyper-V Manager and Hyper-V Virtual Machine Connection, are discovered.
1. On LON-CLx, on the Start screen, type Hyper-V, and then click Hyper-V Manager.
2. In Hyper-V Manager, in the navigation pane, right-click Hyper-V Manager, and then click Connect
to Server.
3. In the Select Computer dialog box, click Browse, in the Enter the object name to select text box,
type LON-HOSTx, and then click OK twice.
4. Verify that LON-HOSTx now displays in the Hyper-V Manager navigation pane.
Note: Virtual Hard Disks and Virtual Machines locations are set to \\LON-HOSTy\VHDs,
NUMA Spanning is enabled, Storage Migrations is set to 4, and Enhanced Session Mode
Policy is disabled.
Note: This value is 3 because this is how you configured it in Windows PowerShell.
Results: After completing this exercise, you should have accessed and managed Hyper-V remotely.
L3-17
4. In Hyper-V Manager, in the Actions pane, click New, and then click Hard disk.
5. In the New Virtual Hard Disk Wizard, on the Before You Begin page, click Next.
Note: This is the default disk format on Windows Server 2012 and newer.
9. On the Configure Disk page, confirm that the maximum size for the VHD is 2,040 GB.
10. Click Previous three times to return to the Choose Disk Format page.
11. On the Choose Disk Format page, click VHDX, and then click Next.
12. On the Choose Disk Type page, confirm that the default disk type for the VHDX hard disk is
Dynamically expanding, and then click Next.
13. On the Specify Name and Location page, in the Name field, type Dynamic.vhdx, confirm that the
Location field is set to C:\Shares\VHDs\, and then click Next.
14. On the Configure Disk page, confirm that Create a new blank virtual hard disk is selected, in the
Size field, type 100, and then click Next.
15. On the Completing the New Virtual Hard Disk Wizard page, click Finish.
16. On LON-HOSTx, in Hyper-V Manager, in the Actions pane, click New, and then click Hard disk.
17. In the New Virtual Hard Disk Wizard, on the Before You Begin page, click Next.
18. On the Choose Disk Format page, select VHD, and then click Next.
19. On the Choose Disk Type page, click Differencing, and then click Next.
20. On the Specify Name and Location page, in the Name field, type Differencing.vhd, confirm that
the Location field is set to C:\Shares\VHDs\,and then click Next.
L3-18 Creating and Managing Virtual Hard Disks, Virtual Machines, and Checkpoints
21. On the Configure Disk page, click Browse, and then browse to E:\Program Files
\Microsoft Learning\base\.
Note: The actual drive letter on which base images are stored can be different, and it
depends on the physical server configuration. Drive E is used in the instructions, but you should
use the drive on which base images are stored in your environment.
22. In the Base folder, click Base14A-WS12R2.vhd, click Open, and then click Next.
23. On the Completing the New Virtual Hard Disk Wizard page, click Finish.
25. In Windows PowerShell, create a fixed-size virtual hard disk by running the following cmdlet:
3. In the VHDs folder, confirm that the three virtual hard disks that you created in the previous task
display.
4. In the VHDs folder, right-click Fixed.vhdx, select Properties, confirm that its size on the disk is
1.00 GB, and then click OK.
5. In the VHDs folder, verify that Dynamic.vhdx and Differencing.vhd are allocated much less space
on the disk, even though you configured Dynamic.vhdx with 100 GB.
9. In the VHDs folder, click Fixed.vhdx, click Open, and then click OK.
10. In Windows PowerShell, add two additional virtual hard disks to LON-CLx by running the following
cmdlets:
13. In File Explorer, right-click This PC, and then click Manage.
14. In Computer Management, in the navigation pane, click Disk Management. After the Initialize Disk
window opens, click OK.
15. Confirm that LON-CLx has multiple disks. Confirm that the last three disks have 1023 MB (1 GB),
100 GB, and 127 GB. Confirm that the last disk has two partitions, which are assigned letters E: and
F:. Confirm that the first two disks have only unallocated space.
Server Virtualization with Windows Server Hyper-V® and System Center L3-19
16. Right-click the unallocated space of Disk 1, click New Simple Volume, click Next four times, and
then click Finish. Disk is formatted and assigned letter G:. Close File Explorer and click Cancel in the
Microsoft Windows dialog box.
17. Right-click the unallocated space of Disk 2, click New Simple Volume, click Next four times, and
then click Finish. Disk is formatted and assigned letter H:. Click Cancel in the Microsoft Windows
dialog box.
19. In the Windows window, in the details pane, right-click the Inf folder, and then click Copy.
20. In the navigation pane, click Local Disk (F:), and then confirm that multiple folders display in the
details pane.
Note: This is a partition on a differencing disk. You did not yet copy anything on it to the
virtual hard disk; this is content on the parent disk.
21. In the details pane, right-click, and then click Paste. Verify that the Inf folder is copied to drive F: on
the differencing virtual hard disk.
22. Copy folder Inf to drives G: on the fixed-size disk and H: on the dynamically expanding disk.
23. On LON-HOSTx, in File Explorer, browse to the C:\Shares\VHDs folder.
24. In the VHDs folder, confirm that all three disks still display. Confirm that the size of the Fixed.vhdx file
is still 1 GB, while the size of the Differencing.vhd and Dynamic.vhdx files has increased as you copy
data to the partitions on those disks.
2. In the Edit Virtual Hard Disk Wizard, on the Before you Begin page, click Next.
3. On the Locate Virtual Hard Disk page, click Browse, and then browse to C:\Shares\VHDs.
4. In the VHDs folder, click Fixed.vhdx, click Open, and then click Next.
5. On the Choose Action page, confirm that Expand is selected, and then click Next.
6. On the Expand Virtual Hard Disk page, in the New size field, type 2, and then click Next.
7. On the Completing the Edit Virtual Hard Disk Wizard page, click Finish.
9. In the Edit Virtual Hard Disk Wizard, on the Before you Begin page, click Next.
10. On the Locate Virtual Hard Disk page, click Browse, and then browse to C:\Shares\VHDs.
11. In the VHDs folder, click Dynamic.vhdx, click Open, and then click Next.
12. On the Choose Action page, confirm that the dynamically expanding disk has two actions available,
Compact and Expand. A third option, Shrink, would be available if there were unallocated space on
that disk. Click Expand, and then click Next.
13. On the Expand Virtual Hard Disk page, in the New size field, type 200, and then click Next.
14. On the Completing the Edit Virtual Hard Disk Wizard page, click Finish. Notice that the operation
finished much faster than when you expanded the fixed-size virtual hard disk.
L3-20 Creating and Managing Virtual Hard Disks, Virtual Machines, and Checkpoints
15. On LON-CLx, in Computer Management, right-click Disk Management, and then click Refresh.
Confirm that Disk 1 and Disk 2 have expanded, and now have 1 GB and 100 GB of unallocated space.
Notice that Hyper-V expanded the virtual hard disks while the virtual machine was running.
16. On LON-HOSTx, in Windows PowerShell, remove the first two small computer system interface (SCSI)
virtual hard disks from LON-CLx by running the following cmdlets:
17. On LON-HOSTx, in Hyper-V Manager, in the Actions pane, click Edit Disk.
18. In the Edit Virtual Hard Disk Wizard, on the Before you Begin page, click Next.
19. On the Locate Virtual Hard Disk page, click Browse, and then browse to C:\Shares\VHDs.
20. In the VHDs folder, click Dynamic.vhdx, click Open, and then click Next.
21. On the Choose Action page, confirm that there are new options available.
Note: Shrink is available because the disk now has unallocated space, and Convert is
available only if the disk is not used by a virtual machine.
22. On the Choose Action page, click Convert, and then click Next.
23. On the Convert Virtual Hard Disk page, click VHD, and then click Next.
24. On the Convert Virtual Hard Disk page, click Dynamically expanding, and then click Next.
25. On the Convert Virtual Hard Disk page, click Browse, and then browse to C:\Shares\VHDs.
26. In the VHDs folder, in the File name field, type Converted.vhd, click Save, and then click Next.
27. On the Completing the Edit Virtual Hard Disk Wizard page, click Finish.
28. On LON-HOSTx, in File Explorer, browse to C:\Shares\VHDs.
29. In the VHDs folder, confirm that file Converted.vhd is created, and that the size of Fixed.vhdx is now
2 GB.
3. In the iSCSI Initiator Properties dialog box, in the Target field, type 172.16.0.14, and then click
Quick Connect.
4. In the Quick Connect dialog box, click the target with lon-ss1 in the name, and then click Done.
5. On LON-HOSTx, in Server Manager, click the Tools menu, and then click Computer Management.
Note: Two disks are added on LON-HOST1. One disk is added on LON-HOST2.
Server Virtualization with Windows Server Hyper-V® and System Center L3-21
10. In Settings for LON-CLx, in the left pane, under SCSI Controller, click Hard Drive. In the right pane,
in the Media section, click Physical hard disk, and then click OK.
11. On LON-CLx, in Computer Manager, in the navigation pane, click Disk Management. Confirm that
Disk 1 displays, that it has the same size as the disk that was added to LON-HOSTx, and that it is not
initialized. This is the directly attached disk that was added to LON-CLx.
12. In Computer Management, right-click Disk 1, and then click Initialize disk.
14. Right-click in the unallocated space of Disk 1, click New Simple Volume, click Next four times, and
then click Finish. Close File Explorer and click Cancel in the Microsoft Windows dialog box.
15. On LON-HOSTx, in Windows PowerShell, remove SCSI virtual hard disks from LON-CLx by running the
following cmdlet:
Note that the location might differ. If so, check the virtual machine settings for LON-CLx.
16. On LON-CLx, in Disk Management, confirm that Disk 1 no longer displays.
17. On LON-HOSTx, in the iSCSI Initiator Properties window, in the Discovered targets section, click the
target with lon-ss1 in the name, and then click Disconnect.
18. In the Disconnect From All Sessions dialog box, click Yes, and then click OK.
Results: After completing this exercise, you should have created and managed virtual hard disks.
2. In the New Virtual Machine Wizard, on the Before You Begin page, click Next.
3. On the Specify Name and Location page, in the Name field, type LON-VM2, and then click Next.
4. On the Specify Generation page, click Generation 2, and then click Next.
5. On the Assign Memory page, in the Startup Memory field, type 1024, select the Use Dynamic
Memory for this virtual machine check box, and then click Next four times.
6. On the Completing the Virtual Machine Wizard page, click Finish. A virtual machine named
LON-VM2 is created.
7. On LON-HOSTx, in Windows PowerShell, create a Generation 1 virtual machine, and then attach it to
a virtual hard disk by running the following cmdlets:
2. In Settings for LON-VM2, in the Add Hardware section, in the details pane, confirm that three types
of hardware display. Confirm also that in the left pane, in the Hardware section, no BIOS, IDE
Controllers, COM ports, or Diskette Drive display, but Firmware does display.
3. In the Hardware section, click Firmware, and then confirm that Enable Secure Boot is enabled.
4. In the Boot order section, click Hard Drive, click the Move Up icon to set Hard Drive as the first
boot device, and then click OK.
5. In Hyper-V Manager, right-click the LON-VM1 virtual machine, and then click Settings.
6. In Settings for LON-VM1, in the Add Hardware section, in the details pane, confirm that five types of
hardware display. In the left pane, in the Hardware section, confirm also that BIOS, IDE Controllers,
COM ports, and Diskette Drive display, but Firmware does not display.
7. Click BIOS, confirm that you can change Startup order, but that no Enable Secure Boot option exists.
8. Click Memory, and then confirm that Enable Dynamic Memory is not selected.
9. In the left pane, in the Hardware section, confirm that a single Network Adapter displays, and then
click OK.
10. On LON-HOSTx, in Windows PowerShell, enable dynamic memory, and then add a network adapter
to the LON-VM1 virtual machine by running the following cmdlets:
11. In Hyper-V Manager, right-click the LON-VM1 virtual machine, and then click Settings.
12. In Settings for LON-VM1, click Memory, and then confirm that Enable Dynamic Memory is selected.
13. In the left pane, in the Hardware section, confirm that two Network Adapters display, and then
click OK.
2. In Settings for LON-CLx, click Memory. In the details pane, confirm that Enable Dynamic Memory is
selected, and then click OK.
3. In Hyper-V Manager, make note of the currently Assigned Memory for the LON-CLx virtual machine.
cd C:\LabFiles\Mod03
.\TestLimit64.exe –d 400 –c 1
6. On LON-HOSTx, in Hyper-V Manager, make note of the currently Assigned Memory for the LON-CLx
virtual machine, and then confirm that LON-CLx is now using more memory.
8. After a few minutes, check Assigned Memory for the LON-CLx virtual machine.
Server Virtualization with Windows Server Hyper-V® and System Center L3-23
cd c:\LabFiles\Mod03
.\sqlio.exe
2. Wait for 30 seconds for the test to complete, and then make note of the IOs/sec result.
4. In Settings for LON-CLx, under IDE Controller 0, expand Hard Drive, and then click Advanced
Features.
5. In the details pane, in the Advanced Features section, click Enable Quality of Service
management. In the Minimum field, type 100, in the Maximum field, type 200, and then click OK.
3. On LON-CLx, open a new Command Prompt window, and then run the Time command.
4. Make note of the current time, type 11:00 as the current time, and then press Enter.
5. In the Command Prompt window, enter the Time command again, and then confirm that it
automatically set back to its previous value, as Integration Services automatically synchronized the
time on LON-CLx with the time on LON-HOSTx.
8. In Integration Services, in the details pane, clear the Time synchronization check box, and then
click OK.
9. On LON-CLx, in Services, right-click Services (Local), and then click Refresh. Confirm that Hyper-V
Time Synchronization Service is not running, and then close Services.
10. In LON-CLx, at the command prompt, run the Time command. Make note of the current time, type
11:00 as the current time, and then press Enter.
11. At the command prompt, type Time, and then press Enter twice. Confirm that the returned time is
few second over 11:00, as time on the virtual machine is no longer synchronizing with the Hyper-V
host.
13. In Device Manager, expand Display adapters, and then confirm that the virtual machine is using the
Microsoft Hyper-V Video adapter, which is provided as part of Integration Services.
14. In Device Manager, expand System devices, and then confirm that the virtual machine is using
several devices with Hyper-V in their name, including Microsoft Hyper-V Dynamic Memory. All of
those virtual devices are provided as part of Integration Services.
16. On LON-HOSTx, in Windows PowerShell, enable time synchronization for LON-CLx by running the
following cmdlet:
17. In LON-CLx, at the command prompt, run the Time command again, and then confirm that the time
on the virtual machine is synchronized with the time on LON-HOSTx.
Results: After completing this exercise, you should have created and managed virtual machines.
Server Virtualization with Windows Server Hyper-V® and System Center L3-25
2. In the Import Virtual Machine window, on the Before You Begin page, click Next.
3. On the Locate Folder page, type C:\VirtualMachines\LON-EXPORT\, and then click Next.
4. On the Select Virtual Machine page, confirm that LON-EXPORT is selected, and then click Next.
5. On the Choose Import Type page, confirm that Register the virtual machine in-place (use the
existing unique ID) is selected, and then click Next.
6. On the Configure Processor page, in Number of virtual processors field, type 1, and then click
Next.
Note: This page shows only if a virtual machine is configured with more processors than
are available on the Hyper-V host.
7. On the Connect Network page, select External Network as the virtual switch to which you want
virtual machine to be connected, and then click Next.
Note: This page shows only if the virtual machine is configured to use a virtual switch,
which is not available on the Hyper-V host.
9. When the error message “Hyper-V encountered an error during the import operation” displays, click
See details, and notice that this is because a parent virtual hard disk was not found. Click Close.
11. In the Edit Virtual Hard Disk Wizard, on the Before You Begin page, click Next.
12. On the Locate Folder page, type C:\VirtualMachines\LON-EXPORT\Virtual Hard Disks
\LON-EXPORT.vhd, and then click Next.
Note: Actual drive letters on which base images are stored can be different, and it depends
on the physical server configuration. Drive E is used in the instructions, but you should use the
drive on which base images are stored in your environment.
15. On the Completing the Edit Virtual Hard Disk Wizard page, click Finish.
16. In Hyper-V Manager, in the Actions pane, click Import Virtual Machine.
L3-26 Creating and Managing Virtual Hard Disks, Virtual Machines, and Checkpoints
17. In the Import Virtual Machine window, on Before You Begin page, click Next.
18. On the Locate Folder page, type C:\VirtualMachines\LON-EXPORT\, and then click Next.
19. On the Select Virtual Machine Import Virtual Machine page, confirm that LON-EXPORT is
selected, and then click Next.
20. On the Choose Import Type page, confirm that Register the virtual machine in-place (use the
existing unique ID) is selected, and then click Next.
23. In Settings for LON-EXPORT on LON-HOSTx, confirm that LON-EXPORT is configured with a single
virtual processor and that it is connected to virtual switch named External Network, and then
click OK.
4. In Notepad, from the menu bar, click Edit, and then confirm that the Paste option is not available.
5. In Virtual Machine Connection to LON-CLx, in the Clipboard menu, click Type clipboard text.
Confirm that the text that you copied from the Win.ini file is typed. Close the 20409B-LON-CLx
window.
