Windows Server – What’s New & What’s Next

Speakers:

  • Erin Chapple, General Manger Windows Server
  • Chris Van Wesep, Director Product Marketing

Erin Chapple starts things. Today they’ll talk about what’s new in Windows Server, what’s the future, and the hybrid/migration opportunities.

WS2016 Looking Back

Most cloud-ready OS:

  • Built-in security: Protection of identity (Credential Guard), secure the virtualization platform (shielded VMs, vTPM), and built-in layers of security (VSM, etc)
  • Azure-inspired infrastructure: Storage Spaces Direct, Network Controller, learnings from hyper-scale, affordable.
  • Hybrid application platform: Support for containers, built-for-purpose OS, Azure Hybrid Benefit for SA/Azure transition

Some customer case studies come up. Rackspace used Shielded VMs, Nano Server for applications (woops!) for hosting. A “large investigative government agency” needed to preserve lots of seized data (PB + per case). They used Storage Spaces Direct (S2D) on 8-node clusters, with data in VMs to isolate one investigation from another. biBERK used containers to deploy 22 apps on WS2016 Containers with Docker in less than 1 week.

The key for software-defined is the hardware. They leverage offloads so much that hardware must be more reliable. There is a Windows Server Software Defined Program (WSSD) and the site with all the info is http://docs.microsoft.com/en-us/windows-server/sddc.

Supporting You Wherever You Are

WS2016 is the basis of on-premises, Azure, and Azure Stack (hybrid). 80% of enterprises see themselves operating in a hybrid mode for the foreseeable future. 55% have a hybrid strategy in place as of a year ago. 87% are planning to integrate on-premises datacentres with public cloud.

Hybrid is not about a network connection. It’s about consistency right down to the API level: unified development, VMs, storage, data, identity, and much more.

Will Gries – Azure File Sync

This is a new hybrid service that is a part of Azure Files. Centralize storage in Azure Files, but without giving up the file server. You effectively cache data locally on file servers for fast local performance. The cloud enables sync between site, centralized backup, and easy DR.

He starts a demo. The file sync agent is installed on a WS2016 file server. It is syncing to Azure. He proves this by changing & deleting things on Azure and it syncs to the cloud. It’s all near realtime, using change notifications on file server to ensure that sync happens very quickly. Cloud Tiering enables the “cache” feature. The greyed files with an O attribute have a disk size of 0 bytes because they are stored in Azure. If he opens the file, it’s recalled from Azure Files seamlessly. Files that are able to do partial reads/writes can stream from Azure – he opens a video and we can see in the UI that it is streaming from Azure. In file properties, we can see it has downloaded the blocks via the stream, optimizing the download to only required blocks, thanks to streaming.

Back to Erin.

Windows Server Cadence

Industry is moving incredibly fast. Industries in that fast lane need server improvements faster. There will be two channels of Windows Server:

  • Semi-annual channel. An opt-in for SA or Azure customers, releasing every spring/autumn. Each release is supported for 18 months, so you can choose to skip every second release. Build = approx year/month, e.g. 1709 will be released in month 10 of 2017.
  • Long-term Servicing Channel: For everyone outside of SA/Azure or not wanting to upgrade every 6-12 months. Typical 5+5 years support program and in all channels. Name = Windows Server + Year.

Many companies will use a mix of both channels, selecting the channel based on demands of an application/service.

Windows Server Insiders will give you a sneak peek of semi-annual channel releases.

The date of the next LTSC release is not announced, but it’s going to be after 2018.

Introducing Server Core to Semi-Annual Channel

Server Core is replacing Nano Server for infrastructure and VM roles. Nano Server adoption was very low in these areas. In 1709, Nano Server is completely focused on containers. It is much smaller for containers by stripping out the infrastructure pieces. Server Core should be a “soft landing” for moving applications from Nano Server. Server Core is the MS recommended choice for infrastructure roles.

Note by me: I will continue to recommend full installations for infrastructure roles. The full GUI is not in the semi-annual channel. So if you want rapid upgrades, you better learn some PowerShell to troubleshoot your networking and drivers/firmware.

What’s New in 1709

Hybrid Application platform and Modern Management

Jeff Woolsey

Jeff tells us that containers are the same journey that we went through with virtualization. Containers will happen, but they won’t kill virtualization – they work together. We’re at the beginning of the next 10 year journey with containers. Jeff says that cloud admins, hybrid admins, IT pros, must learn containerization.

