What’s new in Hyper-V 2016 Thomas Maurer @ThomasMaurer Symon Perriman @SymonPerriman www.SymonPerriman.com Symon@5nine.com Thomas Maurer @ThomasMaurer www.thomasmaurer.ch

We are winning virtualization share Change In Market Share Over The Past 5+ Years We are winning virtualization share Microsoft Hyper-V Server +30.6 % Points x86 Server Virtualization Share For The Past 5+ Years Windows Server 2012 Released Q1 CY2008 Windows Server 2008 Released Q3 CY2009 Windows Server 2008 R2 Q3 CY2012 Windows Server 2012 Q3 CY2014 CURRENT Change Since Hyper-V Released Microsoft Hyper-V Server 0.0% 11.8% 25.9% 30.6% +30.6 Pts ESX 40.0% 46.6% 51.4% 46.2% +6.2 Pts Windows Server 2008 R2 Released ESX +6.2 Windows Server 2008 Released CY 2008 Q1 CY 2009 Q3 CY 2012 CY 2014 Source: IDC WW Quarterly Server Virtualization Tracker, December 2014. Hyper-V and ESX + vSphere shares based on percent market share among all x86 new hypervisor deployments (nonpaid and paid). x86 hypervisor shipments include those sold on new servers, new nonpaid hypervisor deployments aboard new servers, and new hypervisor sales and nonpaid hypervisor deployments on installed base servers. Share gains for Hyper-V and ESX + vSphere come in part from market share transfers from older products from same vendors.

Security

Challenges in protecting high-value assets 4/26/2017 Challenges in protecting high-value assets Any seized or infected host administrators can access guest virtual machines Fabric Hypervisor Customer Storage Host OS Guest VM Legitimate host? Impossible to identify legitimate hosts without a hardware based verification Tenants VMs are exposed to storage and network attacks while unencrypted © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Confidently protect sensitive customer data: 4/26/2017 Confidently protect sensitive customer data: Any seized or infected host administrators can access guest virtual machines Hardware-rooted technologies to separate the guest operating system from host administrators Virtual Secure Mode Process and Memory access protection from the host Host OS Customer Customer Virtual machine OS Data Workload Compute Storage Network Hypervisor Fabric Guest VM Guest VM Guarded fabric to identify legitimate hosts and certify them to run shielded tenant Generation 2 VMs Impossible to identify legitimate hosts without a hardware based verification Host Guardian Service Enabler to run Shielded Virtual Machines on a legitimate host in the fabric Trust the host Storage Virtualized trusted platform module (vTPM) support to encrypt virtual machines Tenants VMs are exposed to storage and network attacks while unencrypted Shielded VM Bitlocker enabled VM Hypervisor Hypervisor Fabric Fabric Host Guardian Service © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Shielded VMs Spotlight capabilities Storage 4/26/2017 Shielded VMs Spotlight capabilities Storage HOST without TPM (generic host) Virtual hard disk HOST with TPM Shielded Virtual Machines Shielded Virtual Machines can only run in fabrics that are designated as owners of that virtual machine Shielded Virtual Machines will need to be encrypted (by BitLocker or other means) in order to ensure that only the designated owners can run this virtual machine You can convert a running Generation 2 virtual machine into a Shielded Virtual Machine Host Guardian Service © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Secure Boot Support for Linux 4/26/2017 Secure Boot Support for Linux Providing kernel code integrity protections for Linux guest operating systems. Works with: Ubuntu 14.04 and later SUSE Linux Enterprise Server 12 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Secure Boot Support for Linux 4/26/2017 Secure Boot Support for Linux PowerShell to enable this: Set-VMFirmware "Ubuntu" -SecureBootTemplate MicrosoftUEFICertificateAuthority © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Rolling Cluster Upgrade You can now upgrade a 2012 R2 Hyper-V cluster to Windows Server 2016 with: No new hardware No downtime The ability to roll-back safely if needed

Cluster OS Rolling Upgrade 4/26/2017 Cluster OS Rolling Upgrade Mixed OS mode is a new transition state for Failover Clusters Optimizations don’t run New features are not available Do not plan on running your cluster in Mixed OS Mode for longer than one month System Center 2016 Windows Server 2012 R2 Failover Cluster Mixed OS Mode 2012 R2 & 2016 Failover Cluster Windows Server 2016 Failover Cluster © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Cluster OS Rolling Upgrade Process Start with a Windows Server 2012 R2 cluster All nodes running Windows Server 2012 R2 The workload supports Cluster OS Rolling Upgrade process Failover Cluster Windows Server 2012 R2 Windows Server 2012 R2 Windows Server 2012 R2 Windows Server 2012 R2 Windows Server 2012 R2 Cluster Functional Level = Windows Server 2012 R2

Cluster OS Rolling Upgrade Process Migrate Workloads Off Cluster Node Pause | Drain the node Failover Cluster Windows Server 2012 R2 Windows Server 2012 R2 Windows Server 2012 R2 Windows Server 2012 R2 Windows Server 2012 R2 Cluster Functional Level = Windows Server 2012 R2