Note: Without enhanced session mode being enabled, this is the only way to copy content
to virtual machines, and it works only for text.
7. In Hyper-V Settings, on the left side, in the Server section, click Enhanced Session Mode Policy, in
the details pane, click Allow enhanced session mode, and then click OK.
10. In the Connect to 20409B-LON-CLx window, click Connect. Confirm that you are not automatically
signed in to LON-CLx.
11. In LON-CLx, click ADATUM\administrator, in the Password field, type Pa$$w0rd, and then press
Enter. Your previous session, including an opened Notepad, displays.
12. In Notepad, on the menu bar, click Edit, and then click Paste. Verify that the copied text from the
Win.ini file is pasted.
15. On LON-CLx, right-click the desktop, and then click Paste. Confirm that file Write.exe is copied to the
LON-CLx desktop.
Server Virtualization with Windows Server Hyper-V® and System Center L3-27
Note: When enhanced session mode is used, you can copy and paste files between a virtual
machine and a Hyper-V host even if the virtual machine does not have network connectivity.
16. On LON-CLx, on the taskbar, click File Explorer. Confirm that in the navigation pane, drives from
LON-HOSTx are mapped to the virtual machine.
17. In the navigation pane, right-click This PC, and then click Properties.
18. In the System window, click Remote Settings. Confirm that in the Remote Desktop section, Don’t
allow remote connections to this computer is selected.
20. In the Virtual Machine Connection to 20409B-LON-CLx window, in the Action menu, click Turn Off,
and then click Turn Off.
21. Close Virtual Machine Connection.
Note: Because Integration Services are not available during system start, enhanced
session mode is not used during that time. However, after the system starts, the Connect to
20409B-LON-CLx window displays, and you can configure enhanced session mode properties.
25. On LON-HOSTx, in Hyper-V Manager, in the Actions pane, click Hyper-V Settings.
26. In Hyper-V settings, on the left side, in the Server section, click Enhanced Session Mode Policy.
27. In the details pane, clear the Allow enhanced session mode check box, and then click OK.
6. Confirm that under IDE Controller 0, Hard Drive is now using a file with a GUID in its name, and
then click OK.
11. On LON-VM1, right-click the desktop, click New, click Folder, and name the folder Folder1.
12. In Virtual Machine Connection, in the Action menu, click Checkpoint, type Folder1 as Checkpoint
Name, and then click Yes.
13. On LON-VM1, right-click the desktop, click New, click Folder, and then name the folder Folder2.
14. In Virtual Machine Connection, on the toolbar, click the Checkpoint button, type Folder2 as
Checkpoint Name, and then click Yes.
15. On LON-VM1, right-click the desktop, click New, click Folder, and then name the folder Folder3.
17. In Windows PowerShell, create a checkpoint for LON-VM1 by running the following cmdlet:
18. View the existing checkpoints for LON-VM1 by running the following cmdlet in Windows PowerShell:
19. In Hyper-V Manager, confirm that all four checkpoints for LON-VM1 display.
20. Right-click the Folder1 checkpoint, and then click Apply. In the Apply Checkpoint dialog box, click
Apply.
21. On LON-VM1, on the desktop, confirm that there is only single folder displaying, named Folder1.
Right-click the desktop, click New, click Folder, and name the folder Folder1.1.
22. In Hyper-V Manager, right-click LON-VM1, and then click Checkpoint.
23. In Hyper-V Manager, in the Checkpoints pane, right-click the created checkpoint, click Rename, and
then name the folder Folder1.1.
24. On LON-HOSTx, in File Explorer, browse to C:\Shares\Snapshots.
25. In the Snapshots folder, confirm that there are five .xml files and five subfolders—exactly the same as
number of checkpoints for LON-VM1 that you created.
26. In the Snapshots window, in the details pane, click the Date modified column to order content by
the time of creation.
27. Right-click the lowest folder in the details pane, and then click Properties.
28. In the Properties dialog box, confirm that the Size of this folder is 0.
Note: The first checkpoint was created when LON-VM1 was turned off.
30. In the Snapshots window, review the size of the other folders.
Note: You created other LON-VM1 checkpoints while the virtual machine was running, so
each of those folders contains the memory content of the virtual machine at the moment the
checkpoint was created.
Server Virtualization with Windows Server Hyper-V® and System Center L3-29
2. Review the ParentSnapshotName property of each checkpoint to see how checkpoints relate to
each other.
3. Export the Folder2 checkpoint by running the following cmdlet:
4. In Hyper-V Manager, in the Virtual Machines pane, verify that the Status column is showing export
progress for LON-VM1.
7. In the details pane, double-click the Virtual Hard Disks folder, and then confirm that it contains two
virtual hard disks, the Differencing.vhd virtual hard disk, and its parent disk Base14A-WS12R2.vhd.
Note: Verify that export of LON-VM1 has finished. If the virtual machine is still exporting,
wait until the export operation finishes.
8. In File Explorer, in the navigation column, click Exported, in the details pane, right-click LON-VM1,
click Rename, and then type Folder2.
9. In Windows PowerShell, export complete LON-VM1 by running the following cmdlet:
10. You can view the export progress from Hyper-V Manager.
12. In the Exported folder, confirm that there is a LON-VM1 subfolder. Double-click the LON-VM1
folder, and then confirm that it contains a subfolder named Snapshots.
13. Double-click Virtual Hard Disks, and then confirm that it contains a Differencing.vhd virtual hard
disk, its parent disk, and all of the differencing virtual hard disks that were created by checkpoints.
14. Close the Virtual Hard Disks window.
15. On LON-HOSTx, in Windows PowerShell, apply the Folder3 checkpoint to LON-VM1 by running the
following cmdlet, and then clicking Y when prompted:
16. On LON-VM1, on the desktop, confirm that there are three folders named Folder1, Folder2, and
Folder3.
17. In Hyper-V Manager, right-click the Folder2 checkpoint, and then click Settings.
18. In the Settings for Folder2 (checkpoint) window, in the left pane, select several Hardware
components, and then confirm that you cannot modify their settings.
19. In the Management section, in the navigation pane, click Name, in the Description field, type
Folder1 and Folder2 on the desktop, and then click OK.
L3-30 Creating and Managing Virtual Hard Disks, Virtual Machines, and Checkpoints
20. In Hyper-V Manager, right-click the Folder1 checkpoint, and then click Delete Checkpoint Subtree.
In the Delete Checkpoint Tree dialog box, click Delete.
21. In Hyper-V Manager, confirm that all checkpoints for LON-VM1 except the first one are deleted
instantly.
Note: You can follow the merge process of the differencing virtual hard disks in the Status
column of LON-VM1.
23. In the Snapshots folder, confirm that there is single .xml file, and one subfolder.
Note: You deleted all the other checkpoints, and their differencing virtual hard disks were
merged while the LON-VM1 virtual machine was running.
Note: This is how a virtual machine presents Generation ID to the operating system.
Results: After completing this exercise, you should have imported virtual machines and worked with
checkpoints.
2. In Task Manager, click More Details, and then click the Performance tab.
3. Sign in to LON-CLx as Adatum\Administrator with the password Pa$$w0rd and click Desktop on
the Start screen.
5. In Task Manager, click More Details, and then click the Performance tab.
Server Virtualization with Windows Server Hyper-V® and System Center L3-31
C:\LabFiles\Mod03\Cpustres.exe
9. In CPU Stress, set the Process Priority Class to High. In the Thread 1 section, set Thread Priority to
Highest, and then set Activity to Busy.
10. On LON-CLx, view the Task Manager and confirm that it shows high utilization.
11. On LON-HOSTx, view the Task Manager and confirm that it shows low utilization.
Note: Because each Task Manager is showing utilization of its own virtual environment, the
utilization shown is very different.
12. In CPU Stress, in the Thread 1 section, set Thread Priority to Idle and Activity to Low.
13. On LON-HOSTx, in Task Manager, click Open Resource Monitor. The Resource Monitor opens.
14. On LON-CLx, in Windows PowerShell, run the following command, and then minimize Windows
PowerShell:
C:\LabFiles\Mod03\sqlio.exe
15. Confirm that Task Manager on LON-CLx shows very high, almost 100 percent Disk 0 utilization.
Resource Monitor on LON-HOSTx shows only a bit of increased disk activity.
16. On LON-HOSTx, minimize Resource Monitor.
5. Expand the Hyper-V Virtual Storage Device performance object, select and then click Read
Operations/sec. In the Instances of selected object section, click the instance that refers to
20409B-LON-CLx, and then click Add.
6. Expand the LogicalDisk performance object, click Disk Reads/sec, in the Instances of selected
object section, click C:, click Add, and then click OK.
7. In Performance Monitor, in the details pane, select only Disk Reads/sec and Read Operations/Sec,
right-click both, and then click Scale Selected Counters.
C:\LabFiles\Mod03\sqlio.exe
L3-32 Creating and Managing Virtual Hard Disks, Virtual Machines, and Checkpoints
10. On LON-HOSTx, in Performance Monitor, follow how disk access increases in the virtual machine and
on the Hyper-V host while sqlio.exe is running on the virtual machine.
11. On LON-CLx, in CPU Stress, set Process Priority Class to High. In the Thread 1 section, set Thread
Priority to Highest, and set Activity to Busy.
12. On LON-HOSTx, in Performance Monitor, follow how processor utilization increases in both the
virtual machine and on Hyper-V. Notice that the processor on LON-HOSTx is much less utilized than
the processor on LON-CLx.
13. On LON-HOSTx, in Hyper-V Manager, view CPU Usage for the LON-CLx virtual machine.
14. In Hyper-V Manager, right-click LON-CLx, and then click Settings.
15. In Settings for LON-CLx, in the navigation pane, click Processor, type 10 in the Virtual machine
limit (percentage) field, and then click OK.
16. In Hyper-V Manager, confirm that CPU Usage for the LON-CLx virtual machine is considerably lower.
17. On LON-CLx, close both CPU Stress and Task Manager.
18. On LON-HOSTx, close Performance Monitor, Resource Monitor, and Task Manager.
19. In Hyper-V Manager, right-click LON-CLx, and then click Settings.
20. In Settings for LON-CLx, in the navigation pane, click Processor, in the Virtual machine limit
(percentage) field, type 100, and then click OK.
3. View resource metering data for LON-CLx by running the following cmdlet:
C:\LabFiles\Mod03\Cpustres.exe
5. In CPU Stress, set Process Priority Class to High. In the Thread 1 section, set Thread Priority to
Highest, and then set Activity to Busy.
6. In Windows PowerShell, run the following command:
C:\LabFiles\Mod03\TestLimit64.exe –d 400 –c 5
Server Virtualization with Windows Server Hyper-V® and System Center L3-33
7. On LON-HOSTx, in Windows PowerShell, run the following cmdlet to view resource metering data for
LON-CLx:
8. Compare the result with previous results, and then notice the increased use of AvgRAM(M) and
AvgCPU(MHz).
10. On LON-HOSTx, in Windows PowerShell, run the following cmdlet to disable resource metering for
LON-CLx:
Results: After completing this exercise, you should have monitored Hyper-V.
L4-35
3. In the Virtual Switch Manager window, confirm that in the Virtual Switches section, External
Network is the only virtual switch listed.
4. In the Virtual Switch Manager window, click Cancel.
8. In the Network Connections window, confirm that two network connections display: Ethernet 2, and
vEthernet (External Network).
11. Right-click the vEthernet (External Network) network connection, and then click Properties.
Confirm that the network connection is using most items, but it is not using Hyper-V Extensible
Virtual Switch, for which the check box is not selected. Click Cancel.
Get-VMNetworkAdapter -All
3. Verify that the output shows that one network adapter named External Network is present on the
system.
5. In the Network Connections window, confirm that a new network connection named vEthernet
(Management) is added.
6. Right-click the vEthernet (Management) network connection, and then click Properties.
L4-36 Creating and Configuring Virtual Machine Networks
7. In the Properties dialog box, confirm that the network connection is using most items, including
Internet Protocol Version 4 (TCP/IPv4), but that it is not using Hyper-V Extensible Virtual
Switch, and then click Cancel.
Get-VMNetworkAdapter –All
9. Verify that the output shows that the Management network adapter is present on the system.
11. In the Network Connections window, confirm that two new network connections named vEthernet
(Storage) and vEthernet (Live Migration) are added.
12. In Windows PowerShell, run the following cmdlet:
Get-VMNetworkAdapter –All
13. Confirm that there are network adapters named Storage and Live Migration present on the system.
3. In the Virtual Switch Manager window, in the left pane, confirm that New virtual network switch is
selected.
4. In the right pane, confirm that External is selected, and then click Create Virtual Switch.
5. Confirm that New Virtual Switch is added to the left pane.
6. In right pane, in the Connection type section, confirm that External network is selected.
7. Verify that you can select Enable single-root I/O virtualization (SR-IOV), but do not select them.
8. Verify that you can also select Enable virtual LAN identification, but do not enable it.
Note: The error message is that the physical network adapter is already bound to the
virtual switch, and a physical network adapter can be bound to only one external virtual switch.
13. In the Virtual Switch Manager for LON-HOSTx window, in the Name text box, type Internal Switch.
14. In the Connection type section, click Internal network. Verify that you cannot enable single root I/O
virtualization (SR-IOV) for the internal switch, but that you can select Enable virtual LAN
identification. Do not enable it, and click OK.
Server Virtualization with Windows Server Hyper-V® and System Center L4-37
15. Maximize the Network Connections window, and confirm that the additional network connection
vEthernet (Internal Switch) is added.
16. Right-click the vEthernet (Internal Switch) network connection, and then click Properties.
17. In the Properties dialog box, confirm that the network connection is using most items, including
Internet Protocol Version 4 (TCP/IPv4). Verify that the network connection is not using Hyper-V
Extensible Virtual Switch, and then click Cancel.
18. In a Windows PowerShell window, run the following cmdlet:
Get-VMNetworkAdapter –All
19. Confirm that there is a network adapter named Internal Switch present on the system.
20. Maximize Hyper-V Manager, and in the Actions pane, click Virtual Switch Manager.
21. In Virtual Switch Manager for LON-HOSTx, in the left pane, confirm that New virtual network
switch is selected, in the right pane, click Private, and then click Create Virtual Switch.
22. Verify that in the left pane, New Virtual Switch is added.
23. In the Name text box, type Private Switch. In the Connection type section, confirm that Private
network is selected. Verify that you cannot enable either SR-IOV or virtual local area network (VLAN)
identification for the internal switch, and then click OK.
24. Maximize the Network Connections window, and confirm that when you created the private virtual
switch, no network connection was added.
Get-VMNetworkAdapter –All
27. Confirm that no network connection was added when you created the private virtual switch.
28. Maximize Hyper-V Manager, and in the Actions pane, click Virtual Switch Manager.
29. In Virtual Switch Manager for LON-HOSTx, expand the External Network virtual switch, and then
click Extensions.
30. In Virtual Switch Manager for LON-HOSTx, verify that in the right pane, two switch extensions display.
Verify that Microsoft NDIS Capture is not enabled, whereas Microsoft Windows Filtering
Platform is enabled.
31. Expand both the Internal Switch and the Private Switch, and confirm that they have the same
extensions available as the External virtual switch, and that they are configured the same.
32. Click Cancel, and then minimize both Hyper-V Manager and Windows PowerShell.
ipconfig
8. Confirm that LON-PRODx has an IPv4 address of 10.0.0.x5, (where x is 1 if you are using
LON-HOST1, and x is 2 if you are using LON-HOST2).
ping 10.0.0.x6
11. On LON-HOSTx, in Hyper-V Manager, right-click 20409B-LON-PRODx, and then click Settings.
12. In Settings for 20409B-LON-PRODx, in the left pane, click Network Adapter, in the Virtual Switch
drop-down list box, click Internal Switch, and then click OK.
13. On LON-PRODx, in Windows PowerShell, run the following command:
ping 10.0.0.x6
15. On LON-HOSTx, maximize the Windows PowerShell window, and run the following command:
ping 10.0.0.x5
Note: This is because the virtual network adapter in LON-HOSTx that is connected to the
Internal switch does not have an IP address from the same subnet as LON-PRODx.
18. In the Network Connections window, right-click the vEthernet (Internal Switch) network
connection, and then click Properties.
19. In the vEthernet (Internal Switch) Properties dialog box, click Internet Protocol Version 4
(TCP/IPv4), and then click Properties.
20. In the Internet Protocol Version 4 (TCP/IPv4) Properties dialog box, click Use the following IP
address, in the IP address text box, type 10.0.0.100.
21. In the Subnet mask text box, type 255.255.255.0, click OK, and click Close.
22. On LON-HOSTx, maximize the Windows PowerShell window, and run the following command:
ping 10.0.0.x5
Server Virtualization with Windows Server Hyper-V® and System Center L4-39
23. Confirm that four replies are returned, which confirms that both LON-HOSTx and LON-PRODx now
have network connectivity.
24. On LON-HOSTx, in Hyper-V Manager, right-click 20409B-LON-PRODx, and then click Settings.
25. In the Settings for 20409B-LON-PRODx window, in the left pane, click Network Adapter, in the
Virtual Switch drop-down list box, click External Network, and then click OK.
ipconfig /all
28. Verify from the output that LON-PRODx has a different IPv4 address, and that it obtained the IP
address from the DHCP server that is running on LON-DC1.
