Nano Server - the future of Windows Server - Thomas Maurer

@ITCAMPRO #ITCAMP16Community Conference for IT Professionals

Nano Server – The Future of

Windows Server

Thomas Maurer

Cloud Architect @ itnetX

Microsoft MVP

www.thomasmaurer.ch Twitter: @ThomasMaurer


Thomas Maurer

• Cloud Architect, itnetX

– Microsoft Cloud

– MCSE Private Cloud

– MCSE Server Infrastructure

– MCSD Azure Solution Architect

– Microsoft MVP Cloud & Datacenter

• Twitter & Blog

– www.thomasmaurer.ch

– @thomasmaurer


MMS Minnesota 2014


Challenges with Cloud Environments

Microsoft Server Journey

Nano Server Deployment

Nano Server Management

Nano Server Apps

Q & A

Agenda


Reboots impact my business– Why do I have to reboot because of a patch

to a component I never use?

– When a reboot is required, the systems need to be back in service ASAP

Todays Datacenter Challenges


Server images are too big– Large images take a long time to install and configure

– Transferring images consumes too much network bandwidth

– Storing images requires too much disk space

Infrastructure requires too many resources– If the OS consumes fewer resources, I can increase my VM

density

– Higher VM density lowers my costs and increases my efficiency & margins

Todays Datacenter Challenges


Security Impact



I want just the components

I needand nothing more


Microsoft Server Journey

Windows NT to Windows Server

2003

Windows/WindowsNT

Server Roles/Features

Windows Server 2008and

Windows Server 2008 R2

Server Core

Full Server

Windows Server 2012and

Windows Server 2012 R2

Server Core

Minimal Server Interface

GUI Shell


Microsoft Server Challenges

Azure

–Patches and reboots interrupt service delivery

– (*VERY large # of servers) * (large OS resource

consumption)

–Provisioning large host images competes for

network resources


Microsoft Server Challenges

Cloud Platform System (CPS)Cloud-in-box running on 1-4 racks using System Center & Windows Server

Setup time needs to be shortened

Patches and reboots result in service disruption

• Fully loaded CPS would live migrate > 16TB for every host OS patch

• Network capacity could have otherwise gone to business uses

• Reboots: Compute host ~2 minutes / Storage host ~5 minutes


We need server configuration

optimized for the cloud


Tuva



What’s Nano Server?


A new headless, 64-bit only, deployment option for Windows Server

Deep refactoring focused on – Cloud Platform infrastructure

– Born-in-the-cloud applications

Follow the Server Core pattern

Nano Server – The Next Step

Server Core

Server with Local Admin Tools

Basic Client Experience

Nano Server


• Zero-footprint model • Server Roles and Optional Features live outside of Nano Server

• Standalone packages that install like applications

• Key Roles & Features• Hyper-V, Storage (SoFS), and Clustering

• Core CLR, ASP.NET 5 & PaaS

• Full Windows Server driver support

• Antimalware Built-in

• System Center and OMS agents to follow

Nano Server - Roles & Features


• An installation option, like Server Core

• Not listed in Setup because image must be customized with drivers

– Separate folder on the Windows Server media

• Available since the Windows

Server Technical Preview 2

released at Ignite

Nano Server in Windows Server 2016


DEMO: NANO SERVER


NANO SERVER IN NUMBERS


Servicing Improvements*

0

5

10

15

20

25

Critical Bulletins

Nano Server Server Core Full Server

0

5

10

15

20

25

30

Important Bulletins


0

2

4

6

8

10

12

Number of Reboots


23

8

2

9

23

26

6

11

3

* Analysis based on all patches released in 2014


Security Improvements

0

5

10

15

20

25

30

35

Ports open

Nano Server Server Core

0

5

10

15

20

25

30

35

40

45

50

Services running


0

20

40

60

80

100

120

Drivers loaded


12

31

22

46

73

98


0

50

100

150

200

250

300

Boot IO (MB)


