Manage your softwaredefined datacenter using System Center 2016 Virtual Machine Manager Shon Shah Principal Program Manager Lead System Center BRK3166 Journey trivia 1 What is the busiest airport in the world ID: 768410
Download Presentation The PPT/PDF document "Manage your software-defined datacenter ..." is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Manage your software-defined datacenter using System Center 2016 Virtual Machine Manager Shon ShahPrincipal Program Manager LeadSystem Center BRK3166
Journey trivia #1 What is the busiest airport in the world? Atlanta (ATL) Beijing (PEK) Dubai (DXB)
Manage your software-defined datacenter using System Center 2016 Virtual Machine Manager Shon ShahPrincipal Program Manager LeadSystem Center
Agenda Overview Journey Summary
Overview
What is Virtual Machine Manager? An end-to-end infrastructure provisioning and management solution for virtualized datacenters Enables you to: Manage full lifecycle of virtual machines Provision and manage your datacenter fabric Deploy and service multi-tier applications Create cloud abstraction and offer self-service
Releases VMM 2012 R2 Update Rollups 2016
Compute Storage Networking Fabric Compute: Bare metal to cluster; Trusted, Untrusted, Perimeter hosts; Hyper-V, ESX; host patching Storage: SAN; NAS; SMB; Storage Spaces Network: Isolation; Load balancing; MAC pools, IP pools
Partners
Virtual Machines Azure VMs VM lifecycle Full lifecycle management Live Migration –VM, Storage VMware to Hyper-V migration Supports up to 25,000 VMs on 1,000 hosts Basic management of Azure and AWS VMs
Intelligent Placement Matching VM requirements to host resources Easy-to-understand star rating Hyper-V as well as ESX hosts Dynamic optimization and power optimization
Applications Template-based multi-tier app deployment Drag-and-drop interface for template authoring Scale-in and scale-out Custom scripts on VM and app deployment Support for Microsoft Web Deploy applications and Microsoft SQL Server data-tier applications
Self-service Self-service consumption Enabled via SPF & WAP Service Provider Foundation (SPF) is a REST API layer on top of VMM Windows Azure Pack (WAP) is a web portal on top of SPF with a look and feel of classic Azure portal
Role-based access control Delegated administration Granular permissions for self-service users
Journey trivia #2 What is the tallest building in the world? Burj Khalifa , Dubai 2,717 feet
Journey
Upgrade host clusters with zero downtime Create tamper-proof virtual machinesProvision cost-effective clusters Maintain quality of service for VM storage Replicate volumes synchronously Deploy software-defined networking Control VM network traffic Deploy minimal-footprint servers Journey
1. Upgrade host clusters with zero downtime
Cluster How does this work? Cluster Functional Level = 2012 R2 WS 2012 R2 WS 2012 R2 WS 2012 R2 WS 2012 R2 WS 2016 Clean OS installation
Cluster How does this work? Cluster Functional Level = 2012 R2 WS 2012 R2 WS 2012 R2 WS 2012 R2 WS 2016
Cluster How does this work? Cluster Functional Level = 2012 R2 WS 2016 WS 2016 WS 2016 WS 2016 Cluster Functional Level= 2016 Seamless Zero downtime for workloads Effortless VMM orchestrates the entire workflow
Demo Upgrade a WS 2012 R2 host cluster
2. Create tamper-proof virtual machines
Shielded VMs Virtual machines whose data, at rest or in transit, cannot be snooped or tampered by malware and datacenter admins
Pre-requisites Passwords/RDP Certificates etc. VHDx Shielding Data File Wizard Shielding Data File (. pdk ) Template Disk Wizard Signed VHDx Shielded VM VMM 2016
Guarded Host How does this work? WS 2016 HGS Host Guardian Service components Attestation Service : evaluates the validity of the hosts Key Protection Service : provides the key to start shielded VMs Host requests attestation User creates a shielded VM using signed VHDx and shielding data file 1 2 Attestation succeeds 3 Release key for the shielded VM 6 Attestation Certificate sent to the host 4 Host requests key for unlocking shielded VM 5 Key to unlock the shielded VM delivered to the host 7