31. Confirm that four replies are returned, which confirms that LON-HOSTx and LON-PRODx have
network connectivity.
ping LON-DC1
33. Confirm that four replies are returned, which confirms that LON-DC1 and LON-PRODx have network
connectivity.
Note: Leave the virtual machines running, as you will use them in the next lab.
Results: After completing this exercise, you should have created and used Hyper-V virtual switches.
L4-40 Creating and Configuring Virtual Machine Networks
Note: In this exercise you will see how you can prevent rogue DHCP servers on your
network. Because your partner is also using the same DHCP server, you should synchronize this
task with him or her.
1. On LON-PRODx, in Windows PowerShell, run the following commands, pressing Enter at the end of
each line:
ipconfig /release
ipconfig /renew
Note: By running these commands, you renew TCP/IP settings on LON-PRODx. Notice
from the output that TCP/IP settings were obtained successfully.
3. In Settings for 20409B-LON-PRODx, in the left pane, expand Network Adapter, and then click
Advanced Features. In the right pane, click Enable DHCP guard, and then click OK.
4. On LON-PRODx, in Windows PowerShell, run the following commands, pressing Enter at the end of
each line:
ipconfig /release
ipconfig /renew
Note: Notice that the TCP/IP settings on LON-PRODx renew successfully. This is because
DHCP guard setting on the virtual network adapter has no effect on whether the virtual machine
can obtain TCP/IP settings over that adapter.
Note: The following lab steps will affect your lab partner, so let him or her know that you
will perform the change on the LON-DC1 virtual machine. Your partner should wait until you
finish this change, and then proceed.
7. On LON-PRODx, in Windows PowerShell, run the following commands, pressing Enter at the end of
each line:
ipconfig /release
ipconfig /renew
Server Virtualization with Windows Server Hyper-V® and System Center L4-41
Note: Notice that this time the process takes considerably longer, and LON-PRODx is not
able to obtain TCP/IP settings. This is because when you enabled DHCP guard on the virtual
machine where the rogue DHCP server is running, you can no longer get TCP/IP settings from
that virtual machine
8. On LON-HOST1, in Windows PowerShell, run the following cmdlets, pressing Enter at the end of each
line:
Note: By running those cmdlets, you disable DHCP guard on LON-DC1. Now the DHCP
server that is running in that virtual machine can once again offer TCP/IP settings.
Note: Now that you have disabled DHCP guard on LON-DC1, have your partner perform
the steps from step 5 onwards.
3. On LON-PRODx, on the Start screen, type Control Panel, and then press Enter.
4. In Control Panel, in the Search Control Panel text box, type network, and then click View network
connections.
5. In the Network Connections window, right-click the Ethernet network connection, and then click
Properties.
6. In the Ethernet Properties dialog box, click Internet Protocol Version 4 (TCP/IPv4), and then click
Properties.
7. In the Internet Protocol Version 4 (TCP/IPv4) Properties dialog box, click Use the following IP
address. In the IP address text box, type 10.0.0.x5, in the Subnet mask text box, type
255.255.255.0, click OK, and then click Close.
ping 10.0.0.x6
9. Confirm that four replies are returned, which confirms that LON-PRODx and LON-TESTx have
network connectivity.
10. On LON-HOSTx, in Hyper-V Manager, right-click 20409B-LON-PRODx, and then click Settings.
11. In Settings for 20409B-LON-PRODx, in the left pane, click Network Adapter, and then in the right
pane, click Enable virtual LAN identification.
12. Verify that 2 is specified as VLAN ID, and then click OK.
ping 10.0.0.x6
L4-42 Creating and Configuring Virtual Machine Networks
15. On LON-HOSTx, in Hyper-V Manager, right-click 20409B-LON-PRODx, and then click Settings.
16. In Settings for 20409B-LON-PRODx, in the left pane, click Network Adapter, in the right pane, clear
the Enable virtual LAN identification check box, and then click OK.
2. In the This PC window, on the navigation pane, expand This PC, expand Local Disk (C:), and then
click Windows.
3. In the Windows window, in the details pane, right-click the Inf folder, and then click Copy.
4. In the Windows window, in navigation, click the down arrow, type \\10.0.0.x6\share, and then press
Enter.
Note: You are now connected to a share named Share on the LON-TESTx computer.
LON-TESTx has IP address 10.0.0.x6.
5. In the share window, right-click in the details pane, and then click Paste.
6. Make note of the copy speed and how long the process takes.
7. When the copy process completes, right-click the Inf folder, click Delete, and then in the Delete
Folder dialog box, click Yes.
8. On LON-HOSTx, in Hyper-V Manager, right-click 20409B-LON-PRODx, and then click Settings.
9. In the Settings for 20409B-LON-PRODx window, in the left pane, click Network Adapter, in the
details pane, click Enable bandwidth management, in both the Minimum bandwidth and
Maximum bandwidth text boxes, type 10, and then click OK.
10. On LON-PRODx, in the share window, right-click in details pane and then click Paste.
11. In the window that displays the progress of the copy process, confirm that the copy process takes
noticeably longer to complete.
12. On LON-HOSTx, in Hyper-V Manager, right-click 20409B-LON-PRODx, and then click Settings.
13. In Settings for 20409B-LON-PRODx, in the left pane, click Network Adapter, in the details pane,
clear the Enable bandwidth management check box, and then click OK.
Note: Leave the virtual machines running, as you will use them in the next lab.
Results: After completing this exercise, you should have configured and used advanced virtual switch
features.
Server Virtualization with Windows Server Hyper-V® and System Center L4-43
Note: Only the student who is using LON-HOST1 performs this task.
1. On LON-PROD1, on the Start screen, search for and start Windows PowerShell.
2. In Windows PowerShell, run following three commands, pressing Enter at the end of each line:
ping 10.0.0.16
ping 10.0.0.25
ping 10.0.0.26
3. Confirm that LON-PROD1 has connectivity with all three virtual machines, LON-TEST1, LON-PROD2
and LON-TEST2.
6. Confirm that the VirtualSubnetId property has the value 0, which means that virtual subnets are not
being used.
7. In Windows PowerShell, run the following cmdlet:
Get-NetVirtualizationLookupRecord
8. Verify that the output is empty, which confirms that no virtualization lookup record has been defined.
Note: The virtualization lookup record defines which virtual machine is running on which
Hyper-V host, and over which virtualization subnet is achievable.
Get-NetVirtualizationCustomerRoute
10. Verify that the output is empty, which confirms that the virtualization customer route has yet to be
defined.
Get-NetAdapter
12. For the physical network adapter, under the ifIndex column, write down the Index number.
L4-44 Creating and Configuring Virtual Machine Networks
Note: Only the student who is using LON-HOST2 performs this task.
1. On LON-TEST2, on the Start screen, search for and start Windows PowerShell.
2. In Windows PowerShell, run the following three commands, pressing Enter at the end of each line:
ping 10.0.0.15
ping 10.0.0.16
ping 10.0.0.25
3. Confirm that four replies are returned for each command. This confirms that LON-TEST2 has
connectivity with LON-PROD1, LON-TEST1, and LON-PROD2.
6. Confirm that VirtualSubnetId property has the value 0, which means that virtual subnets are not in
use.
7. In Windows PowerShell, run following cmdlet:
Get-NetVirtualizationLookupRecord
8. Confirm that the output is empty, which confirms that no virtualization lookup record has been
defined.
Note: The virtualization lookup record defines which virtual machine is running on which
Hyper-V host, and over which virtualization subnet it is achievable.
Get-NetVirtualizationCustomerRoute
10. Verify that the output is empty, which confirms that a virtualization customer route has yet to be
defined.
11. In Windows PowerShell, run following cmdlet:
Get-NetAdapter
12. For the physical network adapter, under the ifIndex column, write down the Index number.
2. In the This PC window, in the navigation pane, expand Local Disk (C:), expand LabFiles, and then
click Mod04.
4. When the file ConfigureNWx.ps1 opens in Windows PowerShell ISE, review the Windows PowerShell
script to see how network virtualization is configured. Review the variables, which are defined at the
start of the script.
5. In Windows PowerShell ISE, on the toolbar, click Run Script, or press F5. If you run the script on
LON-HOST1, enter the index number of your physical server network adapter and the index number
of your partner physical server network adapter that were recorded earlier.
Get-NetVirtualizationLookupRecord
2. Verify that the output shows that virtualization records have been created for the IP addresses of
LON-PRODx and LON-TESTx virtual machines.
Get-NetVirtualizationCustomerRoute
4. Verify that the output shows that one virtualization route is defined for the 10.0.0.0/24 subnet, and
with a VirtualizationSubnetID value of either 5001 or 6001.
Note: Only the student who is using LON-HOST1 will perform steps 5 to 8.
6. Confirm that the VirtualSubnetId property value is 5001, which was configured by the Windows
PowerShell script.
7. On LON-PROD1, in Windows PowerShell, run the following three commands:
ping 10.0.0.16
ping 10.0.0.25
ping 10.0.0.26
Note: This confirms that LON-PROD1 has connectivity with LON-PROD2, but it does not
have connectivity with LON-TEST1 and LON-TEST2, because those virtual machines are on a
different virtual network (which is sharing the same physical network.
Note: Only the student who is using LON-HOST2 performs steps 9 to 12.
10. Confirm that the property VirtualSubnetId has a value 6001, which you configured with the
Windows PowerShell script.
L4-46 Creating and Configuring Virtual Machine Networks
ping 10.0.0.15
ping 10.0.0.16
ping 10.0.0.25
Note: This confirms that LON-TEST2 has connectivity with LON-TEST1, but it does not have
connectivity with LON-PROD1 and LON-PROD2 computers. This is because they are on a
different virtual network (which is sharing the same physical network.
2. In the This PC window, in the navigation pane, expand Local Disk (C:), expand LabFiles, and then
click Mod04.
5. After network virtualization is removed, confirm network connectivity between the virtual machines
by performing the following steps:
a. If you are using LON-HOST1, confirm that LON-PROD1 has connectivity with LON-TEST1,
LON-PROD2. and LON-TEST2 by running the following three commands:
ping 10.0.0.16
ping 10.0.0.25
ping 10.0.0.26
b. If you are using LON-HOST2, confirm that LON-TEST2 has connectivity with LON-PROD1,
LON-TEST1, and LON-PROD2by running the following three commands:
ping 10.0.0.15
ping 10.0.0.16
ping 10.0.0.25
Results: After completing this exercise, you should have configured Hyper-V network virtualization.
L5-47
Note: Before starting with this lab, run the C:\Labfiles\Mod05\Mod05setup.ps1 script to
prepare environment for the lab.
2. In Settings for LON-MOVE1, under IDE Controller 0, click Hard Drive. Confirm that it is using the
LON-MOVE1.vhdx VHD that is stored locally, and then click OK.
5. On the Choose Move Type page, select the Move the virtual machine’s storage option, and then
click Next.
6. On the Choose Options for Moving Storage page, select the Move only the virtual machine’s
virtual hard disks option, and then click Next.
7. On the Select Items to Move page, confirm that disk LON-MOVE1.vhdx is selected, and then click
Next.
8. On the Choose a new location for attached virtual hard disk page, in the Folder text box, type
\\LON-HOSTy\VHDs\LON-MOVE1, and then click Next.
Note: Because the VHD is dynamically expanding and is small, the move occurs quickly.
Note: This confirms that the VHD was moved while the virtual machine was running.
12. In Settings for LON-MOVE1, under Management, click Checkpoint File Location. Confirm that
checkpoints are stored locally, that you cannot change the location, and then click OK.
13. In Hyper-V Manager, right-click LON-MOVE1, and then click Move.
14. In the Move “LON-MOVE1” Wizard, on the Before You Begin page, click Next.
15. On the Choose Move Type page, select the Move the virtual machine’s storage option, and then
click Next.
L5-48 Virtual Machine Movement and Hyper-V Replica
16. On the Choose Options for Moving Storage page, select the Move the virtual machine’s data to
different locations option, and then click Next.
17. On the Select Items to Move page, review the items that can be moved. Click Clear All, select the
Checkpoints check box, and then click Next.
18. On the Choose a new location for checkpoints page, in the Folder text box, type \\LON-HOSTy
\VHDs\LON-MOVE1, and then click Next.
Note: Because the checkpoint has a small differencing VHD, the move occurs quickly.
21. In Settings for LON-MOVE1, click Checkpoint File Location. Confirm that checkpoints are stored on
the network share, and that they were moved while virtual machine was running, and then click OK.
4. In Settings for LON-MOVE2, click Checkpoint File Location. Confirm that checkpoints are stored
locally and that you cannot change the location, and then click OK.
5. In Windows PowerShell, move LON-MOVE2 storage by running following cmdlet:
Note: Notice that the VHD was moved while virtual machine is running.
10. Confirm that checkpoints are stored on the network share and that they were moved while virtual
machine was running, and then click OK.
2. In the Move “20409B-LON-PRODx” Wizard, on the Before You Begin page, click Next.
3. On the Choose Move Type page, confirm that Move the virtual machine is selected, and then click
Next.
4. When the Move Wizard error dialog box opens, click Close.
Server Virtualization with Windows Server Hyper-V® and System Center L5-49
Note: This dialog box opens because this computer is not configured for live migration.
8. In the right pane, in the Live Migrations section, click Enable incoming and outgoing live
migrations.
9. In Hyper-V Settings, select the option for incoming live migration to Use any available network for
live migration.
10. In the left pane, expand Live Migrations, click Advanced Features, and select Use Kerberos to be
used as Authentication Protocol.
12. In Hyper-V Manager, in the navigation pane, right-click Hyper-V Manager, and then click Connect
to Server.
13. In the Select Computer dialog box, in the Another computer text box, type LON-HOSTy, and then
click OK.
14. Verify that LON-HOSTy is now added to the Hyper-V Manager navigation pane.
Note: Live migration must be enabled on both LON-HOSTx machines before you can
continue with the lab. Ensure that your partner has finished this task before you continue.
3. Confirm that it is using 20409B-LON-PRODx.vhd VHD, and that the VHD is stored locally.
4. Click Checkpoint File Location. Confirm that checkpoints are stored locally, and then click OK.
5. On LON-PRODx, open Windows PowerShell, run the following command to ping LON-PRODy, which
is running on your partner Hyper-V host:
ping –t 10.0.0.y5
7. In the Move “20409B-LON-PRODx” Wizard, on the Before You Begin page, click Next.
8. On the Choose Move Type page, confirm that Move the virtual machine is selected, and then click
Next.
9. On the Specify Destination Computer page, in the Name text box, type LON-HOSTy, and then
click Next.
10. On the Choose Move Options page, confirm that the Move the virtual machine’s data to a single
location option is selected, and then click Next.
11. On the Choose a new location for virtual machine page, in the Folder text box, type
C:\Moved\LON-PRODx, and then click Next.
Note: This will start moving the running virtual machine and performing the live migration.
You can monitor the progress of the live migration in Hyper-V Manager, in the Status column.
Here you can also see that LON-PRODx is able to ping LON-PRODy throughout the live
migration.
13. After live migration completes, in Hyper-V Manager, confirm that LON-PRODx is no longer running
on LON-HOSTx.
16. In Settings for 20409B-LON-PRODx, under IDE Controller 0, click Hard Drive, and then confirm that
it is using the C:\Moved\LON-PRODx\Virtual Hard Disks\20409B-LON-PRODx.vhd VHD.
17. In Settings for LON-PRODx, click Checkpoint File Location, confirm that checkpoints are stored in
the C:\Moved\LON-PRODx folder, and then click OK.
20. On the Choose Move Type page, confirm that Move the virtual machine is selected, and then click
Next.
21. On the Specify Destination Computer page, in the Name field, type LON-HOSTx, and then click
Next.
22. On the Choose Move Options page, confirm that the Move the virtual machine’s data to a single
location option is selected, and then click Next.
23. On the Choose a new location for virtual machine page, in the Folder field, type C:\Moved
\LON-PRODx, and then click Next.
24. On the Completing Move Wizard page, click Finish.
25. When the Move Wizard error dialog box displays, review the text explaining that there was an error
during the move operation.
Note: The error occurs because you are managing a remote Hyper-V host, which is not
allowed to delegate your permissions.
2. Install Active Directory administrative tools by running the following Windows PowerShell cmdlet:
Install-WindowsFeature RSAT-AD-AdminCenter
3. On the Start screen, search for and start Active Directory Users and Computers.
4. In Active Directory Users and Computers, in the navigation pane, expand Adatum.com, and then
click Computers.
5. In the details pane, right-click LON-HOSTy, and then click Properties.
7. On the Delegation tab, click Trust this computer for delegation to specified services only, and
then click Add.
Server Virtualization with Windows Server Hyper-V® and System Center L5-51
8. In Add Services, click Users or Computers, in the Enter the objects to select text box, type
LON-HOSTx, and then click OK.
9. In Add Services, select both cifs and Microsoft Virtual System Migration Services service types,
and then click OK.
10. In the LON-HOSTy Properties dialog box, on the Delegation tab, confirm that both service types
are listed, and then click OK.
