{"id":11718,"date":"2011-09-15T12:40:09","date_gmt":"2011-09-15T11:40:09","guid":{"rendered":"https:\/\/aidanfinn.com\/?p=11718"},"modified":"2011-09-15T12:40:09","modified_gmt":"2011-09-15T11:40:09","slug":"windows-server-8-hyper-v-day-1-look-back","status":"publish","type":"post","link":"https:\/\/aidanfinn.com\/?p=11718","title":{"rendered":"Windows Server 8 Hyper-V Day 1 Look Back"},"content":{"rendered":"

I\u2019ve just been woken up from my first decent sleep (jetlag) by my first ever earthquake (3.5) and I got to thinking \u2026 yesterday (Hyper-V\/Private Cloud day) was incredible.  Normally when I live blog I can find time to record what\u2019s \u201cin between the lines\u201d and some of the spoken word of the presenter.  Yesterday, I struggled to take down the bullet points from the slides; there was just so<\/em> much change being introduced.  There wasn\u2019t any great detail on any topic, simply because there just wasn\u2019t time.  One of the cloud sessions ran over the allotted time and they had to skip slides.<\/p>\n

I think some things are easy to visualise and comprehend because they are \u201ctangible\u201d.  Hyper-V Replica is a killer headline feature.  The increase host\/cluster scalability gives us some \u201cTop Gear\u201d stats: just how many people really have a need for a 1,000 BHP car?  And not many of us really need 63 host clusters with 4,000 VMs<\/a>.  But I guess Microsoft had an opportunity to test and push the headline ahead of the competition, and rightly took it.<\/p>\n

Speaking of Top Gear metrics, one interesting thing was that the vCPU:pCPU ratiio of 8:1 was eliminated with barely a mention.  Hyper-V now supports as many vCPUs as you can fit on a host without compromising VM and service performance.  That is excellent.  I once had a quite low end single 4 core CPU host that was full (memory, before Dynamic Memory) but CPU only averaged 25%.  I could have reliably squeezed on way more VMs, easily exceeding the ratio.  The elimination of this limit by Hyper-V will further reduce the cost of virtualisation.  Note that you still need to respect the vCPU:pCPU ratio support statements of applications that you virtualise, e.g. Exchange and SharePoint, because an application needs what it needs.  Assessment, sizing, and monitoring are critical for squeezing in as much as possible without compromising on performance.<\/p>\n

The lack of native NIC Teaming was something that caused many concerns.  Those who needed it used the 3rd party applications.  That caused stability issues, new security issues (check using HP NCU and VLANing for VM isolation), and I also know that some Microsoft partners saw it as enough of an issue to not recommend Hyper-V.  The cries for native NIC teaming started years ago.  Next year, you\u2019ll get it in Windows 8 Server.<\/p>\n

One of the most interesting sets features is how network virtualisation has changed.  I don\u2019t have the time or equipment here in Anaheim to look at the Server OS yet, so I don\u2019t have the techie details.  But this is my understanding of how we can do network isolation.<\/p>\n

\"image\"<\/a><\/p>\n

Firstly, we are getting Port ACLs (access control lists).  Right now, we have to deploy at least 1 VLAN per customer or application to isolate them.  N-tier applications require multiple VLANs.  My personal experience was that I could deploy customer VMs reliably in very little time.  But I had to wait quite a while for one or more VLANs to be engineered and tested.  It stressed me (customer pressure) and it stressed the network engineers (complexity).  Network troubleshooting (Windows Server 8 is bringing in virtual network packet tracing!) was a nightmare, and let\u2019s not imagine replacing firewalls or switches.<\/p>\n

Port VLANs will allow us to say what a VM can or cannot talk to.  Imagine being able to build a flat VLAN with hundreds or thousands of IP addresses.  You don\u2019t have to subnet it for different applications or customers.  Instead, you could (in theory) place all the VMs in that one VLAN and use Port ACLs to dictate what they can talk to.  I haven\u2019t seen a demo of it, and I haven\u2019t tried it, so I can\u2019t say more than that.  You\u2019ll still need an edge firewall, but it appears that Port ACLs will isolate VMs behind the firewall.<\/p>\n

\"image\"<\/a><\/p>\n

Port ACLs have the potential to greatly simplify physical network design with fewer VLANs.  Equipment replacement will be easier.  Troubleshooting will be easier.  And now we have greatly reduced the involvement of the network admins; their role will be to customise edge firewall rules.<\/p>\n

Secondly we have the incredibly hard to visualise network or IP virtualisation.  The concept is that a VM or VMs are running on network A, and you want to be able to move them to a different network B, but they want to do it without changing IP address or downtime.  The scenarios include:<\/p>\n