Event Notes | Aidan Finn, IT Pro

TechEd NA 2013: Keynote – The Post VMware Era

I am love blogging this session so please hit refresh to get the latest notes.

Pre-show, everything is running nice and smoothly. I got in at 7am and check-in was running nicely (lots of desks) but I was even luckier by being able to register at the media desk. One breakfast later and we were let into the keynote hall after just a few minutes’ wait, and I went into the press reserved area up to the left of the front. We had lots of handlers there … handy when my ultrabook refused to see the TechEd network and I had to find other means to connect.

Rock music was playing, and then came out a classic New Orleans brass band to liven things up. All we needed was some beer Smile

Lots of well known media types start appearing in the press section as the band plays “The Saints Come Marching In” (at least until the 49ers D crushes them).

TechEd 2014 is in Houston next year. Hopefully there is a route that does not include Dallas Fort Worth airport.

Brad Anderson

A pre-video where “the bits have been stolen” and Brad goes all James Bond to get them back, chasing the baddies in an Aston Martin while wearing a tux. The Windows USB key is being unsuccessfully uploaded (BitLocker to go)? And he recovers his shades Smile And he drives out onto the stage with the Aston Martin. Best keynote entrance ever.

All new versions of datacenter products:

-Devices
-Services to light up devices and enable users (BYOD)
-Azure and Visual Stuid to create great apps
-SQL Server to unlock insights into data
-The cloud platform: what enables the entire stack

Iain McDonald (Windows Core)
Makes the kernel, virtualisation, ID, security, and file system for all the products using Windows Core (Azure, Windows 8, Phone, XBoxOne, etc). Windows is our core business, he says. In other words, Windows lets you get your stuff. Windows 8 is out for 8 months and sold 100,000,000 copies in that time.

A Windows 8 blurb video, and during that a table full of Windows 8 devices comes out. Confirms that Windows 8.1 will be compatible, out this year, and free. Preview bits out on June 26th. Personalized background on the Start Screen. Some biz features will be shown:

Start Screen control: We can lock down tile customization. You can set up specific apps and setup. Set up a template machine. It’s an XML file export-startlayout. Set a GPO: Start Screen Layout. Paste a UNC path to the XML file. GPO refresh on the user machine, and the start screen is locked out. Windows 8.1 Industry line (embedded) does a lot of lock down and customization stuff for hard appliances.
Mirrorcast: a powerpoint display technology. He pairs a machine with a streamless wiring device. Now he presents from a tablet. I want this now. I need this now. Much better than VGA over Wifi – which just flat out doesn’t work with animated systems like Windows 8 Start Screen.
Wifi Printer with NFC. Tab the tablet and it pairs with the printer, and adds the device/printer. The demo gods are unkind Eventually he goes into Mail and can open an attachment side-by-side (50/50 split). And he sends the attachment to a printer. This is why wifi in big demo rooms does not work: the air is flooded – the print doesn’t appear as expected.
Surface Pro is up next. Can build VPN into apps in 8.1. Can work with virtual smart card for multi-factor authentication.

On the security front:

Moving from a defensive posture to an offensive posture in the security space.
8” Atom powered Acer tablet (see below).
Toshiba super hi-res Kira ultrabook

Back to Brad

1.2 billion consumer devices sold since last TechEd. 50% of companies told to support them. 20-somethings think BYOD is a right not a privilege. IT budgets are not expanding to support these changes.

Identity: Windows Server AD syncs with and blends with Windows Azure Active Directory (WAAD). Windows Intune connects to on-premise ConfigMgr (System Center). Manage your devices where they live, with a single user ID. Don’t try to manage BYOD or mobile devices using on-premise systems – that just flat-out doesn’t work.

Aston Martin has lots of widely distributed and small branch offices (retail). Windows Intune is perfect to manage this, and they use it for BYOD.

Windows Server and System Center 2012 R2 are announced, as is a new release of Windows Intune (wave E). Get used to the name of Windows Server and System Center. Microsoft has designed for the cloud, and brought it on-premises. Scalability, flexibility, and dependability.

Out comes Molly Brown, Principal Development Lead.

Workplace Join: She is going to show some new solutions in 2012 R2. Users can work on the devices they want while you remain in control She has a Windows 8.1 tablet and logs into a TemShare site. Her access is deined. She can “join her workplace”. This is like joining a domain. Policy is applied to her identity rather than to the device. Think of this as a modern domain join – Anderson. She joins the workplace in Settings -Network – Workplace. She enters her corporate email address and password, and then she has to prove herself, via multifactor authentication, e.g. a phone call. All she has to do is press the # key when prompted. Now she can view the Sharepoint site.

To get IT apps, she can enrol her device for management via Workplace (into Intune). Now she can (if the demo works – wifi) access IT published apps through Intune.

Work Folders: A new feature of WS2012 R2. Users have access to all their files across all their devices. Files replicated to file servers in the datacenter and out to all devices owned by the user. Relies on the device being enrolled.

You can easily leave the workplace and turn off management with 2 taps. All your personal stuff is left untouched. BYOD is made much easier.

Remote wipe is selective, only removing corporate assets from personal devices.

App and device management is Intune. You brand your service to the business, and manage cross-platform devices including Apple and Android (I found IOS device management to actually the be easier than Windows!).

So you empower end users, unify the environment, and secure the business.

Back to Brad

Apps. Devs want rapid lifecycles and flexibility. Need support for cross-platform deployment. And data, any size. And make it secure while being highly available.

On to the public cloud and Azure sales pitch. A dude from Easyjet comes out. I hope everyone has paid to use the priority lane to exit the hall. He talks about cloud scalability.

Scott Guthrie

Corp VP for Windows Azure. Cloud great for dev/test because of agility without waiting on someone to do something for you. Same hypervisor on premise in Hyper-V as in Azure, so you can choose where your app is deployed (hybrid cloud).