12. In Windows PowerShell, purge cached Kerberos tickets on LON-HOSTy to immediately apply
changes by running the following command:
2. When live migration starts, in Hyper-V Manager, view the Status column to monitor migration
progress.
7. In Settings for 20409B-LON-PRODx, click Checkpoint File Location, confirm that the checkpoints are
stored in the C:\Moved\LON-PRODx folder, and then click OK.
Note: Leave the virtual machines running for the next lab.
Results: After completing this exercise, you should have moved Hyper-V storage and virtual machines.
L5-52 Virtual Machine Movement and Hyper-V Replica
5. In the Specify the default location to store Replica files text box, type C:\shares\replicated, and
then click OK.
10. In Console1, in the navigation pane, expand Windows Firewall with Advanced Security, and then
click Inbound Rules.
11. In the details pane, right-click Hyper-V Replica HTTP Listener (TCP In), and then click Enable Rule.
12. Close Console1, and in the Microsoft Management dialog box, click No.
2. In LON-TESTx Settings, in the navigation pane on the left, expand Network Adapter, and confirm
that the two nodes Hardware Acceleration and Advanced Features display.
3. In LON-TESTx Settings, in the navigation pane, confirm that there are six settings in the Management
section, and that Replication is not one of available settings, and then click OK.
4. In LON-TESTx, open a Command Prompt window, and confirm that the virtual machine has an IPv4
address of 10.0.0.x6.
6. In Enable Replication for LON-TESTx, on the Before You Begin page, click Next.
7. On the Specify Replica Server page, in the Replica server text box, type LON-HOSTy, and then
click Next.
8. On the Specify Connection Parameters page, confirm that Use Kerberos authentication (HTTP) is
selected, that Compress the data that is transmitted over the network is enabled, and then click
Next.
Server Virtualization with Windows Server Hyper-V® and System Center L5-53
9. On the Choose Replication VHDs page, confirm that LON-TESTx VHD is selected, and then click
Next.
10. On the Configure Replication Frequency page, in the drop-down list box, click 30 seconds, and
then click Next.
11. On the Configure Additional Recovery Points page, click Create additional hourly recovery
points, in the Coverage provided by additional recovery point (in hours) text box, type 10, and
then click Next.
12. On the Choose initial Replication Method page, confirm that both the Send initial copy over the
network and Start replication immediately options are selected, and then click Next.
13. On the Completing the Enable Replication wizard page, click Finish.
14. In Hyper-V Manager, in the navigation pane, click LON-HOSTy.
15. Confirm that 20409B-LON-TESTx is one of the virtual machines on LON-HOSTy, and that it is in the
Off state.
16. In Hyper-V Manager, right-click 20409B-LON-TESTx, click Replication, and then click View
Replication Health.
17. In Replication Health for “20409B-LON-TESTx”, review Replication Health.
Note: Because initial replication is most likely not yet completed, the, Replication Health is
in the Warning state.
20. In 20409B-LON-TESTx Settings, in the navigation pane, expand Network Adapter, and confirm that
two new nodes that were not present before, Failover TCP/IP and Test Failover, now display.
21. In 20409B-LON-TESTx Settings, in the navigation pane, confirm that there are now seven settings in
the Management section, including Replication, which was not present before, and then click OK.
22. In Windows PowerShell, review replication settings and status by running the following cmdlets, and
pressing Enter at the end of each line:
23. In Hyper-V Manager, right-click 20409B-LON-TESTx, click Replication, and then click View
Replication Health.
24. In Replication Health for “20409B-LON-TESTx”, review Replication Health, and then click Close.
Note: If initial replication has finished, Replication Health will display as Normal.
2. In 20409B-LON-TESTx Settings, in the navigation pane, expand Network Adapter, and then click
Failover TCP/IP.
L5-54 Virtual Machine Movement and Hyper-V Replica
3. In 20409B-LON-TESTx Settings, in the details pane, click Use the following IPv4 address scheme
for the virtual machine, enter the following settings, and then click Apply:
Note: If initial replication of LON-TESTx has not yet finished, wait until it finishes.
6. In Hyper-V Manager, right-click 20409B-LON-TESTx, click Replication, and then click Test Failover.
Note: A checkpoint for 20409B-LON-TESTx is created, and a new virtual machine named
LON-TESTx – Test is created.
9. In Settings for 20409B-LON-TESTx, click Network Adapter, confirm that it is connected to Private
Switch, and then click OK.
10. In Hyper-V Manager, right-click 20409B-LON-TESTx – Test, and then click Start.
11. Double-click LON-TESTx -Test. Verify that the virtual machine connection to LON-TESTx – Test
opens.
12. On LON-TESTx - Test, sign in as Administrator with the password Pa$$w0rd. Click Cancel in
Shutdown Event Tracker.
13. On LON-TESTx - Test, on the Start screen, search for and open Command Prompt.
14. In the Command Prompt window, type ipconfig, and then press Enter.
15. Confirm that IP configuration is the same as you configured in Failover TCP/IP for
20409B-LON-TESTx.
16. On LON-HOSTx, in Hyper-V Manager, right-click 20409B-LON-TESTx, click Replication, and then
click Stop Test Failover.
17. In Stop Test Failover, click Stop Test Failover.
19. Confirm that both the 20409B-LON-TESTx – Test virtual machine and the 20409B-LON-TESTx virtual
machine checkpoint have been deleted.
4. In Hyper-V Manager, right-click 20409B-LON-TESTx, click Replication, and then click Planned
Failover.
5. In Planned Failover, confirm that Start the Replica virtual machine after failover is selected, and
then click Fail Over.
Note: The Planned Failover error displays because the virtual machine is not prepared for
planned failover.
7. On LON-TESTx, press the Windows key+X, click Shut down or sign out, click Shut down and then
click Continue.
8. In Hyper-V Manager, right-click 20409B-LON-TESTx, click Replication, and then click Planned
Failover.
9. In Planned Failover, confirm that Start the Replica virtual machine after failover is selected, and
then click Fail Over.
10. In Hyper-V Manager, in the navigation pane, click LON-HOSTy. Confirm that 20409B-LON-TESTx is in
the Running state.
11. Double-click 20409B-LON-TESTx, and sign in as Administrator with the password Pa$$w0rd.
12. On LON-TESTx, confirm that a folder named Current State displays on the desktop.
Note: With planned failover, all changes from the primary virtual machine are replicated.
13. Right-click the desktop, click New, click Folder, and then name the folder Planned Failover.
14. In Hyper-V Manager, right-click 20409B-LON-TESTx, click Replication, and then click Reverse
Replication.
15. In the Reverse Replication Wizard for 20409B-LON-TESTx, click Next five times, and then click Finish.
16. On LON-TESTx, press the Windows key+X, click Shut down or sign out, click Shut down and then
click Continue.
18. Right-click 20409B-LON-TESTx, click Replication, and then click Planned Failover.
19. In Planned Failover, confirm that Start the Replica virtual machine after failover is selected, and
then click Fail Over.
20. In Hyper-V Manager, in the navigation pane, click LON-HOSTx. Confirm that the
20409B-LON-TESTx state is Running.
21. In Hyper-V Manager, double-click 20409B-LON-TESTx. Verify that a virtual machine connection to
20409B-LON-TESTx opens.
23. On LON-TESTx, confirm that two folders named Current State and Planned Failover display on the
desktop.
L5-56 Virtual Machine Movement and Hyper-V Replica
24. In Hyper-V Manager, right-click 20409B-LON-TESTx, select Replication and then select Remove
Replication. In the Remove Replication dialog box, click Remove Replication.
25. In Hyper-V Manager, in the navigation pane, click LON-HOSTy. Right-click 20409B-LON-TESTx,
select Delete and in the Delete Selected Virtual Machine dialog box, select Delete.
26. In Hyper-V Manager, in the navigation pane, click LON-HOSTx.
Results: After completing this exercise, you should have configured and managed Hyper-V Replica.
L6-57
2. In Add Servers, in the Name (CN) text box, type LON-SS1, click Find Now, click LON-SS1, click the
right arrow to add LON-SS1 to the Selected section, and then click OK.
3. In Server Manager, in the navigation pane, click File and Storage Services.
4. In File and Storage Services, in the SERVERS section, click LON-SS1, and then click iSCSI.
5. In the iSCSI VIRTUAL DISKS section, click TASKS, and then click New iSCSI Virtual Disk.
6. In New iSCSI Virtual Disk Wizard, on the Select iSCSI virtual disk location page, click E, and then
click Next.
7. On the Specify iSCSI virtual disk name page, in the Name text box, type Diskx1, and then click
Next.
8. On the Specify iSCSI virtual disk size page, in the Size text box, type 10, click Dynamically
expanding, and then click Next.
9. On the Assign iSCSI target page, click New iSCSI target, and then click Next.
10. On the Specify target name page, in the Name text box, type Lab6-Hostx, and then click Next.
11. On the Specify access servers page, click Add.
12. In the Select a method to identify the initiator dialog box, click Browse, type LON-HOST1, and
then click OK twice.
20. In Server Manager, on the toolbar, click the Refresh icon. Confirm that virtual disks Diskx2.vhdx and
Diskx3.vhdx display, and are mapped to the Lab6-Hostx target.
Note: Although both students created an iSCSI target, only the Lab6-Host1 iSCSI target
will be used for creating the failover cluster.
2. On the Targets tab, select the existing target, and then click Disconnect. If prompted, click Yes.
3. In the iSCSI Initiator Properties dialog box, in the Target text box, type LON-SS1, and then click
Quick Connect.
4. In Quick Connect, click the Discovered target with Lab6-Host1 in the name, click Connect, click
Done, and then click OK.
5. On LON-HOSTx, in Server Manager, in the Tools menu, click Computer Management.
6. In Computer Management, in the navigation pane, click Disk Management. In the details pane,
confirm that three disks are added, that they have size of 10 GB, 10 GB, and 15 GB, and that they are
all Offline. Notice that these are the virtual disks that you just added on the iSCSI target.
12. Right-click unallocated space on Disk 3, click New Simple Volume, click Next four times, and then
click Finish.
13. Right-click unallocated space on Disk 4, click New Simple Volume, click Next four times, and then
click Finish.
14. Right-click unallocated space on Disk 5, click New Simple Volume, click Next four times, and then
click Finish.
Note: Perform step 15 only on LON-HOST2. Replace the x with the disk number allocated
to the new disks.
a. In Computer Management, in the navigation pane, right-click Disk Management, and then click
Refresh.
2. In details pane, right-click E:\iSCSIVirtualDisks\Diskx1.vhdx, and then click Extend iSCSI Virtual
Disk.
3. In the Extend iSCSI Virtual Disk dialog box, in the New size text box, type 15, and then click OK.
4. On LON-HOST1, in Computer Manager in the navigation pane, right-click Disk Management, and
then click Refresh.
5. In the details pane, notice that the disk is extended with 5 GB of unallocated space.
6. Right-click the partition on the disk, and then click Extend Volume.
7. In the Extend Volume Wizard, click Next two times, and then click Finish.
8. In Disk Management, in the details pane, confirm that the partition is expanded to 15 GB. Notice that
you expanded it while it was online, while it was in use.
4. On the Select destination server page, click LON-HOSTx.Adatum.com, and then click Next.
5. On the Select server roles page, click Next.
6. On the Select features page, click Failover Clustering, click Add Features, and then click Next.
Note: Both students should finish with this task before you continue.
1. On LON-HOST1, in Server Manager, on the Tools menu, click Failover Cluster Manager.
2. In the Failover Cluster Manager, in the Actions pane, click Create Cluster.
3. In the Create Cluster Wizard, on the Before You Begin page, click Next.
4. On the Select Servers page, in the Enter server name text box, type LON-HOST1, and then click
Add. After the server is added, in the Enter server name text box, type LON-HOST2, click Add, and
then click Next.
6. In the Validate a Configuration Wizard, on the Before You Begin page, click Next.
8. On the Confirmation page, click Next. Notice that during the validation process, several problems
with the drives are reported.
L6-60 Implementing Failover Clustering with Hyper-V
9. After all validation tests are performed, view the validation report, and then click Finish.
10. On the Access Point for Administering the Cluster page, in the Cluster Name text box, type
LON-CLUST, and then click Next.
11. On the Confirmation page, click Next.
12. On the Summary page, view the report, and then click Finish.
13. In Server Manager, on the Tools menu, click Active Directory Users and Computers.
14. In Active Directory Users and Computers, in navigation pane, expand the Adatum.com domain, click
the Computers container, and confirm that it contains computer accounts for LON-HOST1,
LON-HOST2, and LON-CLUST, which was added when you created the failover cluster.
5. In the details pane, right-click the first Cluster Disk with Available Storage status if you are on
LON-HOST1 or the second Cluster Disk with Available Storage status if you are on LON-HOST2,
and then click Add to Cluster Shared Volumes.
6. In File Explorer, confirm that now the ClusterStorage folder contains mounted volumes for Volume1
and Volume2, which were added when you and your partner added disks to the CSV.
7. Double-click Volumex, and create a new text document with your name in the folder.
8. In the File Explorer address bar, click ClusterStorage, in the details pane, double-click Volumey, and
confirm that it contains file with your partner’s name.
Note: If file with your partner’s name is not in the C:\ClusterStorage\Volumey folder, wait
until your partner creates a file.
Results: After completing this exercise, you should have created a Hyper-V failover cluster.
3. Add the virtual hard disks that you created, to the 20409B-LON-PRODx virtual machine by running
following cmdlets:
Note: You cannot modify virtual hard disk sharing settings while the virtual machine is
running.
6. In Settings, confirm that 20409B-LON-PRODx has two hard disks listed under SCSI Controller:
HDD1x.vhdx, and HDD2x.vhdx.
7. In LON-PRODx Settings, in the navigation pane, expand HDD1x.vhdx, and then click Advanced
Features.
8. In details pane, select the Enable virtual hard disk sharing check box, and then click Apply.
Note: The Error applying Hard Disk Drive changes message displays, because local
storage where HDD1x.vhdx is located does not support virtual hard disk sharing.
9. In the Error pop-up window, click Close, and then in the details pane, clear the Enable virtual hard
disk sharing check box.
10. In the navigation pane, expand HDD2x.vhdx, and then click Advanced Features.
11. In the details pane, click Enable virtual hard disk sharing, and then click OK.
Note: This time you do not get any error, because the virtual hard disk is stored on a CSV.
13. In Windows PowerShell, add HDD2x.vhdx to LON-TESTx by running the following cmdlet:
Note: You will get an error message, because the virtual machine is already using
HDD2x.vhdx.
18. In Settings for 20409B-LON-TESTx, in the navigation pane, expand HDD2x.vhdx, and then click
Advanced Features.
19. In the details pane, click Enable virtual hard disk sharing, and then click OK.
20. Right-click 20409B-LON-TESTx, and then click Start.
Note: Notice that this time LON-TESTx starts without an error, because it is configured with
virtual hard disk sharing.
21. Sign in to both the LON-TESTx and LON-PRODx computers, open Disk Management, and confirm
that a shared virtual hard disk is available as shared storage to both computers.
25. In Settings for 20409B-LON-TESTx, in the navigation pane, select HDD2x.vhdx under SCSI
Controller, click Remove and then click OK.
3. In the New Virtual Machine Wizard, on the Before You Begin page, click Next.
4. On the Specify Name and Location page, in the Name text box, type LON-HAx. Click Store the
virtual machine in a different location, in the Location text box, type C:\ClusterStorage
\Volumex\, and then click Next.
5. On the Specify Generation page, confirm that Generation 1 is selected, and then click Next.
6. On the Assign Memory page, select the Use Dynamic Memory for this virtual machine check box,
and then click Next four times.
7. On the Competing the Virtual Machine Wizard page, click Finish.
9. On LON-HOSTx, in Windows PowerShell, add the virtual machine cluster role by running the
following cmdlet:
10. In the Failover Cluster Manager, confirm that LON-HAx and 20409B-LON-CLx are listed as Roles.
Server Virtualization with Windows Server Hyper-V® and System Center L6-63
Note: Notice that in this section you can order the preferred ownership for the cluster
service.
4. In the LON-HAx Properties dialog box, click the Failover tab. In the Maximum failures in the
specified period text box, type 2, in the Period text box, type 3, and then click OK.
5. In Failover Cluster Manager, with LON-HAx selected, click the Resources tab.
6. On the Resources tab, right-click Virtual Machine LON-HAx, and then click Properties.
7. In the Virtual Machine LON-HAx Properties dialog box, click the Policies tab. In the Period for
restarts (mm:ss) text box, type 10:00.
8. Click the Advanced Policies tab, and confirm that LON-HOST1 and LON-HOST2 are selected as
Possible Owners.
9. Click the Settings tab, confirm that heartbeat monitoring is enabled for LON-HAx, and then
click OK.
2. On the LON-PRODx virtual machine, on the Start screen, type Control Panel, and then press Enter.
3. In Control Panel, in the Search Control Panel text box, type Service, and then click View local
services.
5. In the Print Spooler Properties dialog box, click the Recovery tab.
6. On the Recovery tab, for the Second failure drop-down list box, click Take No Action, and then
click OK.