Cluster OS Rolling Upgrade Process Evict Idle Cluster Node Failover Cluster Windows Server 2012 R2 Windows Server 2012 R2 Windows Server 2012 R2 Windows Server 2012 R2 Windows Server 2012 R2 Cluster Functional Level = Windows Server 2012 R2

Cluster OS Rolling Upgrade Process Re-Provision Node Install New OS Install and Configure any Workload Requirements Failover Cluster Windows Server 2012 R2 Windows Server 2012 R2 Windows Server 2012 R2 Windows Server 2012 R2 Windows Server 2016 Cluster Functional Level = Windows Server 2012 R2

Cluster OS Rolling Upgrade Process Re-Add Node To Cluster Using Cluster UI or PowerShell Cluster Functional Level Remains Windows Server 2012 R2 Failover Cluster Windows Server 2012 R2 Windows Server 2012 R2 Windows Server 2012 R2 Windows Server 2012 R2 Windows Server 2016 Cluster Functional Level = Windows Server 2012 R2

Cluster OS Rolling Upgrade Process Ready To Migrate Workloads Back Migrate workloads to Windows Server 2016 Node Validate functionality Failover Cluster Windows Server 2012 R2 Windows Server 2012 R2 Windows Server 2012 R2 Windows Server 2012 R2 Windows Server 2016 Cluster Functional Level = Windows Server 2012 R2

Cluster OS Rolling Upgrade Process Repeat For Remaining Nodes Failover Cluster Windows Server 2012 R2 Windows Server 2016 Windows Server 2016 Windows Server 2016 Windows Server 2016 Cluster Functional Level = Windows Server 2012 R2

Cluster OS Rolling Upgrade Process All Nodes Are Upgraded Cluster Functional Level remains Windows Server 2012 R2 Functionality is limited to Windows Server 2012 R2 levels Failover Cluster Windows Server 2016 Windows Server 2016 Windows Server 2016 Windows Server 2016 Windows Server 2016 Cluster Functional Level = Windows Server 2012 R2

Cluster OS Rolling Upgrade Process Upgrade Functional Level Cluster Functional Level upgraded To Windows Server 2016: Update-ClusterFunctionalLevel cmdlet New functionality added in Windows Server 2016 enabled Failover Cluster Windows Server 2016 Windows Server 2016 Windows Server 2016 Windows Server 2016 Windows Server 2016 Cluster Functional Level = Windows Server 2016

Cluster OS Rolling Upgrade Process Upgrade is completed Failover Cluster Windows Server 2016 Windows Server 2016 Windows Server 2016 Windows Server 2016 Windows Server 2016 Cluster Functional Level = Windows Server 2016

Hyper-V automatically upgrades virtual machines to the latest version 4/26/2017 New VM Upgrade Process Windows Server 2012 R2: Hyper-V automatically upgrades virtual machines to the latest version No ability to roll-back the upgrade process © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Hyper-V will not automatically upgrade virtual machines 4/26/2017 New VM Upgrade Process Windows Server 2016: Hyper-V will not automatically upgrade virtual machines Upgrading a virtual machine is a manual operation that is separate from upgrading the host Individual virtual machines can be moved back to earlier versions, until they have been manually upgraded © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

New VM Upgrade Process Windows Server 2016: PowerShell only: 4/26/2017 New VM Upgrade Process Windows Server 2016: PowerShell only: Update-VMConfigurationVersion © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Changing how we handle VM servicing 4/26/2017 Changing how we handle VM servicing Windows Server 2012 R2: VM drivers (integration services) updated with each new host release Require that VM driver version matches the host Drivers shipped with host operating system © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Changing how we handle VM servicing 4/26/2017 Changing how we handle VM servicing Windows Server 2016: VM drivers (integration services) updated when needed Require latest available VM drivers for that guest operating system Drivers delivered directly to the guest operating system via Windows Update © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Resiliency & Availability

Hyper-V Cluster Management Providing a single view of an entire Hyper-V cluster through WMI “Just one big Hyper-V server” Limited functionality at this point in time: Enumerate virtual machines Receive notification of live migration events Root\HyperVCluster\v2

Storage and Cluster Resiliency

Storage and Cluster Resiliency

Virtual Machine Storage Resiliency 4/26/2017 Virtual Machine Storage Resiliency Storage fabric outage no longer means that virtual machine crash Virtual machines pause and resume automatically in response to storage fabric problems © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Virtual Machine Cluster Resiliency 4/26/2017 Virtual Machine Cluster Resiliency VMs continue to run even when a node falls out of cluster membership Resiliency to transient failures Repeat offenders are “quarantined” © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Shared VHDX

Host Based Backup of Shared VHDX Online Resize of Shared VHDX 4/26/2017 Improved Shared VDHX Host Based Backup of Shared VHDX Online Resize of Shared VHDX © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Replica Support for Hot Add of VHDX When you add a new virtual hard disk to a virtual machine that is being replicated – it is automatically added to the not-replicated set. This set can be updated online. Set-VMReplication "VMName" -ReplicatedDisks (Get-VMHardDiskDrive "VMName")

Dynamic memory is great, but more can be done. Runtime Memory Resize Dynamic memory is great, but more can be done. For Windows Server 2016 guests, you can now increase and decrease the memory assigned to virtual machines while they are running.