Resource Utilization Improvements

0

5

10

15

20

25

30

Process Count


0

20

40

60

80

100

120

140

160

Kernel memory in use (MB)


26

21

61

139

150

255


0

50

100

150

200

250

300

350

Setup Time (sec)


0

1

2

3

4

5

6

Disk Footprint (GB)


Deployment Improvements

0

1

2

3

4

5

6

7

VHD Size (GB)


.41

6.3

40

300 4.84

.4


NANO SERVER PACKAGES


Installing Roles and Features

Nano Server folder has a Packages sub-folder

Dism /Add-Package /PackagePath:.\packages\<package>


Quick Start

PowerShell Module

3 cmdlets

No more DISM necessary


Examples

# Simple Nano Server (as a virtual machine)

New-NanoServerImage -Edition Datacenter -DeploymentType Guest-MediaPath E:\ -BasePath .\Base -TargetPath.\NanoServerVMS\TP5Nano02\TP5Nano02.vhdx -ComputerNameTP5Nano02

# Simple Nano Server (physical, cluster, hyper-v host)

New-NanoServerImage -Edition Datacenter -DeploymentType Host-BasePath .\Base -TargetPath.\NanoServerVMS\NanoPhys01\NanoPhys01.vhd -ComputerNameNanoPhys01 -OEMDrivers –Compute -Clustering


Role / Feature Filename on ISOHyper-V Microsoft-NanoServer-Compute-PackageFailover Clustering Microsoft-NanoServer-FailoverCluster-PackageAbility to boot and run from a RAM Disk Microsoft-NanoServer-BootFromWim-PackageBasic drivers Microsoft-NanoServer-OEM-Drivers-PackageFile Server role and other storage components Microsoft-NanoServer-Storage-PackageWindows Defender (including a default signature file) Microsoft-NanoServer-Defender-Package

Reverse forwarders (Included by default)

DNS Server role Microsoft-NanoServer-DNS-Package

Desired State Configuration (DSC) Microsoft-NanoServer-DSC-Package

Internet Information Server (IIS) Microsoft-NanoServer-IIS-Package

Host support for Windows Containers Microsoft-NanoServer-Containers-Package

System Center Virtual Machine Manager agent Microsoft-Windows-Server-SCVMM-Compute-Package

Microsoft-Windows-Server-SCVMM-Package

Network Performance Diagnostics Service (NPDS) Microsoft-NanoServer-NPDS-Package

Data Center Bridging Microsoft-NanoServer-DCB-Package

Deploying on a virtual machine Microsoft-NanoServer-Guest-Package

Deploying on a physical machine Microsoft-NanoServer-Host-Package

Secure Startup Microsoft-NanoServer-SecureStartup-Package

Shielded VM Microsoft-NanoServer-ShieldedVM-Package


Advanced installation (1)

Parameter Explanation

-AdministratorPassword This sets the image’s administrator password. If you do not specify this on the command line, you will be interactively prompted to do.

-BasePath This is the location for the copy of the source media. It will be under a folder (auto-created if not exist) and contains the packages, tools, hard disk image

and WIM file.

-Clustering This allows you to add the clustering role.

-Compute With this, you can add the Compute (Hyper-V) role.

-ComputerName This sets the computer name of the image. Note that the computer name can’t be longer than 15 characters

-Containers This allows you to add the Containers role.

-CopyFiles This parameter specifies additional directory path on the computer where you create the image and that directory and the files in it will be added to the

root of the VHD(X).

-DebugMethod With this parameter, you will enable kernel debugging on the target image with the specified method. The values can be Serial, Net, 1394 or USB

Depending on the value of this parameter, other parameters may become available. See kernel debugging for more information.

-Defender This adds the Windows Defender feature.

-DeploymentType * Guest or host, depending on whether you want to deploy a virtual or physical nano server

-Development Used to test on Nano server which allows unsigned drivers, copy debugger binaries and so on

-DomainBlobPath This lets you Join the image to the domain as specified in the given domain blob. For more information, see the chapter about domain join.