9. In the 20409B-LON-PRODx pane, click the Summary tab, and confirm that currently no Monitored
Services are listed.
10. In the details pane, right-click 20409B-LON-PRODx, click More Actions, and then click Configure
Monitoring.
11. In Select Services, click Print Spooler, and then click OK.
12. In the 20409B-LON-PRODx pane, confirm that Print Spooler is listed under Monitored Services.
L6-64 Implementing Failover Clustering with Hyper-V
13. In the details pane, right-click 20409B-LON-PRODx, and then click Settings.
14. In Settings for 20409B-LON-PRODx, in the navigation pane, expand Network Adapter, and then
click Advanced Features. In the details pane, confirm that Protected network is selected, and then
click OK.
4. In Move Virtual Machine, confirm that LON-HOSTy is selected, and then click OK.
5. In the Failover Cluster Manager, confirm that Live Migration is moving LON-HAx, and that
LON-HOSTy is now an Owner Node.
6. On LON-HOSTx, in Windows PowerShell, move the LON-HAx virtual machine back to the LON-HOSTx
node by running the following cmdlet:
1. On LON-HOST1, in the Failover Cluster Manager, right-click all Roles, and then click Remove.
3. In the Failover Cluster Manager, in the navigation pane, right-click LON-CLUST.Adatum.com, click
More Actions, and then click Destroy Cluster.
5. Wait until the action is performed, and then close the Failover Cluster Manager.
6. On LON-HOST1 and LON-HOST2, delete the LON-HAx virtual machine.
Results: After completing this exercise, you should have managed a Hyper-V failover cluster.
L7-65
1. Load the software on one of our servers in the London Site. We need at least two physical hosts,
but have plenty of virtual machines on them. Do you recommend putting this on a virtual
machine or physical computer? Please let me know what computers you’ll be using. Remember
that the test data that you gather will be used to further deploy a much more robust solution
that we will use to build our private clouds.
2. Make sure that all the prerequisites Microsoft has recommended are met. If there are any
shortfalls, let me know as soon as possible. Create a list of the prerequisites that you will need to
verify.
3. After you have created the VMM management server and installed a Virtual Machine Manager
console on a desktop client in the Developer department, finish testing the console and ensure
everything works.
4. Finally, create the local host group and assign at least two physical hosts.
Ed
• How many Microsoft System Center 2012 R2 Virtual Machine Manager (VMM) servers do you need to
deploy in the Adatum environment?
Answer: You only need to deploy one server.
o Microsoft SQL Server - SQL Server 2008 R2 Service Pack 2 (SP2) Standard or newer
o Windows deployment and installation kit – Windows Assessment and Deployment Kit (Windows
ADK) for Windows Server 2012 R2
L7-66 Installing and Configuring Microsoft System Center 2012 R2 Virtual Machine Manager
o Disk space - 80 GB
Will you deploy VMM on a single server, or will you separate components onto dedicated servers?
Answer: You should deploy the VMM management server on one computer, and then deploy the
VMM console on both a server and a client computer.
• Will you install the VMM server inside a virtual machine or on a physical machine?
Answer: A virtual machine will allow you to use both physical servers as hosts.
• What computers will you use, and what will be their roles?
Answer:
3. In the Properties for LON-VMM1 details pane, ensure that LON-VMM1 is in the Adatum.com
domain. Verify that the Operating system version is at least the Standard or Datacenter version of
Windows Server 2012 R2. Confirm that it has at least a 2 GHz Pentium processor, 4 GB of random
access memory (RAM) and 80 GB of disk space available.
7. In the Apps by name screen, scroll to the right, and then click the SQL Server Management Studio
tile.
8. In the Microsoft SQL Server Management Studio (Administrator) console, in the Connect to Server
dialog box, click Connect.
9. In the Object Explorer console, on the left side, note the top tree element labeled LON-VMM1 (SQL
Server 11.0.3000 – ADATUM\administrator). This version number, 11.0.3000, corresponds to SQL
Server 2012 SP1.
10. Click the File drop-down list box, and then click Exit.
regedit.exe
13. In the Registry Editor window, click the HKEY_LOCAL_MACHINE subkey. Expand SOFTWARE,
expand Microsoft, expand Net Framework Setup, expand NDP, expand v4, and then expand
Client, and then click 1033.
Server Virtualization with Windows Server Hyper-V® and System Center L7-67
14. In the Version item, verify that the value in the Data column is 4.5.51641 or higher.
16. In Windows PowerShell, type the following command, and then press Enter:
services.msc
17. In the Services console, in the Name column, scroll down to Windows Remote Management (WS–
Management). If necessary, expand the size of the Name column to see the object name. Verify that
the service has the status of Running, and that the Startup Type is set to Automatic.
18. Close the Services console, and then close Windows PowerShell.
19. On the taskbar, click the File Explorer icon.
Task 3: Install the VMM management server and Virtual Machine Manager console
on LON-VMM1
1. In File Explorer, in the VMM window, double-click setup.exe.
2. On the Microsoft System Center 2012 R2 Installation splash screen, click the Install hyperlink.
7. On the Customer Experience Improvement Program (CEIP) page, click No, I am not willing to
participate, and then click Next.
8. When the Database configuration page displays, verify that since SQL Server 2012 SP1 is running on
the server, the server name will already display. Leave the Port number box empty, in the Instance
name drop-down list, click MSSQLSERVER. In the Select an existing database or create a new
database area, use the default new database VirtualManagerDB, and then click Next.
9. On the Configure service account and distributed key management page, in the User name and
domain text box, type ADATUM\SCService, and in the Password: text box, type Pa$$w0rd. Leave
the Distributed Key Management section blank, and then click Next.
10. On the Port configuration page, do not make any changes, and then click Next.
11. On the Library configuration page, select the Create a new library share radio button, and then
click Next.
12. On the Installation summary page, review the text, and then click Install. The Installing features will
now run for several minutes.
14. On the Microsoft System Center 2012 R2 Installation splash screen, click Close.
L7-68 Installing and Configuring Microsoft System Center 2012 R2 Virtual Machine Manager
16. If the Connect to Server page for the VMM console displays, skip forward to step 26. If it does not,
then perform the following steps.
17. On the taskbar, click the Start Screen icon.
18. On the Start screen, move the mouse pointer directly under the Desktop tile, and click the round
white circle with a white down arrow in it.
19. In the Apps by name screen, scroll to the right, right-click the Virtual Machine Manager Console
item, and in the bar at the bottom of the Apps by name screen, click Pin to taskbar.
20. Click any empty area of the Apps by name screen, and when you see a white circle with a white up
arrow in it, click the arrow.
22. On the desktop, on the taskbar, click the Virtual Machine Manager Console icon.
23. On the Connect to Server page, verify that the Server name text box is set to localhost: 8100.
Verify that the Use current Microsoft Windows session identity check box is selected, and then
click Connect. The default selection, Use current Microsoft Windows session identity, is adequate
as you are signed on as the domain administrator.
Note: Perform these steps from LON-HOST2. In Hyper-V Manager on LON-HOST2, right-
click Hyper-V Manager in the console tree and select Connect to server. Select Another
computer, and type LON-HOST1 and then click OK. Select and connect to LON-CL1.
4. In the Client folder, double-click the AdminConsole.msi file. The MSI file opens a pop-up window
stating it is installing, and displaying a progress bar. If it does not encounter an error, then after
installing the Virtual Machine Manager console successfully, it will close itself. If a Security Warning
popup displays, click Run.
5. After the install pop-up window closes, close File Explorer.
7. On the Start screen, move the mouse pointer directly under the Desktop tile, and click the round
white circle with a white down arrow icon.
8. In the Apps by name start screen, scroll to the right until you see the Microsoft System Center 2012
tile area, and then right-click the Virtual Machine Manager Console NEW tile.
9. In the Command bar at the bottom of the page, click Pin to Taskbar.
10. On your keyboard, press the Windows key.
12. On the desktop, on the taskbar, click the Virtual Machine Manager Console icon.
13. On the Connect to Server page, in the Server name text box, type LON-VMM1.adatum.com:8100,
and then click Connect.
14. When the console displays, navigate around to observe that is the same Virtual Machine Manager
console as is installed on LON-VMM1.
15. Close the Virtual Machine Manager console and sign out of LON-CL1.
Results: After completing this exercise, you should have installed System Center 2012 R2 VMM.
4. In the console tree, under Computer Configuration, expand Policies. Navigate to the following
location: Administrative Templates\Network\Network Connections\Windows Firewall
\Domain Profile.
5. In the Domain Profile details pane, double-click Windows Firewall: Allow inbound file and printer
sharing exception.
6. In the Windows Firewall: Allow inbound file and printer sharing exception pop-up dialog box,
click Enabled, in the Options box, type an asterisk (*), and then click OK.
7. In the Domain Profile details pane, double-click Windows Firewall: Allow ICMP exceptions.
8. In the Windows Firewall: Allow ICMP exceptions pop-up dialog box, select the Enabled radio
button, in the Options area, select the Allow inbound echo request check box, and then click OK.
9. In the Domain Profile details pane, double-click Windows Firewall: Define inbound port
exceptions.
10. In the Windows Firewall: Define inbound port exceptions pop-up dialog box, select Enabled. In
the Options area, by Define port exceptions, click Show.
11. In the Show Contents pop-up dialog box, under Value, type 5985, and then click OK twice.
12. In the Group Policy Management Editor console tree, under Administrative Templates, expand
Windows Components, select and expand Windows Remote Management (WinRM), and then
click WinRM Service.
13. In the WinRM Service details pane, double-click the Allow remote server management through
WinRM setting.
14. In the pop-up dialog box, click the Enabled radio button, in the Options area, in both the IPv4 and
IPv6 text boxes, type an asterisk (*), and then click OK.
15. Close the Group Policy Management Editor, and then close the Group Policy Management Console.
L7-70 Installing and Configuring Microsoft System Center 2012 R2 Virtual Machine Manager
16. On LON-HOST1, on the desktop, on the taskbar click the Windows PowerShell icon.
17. In the Windows PowerShell window, type the following command, and then press Enter:
gpupdate /force
18. When both computer and user policies update successfully, close the Windows PowerShell window.
4. In the console tree, right-click All Hosts, and then click Add Hyper-V Hosts and Clusters.
5. In the Add Resource Wizard, on the Resource Location page, click the Windows Server computers
in a trusted Active Directory domain option (it should be the default), and then click Next.
6. On the Credentials page, select the Manually enter the credentials radio button. While the default
is Use an existing Run As account, which has a Browse button to find the account, the Run As
account has to have local administrator permissions on the host machine being assigned. In the User
name text box, type ADATUM\Administrator, in the Password text box, type Pa$$w0rd, and then
click Next.
7. On the Discovery Scope page, note the two radio buttons, Specify Windows Server computers by
names, and Specify and Active Directory query to search for Windows Server computers. In the
Computer names text box, type lon-host1.adatum.com, and then click Next.
8. On the Target resources page, in the Discovered computers section, select the
lon-host1.adatum.com check box, and then click Next.
9. When the Virtual Machine Manager pop-up window displays warning you that if Hyper-V is not
enabled on the selected server, the VMM will do so, click OK.
10. On the Host Settings page, note that the Host group drop-down list box has only one option, All
Hosts. Note the check box that says Reassociate this host with this VMM environment. Selecting
this check box moves hosts that have been assigned to a different VMM management server and
assigns them to this one. Make no changes, and click Next.
11. On the Summary page, in the upper left, click the View Script button.
12. In Notepad, review the Windows PowerShell cmdlets that display. These are the cmdlets necessary to
run a script in Windows PowerShell to add the LON-HOST1 host to this VMM management server.
This script can be very useful for documenting your work or to create another host, perhaps at a later
time.
14. In the Save As window, under This PC, click Documents. In the File name text box, type
AddHost.ps1, in the Save as type drop-down list box, click All Files (*.*), and then click Save.
15. Close Notepad.
17. A Jobs pop-up window displays, which shows all the individual steps being taken to add the host. The
final step entitled, Add virtual machine host takes the longest. It will spend a few moments at
several percentages of job completion.
Server Virtualization with Windows Server Hyper-V® and System Center L7-71
18. When the job finishes, close the Jobs window. In the Jobs pop-up window, a yellow triangle might
display, with the text Add virtual machine host Completed w/ info. This occurs because Multipath
I/O is not enabled for known storage arrays. This is expected.
19. In the VMs and Services console tree, under All Hosts, verify that Lon-host1 now displays.
20. To add LON-HOST2, on the taskbar, click the Windows PowerShell icon.
21. In Windows PowerShell, type the following command, and then press Enter:
cd documents
22. In Windows PowerShell, type the following command, and then press Enter:
notepad AddHost.ps1
23. In the Notepad window, click Format, and then click Word Wrap.
24. Examine the script, and note the two variables that are created and the cmdlets they are based on.
25. Review the Add-SCVMHost cmdlets and the various parameters that it calls.
26. Modify the ComputerName parameter to identify lon-host2 rather than lon-host1.
27. On the File menu, click Save, and then close Notepad.
28. In Windows PowerShell, type the following command, and then press Enter:
./addhost.ps1
29. In the Windows PowerShell credential required pop-up, in the User name text box, type
ADATUM\administrator, in the Password text box, type Pa$$w0rd, and then click OK.
30. Wait for Windows PowerShell to display a number of parameters and values in columnar form, and
then close Windows PowerShell.
31. In the Virtual Machine Manager console, in the VMs and Services console tree, under All Hosts, verify
that you now see LON-HOST2. Select LON-HOST2, on the ribbon, click the Folder tab, and then
click Properties. Review each of the pages in the lon-host2.adatum.com Properties dialog box.
32. Close the lon-host2.adatum.com Properties dialog box, and then close the Virtual Machine
Manager console.
Task 3: Create a LocalGroup host group, and then add LON-HOST1 and LON-HOST2
to the LocalGroup host group
1. On LON-VMM1, on the desktop, on the taskbar, click the Virtual Machine Manager Console icon.
2. In the Virtual Machine Manager console, on the Connect to Server page, click Connect.
3. In the Virtual Machine Manager console, click the VMs and Services workspace.
4. In the VMs and Services console tree, click All Hosts.
5. On the ribbon, on the Home tab, click Create Host Group. Verify that in the console tree, under All
Hosts, a new folder named New host group displays. Highlight this folder, type LocalGroup, and
then press Enter.
6. In the VMs and Services console tree, click lon-host1, and then on the ribbon, click the Host tab.
7. On the ribbon, click Move to Host Group.
8. In the Move Host Group pop-up dialog box, in the Parent host group: drop-down list box, click
LocalGroup, and then click OK.
L7-72 Installing and Configuring Microsoft System Center 2012 R2 Virtual Machine Manager
9. In the VMs and Services console tree, right-click lon-host2, and then click Move to Host Group.
10. In the Move Host Group pop-up dialog box, in the Parent host group drop-down list box, click
LocalGroup, and then click OK.
2. In the LocalGroup Properties dialog box, in the Properties pages, configure the following:
a. On the General page, in the Description text box, add the description The local group of
virtualization hosts the A. Datum IT department is using.
b. On the Host Reserves page, clear the Use the host reserves settings from the parent host
group check box. In the Disk space, amount text box, change the values from 1% to 2%.
Results: After completing this exercise, you should have created and configured hosts and host groups.
L8-73
4. Click One connected network, click Allow new VM networks created on this logical network to
use network virtualization, and then click Next.
5. On the Network Site page, click Add, and then in the Host groups that can use this network site
section, click All Hosts.
6. In the Associated VLANs and IP subnets area, click Insert row, in the VLAN text box, type 0, and
then in the IP subnet text box, type 192.168.1.0/24.
7. Click the Network Site Name text box, select and delete the automatically generated site name, and
then type Docklands.
8. Repeat step 5, 6 and 7, using the following details:
o VLAN: 0
o IP Subnet: 192.168.2.0/24
12. In the Create Static IP Address Pool Wizard, on the Name page, in the Name text box, type
Docklands IP Pool, select the logical network Adatum UK, and then click Next.
13. On the Network site page, click Use an existing network site, ensure that Docklands is selected,
and then click Next.
14. On the IP address range page, review the options, and then click Next.
15. On the Gateway page, review the options, and then click Next.
16. On the DNS page, review the options, and then click Next.
17. On the WINS page, review the options, and then click Next.
20. Create another IP pool called Gatwick IP Pool. Use the Adatum UK logical network, and use the
Gatwick Network site.
21. On the ribbon, click Create, and then click Hyper-V Port Profile.
22. In the Create Hyper-V Port Profile Wizard, on the General page, in the Name text box, type Adatum
UK Uplink.
23. Click Uplink port profile, in the Load balancing algorithm drop-down list box, click Hyper-V port,
and then click Next.
24. On the Network configuration page, under Network sites, click Docklands, click Gatwick, click
Enable Hyper-V Network-Virtualization, and then click Next.
25. On the Summary page, click Finish.
29. On the General page, in the Name text box, type Adatum UK, in the Description text box, type
Adatum production hosts logical switch, and then click Next.
30. On the Extensions page, leave the default extensions, and then click Next.
31. On the Uplink page, click Add, ensure that the Adatum UK uplink is selected, click OK, and then
click Next.