Hybrid Application Platform

  • Nano Server just wasn’t right for virtualization: drivers, installation, patching, etc. So they switched the focus entirely to containers to make it faster to deploy/update, and to get higher levels of density & performance.
  • .NET Core 2.0 and SMB support was added for containers … allows containers to store data on SMB 3.0 storage.
  • Linux containers with Hyper-V Isolation enables a cross-platform to run all kinds of containers but in a secure way (each container running real Linux kernels n a Hyper-V child partition), and Windows Subsystem for Linux. When Win10 added WSL, Microsoft wasn’t planning to do it for Windows Server. With Linux Containers, the case for Bash management on the host made this a viable option.

Telemetry shows that most people using Windows Server containers are choosing the Hyper-V model for security.

All of this is wrapped up in Modern Management.

Demo: Enabling Cloud Apps with Nano Server & Containers

This is the next generation P2V … moving applications (Docker Convert) from VMs to containers. In the demo, Jeff uses Docker to deploy a Hyper-V container in a container. It runs SQL Server & IIS. The Docker tools on GitHub converted the app to an image in less than 1 hour. Now the image is a container image which is easy to deploy. When running in a container, it uses a fraction of the resources that were used by VMs.

Next he deploys a Linux container image with Tomcat Server, on the same Windows Server host as the Windows container.

Nano Server

The base image for WS2016 Nano Server was 383 MB. In 1709 is 78 MB. With .Net it went from 413 MB to 107 MB. Those are the compressed numbers.

Uncompressed: the base image wen from 1.05 GB to 195 MB, and with .NET it went from 1.15 GB to 262 MB.

Management Re-Imagined

  • This is next-generation of “in-box” tooling.
  • Simplified, integrated and secure.
  • Extensible

Required for Server Core in the real world. The UI is HTML5 and touch friendly. It has to manage the h/w, the local VMs, and VMs in Azure.

Today we use Task Manager, MMC based tools like Hyper-V Manager, Perfmon, Device Manager, etc, CMD.EXE, PowerShell, Serer Manager, etc. Jeff mentions lots more tools Smile

Project Honolulu

A HTML5-based touch-friendly UI. It’s running on Jeff’s laptop against 4 servers under his desk back in the office. He opens the Overview (Task Manager info). Computer name and domain join are there. Environment variables, RDP are here. Restart/shutdown are here.

Roles and Features is next. No more need for Server Manager (yay!). Roles & features easily installed remotely. Events shows all the event viewer info. Note that filtering UI is much better here than in the MMC. Files allows you to browse and edit the file system on a managed server. Virtual machines allows Hyper-V VM management.

The system is agentless. Honolulu is a 30 MB MSI download to a management node which you browse to. It even works on Safari on Mac.

Honolulu will be a free download when it goes GA.

Back to Erin

What’s Next For Project Honolulu

A peek into the pipeline … things they are exploring and experimenting with.

Azure Backup in Honolulu – a wizard to set up the Azure bits and start backing up items/system state. They show some mockups of it all being driven from Honolulu instead of the Azure Portal.

The Azure Connection

Chris comes on stage to talk about Hybrid scenarios.

He starts off by talking about Software Assurance. Highlighted features:

  • Required for Semi-Annual releases
  • Hybrid Use Benefit to move to Azure  – up to 40% savings on the cost of Windows Server Azure VMs

Premium Assurance add-on adds 6 years of support to the normal 5+5 model (16 years total) for applications that cannot stay up to date, but can continue to get security updates.

If you watch this session, please note that Chris over-simplifies (a lot) the Hybrid Use benefit. It’s actually quite complex, regarding moving & co-using licenses and core counts.

End of Support

W2008/R2 end of support is Jan 2020 – 1/3 of servers fall into this space. SQL 2008/R2 end of support is July 2019.  For larger companies, they should look at cloud and/or containerization, or even re-development in serverless cloud.

Questions

  • Honolulu can manage all the way back to Ws2012
  • Not every app can/should be containerized – key thing is that you need remote management because containers don’t have a GUI.
  • Where is Honolulu installed. Can be on a PC, on the managed server, or on a centrally dedicated management server. Honolulu uses WMI and PowerShell to talk to the managed servers.

Enable IoT Solutions with Windows 10 IoT Platform

Speakers: Adi Hariharan (Group Marketing Manager Windows IoT) and Jimmy Chen (Senior Consultant PDS Sales – IoT)

This is an introduction to IoT.

Cuts Across Industries

You cannot avoid IoT. It is spreading everywhere in all parts of life. Manufacturing, smart cities, transportation, retail, healthcare, energy, public safety, and agriculture according to the slide. But it’s in real life too … fridges, TVs, ambient devices, etc. IoT is one of the methods of Digital Transformation.

