Monthly Archives: November 2012

Carsten Rachfahl Interviews Me On Windows Server 2012 Storage Improvements

Posted on by
Reply

Carsten Rachfahl, a German Hyper-V Expert, friend and fellow MVP, interviewed me after the joint MVP effort at TEC 2012 in Barcelona. The subject was storage in Windows Server 2012. We found a great setting in the garden and got into quite a nice discussion on the subject.

It’s no surprise to anyone I guess that I’m very enthusiastic about what Microsoft is doing with storage on all levels in Windows Server 2012 and is trying to achieve for us, the customers from both a cost and performance and reliability perspective. It was a lot of fun to do and I see blinking lights in our eyes at many moments during this interview. Yes, working is important for many reasons, but when you can enjoy your work and have fun whilst doing it, life is pretty good Smile. So enjoy, we certainly did.

didierBL

Altaro Backup for Hyper-V Has Gifts for the Festive Season

Posted on by
Reply

Here’s an early X-Mas gift from Altaro. They are giving away 50 free licenses of their desktop backup solution to all Hyper-V admins until December 24th 2012. Altaro is better known for their cost effective and good Hyper-V Backup product.

There is no catch. Now there is no such thing as a free lunch in life but there are some very decent meals to be gotten at very democratic pricing. This is one such case. All you need to do is send them a screenshot of Hyper-V in your environment that proves that you’re really using Hyper-V. I guess that means I qualify due to the amount of Hyper-V related screenshots on my blog Winking smile. I’m going to check it out for sure.

What do you get? 50 licenses of their desktop backup solution ($2,000 worth of software). You’re free to use them in your company, at home of as a gift to friends and family. 50 Licenses is something that a lot of companies using Hyper-V in the SMB market can leverage to protect their desktops so that’s a pretty nice gift.

If you’re interested you can go to http://www.altaro.com/hyper-v/50-free-pc-backup-licenses-for-all-hyper-v-admins

There more information about Altaro Hyper-V Backup at http://www.altaro.com/hyper-v/ and http://www.altaro.com/hyper-v-backup/?LP=Xmas. If you’re a SMB shop in need of easy to use, affordable backup software for Hyper-V and want one that has full support for all features in Windows Server 2012 you should try them out. In that respect they were very fast to market beating most or all competitors I know (a lot of them still don’t have that support) They are also a non-aggressive vendor, which is something I appreciate.

Microsoft Management Summit 2013 Registration opens on December 3rd, 2012

Posted on by
2

Just as a heads up to all people planning to attend the Microsoft Management Summit 2013 (MMS 2013) this blog is to let you know that registrations open on December 3rd 2012.

image

So, I’d keep an eye out for the MMS 2013 site and register as soon as you get the opportunity. This event has the tendency to sell out fast.

Shared Nothing Live Migration Leverages SMB 3.0 Under the Hood

Posted on by
1

Shared Nothing Live Migration

By now most of you must have heard about the Shared Nothing Live Migration capabilities introduced with Windows Server 2012 Hyper-V. If not I suggest you check it out over here and then come back here for some extra insights in how it works.

Shared Nothing Live Migration is not magic however. It is made possible by the fact that it relies on some of the new capabilities SMB 3.0 in Windows Server 2012 brought us. Once you know this you also realize that this can be quite fast. The reason for this is that you can design your the network for Shared Nothing Live Migration with 10Gbps or higher, Multi Channel and RDMA for unprecedented throughput. Yup Smile, if you invest in setting up networking right the remaining bottle neck might be the amount of storage IO you can handle whilst reading from the source and writing to the target, or the CPU load you put o your host. Windows will protect you from draining your host beyond reason by the way.

Making Shared Nothing Live Migration Work

You need to set if up of course and do it right. Here’s a list of steps you need to do / check on every Hyper-V host involved.

  1. Enable incoming and outgoing live migrations on all involved Hyper-V host otherwise it will not work. If your host are part of  a cluster this is taken care of for you.
  2. Select an authentication protocol (CredSSP or Kerberos)
    Kerberos authentication allows you to Live Migrate VMs without having to login to the source host’s server itself. Kerberos authentication does require you to configure constrained delegation in Active Directory (don’t go for "Trust this computer for delegation to any services". Follow the principle of least privileges possible.
  3. Set the number of Simultaneous Live Migrations. Experiment with the best value for you environment. Test a little what’s
  4. Set the networks(s) for incoming Live Migrations. It’s best to design this and not just use any network.

See Keith Mayer’s excellent blog for more details.

Constraint Delegation

Shared Nothing Live Migration needs some prep work security wise before it will work. In Active directory you need to set up so constraint delegation permissions. To some people the concept of constraint delegation is brand new but if you’ve been deploying multi tiered web applications in your environment before this is a cookie you’ve dealt with many times before. It’s the same approach you need to get a web client using Windows Authentication to talk via an IIS web app or service to a SQL Server database and/or read file data from somewhere you’ve been configured this plenty of times.

Use an account to perform the Shared Nothing Live Migration that has administrator privileges on all computers that are involved. While you can use groups in AD to make your live and permission management easier when it comes to granting Share permissions & NTFS rights on folders it doesn’t work that way with constraint delegation. Groups can not be used here so you’ll need to use individual accounts. PowerShell scripting here can help lessen the work if you have many hyper-v hosts involved. In large environments (up to 64 nodes!) this inundates the constraint delegations tab with computer names, so PowerShell really is your friend here.

On each computer object you need to set the delegation permissions for the  CIFS and the Microsoft Virtual System Migration Service to all other computers you want to involve in Shared Nothing Live Migration as a source or a target.

IMPORTANT! Hey why do we need CIFS constraint delegation here? Well indeed because Shared Nothing Live Migration under the hood leverages SMB 3.0. It creates a temporary file share on the target to get the job done Smile! So once you realize that Shared Nothing Live Migration uses SMB 3.0 shares to do it’s magic it than becomes obvious why these constraint delegation permissions for CIFS in active directory are needed.

Visualizing the SMB 3.0 share in action

At the source server (ZULU) we run  after starting the Shared Nothing Live Migration and see that we have a connection to a share o the target server. That share is named after the source server with an ID like ZULU.3341302342$. So it’s a hidden share.image

 

On the target server we run Get-SmbSession | fl and see that indeed the source computer has two sessions open on target server.

image

 

Let’s see if a share is created using Get-SmbShare.on the target. Yes there is:

image

 

In Computer Management it shows up like this on the target sever:

image

In explorer you can see this as a $VSM$ folder in the root of C, that has a subfolder with the name of the source server and an ID like ZULU.2541288334$. This subfolder is shared (hidden) and contains a shortcut to the volume where the selected target folder resides, this could be C, D local storage (DAS), shared storage (CSV) or an SMB 3.0 share as well. In the screen shot below the folder doesn’t match up to the share name as they are taking from different Shared Nothing Live Migration

image

Security wise we’re to keep our hands of and the security settings reflect this Winking smile. But if you take ownership you can co peak at what’s in there. When writing a blog post for example WhistlingWe indeed saw the copied disk size of the VM being live migrated increase in the selected target folder.

image

image

Conclusion

I find it pretty cool to see how this all works under the hood. Hope you found this educational and interesting as well. It’s a testimonial to what SMB 3.0 can be leveraged for all kind of interesting scenarios.