34. On the Select a Port Profile Classification page, click Medium Bandwidth, and then click OK.
35. Click Include a virtual network adapter port profile in this virtual port, click the Native virtual
network adapter port profile, click Medium Bandwidth Adapter, click OK, and then click Next.
7. In the Properties dialog box, click Hardware, and then scroll down and expand Network adapters.
Click your physical network adapter, and note that you can select or clear the adapter for virtual
machine placement and management use. Click the Logical network, and on the right, under Logical
network connectivity, you can assign the logical networks and IP subnets,
4. On the VM Subnets page, click Add, in the Name text box, type Adatum Finance, and then in the
Subnet text box, type 192.168.4.0/24.
5. On the VM Subnets page, click Add, in the Name text box, type Adatum Engineering, in the
Subnet text box, type 192.168.5.0/24, and then click Next.
6. On the Connectivity page, review the message, and then click Next.
7. On the Summary page review the summary, and then click Finish.
8. Close the Jobs window.
9. In the Virtual Machine Manager console, click the VMs and Services workspace, and then on the
ribbon, click Create VM Network.
10. On the Name page, in the Name text box, type Adatum South, ensure that Adatum UK is selected
as the logical network, and then click Next.
11. On the Isolation page, click Isolate using Hyper-V network-virtualization, and then click Next.
12. On the VM Subnets page, click Add, in the Name text box, type Adatum Warehouse, and then in
the Subnet text box, type 192.168.4.0/24.
13. On the VM Subnets page, click Add, in the Name text box, type Adatum Logistics, in the Subnet
text box, type 192.168.5.0/24, and then click Next.
14. On the Connectivity page, review the message, and then click Next.
15. On the Summary page, review the summary, and then click Finish.
17. In the VMs and Services workspace, click VM Networks, click Adatum North, and then right-click
and click Create IP Pool.
18. On the Name page, in the Name text box, type Adatum Finance VM Network IP Pool. Ensure that
the VM Network is set to Adatum North, and that the VM subnet is set to Adatum Finance
(192.168.4.0/24), and then click Next.
19. On the IP address range page, note that the first IP address in the range is reserved. Leave the
default settings, and then click Next.
20. On the Gateway page, click Next.
21. On the DNS page, click Next.
25. In the VMs and Services workspace, click VM Networks, click Adatum South, and then right-click
and click Create IP Pool.
26. On the Name page, in the Name text box, type Adatum Logistics VM Network IP Pool. Ensure that
the VM Network is set to Adatum South, and that the VM subnet is set to Adatum Logistics
(192.168.5.0/24), and then click Next.
27. On the IP address range page, note that the first IP address in the range is reserved. Leave the
default settings, and then click Next.
28. On the Gateway page, click Next.
3. In the Properties dialog box, click Hardware Configuration and then click Network Adapter 1.
7. In the Properties dialog box, click Hardware Configuration and then click Network Adapter 1.
8. Click Connected to a VM network, and then click Browse.
10. Ensure that the VM Subnet is set to Adatum Logistics, and then click OK.
11. Click 20409B-LON-TEST1, and then on the ribbon, click Power On.
12. Click 20409B-LON-PROD1, and then on the ribbon, click Power On.
13. Click 20409B-LON-TEST1, on the ribbon, click Connect or View, and then click Connect Via
Console.
15. On the sign-on screen, type Pa$$w0rd, and then press Enter.
16. In the Server Manager console, click Local Server, and then click 192.168.10.15,IPv6 enabled.
17. In the Network Connections window, right-click Ethernet, and then click Properties.
18. In the Ethernet Properties dialog box, click Internet Protocol Version 4, and then click Properties.
19. In the Internet Protocol Version 4 (TCP/IPv4) Properties dialog box, click Obtain an IP address
automatically, click Obtain DNS server address automatically, click OK, and then click Close.
23. Verify that the IPv4 Address is set to an address from the Adatum Finance VM Network IP Pool that
you configured earlier, and that it is in the 192.168.4.0/24 range.
24. In the VMM console, ensure that in the VMs and Services workspace, All Hosts is selected,, and then
click 20409B-LON-PROD1. On the ribbon, click Connect or View, and then click Connect Via
Console.
26. On the sign-in screen, type Pa$$w0rd, and then press Enter.
27. In the Server Manager console, click Local Server, and then click 10.0.0.15, IPv6 Enabled.
28. In the Network Connections window, right-click Ethernet, and then click Properties.
29. In the Ethernet Properties dialog box, click Internet Protocol Version 4, and then click Properties.
30. In the Internet Protocol Version 4 (TCP/IPv4) Properties dialog box, click Obtain an IP address
automatically, click Obtain DNS server address automatically, click OK, and then click Close.
34. Verify that the IPv4 Address is set to an address from the Adatum Logistics VM Network IP Pool
that you configured earlier, and is in the 192.168.5.0/24 range.
35. In the Server Manager console, in the Tools menu, click Windows PowerShell.
36. In the Windows PowerShell window, use the ping command to verify the IP address of
20409B-LON-TEST1 that you learned in step 23. This should not be possible because networks
are virtualized.
37. In the VMM console, ensure that the All Hosts node in the VMs and Services workspace is selected.
38. Click 20409B-LON-TEST1, and then on the ribbon, click Shut Down.
40. Click 20409B-LON-PROD1 and then on the ribbon, click Shut Down.
Results: After completing this exercise, you should have created and configured a new virtual network,
configured network virtualization, and connected virtual machines to a virtual machine network.
L8-78 Managing the Network and Storage Infrastructure in Microsoft System Center 2012 R2 Virtual Machine Manager
2. When the Windows PowerShell prompt displays, type the following Windows PowerShell command
set the iSCSI Target Server local administrator credentials:
$Cred = Get-Credential
3. In the Windows PowerShell credential request dialog box, in the User name text box, type
adatum\administrator, in the Password text box, type Pa$$w0rd, and then click OK.
5. In the Windows PowerShell window, add the Internet small computer system interface (iSCSI) storage
provider by typing the following script:
3. Click the Protocol drop-down list box, and then click SMI-S WMI. In the Provider IP address or
FQDN text box, type lon-ss1.adatum.com, and then click Browse.
4. On the Select a Run As account page, click iSCSIRunas, and then click OK.
7. On the Select Storage Devices page, click Create Classification, and in the Name text box, type
Gold. In the Description text box, type 15K SAS Drives, and then click Add.
8. Click Create Classification, and in the Name text box, type Silver. In the description text box, type
7K SATA Drives, and then click Add.
9. Select the iSCSITarget: LON-SS1:C check box, and then in the Classification drop-down list box,
click Silver.
10. Select the iSCSITarget: LON-SS1:E: check box, in the Classification drop-down list box, click Gold,
and then click Next.
11. On the Summary page, click Finish, and wait for the job to finish.
15. In the storage pool drop-down list box, click iSCSITarget: LON-SS1:E, in the Name field, type
LON-APP1_C, in the Size (GB): text box, clear the existing value, type 20, and then click OK.
16. In the Fabric navigation pane, click Classifications and Pools. Verify that you can see the new logical
unit number (LUN) listed.
2. On the Select Provider Type page, click Windows-based file server, and then click Next.
3. In the Provider IP address or FQDN: field, type lon-svr1.adatum.com, and then click Browse.
5. In the Name box, type Administrator. In the User name box, type Adatum\Administrator in the
Password and Confirm password text boxes, type Pa$$w0rd, and then click OK.
6. In the Select a Run As Account box, click Administrator, and then click OK.
12. On LON-VMM1, click Fabric, and on the ribbon, click Create File Share.
13. On the Create File Share page, in the Name text box, type SVR1_Gold.
15. In the Local path text box, type C:\SVR1_GOLD, and then click Create.
2. Click Host Access, and then click Browse. Click Administrator, and then click OK.
5. Click Storage.
6. On the Storage page, click Add, and then click Add File Share.
7. Click the File share path drop-down list box, click \\lon-svr1.adatum.com\SVR1_Gold, and then
click OK.
8. On LON-VMM1, click Fabric, and then click Storage.
9. On the ribbon, click Allocate Capacity, and then click Allocate Storage Pools.
10. In the Available storage pools section, click iSCSITarget LON-SS1:E, click Add, click OK, and then
click Close.
11. In the Virtual Machine Manager console, click the VMs and Services workspace.
L8-80 Managing the Network and Storage Infrastructure in Microsoft System Center 2012 R2 Virtual Machine Manager
12. On the ribbon, on the Home tab, click Create Virtual Machine and then in the list click Create
Virtual Machine.
13. On the Select Source page, click Create the new virtual machine with a blank virtual hard disk,
and then click Next.
14. On the Identity page, in the Virtual machine name text box, type LON-APP1, and then click Next.
15. On the Configure Hardware page, scroll down, under Network Adapters, click Network
Adapter 1, on the right, and then click Connected to a VM network.
16. Ensure that the VM network is Adatum North, click the VM Subnet drop-down list box, click
Adatum Finance, and then click Next.
17. On the Select Destination page, click Next.
18. On the Select Host page, ensure that lon-host1.adatum.com is selected, and then click Next.
19. On the Configure Settings page, in the Virtual machine path text box, type C:\Program Files
\Microsoft Learning\20409\Drives, and then click Next. (Note: this path may differ on your host.)
21. On the Summary page, review the settings, and then click Create.
22. Confirm that the Create Virtual Machine job completed successfully.
24. On LON-VMM1, click VMs and Services, click All Hosts, right-click LON-APP1, and then click
Migrate Virtual Machine.
25. In the Migrate VM Wizard, on the Select Host page, ensure that lon-host1.adatum.com is selected,
and then click Next.
26. On the Select Path page, in the Storage location for VM configuration text box, type
\\lon-svr1.adatum.com\SVR1_Gold, click Automatically place all VHDs with the configuration,
and then click Next.
27. On the Select Network page, leave the default settings, click Next, and then click Move.
Results: After completing this exercise, you should have implemented a storage infrastructure.
Server Virtualization with Windows Server Hyper-V® and System Center L8-81
2. In the navigation pane, expand the Servers node, expand the Infrastructure node, and then click
Update Server.
4. In the Add Windows Server Update Services Server dialog box, in the Computer name text box,
type LON-WSUS, and then in the TCP/IP port text box, type 8530.
5. Select the Enter a user name and password option. In the User name text box, type
Adatum\Administrator, in the Password text box, type Pa$$w0rd, and then click Add.
6. In the Jobs window, click the Add Update Server job. On the Summary and Details tabs, monitor
the status of the configuration job.
7. When the job displays as Completed w/info, close the Jobs window.
8. With the Update Server node selected, verify that LON-WSUS.adatum.com displays in the results
pane, and that the Agent Status column displays Responding.
3. In the Update Servers pane, right-click LON-WSUS.Adatum.com, and then click Synchronize.
4. In the Jobs window, when the job displays an error message, close the Jobs window.
Note: An error is expected because there is no Internet connection. However, this will not
affect the rest of the lab exercise.
2. In the navigation pane, expand the Update Catalog and Baselines node, and then click Update
Baselines.
3. On the Home page, in Create group, click Create and then click Baseline.
4. In the Update Baseline Wizard, in the Name text box, type LON Base1, click Next, and then click
Add.
5. In the Add Updates to Baseline window, select all of the Updates, and then click Add.
6. In the wizard click Next. Select the All Hosts and LON-VMM1.Adatum.com check boxes, and then
click Next.
L8-82 Managing the Network and Storage Infrastructure in Microsoft System Center 2012 R2 Virtual Machine Manager
9. On the Summary and Details tabs, monitor the status of the configuration job.
10. When the job displays as Completed, close the Jobs window.
11. With the Update Baselines node selected, verify that LON Base1 displays in the Baselines pane,
with Assignments set to 2.
2. In the navigation pane, expand the Update Catalog and Baselines node, and then click Update
Baselines.
3. On the Baselines pane, right-click LON Base1, and then click Properties.
4. In the LON Base1 Properties dialog box, on the left side bar, click the Assignment Scope tab, select
the LON-WSUS.Adatum.com check box, and then click OK.
5. On the Home page, click Jobs, click History, and verify that the status of job Change properties of
a baseline lists as Completed.
7. In the Library workspace, with the Update Baselines node selected, verify that LON Base1 displays
in the Baselines pane with Assignments set to 3.
3. In the Results pane, select LON-WSUS.Adatum.com, and then on the Home page, click Scan.
4. In the Results pane, verify that the Operational Status changes to Scanning.
5. When the status changes again, verify that the Compliance Status changes to Compliant.
Results: After completing this exercise, you should have added and configured an Update Server to
manage infrastructure updates.
L9-83
3. In the Virtual Machine Manager Console, click the VMs and Services workspace.
4. In the VMs and Service console tree, expand All Hosts, expand LocalGroup, and then click
LON-HOST1.
5. On the ribbon, click the Home tab, click the Create Virtual Machine drop-down list box, and then
click Create Virtual Machine.
6. In the Create Virtual Machine Wizard, on the Select Source page, click Create the new virtual
machine with a blank virtual hard disk, and then click Next.
7. On the Identity page, in the Virtual machine name text box, type Win2012Lab9.
8. In the Description text box, type Lab 9 exercise, create virtual machine, and then click Next.
10. In the Connectivity section, click Connected to a VM network, click Browse, in the pop-up window,
click External Network, click OK, and then click Next.
11. On the Select Destinations page, accept both the default Place the virtual machine on a host
option, and the Destination: All Hosts drop-down list-box selection, and then click Next.
12. On the Select Host page, give VMM a moment to rate the hosts. Highlight lon-host2.adatum.com,
and then click Next.
13. On the Configure Settings page, under Virtual Machine path, type E:\Program Files\Microsoft
Learning\20409\, and then click Next. (Note that the actual drive letter may differ on your host
machine.)
15. On the Summary page, in the Confirm the settings section, click the View Script button.
16. Verify that Notepad opens and displays the Windows PowerShell script used to create the virtual
machine, with cmdlets with parameters for all the options you have chosen.
18. In the Save As pop-up window, name the file “CreateWin8Lab9.ps1” in the Documents library. Be
sure to use the quotation marks, as this will save the extension as it is written, rather than saving it
with the .txt extension.
L9-84 Creating and Managing Virtual Machines by Using Microsoft System Center 2012 R2 Virtual Machine Manager
19. In the Save as type drop-down list box, click All Files (*.*), and then click the Save button.
22. Verify that the job starts, with multiple steps to create the virtual machine.
24. When the last job is completed, close the Jobs pop-up window.
25. In the console tree, under VMs and Services, under All Hosts, and under LocalGroup, click
LON–HOST2.
26. In the VMs details pane, verify that Win2012Lab9 displays on this host.
27. Close the Virtual Machine Manager Console.
Results: After completing this exercise, you should have created a virtual machine and modified its
properties.
3. Verify that after a moment, the Virtual Machine Manager Console displays.
4. In the workspace area, in the lower left section, click VMs and Services.
5. In the VMs and Services console tree, expand All Hosts, expand LocalGroup, and then click
LON-HOST1.
6. In the VMs detail pane, click 20409B-LON-SVR2. Ensure the Virtual Machine tab is also selected.
7. On the ribbon, click the Create drop-down list, and then click Clone.
8. In the Create Virtual Machine Wizard, on the Identity page, in the Description box, type Clone of
the LON-SVR2 virtual machine, and then click Next.
11. On the Select Host page, notice that VMM rates the hosts. In the Placement window where the two
hosts are listed, click lon-host2.adatum.com, and then click Next.
12. On the Select Path page, type F:\Program Files\Microsoft Learning\20409\, and then click Next.
(Note the actual drive letter may differ on your host machine.)
13. On the Select Networks page, click Next.
14. On the Add Properties page, click Next.
16. Verify that a Jobs pop-up window displays, and is populated with several steps detailing the cloning
of the virtual machine.
Server Virtualization with Windows Server Hyper-V® and System Center L9-85
17. After about 10 minutes, verify that the cloned virtual machine is created.
19. In the VMM console, return to the VMs and Services console tree, expand All Hosts, expand
LocalGroup, and then click LON-HOST2.
20. In LON-HOST2, verify that 20409B-LON-SVR2 displays. This is the cloned virtual machine.
2. In the VMs detail pane, click 20409B-LON-SVR2, and on the ribbon, click Power On.
3. After approximately 60 seconds, right-click 20409B-LON-SVR2, point to Connect or View, and then
click Connect via Console. If prompted, type Adatum\Administrator with the password of
Pa$$w0rd.
4. In the Virtual Machine Viewer window, click the Ctrl-Alt-Del icon, and then sign in as
Adatum\Administrator with the password Pa$$w0rd.
5. On the taskbar, right-click the Start button, and then click Windows PowerShell (Admin).
8. In the System Preparation Tool 3.14 pop-up window, select the Generalize check box.
9. In the Shutdown Options drop-down list box, click Reboot, and then click OK.
10. Verify that the Sysprep is working pop-up window displays. Note that Sysprep will take approximately
five minutes to run.
11. When Sysprep finishes, the virtual machine will restart.
12. In the Virtual Machine Viewer window, on the File menu, click Exit.
13. In the Virtual Machine Manager Console, return to the VMs and Services workspace, and then click
LON-HOST2.