No charge for stopped VMs in Windows Azure from now on. You can stop it and start it, knowing that you’ve saved money by shutting it down. Now there is pro-rated per-minute billing. Great for elastic workload. You can use MSDN licenses on Azure for no charge. Or you can deploy pre-created images in the portal. A new rate for MSDN subscribers to run any number of VMs in Azure at up to 97% discount. MSDN subscribers get monthly credits ($50 pro, $100 premium, $150 ultimate), and you can use these VMs for free for dev/test purposes. The portal has been updated today to see what your remaining credit balance is. I might finally fire up an Azure VM.

http://aka.ms/azurecontest .. MSDN competition for subscribers that deploy an Azure app. Could win an Aston Martin.

Brian Harry

Technical Fellow – Appliance lifecycle management

Next version of Visual Studio and TFS 2013 later this year. Preview on June 26th in line with Build. How to help devs to get from idea-implementation-into customer hands-feedback and all over again. New cloud load test service from the cloud. Create the test in VS/TFS, upload it to the cloud, and it runs from there.

SQL Server 2014 is announced. Hybrid scenarios for Azure. Lots of memory work – transaction processing in RAM. Edgenet is an early adopter. They need reliable stock tracking, without human verification. This feature has moved away from once/day stock inventory batch jobs to realtime.

PixelSense monster touch TV comes out. And they start doing touch-driven analytics on the attendees. A cool 3D map of the globe allows them to visualize attendees based on regions.

Back to Brad

Windows Server 2012 R2 and System Center 2012 R2 out at the end of the year, and the previews out in June. These are based on the learnings from Azure for you to use on-premise or to build your own public cloud. Same Hyper-V as in Azure. This gives us consistency across clouds – ID, data, services across all clouds with no conversion.

Windows Azure Pack for Windows Server. This layers on top of System Center and System Center. This is the new name for Katal by the looks of it. Same portal as Azure. Get density and Service Bus on top of WSSC 2012 R2. Users deploy services on the cloud of choice.

Clare Henry, Director of Product Management comes out. You get a stack to build your clouds. Demo: and we see the Katal portal, renamed to Windows Azure Pack. Creates a VM from a gallery as a self-service user. Can deploy different versions of a VM template. All the usual number/scalability and network configuration options.

The self-service empowers the end user, builds on top of WSSC for automation, and allows the admin hands-off total control.

On to the fabric and the infrastructure. Here’s the cool stuff.

Jeff Woolsey

WSSC 2012 R2 is about agility. Storage Spaces. Automated storage tiering is coming to Storage Spaces using SSD and HDD. Bye bye EMC. That gave 16x performance improvement from 7K to 124K IOPS.

Deduplication. Enabling Dedup will actually improve the performance of VDI. We now have a special VDI mode for Hyper-V VDI. It is NOT FOR SERVER VMs. Dedup will actually 2x the performance of those VDI VMs.

Live Migration just got unreal. WS2012 R2 Live Migration can use resources of the host to do compression (for 10 GbE or less). It’ll use some resources if available … it won’t compress if there’s resource contention – to prioritise VMs.

Now LM can use SMB Direct over RDMA. And SMB Multichannel. You get even faster LMs over 10 GbE or faster networks using RDMA.

Hyper-V Replica now supports: Site A – Site B – Site C replication, e.g. replicate to local DR, and from local DR to remote DR.

I wonder how VMware’s Eric Gray will try to tap dance and spin that faster Live Migration isn’t needed. They don’t have anything close to this.

Hyper-V Recovery Manager gives you orchestration via the cloud. DR was never this easy.

Brad is back

Blue led a new development cadence. What they’ve accomplished in 9 months is simply amazing.

We can reduce the cost of infrastructure again, increase flexibility, and be heroes.

Post Event Press Conference

Hybrid cloud was the core design principal from day 1 – Brad Anderson. Organizations should demand consistency – it gives flexibility to move workloads anywhere. It’s not just virtualization – storage, Identity, networks, the whole stack.

Scott Guthrie: private cloud will probably continue forever. But don’t make forks in the road that limit your flexibility.

Windows Azure Pack is confirmed as the renamed next generation version of Katal. A new feature is the ability to use Service Bus on Windows Server, with a common management portal for private and public. No preview release date.

Thanks to Didier Van Hoye for this one. Stockholders not too confident in VMware this morning. Is it a coincidence that Microsoft stole their lunch money this morning?

To quote Thomas Maurer: we are entering the post-VMware era.

What is in Windows 8.1 for the enterprise? It is the "next vision of Windows 8". "No compromises to corporate IT".

Making your PC a hotspot is a new feature. BYOD is huge in the 8.1 release, enabled by Windows Intune. The Workplace join and selective resets are great. And the file sync feature controlled by the biz is also a nice one. XP End of Life: what is the guidance… the official line will be “the easiest path to Windows 8.1 is Windows 8”. Actually they are being realistic about Windows 7 deployment being the norm. Mobility and touch scenarios should be future proofed with the right devices. Windows 8 is the natural OS choice for this.

On System Center, it is now WSSC, Windows Server and System Center as a combined solution, designed to work at data center scale. It’s one holistic set of capabilities. Watch for networking and storage being lit up at scale via System Center. The new version of Orchestrator is entire based on PowerShell.

Technorati Tags: Event Notes,Windows Server 2012 R2,System Center,Storage,Virtualisation,Cloud,Networking

TechEd North America Live Blogging

I will be live blogging from TechEd NA 2013 next week. I’ve got a press pass (thanks to Petri IT Knowledgebase) so we’ll see where I can go, and what trouble I can create Smile Maybe I’ll even get to talk to a few people of interest.

You can track the posts under this link.

Technorati Tags: Event Notes

Build 2012 – Notes From The Keynote Stream

I am not a Build. It sold out in minutes and I wasn’t quick enough Let’s find out if everyone there is getting a free WP8 handset and/or Surface.