-DomainName This joins the image to the specified domain performing an offline join. For more information, see the chapter about domain join.

-DriversPath If you need additional drivers or specific ones instead of the OEM drivers, you can add them with this parameter. It should point to the path containing

the drivers (.inf and binaries). Note that the drivers need to be signed, otherwise the command will fail.

-EMSBaudRate This is the baud rate to use for EMS. The default is 115200bps.




-EMSPort This is the port to enable EMS on. The default is 1.

-Edition * Standard or Datacenter, the windows edition you want to deploy

-EnableEMS This enables EMS (Emergency Management Services) and BootEMS on the image. See Emergency Management Services for more information.

-EnableRemoteManagementPort This parameter opens port 5985 for inbound TCP connections for Windows Remote Management (WinRM). See Windows Remote

Management for more information.

-InterfaceNameOrIndex If you want to change the IP settings of an adapter, you need to use this parameter in conjunction with the below IP parameters. You can

retrieve these using Get-NetAdapter, netsh or EMC if you already created an image, and in a VM, the first will always be named Ethernet.

-Ipv4Address This sets the given IPv4 static address on the interface specified by InterfaceNameOrIndex.

-IPv4Dns This sets the given IPv4 DNS server (can be multiple DNS servers) on the interface specified by InterfaceNameOrIndex

-Ipv4Gateway This sets the given IPv4 gateway on the interface specified by InterfaceNameOrIndex.

-Ipv4SubnetMask This sets the given IPv4 subnet mask on the interface specified by InterfaceNameOrIndex

-Ipv6Address This sets the given IPv6 static address on the interface specified by InterfaceNameOrIndex.

-Ipv6Dns This sets the given IPv6 DNS server on the interface specified by InterfaceNameOrIndex

-MaxSize * Size in bytes of the dynamic VHD(X) to be created. Default is 4 GB.




-MediaPath * The location of the source media. If a local copy of the source media already exists, and it is specified as the base path, then no copying is

performed. This is the downloaded ISO that you either have mounted or copied to a specific location. This is only necessary the first time.

-LangPackages $

-NeutralPackages $

-OEMDrivers This is used to add the OEM Drivers package. Those drivers are the same set of drivers that exists in Server Core.

-Packages Include the following packages separated by a comma. This is the specific parameter that adds the packages that don’t have a specific

parameter. See the Packages chapter for more information.

-RamdiskBoot You can run Nano Server in an environment with no physical disk by using a RAM disk. To generate media that can boot from a RAM disk, use

the -RamdiskBoot parameter and pass the path to a WIM file as -TargetPath

-ReuseDomainNode When joining a domain, reuse a node with the same name if it exists. For more information, see the chapter about domain join.

-ServicingPackages With this parameter you can add servicing packages (multiple is possible) that you downloaded from the Microsoft Update catalog

-SetupCompleteCommands You can add here custom commands as part of setupcomplete.cmd

-Storage This adds the Storage role

-TargetPath This is the location of the final, modified image. The image format is determined based on the file extension. Possible extension values are

.VHD and .VHDX. VHD will come with MBR and VHDX with GPT disk layout.

-UnattendPath Location to add your own, custom, unattend.xml file

http://catalog.update.microsoft.com/v7/site/Install.aspx?referringpage=home.aspx


Examples


New-NanoServerImage -DeploymentType Guest -Edition Datacenter -TargetPath.\NanoServerVMs\TP5Nano03\TP5Nano03.vhdx -BasePath .\Base -Clustering -Compute -ComputerName TP5Nano03 -CopyFiles D:\Scripts -DomainName MD.local-EnableRemoteManagementPort -InterfaceNameOrIndex ethernet -Ipv4Address192.168.1.203 -Ipv4Dns 192.168.1.220 -Ipv4Gateway 192.168.1.1 -Ipv4SubnetMask 255.255.255.0 -MaxSize 100GB