14. Click 20409B-LON-SVR2, and on the ribbon, click Power Off. Click Yes.
15. Click 20409B-LON-SVR2, and on the ribbon, click Delete. Click Yes.
Results: After completing this exercise, you should have cloned a virtual machine.
L10-87
2. On the desktop, on the taskbar, click the Virtual Machine Manager Console icon.
3. On the Connect to Server page, click Connect.
4. In the Virtual Machine Manager console, on the lower left, click the Library workspace.
5. In the console tree, click and expand the Library Servers node. You should see the VMM
management server, LON-VMM1.Adatum.com. This is because the VMM management server is
always added to a library server when you install Microsoft System Center 2012 R2 Virtual Machine
Manager (VMM).
6. On LON-HOST1 and LON-HOST2, perform the following tasks:
d. Right-click Host1Library, click Share with, and then click Specific people.
e. In the File Sharing window, in the drop-down list, select Everyone, click Add, and then click
Share.
j. On the ribbon, on the Home tab, click the New folder icon. In the text box, type Host2Library,
and then press Enter.
k. Right-click Host2Library, click Share with, and then click Specific people.
l. In the File Sharing window, in the drop-down list, select Everyone, click Add, and then click
Share.
L10-88 Configuring and Managing the Microsoft System Center 2012 R2 Virtual Machine Manager Library and Library Objects
Task 2: Add LON-HOST1 and LON-HOST2 as Virtual Machine Manager library servers
1. In the Virtual Machine Manager console, click the Library Servers node. On the ribbon, on the Home
tab, click the Add Library Server icon.
2. In the Add Library Server Wizard, on the Enter Credentials page, select Enter a username and
password. In the User name text box, type ADATUM\administrator, in the Password text box, type
Pa$$w0rd, and then click Next.
3. On the Select Library Servers page, in the Computer name text box, type Lon-host1, and then click
Add. Repeat this for Lon-Host2.
4. In the Selected servers window, notice that you see both hosts. At the bottom of the page, click Next.
5. On the Add Library Shares page, in the Select library shares to add details pane, select the
Host1Library and Host2Library check boxes.
6. On the Add Library Shares page, note the Add Default Resources check boxes to the right. This
adds the ApplicationsFrameworks folder to the share. Also, note the Show hidden shares check box
at the bottom of the page. By selecting this check box, the shares that were created as hidden will
display.
7. Select both the Add Default Resources check boxes, and then click Next.
8. On the Summary page, note the View Script button. Clicking it will bring up Notepad with the
Windows PowerShell cmdlets linked together in a script that will re-create all the selections that you
made in the wizard. This very useful file can help you document your administrative actions and re-
create your environment.
9. At the bottom of the Summary page, click the Add Library Servers button.
10. When the Jobs window opens, notice the two Add library server jobs. It will take about two minutes
to complete these jobs. When both jobs complete, close the Jobs window.
Task 3: Examine the library server shared folder resources, and create an additional
subfolder on LON-HOST1
In the Virtual Machine Manager console, return to the Library workspace and review the new library
servers that you have added to the Library Servers node in the console tree by expanding each library
server and its library.
1. In the ApplicationsFrameworks node of the Host1Library, in the Physical Library Objects details
pane, click SAV_x86_en-US_ string-of-numbers.cr. Note that the values found in the string of
numbers will vary over time.
2. On the ribbon, on the Custom Resource tab, click Properties.
3. In the Properties dialog box, click View equivalent resources. Examine the items in the window,
and then click Cancel.
4. Click the Dependencies page. Notice that no dependencies display, but if this custom resource had
dependencies, they would be listed here. This information is useful when determining whether to
delete an object to see if it is still dependent or being depended upon by another object.
5. On the Dependencies page, click Cancel.
Server Virtualization with Windows Server Hyper-V® and System Center L10-89
6. In the VMM console, in the console tree, right-click Host1Library, and then click Explore.
7. In the Host1Library window, click the Home tab, and then click New folder. In the New folder text
box, type ISOs, and then press Enter.
8. Open the ISOs folder, and then create a text file named Test.iso. In the Rename box, click Yes.
10. Return to the Library workspace in the VMM console, and examine the Host1Library window again.
The ISOs folder should now display. If not, right-click Host1Libary, and then click Refresh.
4. On the Home tab, click the Create icon, and on the shortcut menu, click Guest OS Profile.
5. In the New Guest OS Profile Wizard, on the General page, in the Name text box, type LabGuestOS,
and then in the Description text box, type Lab creating a GuestOS profile.
6. In the New Guest OS Profile box, click the Guest OS Profile page.
7. On the Guest OS Profile page, in the General Settings section, under Operating System, click the
down arrow, and then click 64-bit edition of Windows Server 2012 Standard.
8. Click the Identity Information section, and in the Computer name text box, type
WS2012-Core###.
9. Click the Admin Password item, and then in the details pane, click Specify password of the local
administrator account. In the Password and Confirm text boxes, type Pa$$w0rd.
10. In the New Guest OS Profile Wizard, click OK. In the Profiles details pane, LabGuestOS now displays.
2. On the Home tab, click the Create icon, and then on the shortcut menu, click Hardware Profile.
3. In the New Hardware Profile Wizard, on the General page, in the Name text box, type
LabHWProfile, and in the Description text box, type Lab creating a hardware profile.
4. In the New Hardware Profile box, select the Hardware Profile page.
5. On the Hardware Profile page, in the Compatibility section, select the Hyper-V check box.
6. In the central console tree, click Memory. In the Memory details pane, select Dynamic, and then in
the Maximum memory area, overtype the value shown with 1024.
7. Scroll down in the center console tree, and then click Network Adapters, Network Adapt…. In the
Network Adapter 1 details pane, select Connected to a VM network. In the VM network area, click
the Browse button. In the pop-up window, click External Network, and then click OK.
8. In the New Hardware Profile Wizard, click OK. Notice that the LabHWProfile now displays.
L10-90 Configuring and Managing the Microsoft System Center 2012 R2 Virtual Machine Manager Library and Library Objects
2. Click the VM Templates node. On the ribbon, on the Home tab, click the Create VM Template icon.
3. In the Create VM Template Wizard, on the Select Source page, note the Use an existing VM
template or a virtual hard disk stored in the library option. To the right of this option, click
Browse.
4. In the Select VM Template Source window, click Blank Disk – Small.vhdx, and then click OK.
7. On the Configure Hardware page, click the Hardware profile list box, click LabHWProfile, and
then click Next.
8. On the Configure Operating System page, click the Guest OS profile drop-down list box, click
LabGuestOS, and then click Next.
9. On the Application Configuration page, click the Application profile drop-down list box, click
None – do not install any applications, and then click Next.
10. On the SQL Server Configuration page, click the SQL Server profile drop-down list box, click None
– no SQL Server configuration settings, and then click Next.
14. On the ribbon, on the Template tab, note that you can enable and disable, export, and even delete a
template.
15. Click the Properties icon.
16. In the Properties dialog box, note that the Hardware and OS Configuration pages no longer point
to the profiles created earlier, but are the full settings that you placed in the profiles. Note the
additional pages that are available. Notice that you can create custom Properties, and on the
Settings page, assign self-service Quota points.
17. Notice also on the Dependencies page that the template is dependent on the Blank Disk –
Small.vhdx virtual hard disk that you selected earlier. Notice also that there are no validation errors
and that on the Access page, you can assign other self-service users and roles.
3. How will you fulfill the requirement to ensure that the resources are not overwhelmed?
Answer: You must use the Quotas for the named cloud settings.
2. When the LON-VMM1 desktop displays, on the taskbar, click the Virtual Machine Manager Console
icon.
4. In Microsoft System Center 2012 R2 Virtual Machine Manager (VMM), in the Virtual Machine
Manager console, in the Workspace area, on the lower left, click VMs and Services.
5. On the ribbon, click the Create Cloud button. This will bring up the Create Cloud Wizard.
6. In the Create Cloud Wizard, on the General page, in the Name text box, type DevCloud, in the
Description text box, type Cloud for the Development Department, and then click Next.
7. On the Resources page, in the Select the resources for this cloud area, select the LocalGroup
check box, and then click Next.
8. On the Logical Networks page, note the logical networks that are available. In the Logical networks
pane, select the External Network check box, and then click Next.
11. On the Port Classifications page, select the following check boxes, and then click Next: Host
management, Guest Dynamic IP, Medium bandwidth, Low bandwidth and High bandwidth
L11-92 Managing Clouds in Microsoft System Center 2012 R2 Virtual Machine Manager
12. On the Storage page, in the Storage classifications pane, select the Local Storage check box, and
then click Next.
15. On the Capability Profiles page, select the Hyper-V check box, and then click Next.
18. In the console tree, under VMs and Services, under the Clouds node, click DevCloud.
19. On the ribbon, click the Overview button. Review the Cloud summary in the details pane, and verify
that it contains the capacity values that you just changed.
3. In the Create Cloud Wizard, on the General page, in the Name text box, type ResCloud, in the
Description text box, type Cloud for the Research Department, and then click Next.
4. On the Resources page, in the Select the resources for this cloud area, select the LocalGroup
check box, and then click Next.
5. On the Logical Networks page, In the Logical networks pane, select the External Network check
box, and then click Next.
13. On the Summary page, at the bottom of the page, click the Finish button.
14. When the Jobs window displays, wait for the Create New Cloud task to finish, and then click Close.
Server Virtualization with Windows Server Hyper-V® and System Center L11-93
15. In the console tree, under VMs and Services, under the Clouds node, click ResCloud. On the ribbon,
click the Overview button.
16. In the details pane, in the Cloud summary area, verify that the values for ResCloud contain the
capacity values that you changed.
Results: After completing this exercise, you should have created a private cloud based in a host group,
and you should have reviewed its properties.
4. In the Create User Role Wizard, on the Name and description page, in the Name text box, type
DevRole, in the Description text box, type User role created for the Development Department,
and then click Next.
5. On the Profile page, select the Application Administrator (Self-Service User) radio button, and
then click Next.
6. On the Members page, click the Add button.
7. In the Select Users, Computers, or Groups pop-up, in the Enter the object names to select
(examples) text box, type Development, and then click OK.
8. Verify that on the Members page, in the Members window pane, ADATUM\Development displays,
and then click Next.
9. On the Scope page, in the Scope: pane, select the DevCloud check box, and then click Next.
10. On the Quotas for the DevCloud cloud page, at the bottom of the page, in the Member level
quotas section, in the Virtual Machines row, clear the Use Maximum column check box. In the
Assigned Quota column, type 1, and then click Next.
12. In the Select VM Networks pop-up, select the External network, click OK, and then, click Next.
13. On the Resources page, at the bottom of the page, in the Specify user role data path, click the
Browse button.
14. In the Select Destination Folder pop-up, click the MSSCVMMLibrary node, click OK, and then click
Next.
15. On the Permissions page, in the Select the permitted actions for this user role section, under the
Name column, select all of the check boxes, clear the Receive and Share check boxes, and then click
Next.
16. On the Run As accounts page, click Next.
L11-94 Managing Clouds in Microsoft System Center 2012 R2 Virtual Machine Manager
17. On the Summary page, in the Confirm the settings section, review the selections, and then click
Finish.
18. When the Jobs pop-up window displays, wait for all of the jobs to complete, and then close the
window.
19. In the Settings console tree, in the Security node, under User Roles, in the User Roles details pane,
click the DevRole object. On the ribbon, click the Properties button.
20. In the DevRole Properties dialog box, review the various properties, and then click Cancel.
2. In the Settings console tree, expand the Security node, and then click User Roles.
4. In the Create User Role Wizard, on the Name and description page, in the Name text box, type
ResearchRole, in the Description text box, type User role created for the Research Department,
and then click Next.
5. On the Profile page, verify that the Application Administrator (Self-Service User) radio button is
selected, and then click Next.
6. On the Members page, click the Add button.
7. In the Select Users, Computers, or Groups pop-up, in the Enter the object names to select
(examples) text box, type Research, and then click OK.
8. On the Members page, in the Members pane, verify that ADATUM\Research displays, and then click
Next.
9. On the Scope page, in the Scope pane, select the ResCloud check box, and then click Next.
10. On the Quotas for the ResCloud cloud page, in the Member level quotas section, in the Virtual
Machines: row, clear the Use Maximum column check box, in the Assigned Quota column, type 1,
and then click Next.
11. On the Networking page, click Add.
12. In the Select VM Networks pop-up, click External network, click OK, and then click Next.
14. In the Select Destination Folder pop-up, click the Host1Library node, click OK, and then click Next.
15. On the Permissions page, in the Select the permitted actions for this user role section, under the
Name column, select all the check boxes, clear the Receive and Share check boxes, and then click
Next.
17. On the Summary page, observe the Confirm the settings section, review the selections, and then
click Finish.
18. When the Jobs pop-up window displays, wait for all the jobs to complete and then close the window.
19. In the Settings console tree, in the Security node, under User Roles, verify that the ResearchRole
object displays in the User Roles details pane. Click ResearchRole, and then on the ribbon, click the
Properties button.
Server Virtualization with Windows Server Hyper-V® and System Center L11-95
20. In the ResearchRole Properties dialog box, review the various properties, and then click Cancel.
Results: After completing this exercise, you should have created several user roles, explored different
configuration options, and then connected VMM as a member of different roles to confirm which actions
they can perform.
2. On the Start screen, move the mouse pointer directly under the Desktop tile. When a round white
circle with a white down arrow in it displays, click it.
3. In the Apps by name start screen, scroll to the right until you see the Microsoft System Center 2012
tile area. Select and then right-click the Virtual Machine Manager Console tile. In the Command bar
at the bottom of the page, click Pin to Taskbar.
4. On the keyboard, tap the Windows key.
7. In the Connect to Server pop-up, in the Server name text box, type
LON-VMM1.adatum.com:8100, and then click Connect.
8. When the Virtual Machine Manager console displays, maximize it, if it is not already maximized.
9. Note that throughout the console, the objects available to select are very different, or are missing
entirely. This is because Ben is only an Application Administrator.
10. In the Workspace area, in the lower left, click VMs and Services, expand Clouds, and then click
DevCloud.
11. In the Virtual Machine Manager console, on the ribbon click the Create Virtual Machine button, and
then select Create Virtual Machine from the menu.
12. In the Create Virtual Machine Wizard, on the Select Source page, select the Create the new virtual
machine with a blank virtual hard disk radio button, and then, click Next.
13. On the Identity page, in the Virtual machine name text box, type 1stDevCloudVM. In the
description text box, type First virtual machine in the DevCloud, and then click Next.
14. On the Configure Hardware page, in the Compatibility section, select the Hyper-V check box, and
then click Next.
15. On the Select Destinations page, accept the default Deploy the virtual machine to a private
cloud radio button, and then click Next.
16. On the Select Cloud page, wait a moment for VMM to select a destination. Using the mouse,
highlight DevCloud, and then click Next.
19. When the job starts, notice that there are multiple steps to create the virtual machine.
20. When the Jobs pop-up window displays, wait until the last job completes, and then close the Jobs
pop-up.
21. In the console tree, under VMs and Services, under Clouds, under DevCloud, in the VM’s details
pane, verify that 1stDevCloudVM is the only virtual machine on this host.
22. Attempt to make another virtual machine, using the steps above, but change the name to
2ndDevCloudVM and the description to Second virtual machine in the DevCloud.
23. When you reach the Select Cloud page in the Create Virtual Machine Wizard, the task will fail.
24. Review the Details area below. Click the Ratings Explanation tab, and note the line that says, “The
operation results in a violation of the virtual machine count quota for the private cloud.”
25. Click the Cancel button. In the Create Virtual Machine Wizard pop-up, click Yes.
26. With the DevCloud selected, right-click 1stDevCloudVM, and then click Delete. In the confirmation
pop-up, click Yes.
Task 2: Use the Virtual Machine Manager console on LON-CL1 to create virtual
machines as a Research department user
1. Sign in to LON-CL1 as adatum\hani with a password of Pa$$w0rd. You may have to wait a moment
while the user’s profile is created.
2. On the Start screen, move the mouse pointer directly under the Desktop tile. When a round white
circle with a white down arrow in it displays, click it.
3. In the Apps by name start screen, scroll to the right until you see the Microsoft System Center 2012
tile area. Select and then right-click the Virtual Machine Manager console tile. In the Command
bar at the bottom of the page, click Pin to Taskbar.
6. On the desktop, on the taskbar click the Virtual Machine Manager Console icon.
7. In the Connect to Server pop-up, in the Server name text box, type
LON-VMM1.adatum.com:8100, and then click Connect.
8. When the Virtual Machine Manager console displays, maximize it, if it is not already maximized.
9. Note that in the Virtual Machine Manager console, the objects available to select are very different, or
missing entirely. That is because Hani is only an Application Administrator.
10. In the Workspace area in the lower left, click VMs and Services, expand Clouds, and select
ResCloud.
11. In the VMM console, on the ribbon, click the Create Virtual Machine button and then select Create
Virtual Machine from the menu.
12. In the Create Virtual Machine Wizard, on the Select Source page, select the Create the new virtual
machine with a blank virtual hard disk radio button, and then click Next.