Out comes Steve Ballmer and his pink themed WP8 advert. In just the last 3 days, 4 million Windows 8 upgrades have been sold – this is not the misleading Software Assurance number. Stevo wants to show us Windows 8 on Windows 8 generation hardware. Oh if only these tablets and touch laptops were available in the stores …

He demos Windows 8 on the 82” Windows “Slate”, Perceptive Pixel touch TV. Nothing new – the same keynote demos as always. Once again, Acer is highlighted. Shouting about Surface ruining life for partners really pays off Smile

And a while later Steve Guggenheimer DPE comes out. Hmm, Xbox (for PC) gaming controller plugged into USB port in a Surface and used to play a game. Lots of other stuff we’ve either seen or heard many times before. I would not have highlighted the ESPN app at all. It’s the same boring screen of squares and is nothing special – in fact, it’s pretty dreadful. Plenty of nicer apps out there, such as Netflix.

Steve B is back. Twitter bringing an official app to Windows 8, along with SAP and DropBox. The big names are coming. 400,000,000 devices will be sold with Windows 8 in the next year if PC sales were to stay flat. More marketing coming, including for Surface. MSFT has to do that – the h/w partners have let the side down and MSFT has to pick up the device slack IMO.

Every Build Attendee will get 100 GB Skydrive storage for free, a Surface RT (as expected). Bast*rds!

Phone stuff after that *tunes out*

Partner Webcast – Introducing Lync Server 2013 & Lync Online

These are notes from an online webcast by the Microsoft Partner Network. I’m am far from a Lync guy so please bear with me Smile The recording should be on MPN within 48 hours.

Note that the preview bits are out for evaluation/testing. GA will probably be quite different.

Every Day Apps We Use

Lots of Office pieces
Lync tries to unify these for communications. Single client for easy use and single server for easy administration.

What’s New?

Note the federation between Lync 2013 (online and on-premises) and Skype. No news on 2010 federation yet.

On the DR side, they are “improving” metro-site resiliency (between data centres). Check the docs – calling it Easy Site Recovery. Less requirements than 2010 and more functionality offered.

VDI support: There will be some 3rd party support statements. MSFT has worked on VDI scenarios to provide high quality experience with a small plugin on the client. It should be much improved over 2012, e.g. not using an IP phone.

IPv6 is supported in this version of Lync.

Lync 2010 app is forward compatible with 2013 but with 2012 features only.

Multiparty HD Video Gallery

See up t 5 live video streams. Non-active speakers are thumbnailed below, and are promoted to video as they speak.

H.264 SVC should make it easier to integrate other video systems into Lync, apparently. SVC can use codecs for different quality/resolutions for different device types.

The Presenter Is In Control

The presenter can tune the view to suit the content/meeting as the set up the meeting.

Devices

There is an immersive optimised Windows 8 Lync app:

Mobile are getting VOIP and video in the Lync app. Mobile phones will not have full meeting content in this release. Desktop/app sharing being added to iPad (full set of meeting content).

The Web app is being enhanced for Windows & Mac. They are getting VOIP and Video – no need for a 50 MB download for the once-off partner/customer/supplier attendee. IE, Safari, and FireFox offered on PC and Mac. There is a control to default to the webapp for Mac users.

Video will not be available on Exchange OWA.

Mobile Apps will GA some months after the server bits. The Windows 8 app will GA the same time as the server bits.

Communicate Directly From Office

The people cards are Lync powered. You can contact anyone from throughout Office apparently. See what they’ve been saying recently on Social Networks, etc.

OneNote Sharing

OneNote and Lync meetings are integrated. You can associate a note with a meeting invite. You can share OneNote as additional in-meeting content. OneNote updates automatically with the meeting attendees (meeting minutes – see their invite acceptance status). The notes can be shared from many places: SkyDrive, SharePoint, your PC.

Skype

Federated. Communicate with hundreds of millions of people with presence, IM, and voice. E.g. talk to family at home when you’re on the road or in the office. Talk with other companies that are on Skype. Provide support to customers on Skype.

Video is not added in this first release of the federation. To be in a “future”, “very quick” release. It is a “high priority”. It won’t take 3 years.

Enterprise Benefits

Archiving of IM being added in the online product. Split domain being added so you can split between on-premises and online – Lync Hybrid.

Today, UK and USA users can add PSTN to their Lync online through a Telefonica subsidiary. The SIP trunks are to the MSFT data centre (alien speak to me – I’m allergic to phones).

In this release, you can link your PBX into Lync Online – Lync Hybrid. You can still use you existing contracts, PBX, etc. More details to come from MSFT later or in preview documentation.

Persistent Chat not in online product. Response Groups not in this release of Lync Online.

Windows 8 Lync App Is Not Public Yet

Metro App, including Windows RT:

Note that the Lync app also uses the Windows 8 charms.

Designed for side-by-side, only possible on Windows 8:

Technorati Tags: Event Notes,Lync,Office

Notes–Enabling Disaster Recovery for Hyper-V Workloads Using Hyper-V Replica

I’m taking notes from VIR302 in this post. I won’t be repeating stuff I’ve blogged about previously.

Outage Information in SMEs

Data from Symantec SMB Disaster Preparedness Survey, 2011. 1288 SMBs with 5-1000 employees worldwide.

Average number of outages per year? 6
What does this outage cost per day? $12,500

That’s an average cost of $75,000 per year! To an SME! That could be 2 people’s salary for a year.

% That do not have a recovery plan: 50%. I think more business in this space don’t have DR.
What is their plan? Scream help and ask for pity.

Hyper-V Replica IS NOT Clustering And IT IS NOT a Cluster Alternative

Hyper-V Replica IS ALSO NOT Backup Replacement

It is a replication solution for replicating VMs to another site. I just know someone is going to post a comment asking if they can use it as a cluster alternative [if this is you – it will be moderated to protect you from yourself so don’t bother. Just re-read this section … slowly].

Failover Clustering HA: Single copy, automated failover within a cluster. Corruption loses the single copy.
Hyper-V Replica: Dual asynchronous copy with recent changes, manual failover designed for replication between sites. Corruption will impact original immediately and DR copy within 10 minutes.
Backup: Historical copy of data, stored locally and/or remotely, with the ability to restore a completely corrupted VM.

