ActiveWin.com: Microsoft Windows Server 2012

The new Hyper-V extensible switch in Windows Server 2012 is key to enabling the creation of secure cloud environments that support the isolation of multiple tenants. The Hyper-V extensible switch in Windows Server 2012 introduces a number of new and enhanced capabilities for tenant isolation, traffic shaping, protection against malicious virtual machines, and hassle-free troubleshooting. The extensible switch allows third parties to develop plug-in extensions to emulate the full capabilities of hardware-based switches and support more complex virtual environments and solutions.

Previous versions of Hyper-V allowed you to implement complex virtual network environments by creating virtual network switches that worked like physical layer-2 Ethernet switches. You could create external virtual networks to provide VMs with connectivity with externally located servers and clients, internal networks to allow VMs on the same host to communicate with each other as well as the host, or private virtual networks (PVLANs) that you can use to completely isolate all VMs on the same host from each other and allow them to communicate only via external networks.

The Hyper-V extensible switch facilitates the creation of virtual networks that can be implemented in various ways to provide great flexibility in how you can design your virtualized infrastructure. For example, you can configure a guest operating system within a VM to have a single virtual network adapter associated with a specific extensible switch or multiple virtual network adapters (each associated with a different switch), but you can’t connect the same switch to multiple network adapters.

What’s new however is that the Hyper-V virtual switch is now extensible in a couple of different ways. First, you can now install custom Network Driver Interface Specification (NDIS) filter drivers (called extensions) into the driver stack of the virtual switch. For example, you could create an extension that captures, filters, or forwards packets to extensible switch ports. Specifically, the extensible switch allows for using the following kinds of extensions:

1. Capturing extensions, which can capture packets to monitor network traffic but cannot modify or drop packets.

2. Filtering extensions, which are like capturing extensions but also can inspect and drop packets.

3. Forwarding extensions, which allow you to modify packet routing and enable integration with your physical network infrastructure Second, you can use the capabilities of the Windows Filtering Platform (WFP) by using the built-in Wfplwfs.sys filtering extension to intercept packets as they travel along the data path of the extensible switch. You might use this approach, for example, to perform packet inspection within your virtualized environment.

These different extensibility capabilities of the Hyper-V extensible switch are intended primarily for Microsoft partners and independent software vendors (ISVs) so they can update their existing network monitoring, management, and security software products so they can work not just with physical hosts, but also with VMs deployed within any kind of virtual networking environment that you might possibly create using Hyper-V in Windows Server 2012. In addition, being able to extend the functionality of the Hyper-V networking by adding extensions makes it easier to add new networking functionality to Hyper-V without needing to replace or upgrade the switch. You’ll also be able to use the same tools for managing these extensions that you use for managing other aspects of Hyper-V networking, namely the Hyper-V Manager console, PowerShell, and Windows Management Instrumentation (WMI). And because these extensions integrate into the existing framework of Hyper-V networking, they automatically work with other capabilities, like Live Migration. Improved Live Migration Live Migration was introduced in Windows Server 2008 R2 to provide a high-availability solution for VMs running on Hyper-V hosts. Live Migration uses the Failover Clustering feature to allow running VMs to be moved between cluster nodes without perceived downtime or loss of network connection. Live Migration provides the benefi t of increased agility by allowing you to move running VMs to the best host for improving performance, achieving better scaling, or ensuring optimal workload consolidation. Live Migration also helps increase productivity and reduce cost by allowing you to service your host machines without interruption or downtime for your virtualized workloads.

Live Migration in Windows Server 2008 R2 required storing VMs on an Internet Small Computer Systems Interface (iSCSI) or Fibre-Channel SAN. In addition, Live Migration in Windows Server 2008 R2 supported performing only a single Live Migration at a time— multiple simultaneous Live Migrations were not supported. Now Live Migration in Windows Server 2012 has been improved in several significant ways. First, Live M igrations can be performed much more quickly. In fact, you can even saturate a 10 GB network connection when performing a Live Migration between Windows Server 2012 Hyper-V hosts, something you couldn’t do before with Windows Server 2008 R2 Hyper-V hosts.

A second improvement to Live Migration in Windows Server 2012 is that now you can perform multiple Live Migrations simultaneously within the same failover cluster. This means, for example, that if you needed to take down a particular cluster node for immediate servicing, you can migrate all running VMs from that node to a different node quickly and simultaneously in a single operation using either the GUI or a PowerShell command. This can greatly simplify the task of performing maintenance on Hyper-V hosts within your environment.

A third improvement is that Live Migration is now possible even if you don’t have a failover clustering infrastructure deployed. In the previous version of Windows Server 2008 R2, Live Migration required installing the Failover Clustering feature, and you also needed to ensure that Cluster Shared Volume (CSV) storage was enabled to ensure the logical unit number (LUN) on which your VM is stored could be accessed by any cluster node at any given time. With Windows Server 2012, however, you have two additional options for Live Migration that can be performed outside a failover clustering environment:

You can store your VMs on a shared folder on your network, which lets you live- migrate between non-clustered Hyper-V hosts while leaving the VM’s files on the share.
You also can live-migrate a VM directly from one stand-alone Hyper-V host to another without using any shared storage at all

Hyper-V Replica

While many third-party backup solutions can be used for backing up and recovering VMs running on Hyper-V hosts, the Hyper-V Replica feature in Windows Server 2012 provides an in-box business continuity solution for cloud environments that can efficiently, periodically, and asynchronously replicate VMs over IP-based networks, including slow WAN links and across different types of storage subsystems. The Hyper-V Replica feature does not require any shared storage or expensive storage array hardware, so it represents a low-cost solution for organizations looking to increase the availability of their virtualized workloads and ensure that these workloads can be recovered quickly in the event of a disaster. Hyper-V, together with Failover Clustering, allows VMs to maintain service availability by moving them between nodes within the datacenter. By contrast, Hyper-V Replica allows VMs to maintain availability across a datacenter where the node hosting the replica is located at a physically separate site. Hyper-V Replica provides host-based replication that allows for failover to a secondary datacenter in the event of a disaster. It’s an application-agnostic solution because it operates at a VM level regardless of what guest operating system or applications are installed in the VM. It’s a storage-agnostic solution because you can use any combination of SAN, direct attached storage (DAS), or SMB storage for storing your VMs. It also works in both clustered and nonclustered environments, and you can even replicate from a host on a shared cluster to a remote, stand-alone replica host. And it works with Live Migration and Live Storage Migration.

« Internet Information Services 8.0 & the Modern Work Style

Server Message Block 3 & VHDX Disk Format »