Server Virtualization with Windows Server Hyper-V® and System Center L11-97
13. On the Identity page, in the Virtual machine name text box, type 1stResCloudVM. In the
description text box, type First virtual machine in the ResCloud, and then click Next.
14. On the Configure Hardware page, in the Compatibility section, select the Hyper-V check box, and
then click Next.
15. On the Select Destinations page, accept the default Deploy the virtual machine to a private
cloud radio button, and then click Next.
16. On the Select Cloud page, give VMM a moment to select a destination. Using the mouse, highlight
ResCloud, and then click Next.
19. When the Jobs pop-up window displays, wait for the job to complete, and then close the Jobs pop-up
window.
20. In the console tree, under VMs and Services, under Clouds, and under ResCloud, in the VM’s details
pane, verify that 1stResCloudVM is the only virtual machine on this host.
21. Attempt to make another virtual machine, using the steps above, but change the name to
2ndResCloudVM and the description to Second virtual machine in the ResCloud.
22. When you reach the Select Cloud page in the Create Virtual Machine Wizard, the task will fail.
Review the Details area on this page, and click the Ratings Explanation tab. Note the line that says,
“The operation results in a violation of the virtual machine count quota for the private cloud.”
23. Click the Cancel button. In the Create Virtual Machine Wizard pop-up, click Yes.
24. With ResCloud selected, right-click 1stResCloudVM, and then click Delete. When the confirmation
pop-up displays, click Yes.
25. Close the Virtual Machine Manager console.
Results: After completing this exercise, you should have used the VMM console to create virtual machines
as a Development department user, and as a research department user.
L12-99
2. On the desktop, on the taskbar, click the Virtual Machine Manage Console icon.
3. On the Connect to Server page, click Connect.
4. In Microsoft System Center 2012 R2 Virtual Machine Manager (VMM), in the Virtual Machine
Manager console, on the lower left, click the Library workspace.
5. On the ribbon, on the Home tab, click Create Service Template.
6. In the New Service Template dialog box, in the Name field, type Lab 12 Service Template,
and then in the Release text box, type 1. In the Patterns section, click Single Machine, and then
click OK.
7. In the Virtual Machine Manager Service Template Designer console, note the name selected. Note
that Lab 12 Service Template is part of the overall name, because this is what you are currently
designing, and the numeral 1 is the release version.
8. Note the Designer canvas area, which is the central part of the console. Note that this part of the
console has the various blocks connected to each other. The text that appears dimmed, highlighted
with a large down arrow, gives advice on how you can drag-and-drop various virtual machine
templates into the designer. You can do this either in the blank canvas area to make a new tier or
onto the existing template to replace its tier.
Task 2: Use the Service Template Designer to modify a single tier virtual machine
1. In the Virtual Machine Manager Service Template Designer, click the Single Tier box, highlighted
with a red circle with an exclamation mark. Note the text below that explains why it has this warning,
which is because the template does not include a virtual hard disk or virtual machine network.
2. Right-click the Single Tier name text and then from the drop-down list box, click Properties.
3. In the Single Tier properties dialog box, configure the various pages in the properties, as follows:
a. On the General page, in the Name text window, type Lab12ServiceVM. Provide the name and
description; prevent the virtual machine from migrating automatically; allow it to be scaled out;
and create and availability set for the tier.
iii. In the Select a virtual hard disk pop-up dialog box, click SmallCore.vhd, and then click OK.
iv. In the Hardware Configuration console tree, scroll down, and then in the Network Adapters
section, click Network Adapt… Not connected.
v. In the Network Adapter 1 (Legacy) details pane, click the Connected to a VM network
option, and then click Browse.
vi. In the pop-up window, click External Network, and then click OK.
Use the Hardware page to set the various hardware configurations that you would configure for
any new virtual machine in the VMM console.
c. On the OS Configuration page, in the Operating system drop-down list, click 64-bit edition of
Windows Server 2012 Standard. Note that you can configure the name of the computer, the
local administrator password, the product key, and a time zone. Note the Roles and Features
area. Add roles and features here that can be run on a Windows Server. Also, note that you can
join a domain, and that it shows you are in a workgroup currently. Note the Scripts area, where
you can provide Answer File and even Run Once commands.
d. On the Application Configuration page, note that the Application profile list has three
sections under it: OS Compatibility, Applications, and Scripts. In the Compatible operating
systems available details pane, in the OS Compatibility area, note that you can select none, one,
some, or all check boxes. Select the 64-bit edition of Windows Server 2012 Standard check
box. In the console tree of the Application Configuration page, click Applications. In the
Application profile list at the top of the page, click None – do not install any applications.
Note that clicking this make all previously viewed items on the page appear dimmed.
You use the Application Configuration page to add applications and scripts that will run on the
virtual machine.
e. On the SQL Server Configuration page, note that by default, the SQL Server profile list is set to
None – no SQL Server configuration settings.
f. On the Custom Properties page, note that you can add various custom properties.
g. On the Settings page, note that you can specify the number of points to apply towards an
owner’s virtual machine quota, when a virtual machine is assigned to a self-service user.
h. On the Dependencies page, because this is a default template, note that no dependencies have
been found.
i. On the Validation Errors page, note that any errors would be listed.
j. At the bottom of the Single Tier Properties dialog box, click OK.
4. In the Service Template Designer canvas area, use the mouse to drag the External Network box
down beside the NIC 1 box.
5. Do not close the VMM Service Template Designer.
Results: After completing this exercise, you should have created a service template by using the Service
Template Designer.
Server Virtualization with Windows Server Hyper-V® and System Center L12-101
2. In the Select name and destination pop-up dialog box, in the Name text box, type Lab 12 Service,
in the Destination drop-down list box, ensure that DevCloud is selected, and then click OK.
3. When the Deploy Service – Lab 12 Service console displays, if you see a pink shaded area in the
middle of the screen that indicates that it could not find a host, then click Refresh Preview on the
ribbon.
4. Verify that the Designer pane in the center window shows that the service starts in DevCloud. Under
the Service Tier icon, click the random name, and then in the bottom center window, in the VM
name and Computer Name boxes, type Lab12ServiceVM.
7. In the Jobs window, verify that the Create Service Instance job displays and is running. This will take
approximately 30 minutes to complete.
8. When the job completes, close the Jobs window.
9. In the VMs and Services workspace, in the VMs and Services console tree, expand Clouds, and then
select DevCloud.
10. In the ribbon, in the Show tab, select VMs. In the VMs details pane, note that the Lab12ServiceVM
virtual machine is running, and then leave it running.
3. In the Templates details pane, right-click the Lab 12 Service Template service template, and then
click Properties.
4. On the Lab 12 Service Template Properties page, click the Access page in the console tree, and
then in the Access details pane, click Add.
5. In the Select Users pop-up, select the DevRole check box, and then click OK twice.
Note: Due to the ongoing creation of the Lab12ServiceVM virtual machine from Task 1
above, step 5 may take longer than expected or fail. If that happens, you cannot run Exercise 4,
Task 1.
2. In the Services details pane, click Lab 12 Service Template. You may have to expand the size of the
Template Name column to see the full name of the items listed.
4. In the Change Service Template for Lab 12 Service window, on the Updated Service Template page,
under Select how to update the service, click Replace the current template with an updated
template for the service, and then click Browse.
5. In the Select a Service Template Wizard, click Lab 12 Service Template, Release 1, click OK, and
then click Next.
6. In the Settings page, verify that No settings to configure displays, and then click Next.
7. On the Update Method page, in the drop-down list box, ensure that Apply updates to existing
virtual machines in-place is selected, and then click Next.
8. On the Updates review page, select the Apply the updates to the service immediately after this
wizard completes check box, and then click Next.
10. When the Jobs window displays, wait until the servicing job completes, and then close the Jobs
window.
Results: After completing this exercise, you should have configured service deployment, and then
deployed the service. You also should have modified the template, and then updated the service.
3. On the Overview page, under Private Clouds, click Connect a Virtual Machine.
4. On the Add a new VMM connection page, provide the following settings, and then click OK:
o Connection name: Adatum
5. Verify that the App Controller webpage loads with data displaying under the Private Clouds
section.
4. In File Explorer, right-click This PC in the console tree, and then select Properties.
5. In the console tree of the System window, click Remote settings.
6. In System Properties, ensure that you are in the Remote tab, and then in the Remote tab, click the
Select Users button.
7. In the Remote Desktop Users pop-up window, click the Add button.
Server Virtualization with Windows Server Hyper-V® and System Center L12-103
8. In the Select Users and Groups pop-up window, in the text box, type adatum\ben; adatum\hani,
and then click the Check names button.
9. In the Multiple Names Found pop-up window, select Ben Martens, and then click OK four times.
10. Close the System window, and then sign out of LON-CL1.
12. On the Start screen, click the Desktop tile, and then on the taskbar, click the Internet Explorer icon.
13. Maximize the Internet Explorer window, and in the address bar, type
https://lon-vmm1.adatum.com/and then press Enter.
14. In the There is a problem with this websites security certificate, click the Continue to this
website hyperlink.
15. On the bar on the bottom that specifies Microsoft Silverlight is not compatible, click Run Control,
and then click Continue to this website.
16. On the App Controller web portal page, in the User name text box, type adatum\ben, and in the
Password text box, type Pa$$w0rd, and then click Sign In.
2. In the Clouds area of the console tree, verify that DevCloud displays.
b. Return to LON-VMM1.
c. In the VMM manager console, remain signed on as Adatum\administrator, and then click the
VM and Services workspace.
d. In the VMs details pane, find and right-click the virtual machine from step a.
e. Click Delete, and then click Yes two times in the Virtual Machine Manager pop-up windows.
Results: After completing this exercise, you should have configured App Controller to connect to a
private cloud.
L12-104 Managing Services in Microsoft System Center 2012 R2 Virtual Machine Manager and App Controller
2. In the middle console tree that appears, click the Templates node. In the details pane to the right,
right-click Lab 12 Service Template, and in the drop-down list box, click Deploy.
3. In the New Deployment design view window, in the Cloud box, click the Configure hyperlink.
4. In the Select a cloud for this deployment window, notice that DevCloud is the only cloud to display,
and then click OK.
5. Notice that in the design view, two more boxes are added: Service, and Machine Tier with an
Instance box in it. Note that both the Service and Instance box have a Configure hyperlink. In the
Service box, click the Configure hyperlink.
6. In the Properties of Lab 12 Service Template window, in the Service name box, type
AppCServiceDevCloud, and then click OK.
8. In the Properties of new virtual machine window, note that you cannot change the virtual machine
name, and then click OK. The computer name will be generated randomly.
9. In the New Deployment window, in the lower-right corner, click Deploy. Click the VMM service
deployment started hyperlink
10. In the Jobs node, wait for the job to finish. It may take approximately 15 to 20 minutes to finish the
deployment. If the service instance takes longer than 15 minutes, switch to the host machine that is
hosting the new service, and then in the Hyper-V console, view the virtual machine.
11. While you are waiting for the job to finish, open the LON-VMM1 virtual machine, and then in the
VMM console, click the Jobs workspace.
12. In the console tree, click the Running node. Verify that you see a Create Service Instance that is
running. Because this job takes a long time to finish, do not wait for it to finish, but proceed to the
next step.
13. Switch back to LON-CL1, and in the App Controller console tree, click the Virtual Machines node.
After several minutes, you will see a new virtual machine with a name of a long string of letters and
numbers, which is the randomly generated name. Verify that the virtual machine has a status of
Running.
14. On the App Controller web portal page, on the upper right, click the Sign out hyperlink.
15. Close Internet Explorer, and then sign out of LON-CL1.
16. On LON-VMM1, close all open windows, and then sign out of LON-VMM1.
Results: After completing this exercise, you should have deployed a virtual machine by using App
Controller.
L13-105
2. In the Operations console, click the Administration workspace, and then above the Monitoring
workspace, click Discovery Wizard.
3. In the Computer and Device Management Wizard, on the Discovery Type page, ensure that
Windows computers is selected, and then click Next.
4. On the Auto or Advanced page, click Advanced Discovery, and then click Next.
5. On the Discovery Method page, click Browse for, or type-in computer names, in Computer
names text box, type LON-HOST1.adatum.com, and then click Next.
6. On the Administrator Account page, click Discover. It may take up to 20 minutes for discovery to
occur.
7. On the Select Objects to Manage page, click LON-HOST1.adatum.com, and then click Next.
2. In the Administration navigation pane, click Settings, right-click Security, and then click Properties.
3. In the Properties dialog box, click Review new manual agent installations in pending
management view, and then click OK.
4. Switch to LON-VMM1.
5. On LON-VMM1, right-click the Start hint, and then click Run.
6. In the Open text box, type the following address, and then click OK:
7. In the Microsoft Monitoring Agent Setup Wizard, on the Welcome page, click Next.
10. On the Agent Setup Options page, review the options, and then click Next.
11. On the Management Group Configuration page, in the Management Group Name text box, type
Adatum, in the Management Server text box, type LON-OM1, and then click Next.
L13-106 Protecting and Monitoring Virtualization Infrastructure
17. On LON-OM1, in the Operations Manager console, in the Administration workspace, under Device
Management, click Pending Management.
19. In the Manual Agent Install window, read the information, and then click Approve.
Results: After completing this exercise, you should have deployed Operations Manager agents to a
virtualization host and to a virtual machine.
3. In the E-mail Notification Channel window, on the Description page, click Next to accept the default
channel name and description.
o Port number: 25
6. On the Settings page, in the Return address text box, type SCAlerts@adatum.com, and then click
Next.
7. On the Format page, click Finish to accept the default message format.
9. In the Operations Manager console, in the Administration workspace, under Notifications, click
Subscribers.
12. On the Schedule page, click Always send notifications, and then click Next.
13. On the Addresses page, click Add to create a new subscriber address.
Server Virtualization with Windows Server Hyper-V® and System Center L13-107
14. In the Subscriber Address Wizard, on the General page, in the Address name text box, type
Work E-mail, and then click Next.
15. On the Channel page, in the Channel Type box, click E-mail (SMTP).
16. In the Delivery address for the selected channel text box, type administrator@adatum.com, and
then click Next.
17. On the Schedule page, click Always send notifications. Click Finish twice, and then click Close.
18. In the Operations Manager console, in the Administration workspace, under Notifications, click
Subscriptions.
20. In the Notification Subscription Wizard, on the Description page, in the Subscription name text box,
type Windows Server 2012 R2 notifications, and then click Next.
21. On the Criteria page, in the Conditions area, select the raised by any instance in a specific group
check box.
23. In the Group Search window, in the Filter by text box, type 2012, and then click Search.
24. Click Windows Server 2012 Computer Group, click Add, and then click OK.
27. In the Subscriber Search window, click Search, click Administrator, click Add, and then click OK.
28. On the Subscribers page, click Next.
31. On the Channels page, click Delay sending notifications if conditions remain unchanged for
longer than (in minutes), type 10, and then click Next.
32. On the Summary page, click Finish.
Results: After completing this exercise, you should have deployed and configured monitoring
components including management packs, notifications, and reports.
4. On the Select features to install page, select the Operations console check box, and then click
Next.
7. On the License terms page, review the license, click I have read, understood and agree with the
license terms, and then click Next.
8. On the Help improve Operations Manager page, click No, I am not willing to participate for
both Customer Experience Improvement Program and Error Reporting, and then click Next.
9. On the Microsoft Update page, click Off, and then click Next.
11. Clear the Start the Operations Manager console when the wizard closes check box, and then click
Close.
12. Close all open windows.
15. Click the Settings workspace, in the navigation pane, click System Center Settings, right-click
Operations Manager Server, and then click Properties.
16. In the Add Operations Manager Wizard, on the Introduction page, read the requirements for
integration, and then click Next.
17. On the Connection to Operations Manager page, in the Server name text box, type
lon-om1.adatum.com, review the options, leave the defaults, and then click Next.
18. On the Connection to VMM page, in the User name text box, type adatum\scservice, in the
Password text box, type Pa$$w0rd, and then click Next.
2. In the Add Operations Manager Wizard, on the Connection Details page, under the Diagnostics
section, click Test PRO.
3. When the Test PRO Tips window displays, click OK to close the window, and then click OK again.
4. In the PRO window, click the PRO Diagnostics alert, review the information, and then close the PRO
window.
5. In the VMM console, click the JOBS workspace, click the PRO diagnostics job, and monitor the
progress of the job. The expected status is completed.
Server Virtualization with Windows Server Hyper-V® and System Center L13-109
2. In the right pane, right-click Host Utilization, and then click Open.
4. Review the From and To criteria, which should be First day of this month – Today and the current
time and time zone. On the right, click Add Group. In the Group Name drop-down list box, ensure
Contains is selected, in the Filter text box, type all hosts, and then click Search.
5. Under the Available items section, click All Hosts, click Add, and then click OK.
6. On the top left, click Run.
7. When the report finishes loading, click and expand the Description, and then review the report.
8. In the report, click File, review the export options, and then click Close.
3. Review the state and details of the DevCloud, then in the navigation pane, click Fabric Health
Dashboard,
Results: After completing this exercise, you should have configured the integration of Operations
Manager with VMM. You should have installed the Operations Manager console, imported management
packs, and verified the effects of the integration.