Certificates

For machines that are non-domain joined or non-trusted domain members. Hoster should issue certs to the customer in the hosted DR scenario.

Compression

Can disable it for WAN optimizers that don’t work well with pre-optimised traffic.

Another Recovery History Scenario

The disaster brought down VMs at different points. So VMA died at time A and VMB died at time C. Using this feature, you can reset all VMs back to time A to work off of a similar set of data.

You can keep up to 15 recovery points per day. Each recovery point is an hour’s worth of data.

The VSS option (application consistent recovery) fires every two hours. Every 2nd hour (or whatever depending on where you set the VSS slider) in the cycle it triggers VSS. All the writes in the guest get flushed. That replica is then sent over.

Note that the Hyper-V VSS action will not interfere with backup VSS actions. Interoperability testing has been done.

So if you’re keeping recovery snapshots, you’ll have standard replicas and application consistent (VSS) replicas. They’ll all be an hour apart, and alternating (if every 2nd hour). Every 5 minutes the changes are sent over, and every 13th one is collapsed into a snapshot (that’s where the 1 hour comes from).

Every 4 hours appears to be the sweet spot because VSS does have a performance impact on the guests.

Clusters

You can replicate to/from clusters. You cannot replicate from one node to another inside a cluster (can’t have duplicate VM GUIDs and you have shared storage).

Alerting

If 20% of cycles in the last hour are missed then you get a warning. This will self-close when replication is healthy again.

PowerShell

24 Hyper-V Replica cmdlets:

19 of them via get-command –Module hyper-v | where {$_.Name –like “*replication*”}
5 more via get-command –Module hyper-v | where {$_.Name –like “*failover*”}

Measure-VMReplication will return status/health of Hyper-V Replica on a per-VM basis.

Measure-VMReplication | where {$_.ReplicationHealth –eq “Critical”}

Could use that as a part of a scheduled script, and then send an email with details of the problem.

Replica Mechanism

Refers to the HRL (Hyper-V Replica Log) process as a write splitter. They use HTTP(s) for WAN traffic robustness. It’s also hosting company friendly. The HRL is swapped out before sending for a new HRL.

There is a threshold where the HRL cannot exceed half the VHD size. If WAN/storage goes down and this happens then HVR goes into a “resync state” (resynchronisation). When the problem goes away HVR automatically re-establishes replication.

VM Mobility

HVR policy follows the VM with any kind of migration scenario. Remember that replication is host/host. When the VM is moved from host A to host B, replication for the VM from host A is broken. Replication for the VM starts on host B. Host B must be already authorized on the replica host(s) – easier with cluster Hyper-V Replica broker.

IP Addressing VMs In DR Site

Inject static address – Simplest option IMO
Auto-assignment via DHCP – Worst option IMO because DHCP on servers is messy
Preserve IP address via Network Virtualisation – Most scalable option for DR clouds IMO with seamless failover for customers with VMs on a corporate WAN. Only one for seamless name resolution, I think, unless you spend lots on IP virtualisation in the WAN.

Failover Types

Planned Failover (downtime during failover sequence):

Shutdown primary VM
Send last log – run planned failover action from primary site VM. That’ll do the rest for us.
Failover replica VM
Reverse replication

Test Failover (no downtime):

Can test any recovery point without affecting replication on isolated test network.

Start test failover, selecting which copy to test with (if enabled). It does the rest for you.
Copies VM (new copy called “<original VM name> – test”) using a snapshot
Connects VM to test virtual switch
Starts up test VM

Network Planning

Capacity planning is critical. Designed for low bandwidth
Estimate rate of data change
Estimate for peak usage and effective network bandwidth

My idea is to analyse incremental backup size, and estimate how much data is created every 5 minutes.

Use WS2012 QoS to throttle replication traffic.

Replicating multiple VMs in parallel:

Higher concurrency leads to resource contention and latency
Lower concurrency leads to underutilizing and less protection for the business

Manage initial replication through scheduling. Don’t start everything at once for online initial synchronisation.

What they have designed for:

Server Impact of HVR

On the source server:

Storage space: proportional to the writes in the VM
IOPS is approx 1.5 times write IOPS

On the replica server:

Storage space: proportional to the write churn. Each additional recovery point approx 10% of the base VHD size.
Storage IOPS: 0.6 times write IOPS to receive and convert. 3-5 times write IOPS to receive, apply, merge, for additional recovery points.

There is a price to pay for recovery points. RECOMMENDATION by MSFT: Do not use replica servers for normal workloads if using additional recovery points because of the IOPS price.

Memory: Approx 50 MB per replicating VM

CPU impact: <3%

Technorati Tags: Event Notes,Windows Server 2012,Hyper-V,Virtualisation,DR

Notes: Continuously Available File Server – Under The Hood

Here are my notes from TechEd NA session WSV410, by Claus Joergensen. A really good deep session – the sort I love to watch (very slowly, replaying bits over). It took me 2 hours to watch the first 50 or so minutes 🙂

For Server Applications

The Scale-Out File Server (SOFS) is not for direct sharing of user data. MSFT intend it for:

Hyper-V: store the VMs via SMB 3.0
SQL Server database and log files
IIS content and configuration files

Required a lot of work by MSFT: change old things, create new things.

Benefits of SOFS

Share management instead of LUNs and Zoning (software rather than hardware)
Flexibility: Dynamically reallocate server in the data centre without reconfiguring network/storage fabrics (SAN fabric, DAS cables, etc)
Leverage existing investments: you can reuse what you have
Lower CapEx and OpEx than traditional storage

Key Capabilities Unique to SOFS

Dynamic scale with active/active file servers
Fast failure recovery
Cluster Shared Volume cache
CHKDSK with zero downtime
Simpler management

Requirements

Client and server must be WS2012:

SMB 3.0
It is application workload, not user workload.