Hot add / remove of network adapters Network adapters can be added and removed from Generation 2 virtual machines while they are running.

Demo: Memory Resize and hot add network adapters

Scale Improvements

Evolving Hyper-V Backup New architecture to improve reliability, scale and performance. Decoupling backing up virtual machines from backing up the underlying storage. No longer dependent on hardware snapshots for core backup functionality, but still able to take advantage of hardware capabilities when they are present.

Built in change tracking for Backup Most Hyper-V backup solutions today implement kernel level file system filters in order to gain efficiency. Makes it hard for backup partners to update to newer versions of Windows Increases the complexity of Hyper-V deployments Efficient change tracking for backup is now part of the platform

VM Configuration Changes New virtual machine configuration file Binary format for efficient performance at scale Resilient logging for changes New file extensions .VMCX and .VMRS

Operations

Production Checkpoints Delivers the same Checkpoint experience that you had in Windows Server 2012 R2 – but now fully supported for Production Environments Uses VSS instead of Saved State to create checkpoint Restoring a checkpoint is just like restoring a system backup

PowerShell Direct to Guest OS You can now script PowerShell in the Guest OS directly from the Host OS No need to configure PowerShell Remoting Or even have network connectivity Still need to have guest credentials

Network Adapter Identification You can name individual network adapters in the virtual machine settings – and see the same name inside the guest operating system. PowerShell in host: PowerShell in guest: Add-VMNetworkAdapter -VMName “TestVM" -SwitchName "Virtual Switch" -Name "Fred" -Passthru | Set-VMNetworkAdapter -DeviceNaming on Get-NetAdapterAdvancedProperty | ?{$_.DisplayName -eq "Hyper-V Network Adapter Name"} | select Name, DisplayValue

ReFS Accelerated VHDX Operations Taking advantage of an intelligent file system for: Instant fixed disk creation Instant disk merge operations

Demo: PowerShell Direct, Production Checkpoints

Isolation

Distributed Storage QoS Windows Server 2012 R2: Introduced the ability to limit maximum IOPs for an individual virtual hard disk

Distributed Storage QoS Windows Server 2016: Leveraging Scale Out File Server to allow you to: Define IOPs reserves for important virtual hard disks Define a IOPs reserve and limit that is shared by a group of virtual machines / virtual hard disks

Host Resource Protection Dynamically identify virtual machines that are not “playing well” and reduce their resource allocation.

Enhancing the platform

Hyper-V Manager Improvements Multiple improvements to make it easier to remotely manage and troubleshoot Hyper-V Servers: Connecting via WinRM Support for alternate credentials Requires that you have CredSSP enabled on server and client (http://blogs.msdn.com/b/powershell/archive/2008/06/05/credss p-for-second-hop-remoting-part-i-domain-account.aspx) Connecting via IP address Able to manage Windows Server 2012, 2012 R2 and 2016 from a single console

Hypervisor power management improvements Updated hypervisor power management model to support new modes of power management.

4/26/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Hypervisor power management improvements Updated hypervisor power management model to support new modes of power management. Connected Standby works!

RemoteFX Support for OpenGL 4.4 and OpenCL 1.1 API Larger dedicated VRAM and configurable VRAM.

Networking

Software Defined Networking Bringing Software Defined Networking to the next level Network Controller VXLAN and NVGRE support Virtual Firewall Software Load Balancer Improved Gateways RDMA using vNICs And much much more…

One more thing….

Containers Windows Server Hyper-V Container(s) Container(s) Hyper-V Microsoft Ignite 2015 4/26/2017 9:22 AM Containers Hyper-V Container(s) Windows Server Container(s) Hyper-V Virtual Machine(s) Hyper-V Hypervisor Physical Machine © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Deploying Containers Hyper-V Container(s) Requires Hyper-V Hypervisor Microsoft Ignite 2015 4/26/2017 9:22 AM Deploying Containers Hyper-V Container(s) Requires Hyper-V Hypervisor Windows Server Container(s) Hyper-V Virtual Machine(s) Hyper-V Hypervisor Physical Machine © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Deploying Containers Hyper-V Windows Server Container(s) Container(s) Microsoft Ignite 2015 4/26/2017 9:22 AM Deploying Containers Hyper-V Container(s) Windows Server Container(s) Virtual Machines Physical Machine © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Deploying Containers Hyper-V Container(s) Requires Hyper-V Hypervisor Microsoft Ignite 2015 4/26/2017 9:22 AM Deploying Containers Hyper-V Container(s) Requires Hyper-V Hypervisor Windows Server Container(s) Hyper-V Hypervisor Virtual Machines Physical Machine © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Demo: Containers