New-VM -VHDPath .\NanoServerVMs\TP5Nano03\TP5Nano03.vhdx -Generation 2 -MemoryStartupBytes 268435456 -Name TP5Nano03 -Path D:\VM -SwitchName LAN


Additional information

Domain Join• Joining the same domain as the image creation computer• Joining a different domain• Reusing a domain account• Online domain join• Using unattend.xml

For Azure• Available in the Gallery• Bring your own disk


Online installation

Install-PackageProvider NanoServerPackage -ForceImport-PackageProvider NanoServerPackage -Force Find-NanoServerPackageFind-NanoServerPackage –AllVersions -Name *IIS* -RequiredVersion10.0.14300.1000 -Culture en-us

# Installation to an offline imageInstall-NanoServerPackage -Name Microsoft-NanoServer-IIS-Package -Cultureen-us -RequiredVersion 10.0.14300.1000 –ToVHd D:\MyNanoVhd.vhdx

# Download without installationSave-Package –provider NanoServerPackage -Name Microsoft-NanoServer-IIS-Package -Path .\temp -Culture en-us -MinimumVersion 10.0.14300.1000

# Install directlyInstall-NanoServerPackage -Name Microsoft-NanoServer-IIS-Package -Cultureen-us -RequiredVersion 10.0.14300.1000


NANO SERVER MANAGEMENT


Eliminating the need to ever sit in front of a server

Remote management/automation via Core PowerShell and

WMI

Configuration via PowerShell Desired State Configuration

(DSC)

Integrate into DevOps toolchains

Nano Server - Management


Managing Options

Yes PowerShell, No PowerShell

Nano Server Recovery Console

PowerShell Remoting / Direct

Windows PowerShell CIM

Windows Remote Management

Remote Consoles

Remote Server Management Tools


Nano Server Recovery Console

Formerly called Emergency Management Console

Possibility to edit IP settings

Possibility to edit Route table

Possibility to edit Firewall Rules *

Shutdown / Restart Server


PowerShell Remoting / Direct

Should be mostly used

Remoting requires network

Direct uses VMbus


Remote Consoles

Most MMC Consoles will work

Hyper-V Manager

Cluster Failover Manager

DNS

Server Manager

...



Web-based tools (in Azure)

Replacement for local-only tools

Gateway on-prem necessary


• Web-based

• Includes replacements for local-only tools– Task Manager

– Registry Editor

– Event Viewer

– Device Manager

– Sconfig

----------------------------

– Control Panel

– File Explorer

– Performance Monitor

– Disk Management

– Users/Groups Manager

• Also manages Server Core and Server with GUI









DEMO NANO SERVER MANAGEMENT


MODERN SERVER APPLICATIONS


• Born-in-the-cloud application support

• Subset of Win32

• CoreCLR, PaaS, and ASP.NET 5

• Available everywhere

• Host OS for physical hardware

• Guest OS in a VM

• Windows Server containers

• Hyper-V containers

Nano Server – Modern Server Application platform


• No MSI support in Nano Server

– Current builds of Nano Server require xcopy or custom PowerShell

script

• Windows Server Installer in the works, which will provide

– Install

– Uninstall

– Inventory

– Online and offline installation support

Installing Agents and Tools on Nano Server


• Windows SDK & Visual Studio 2015 target Nano

Server– Download tooling from the VS gallery

• Rich design-time experience – Project template, full IntelliSense, error squiggles, etc.

• Full remote debugging experience

Nano Server - Developer Experience


Chef

PHP

Nginx

Python 3.5

Node.js

GO

Redis

MySQL

OpenSSL

Java (OpenJDK)

Ruby (2.1.5)

SQLite

What runs today with the Reverse Forwarders?


Recap

Nano Server & Containers better together!

Big Shift in Technology

Fundamentals for the next years

Prepare now!


Q & A

Thomas Maurer

Cloud Architect @ itnetX

Microsoft MVP

www.thomasmaurer.ch Twitter: @ThomasMaurer


Many thanks to our sponsors & partners!

GOLD

SILVER

PARTNERS

PLATINUM

POWERED BY