Setup

I’ve done this a few times. It’s easy enough:

Install the File Server and Failover Clustering features on all nodes in the new SOFS
Create the cluster
Create the CSV(s)
Create the File Server role – clustered role that has it’s own CAP (including associated computer object in AD) and IP address.
Create file shares in Failover Clustering Management. You can manage them in Server Manager.

Simple!

Personally speaking: I like the idea of having just 1 share per CSV. Keeps the logistics much simpler. Not a hard rule from MSFT AFAIK.

And here’s the PowerShell for it:

CSV

Fundamental and required. It’s a cluster file system that is active/active.
Supports most of the NTFS features.
Direct I/O support for file data access: whatever node you come in via, then Node 2 has direct access to the back end storage.
Caching of CSVFS file data (controlled by oplocks)
Leverages SMB 3.0 Direct and Multichannel for internode communication

Redirected IO:

Metadata operations – hence not for end user data direct access
For data operations whena file is being accessed simultaneously by multiple CSVFS instances.

CSV Caching

Windows Cache Manager integration: Buffered read/write I/O is cached the same way as NTFS
CSV Block Caching – read only cache using RAM from nodes. Turned on per CSV. Distributed cache guaranteed to be consistent across the cluster. Huge boost for polled VDI deployments – esp. during boot storm.

CHDKDSK

Seamless with CSV. Scanning is online and separated from repair. CSV repair is online.

Cluster checks once/minute to see if chkdsk spotfix is required
Cluster enumerates NTFS $corrupt (contains listing of fixes required) to identify affected files
Cluster pauses the affected CSVFS to pend I/O
Underlying NTFS is dismounted
CHKDSK spotfix is run against the affected files for a maximum of 15 seconds (usually much quicker) to ensure the application is not affected
The underlying NTFS volume is mounted and the CSV namespace is unpaused

The only time an application is affected is if it had a corrupted file.

If it could not complete the spotfix of all the $corrupt records in one go:

Cluster will wait 3 minutes before continuing
Enables a large set of corrupt files to be processed over time with no app downtime – assuming the apps’ files aren’t corrupted – where obviously the would have had downtime anyway

Distributed Network Name

A CAP (client access point) is created for an SOFS. It’s a DNS name for the SOFS on the network.
Security: creates and manages AD computer object for the SOFS. Registers credentials with LSA on each node

The actual nodes of the cluster nodes are used in SOFS for client access. All of them are registered with the CAP.

DNN & DNS:

DNN registers node UP for all notes. A virtual IP is not used for the SOFS (previous)
DNN updates DNS when: resource comes online and every 24 hours. A node added/removed to/from cluster. A cluster network is enabled/disabled as a client network. IP address changes of nodes. Use Dynamic DNS … a lot of manual work if you do static DNS.
DNS will round robin DNS lookups: The response is a list of sorted addresses for the SOFS CAP with IPv6 first and IPv4 done second. Each iteration rotates the addresses within the IPv6 and IPv4 blocks, but IPv6 is always before IPv4. Crude load balancing.
If a client looks up, gets the list of addresses. Client will try each address in turn until one responds.
A client will connect to just one cluster node per SOFS. Can connect to multiple cluster nodes if there are multiple SOFS roles on the cluster.

SOFS

Responsible for:

Online shares on each node
Listen to share creations, deletions and changes
Replicate changes to other nodes
Ensure consistency across all nodes for the SOFS

It can take the cluster a couple of seconds to converge changes across the cluster.

SOFS implemented using cluster clone resources:

All nodes run an SOFS clone
The clones are started and stopped by the SOFS leader – why am I picturing Homer Simpson in a hammock while Homer Simpson mows the lawn?!?!?
The SOFS leader runs on the node where the SOFS resources is actually online – this is just the orchestrator. All nodes run independently – moving or crash doesn’t affect the shares availability.

Admin can constrain what nodes the SOFS role is on – possible owners for the DNN and SOFS resource. Maybe you want to reserve other nodes for other roles – e.g. asymmetric Hyper-V cluster.

Client Redirection

SMB clients are distributed at connect time by DNS round robin. No dynamic redistribution.

SMB clients can be redirected manually to use a different cluster node:

Cluster Network Planning

Client Access: clients use the cluster nodes client access enable public networks

CSV traffic IO Redirection:

Metadata updates – infrequent
CSV is built using mirrored storage spaces
A host loses direct storage connectivity

Redirected IO:

Prefers cluster networks not enabled for client access
Leverages SMB Multichannel and SMB Direct
iSCSI Networks should automatically be disabled for cluster use – ensure this is so to reduce latency.

Performance and Scalability

SMB Transparent Failover

Zero downtime with small IO delay. Supports planned and unplanned failovers. Resilient for both file and directory operations. Requires WS2012 on client and server with SMB 3.0.

Client operation replay – If a failover occurs, the SMB client reissues those operations. Done with certain operations. Others like a delete are not replayed because they are not safe. The server maintains persistence of file handles. All write-throughs happen straight away – doesn’t effect Hyper-V.

The Resume Key Filter fences off file handles state after failover to prevent other clients grabbing files when the original clients expect to have access when they are failed over by the witness process. Protects against namespace inconsistency – file rename in flight. Basically deals with handles for activity that might be lost/replayed during failover.

Interesting: when a CSV comes online initially or after failover, the Resume Key Filter locks the volume for a few seconds (less than 3 seconds) for a database (state info store in system volume folder) to be loaded from a store. Namespace protection then blocks all rename and create operations for up to 60 seconds to allow for local file hands to be established. Create is blocked for up to 60 seconds as well to allow remote handles to be resumed. After all this (up to total of 60 seconds) all unclaimed handles are released. Typically, the entire process is around 3-4 seconds. The 60 seconds is a per volume configurable timeout.

Witness Protocol (do not confuse with Failover Cluster File Share Witness):

Faster client failover. Normal SMB time out could be 40-45 seconds (TCP-based). That’s a long timeout without IO. The cluster informs the client to redirect when the cluster detects a failure.
Witness does redirection at client end. For example – dynamic reallocation of load with SOFS.