IoT is not new and it is complex, but Microsoft is trying to make it easier. Integrate the technology into the device (intelligent edge), and use the power of cloud to gather data, filter/process it, and make use of it (intelligent cloud).

Why Choose Windows IoT

MS has been in the embedded business for over 20 years. Lots of competition: Linux, Wind, Ubuntu, AndroidTGhings, raspberry, redhat, ARMmbed, Riot, Tizen. Windows is mature. It can get to market faster, has security built in, is deisgned for the intelligent edge.

Solution Journey

  1. Build
  2. Connect
  3. Scale
  4. Operate

Build

Jimmy Chen takes over.

Building IoT devices isn’t that easy. “Building a device is as easy as building an app” – not really, but that is the aspiration. Build on Windows, using familiar tools (Visual Studio) and managing it using familiar tools. Things like speech, touch, and ink are embedded.

Visual Studio: C#, HTML/JS/ C++ and more. One Dev Center for pulling back device information. Legacy applications can work on most editions of Windows.

Using Windows IoT embedded, then drivers/firmware are easier. You use the system features and APIs to use the hardware, and use background services for long running tasks. Specialized hardware still requires drivers, but this isn’t that common.

Windows 10 IoT innovations:

  • New SoCs, including Raspberry Pi 3.
  • Azure IoT Hub Device Provisioning
  • Azure IoT Hub Device Management
  • Project “Rome” remove device management
  • New controls and embedded features, standby, on-SOC PWM, NFC and more,.
  • Productization resources
  • Turn-key security: Device Guard for IoT, Defender, BitLocker
  • App Services

App Servicing for IoT:

  • Windows Store
  • Install (Windows Store Preinstall Program and MDM)
  • Servicing (Windows Store)

We see a video from a service called Xogo: an app that can turn any Windows 10 device into a digital sign: www.xogo.io

Connect

Two kinds of connections: connect to the cloud and connecting to the legacy devices that you already have. Windows 10 IoT has all the APIs for connecting to the cloud built in. Every IoT device connects to the same URL in Azure. You have to configure which IoT Hub you need to connect to. Device is manufactured with an ID from the Azure IoT Hub Device Provisioning Service. The device is shipped to the customer and connects to the UIiT Hub Device Provisioning Service. That knows which Azure IoT hub to register the device to. Assymetric keys are sent to the device, which then uses that information to connect directly to the IoT Hub.

Intelligence at the edge:

  • Modern, familiar UI development
  • Natural user interface and world sensing support
  • Edge compute: not just a sensor but the ability to do some tasks

Vision, speech, and sensor perception open up powerful industry scenarios using:

  • Windows sensor & perception APIs
  • Microsoft Cognitive Services
  • Computer Vision – OpenCV
  • Speech recognition and synthesis APIs
  • Bing Cloud Speech
  • Cortana and natural language understanding

Scale

You need cloud to scale to more than just a few devices. App servicing and telemetry via the Windows Store.

Building a trusted device/solution starts with the device:

  • TPM
  • Windows Device Attested Health – Device Health Attestation for IoT Core (public preview) – device uses TPM to measure configuration – reposts to MS device halth attestation service, and then you use the report in MDM
  • Secure Boot
  • BitLocker

Threat resistance:

  • Windows as a Service
  • Device Guard
  • Windows Firewall
  • Windows Defender

Data protection in-motion:

  • X.509/TLS-based handshake and encryption

Cloud Security

  • Encryption at rest
  • AAD
  • Key Vault
  • Policy-based access control
  • IP-based blocking
  • Secure Device Registration (above)
  • Standad-base best practices

Response:

  • Device management
  • Device recovery
  • Device-specific repudiation: device wipe or block the device.

Operate

This is all about managing the device. Enterprise scale is 100,000 devices apparently – typical MDM might be fine. When you go into millions of devices, you need to use the Azure IoT management solution: IoT Hub.

Why Microsoft IoT?

You can easily:

  • Build devices with Windows IoT Enterprise (smarter devices) and Windows IoT Core (basic devices)
  • Connect to Azure IoT with lots of ready services

You can build all the security, management, AI, etc yourself on another platform, but Windows 10 IoT and Azure have all that ready to use.

Example Customers

FarmBeats is a MS Research project to reduce the cost of farming and to make it smarter. Uses sensors, helium balloons with vision sensors, and drones. Comms based on the unused TV spectrum. They use a heatmap of the farm to plan crop management, using Azure Machine Learning.

Why Should Enterprise Care?

Opportunities to build smarts into all kinds of systems are possible. Businesses can consume and use data with AI-based intelligence, or can optimise existing dumb systems to improve production, reduce times, decrease waste, optimize human effort, etc.