Client SMB Witness Registration

Client SMB connects to share on Node A
Witness on client obtains list of cluster members from Witness on Node A
Witness client removes Node A as the witness and selects Node B as the witness
Witness registers with Node B for notification of events for the share that it connected to
The Node B Witness registers with the cluster for event notifications for the share

Notification:

Normal operation … client connects to Node A
Unplanned failure on Node A
Cluster informs Witness on Node B (thanks to registration) that there is a problem with the share
The Witness on Node B notifies the client Witness that Node A went offline (no SMB timeout)
Witness on client informs SMB client to redirect
SMB on client drops the connection to Node A and starts connecting to another node in the SOFS, e.g. Node B
Witness starts all over again to select a new Witness in the SOFS. Will keep trying every minute to get one in case Node A was the only possibility

Event Logs

All under Application and Services – Microsoft – Windows:

SMBClient
SMBServer
ResumeKeyFilter
SMBWitnessClient
SMBWitnessService

Technorati Tags: Event Notes,SQL,Storage,Virtualisation,Windows Server 2012

Notes: Microsoft Virtual Machine Converter Solution Accelerator

These are my notes from the TechEd NA recording of WCL321 with Mikael Nystrom.

Virtual Machine Converter (VMC)

VMC is a free-to-download Solution Accelerator that is currently in beta. Solution Accelerators are glue between 2 MSFT products to provide a combined solution. MAP, MDT are other examples. They are supported products by MSFT.

The purpose of the tool is to convert VMware VMs into Hyper-V VMs. It can be run as standalone or it can be integrated into System Center, e.g. Orchestrator Runbooks.

It offers a GUI and command line interface (CLI). Nice quick way for VMware customers to evaluate Hyper-V – convert a couple of known workloads and compare performance and scalability. It is a low risk solution; the original VM is left untouched.

It will uninstall the VMware tools and install the MSFT Integration components.

The solution also fixes drive geometries to sort out possible storage performance issues – basic conversion tools don’t do this.

VMware Support

It supports:

vSphere 4.1 and 5.0
vCenter 4.1 and 5.0
EXS/ESXi

Disk types from VMware supported include:

VMFS Flat and Sparse
Stream optimised
VMDK flat and sparse
Single/multi-extent

Microsoft Support

Beta supports Windows VMs:

Server 2003 SP2 x64/x86
7 x64/x86
Server 2008 R2 x64
Server 2008 x64 (RC)
Vista x86 (RC)

Correct; no Linux guests can be converted with this tool.

In the beta the Hyper-V support is:

Windows Server 2008 R2 SP1 Hyper-V
VHD Fixed and Dynamic

In the RC they are adding:

Windows Server 2012 and Windows 8 Hyper-V
VHDX (support to be added in RTM)

Types of Conversion

Hot migration: no downtime to the original VM. Not what VMC does. But check the original session recording to see how Mikael uses scripts and other MSFT tools to get one.
Warm: start with running VM. Create a second instance but with service interruption. This is what VMC does.
Cold: Start with offline VM and convert it.

VMC supports Warm and Cold. But there are ways to use other MSFT tools to do a Hot conversion.

Simplicity

MSFT deliberately made it simple and independent of other tools. This is a nice strategy. Many VMware folks want Hyper-V to fail. Learning something different/new = “complexity”, “Microsoft do it wrong” or “It doesn’t work”. Keeping it simple defends against this attitude from the stereotypical chronic denier.

Usage

Run it from a machine. Connect to ESXi or vCenter machine (username/password). Pick your VM(s). Define the destination host/location. Hit start and monitor.

The VM is snapshotted.
The VMware Tools are removed.
The VM is turned off.
The VMDK is transferred to the VMC machine
The VMDK is converted. You will need at least twice the size of the VMDK file … plus some space (VHD will be slightly larger). Remember that Fixed VHD is full size in advance.
The VHD is copied to the Hyper-V host.
The new Hyper-V VM is built using the VM configuration on the VMware host.
The drive is added to the VM configuration.
The VM is started.
The Hyper-V integration components are installed.

The conversion will create a Hyper-V VM without a NIC. Supposed to prevent split-brain conversion where source and target VM are both online at the same time. I’d rather have a tick box.

If a snapshot is being used … then you will want any services on that VM offline …. file shares, databases, etc. But offline doesn’t mean powering down the VM …. we need it online for the VMware tools removal.

The Wizard

A VM must has a FQDN to be converted. Install the VMware tools and that makes the VM convertible. This is required to make it possible to … uninstall the VMware tools Smile

It will ask for your credentials to log into the guest OS for the VMware tools uninstall.

Maybe convert the VM on an SSD to speed things up.

Technorati Tags: Event Notes,Hyper-V,VMware,Virtualisation

TechEd Europe 2012 Day 1 Keynote Notes #TEE12

Great that TechEd is back in Amsterdam. I wish I was there. Berlin is a nice city, but the Messe is a hole.

Brad Anderson

Mentions the Yammer acquisition, Windows Phone 8, and the new Surface tablets. He’s talking about change. Is it chaos or is it opportunity? Pitching the positive spin of innovation in change.

Think of storage, compute, and network as one entity, manage it as such. In other words: Windows Server 2012, System Center 2012, and Azure are integration into a single solution – you pick and choose the ingredients that you want in the meal.

Patrick Lownds has tweeted a great word: convergence. This is beyond hybrid cloud; this is converged clouds.

Design with the knowledge that failures happen. That’s how you get uptime and continuous availability of the service. Automation of process allows scalability.

Hyper-V: “no workload that you cannot virtualise and run on Hyper-V”. We’re allegedly going to see the largest every publicly demonstrated virtual machine.

Jeff Woolsey

The energetic principal PM for Windows Server virtualisation. “Extend to the cloud on your terms”. Targeted workloads that were not virtualisable. Dozens of cores. Hundreds of MB RAM. Massive IOPS requirements. This demo (40 SSDs) is same as 10 full sized fully populated racks of traditional SAN disk. MSFT using SSD in this demo. VMware: up to 300,000 IOPS. Hyper-V now beats what it did in TechEd USA: Over 1,000,000 (1 million) IOPS from a Hyper-V VM.

Iometer

Now we see the Cisco Nexus 1000v Hyper-V Switch extension (not a switch replacement like in VMware). Shows off easy QoS policy deployment.

PowerShell: Over 2400 cmdlets in WS2012. Now we’re going to see Hyper-V Replica management via System Center 2012 Orchestrator. A Site Migration runbook. It verifies source/destination, and then it brings up the VMs in the target location in the order defined by the runbook. And we see lots of VMs power up.

Once again, we see System Center 2012 App Controller integrating with a “hosting company” and enabling additional VM hosting capacity beyond the private cloud.

I”m wrapping up here … looks like the keynote is mostly the same as the USA one (fine for 99% of the audience who aren’t hooked to their Twitter/RSS like myself) and I have to head to work.

This keynote recording will be available on Channel 9, and the USA one is already there. Enjoy!

Technorati Tags: Event Notes

Windows Server 2012 NIC Teaming and Multichannel

Notes from TechEd NA 2012 WSV314:

Terminology

It is a Team, not NIC bonding, etc.
A team is made of Team Members
Team Interfaces are the virtual NICs that can connect to a team and have IP stacks, etc. You can call them tNICs to differentiate them from vNICs in the Hyper-V world.

Team Connection Modes

Most people don’t know the teaming mode they select when using OEM products. MSFT are clear about what teaming does under the cover. Connection mode = how do you connect to the switch?

Switch Independent can be used where the switch doesn’t need to know anything about the team.
Switch dependent teaming is when the switch does need to know something about the team. The switch decides where to send the inbound traffic.

There are 2 switch dependent modes:

LACP (Link Aggregation Control Protocol) is where the is where the host and switch agree on who the team members are. IEEE 802.1ax
Static Teaming is where you configure it on the switch.

Load Distribution Modes

You also need to know how you will spread traffic across the team members in the team.

1) Address Hash comes in 3 flavours:

4-tuple (the default): Uses RSS on the TCP/UDP ports.
2-tuple: If the ports aren’t available (encrypted traffic such as IPsec) then it’ll go to 2-tuple where it uses the IP address.
MAC address hash: If not IP traffic, then MAC addresses are hashed.

2) We also have Hyper-V Port, where it hashes the port number on the Hyper-V switch that the traffic is coming from. Normally this equates to per-VM traffic. No distribution of traffic. It maps a VM to a single NIC. If a VM needs more pipe than a single NIC can handle then this won’t be able to do it. Shouldn’t be a problem because we are consolidating after all.

Maybe create a team in the VM? Make sure the vNICs are on different Hyper-V Switches.

SR-IOV

Remember that SR-IOV bypasses the host stack and therefore can’t be teamed at the host level. The VM bypasses it. You can team two SR-IOV enabled vNICs in the guest OS for LBFO.

Switch Independent – Address Hash

Outbound traffic in Address Hashing will spread across NICs. All inbound traffic is targeted at a single inbound MAC address for routing purposes, and therefore only uses 1 NIC. Best used when:

Switch diversity is a concern
Active/Standby mode
Heavy outbound but light inbound workloads

Switch Independent – Hyper-V Port

All traffic from each VM is sent out on that VM’s physical NIC or team member. Inbound traffic also comes in on the same team member. So we can maximise NIC bandwidth. It also allows for maximum use of VMQs for better virtual networking performance.

Best for:

Number of VMs well exceeds number of team members
You’re OK with VM being restricted to bandwidth of a single team member

Switch Dependent Address Hash

Sends on all active members by using one of the hashing methods. Receives on all ports – the switch distributes inbound traffic. No association between inbound and outbound team members. Best used for:

Native teaming for maximum performance and switch diversity is not required.
Teaming under the Hyper-V switch when a VM needs to exceed the bandwidth limits of a single team member Not as efficient with VMQ because we can’t predict the traffic.

Best performance for both inbound and outbound.

Switch Dependent – Hyper-V Port

Sends on all active members using the hashed port – 1 team member per VM. Inbound traffic is distributed by the switch on all ports so there is no correlation to inbound and outbound. Best used when:

When number of VMs on the switch well exceeds the number of team members AND
You have a policy that says you must use switch dependent teaming.

When using Hyper-V you will normally want to use Switch Independent & Hyper-V Port mode.

When using native physical servers you’ll likely want to use Switch Independent & Address Hash. Unless you have a policy that can’t tolerate a switch failure.

Team Interfaces

There are different ways of interfacing with the team:

Default mode: all traffic from all VLANs is passed through the team
VLAN mode: Any traffic that matches a VLAN ID/tag is passed through. Everything else is dropped.

Inbound traffic passes through to one team interface at once.

The only supported configuration for Hyper-V is shown above: Default mode passing through all traffic t the Hyper-V Switch. Do all the VLAN tagging and filtering on the Hyper-V Switch. You cannot mix other interfaces with this team – the team must be dedicated to the Hyper-V Switch. REPEAT: This is the only supported configuration for Hyper-V.

A new team has one team interface by default.

Any team interfaces created after the initial team creation must be VLAN mode team interfaces (bound to a VLAN ID). You can delete these team interfaces.

Get-NetAdapter: Get the properties of a team interface

Rename-NetAdapter: rename a team interface

Team Members

Any physical ETHERNET adapter with a Windows Logo (for stability reasons and promiscuous mode for VLAN trunking) can be a team member.
Teaming of InfiniBand, Wifi, WWAN not supported.
Teams made up of teams not supported.

You can have team members in active or standby mode.

Virtual Teams

Supported if:

No more than 2 team members in the guest OS team

Notes:

Intended for SR-IOV NICs but will work without it.
Both vNICs in the team should be connected to different virtual switches on different physical NICs

If you try to team a vNIC that is not on an External switch, it will show up fine and OK until you try to team it. Teaming will shut down the vNIC at that point.

You also have to allow teaming in a vNIC in Advanced Properties – Allow NIC teaming. Do this for each of the VM’s vNICs. Without this, failover will not succeed.

PowerShell CMDLETs for Teaming

The UI is actually using POSH under the hood. You can use the NIC Teaming UI to remotely manage/configure a server using RSAT for Windows 8. WARNING: Your remote access will need to run over a NIC that you aren’t altering because you would lose connectivity.

Supported Networking Features

NIC teaming works with almost everything:

TCP Chimney Offload, RDMA and SR-IOV bypass the stack so obviously they cannot be teamed in the host.

Limits

32 NICs in a team
32 teams
32 team interfaces in a team

That’s a lot of quad port NICs. Good luck with that! Winking smile

SMB Multichannel

An alternative to a team in an SMB 3.0 scenario. Can use multiple NICs with same connectivity, and use multiple cores via NIC RSS to have simultaneous streams over a single NIC (RSS) or many NICs (teamed, not teamed, and also with RSS if available). Basically, leverage more bandwidth to get faster SMB 3.0 throughput.

Without it, a 10 GbE NIC would only be partly used by SMB – single CPU core trying to transmit. RSS makes it multi-threaded/core, and therefore many connections by the data transfer.

Remember – you cannot team RDMA. So another case to use Multichannel and get an LBFO effect is to use SMB Multichannel …. or I should say “use” … SMB 3.0 turns it on automatically if multiple paths are available between client and server.

SMB 3.0 is NUMA aware.

Multichannel will only use NICs of same speed/type. Won’t see traffic spread over a 10 GbE and a 1 GbE NIC, for example, or over RDMA-enabled and non-RDMA NICs.

In tests, the throughput on RSS enabled 10 GbE NICs (1, 2, 3, and 4 NICs), seemed to grow in a predictable near-linear rate.

SMB 3.0 uses a shortest queue first algorithm for load balancing – basic but efficient.

SMB Multichannel and Teaming

Teaming allows for faster failover. MSFT recommending teaming where applicable. Address-hash port mode with Multichannel can be a nice solution. Multichannel will detect a team and create multiple connections over the team.

RDMA

If RDMA is possible on both client and server then SMB 3.0 switches over to SMB Direct. Net monitoring will see negotiation, and then … “silence” for the data transmission. Multichannel is supported across single or multiple NICs – no NIC teaming, remember!

Won’t Work With Multichannel

Single non-RSS capable NIC
Different type/speed NICs, e.g. 10 GbE RDMA favoured over 10 GbE non-RDMA NIC
Wireless can be failed from but won’t be used in multi-channel

Supported Configurations

Note that Multichannel over a team of NICs is favoured over multichannel over the same NICs that are not in a team. Added benefits of teaming (types, and fast failover detection). This applies, whether the NICs are RSS capable or not. And the team also benefits non-SMB 3.0 traffic.

Troubleshooting SMB Multichannel

Plenty to think about there, folks! Where it applies in Hyper-V?

NIC teaming obviously applies.
Multichannel applies in the cluster: redirected IO over the cluster communications network
Storing VMs on SMB 3.0 file shares

Technorati Tags: Event Notes,Windows Server 2012,Networking

Windows Server 2012 High-Performance, Highly-Available Storage Using SMB

Notes from TechEd NA 2012 session WSV303:

One of the traits of the Scale-Out File Server is Transparent Failover for server-server apps such as SQL Server or Hyper-V. During a host power/crash/network failure, the IO is paused briefly and flipped over to an alternative node in the SOFS.

Transparent Failover

The Witness Service and state persistence enable Transparent Failover in SMB 3.0 SOFS. The Witness plays a role in unplanned failover. Instead of a TCP timeout (40 seconds and causing application issues), speeds up the process. It tells the client that the server that they were connected to has failed and should switch to a different server in the SOFS.

NTFS Online Scan and Repair

CHKDSK can take hours/days on large volumes.
Scan done online
Repair is only done when the volume is offline
Zero downtime with CSV with transparent repair

Clustered Hardware RAID

Designed for when using JBOD, probably with Storage Spaces.

Resilient File System (ReFS)

A new file system as an alternative to NTFS (which is very old now). CHKDSK is not needed at all. This will become the standard file system for Windows over the course of the next few releases.

Comparing the Performance of SMB 3.0

Wow! SMB 3.0 over 1 Gbps network connection achieved 98% of DAS performance using SQL in transactional processing.

If there are multiple 1 Gbps NICs then you can use SMB Multichannel which gives aggregated bandwidth and LBFO. And go extreme with SMB Direct (RDMA) to save CPU.

VSS and SMB 3.0 File Shares

You need a way to support remote VSS snapshots for SMB 3.0 file shares if supporting Hyper-V. We can do app consistent snapshots of VMs stored on a WS2012 file server. Backup just works as normal – backing up VMs on the host.

Backup talks to backup agent on host.
Hyper-V VSS Writer reaches into all the VMs and ensures everything is consistent.
VSS engine is then asked to do the snapshot. In this case, the request is relayed to the file server where the VSS snapshot is done.
The path to the snapshot is returned to the Hyper-V host and that path is handed back to the backup server.
The backup server can then choose to either grab the snapshot from the share or from the Hyper-V host.

Data Deduplication

Dedup is built into Windows Server 2012. It is turned on per-volume. You can exclude folders/file types. By default files not modified in 5 days are deduped – SO IT DOES NOT APPLY TO RUNNING VMs. It identifies redundant data, compresses the chunks, and stores them. Files are deduped automatically and reconstituted on the fly.

REPEAT: Deduplication is not intended for running virtual machines.

Unified Storage

The iSCSI target is now built into WS2012 and can provide block storage for Hyper-V before WS2012. ?!?!?! I’m confused. Can be used to boot Hyper-V hosts – probably requiring iSCSI NICs with boot functionality.

Technorati Tags: Event Notes,Windows Server 2012,Storage