Guarded Host How does this work? WS 2016 HGS Host Guardian Service components Attestation Service : evaluates the validity of the hosts Key Protection Service : provides the key to start shielded VMs Host requests attestation User creates a shielded VM using signed VHDx and shielding data file 1 2 Attestation succeeds 3 Release key for the shielded VM 6 Attestation Certificate sent to the host 4 Host requests key for unlocking shielded VM 5 Key to unlock the shielded VM delivered to the host 7 Host unlocks the shielded VM and starts it 8
Shield an existing VM Shielded VM Regular VM Shielding Data File (. pdk ) + Shielding Utility.VHDx WS2016 VHDx VM Initialize- VMShieldingHelperVHD VMM 2016
Demo Create a shielded VM
3. Provision cost-effective clusters
Storage Spaces Direct (S2D) Use industry standard servers with local storage to build highly available and scalable storage
Disaggregated Large scale deployments Flexibility to scale compute and storage scale independently S2D deployments Hyper-converged Disaggregated Hyper-converged Smaller scale deployments Simplicity as compute and storage scale in lock-step
Disaggregated Hosts with local storage VMM 2016 Storage Pool Storage Space Virtual Disks Scale-Out File Server Cluster Shared Volumes C:\ClusterStorage Software Storage Bus Storage Tiers Performance & Capacity
Hyper-converged Hosts with local storage VMM 2016 Storage Pool Storage Space Virtual Disks Virtual Machines Cluster Shared Volumes C:\ClusterStorage Software Storage Bus Storage Tiers Performance & Capacity
Demo Create a hyper-converged cluster
Journey trivia #3 What is the highest waterfall in the world? Angel Falls, Venezuela 3,230 feet
4. Maintain quality of service for VM storage
Storage quality of service (QoS) Set the quality of service (min or max IOPS, max bandwidth) for virtual machine storage so that applications receive the performance they require
QoS policies Policies are associated to storage arrays and applied to VHDs Multiple policies can be associated to a single array A single VHD can pick only one policy Storage Array 1 Storage Array 2 VHD1 VHD2 VHD3 VHD4 QoS Policy 1 QoS Policy 2 QoS Policy 3
Demo Create a storage QoS policy
5. Replicate volumes synchronously
Storage Replica Synchronously replicate storage volumes and avoid the need for expensive external storage-based replication
Synchronous replication SAN Hyper-converged cluster VMM 2016
Synchronous replication SAN Microsoft Azure Site Recovery Communication & Orchestration VMM 2016 Hyper-converged cluster Storage agnostic synchronous replication VMM 2016
6. Deploy software-defined networking
Software-defined networking (SDN) Abstraction of the underlying physical network accomplished by virtualizing the network
Network controllerUse a centralized, programmable point of automation to manage, configure, and troubleshoot virtual and physical network infrastructure Software load balancer Balance tenant traffic using software load balancers instead of expensive hardware load balancers Gateway Use pool-based gateways to achieve higher availability with fewer virtual machines for providing cross-network connectivity SDN components
Networking stack VMM 2012 R2 Network Virtualization VMM 2016 Network Virtualization Network Controller Management Plane Data Plane Control Plane 2012 R2 2016
Load balancer – WS and VMM 2012 R2 Tenant Network Hardware Load Balancer Network Traffic
Load balancer – WS and VMM 2016 Tenant Network Network Traffic SLB VM1 SLB VM2 SLB VM3 Software Load Balancer
Gateway – WS and VMM 2012 R2 FWD Gateway 1 Node 1 Node 2 Node 1 Gateway 2 Node 1 Node 2 Node 2 Gateway 3 Node 1 Node 2 Gateway 4 Node 1 Node 2 FWD Gateway 5 Node 1 Node 2 Network Traffic Datacenter Edge Tenant Network Tenant Network Tenant Network Tenant Network Tenant Network
Gateway – WS and VMM 2016 Network Traffic Datacenter Edge Tenant Network Tenant Network Tenant Network Tenant Network Tenant Network Gateway Pool Gateway Node 1 Gateway Node 2 Gateway Node 3 Gateway Node 4 Gateway Node 5 Gateway Node 6 Gateway Node 7
SDN topology
SDN topology Physical Switch Subnets and VLAN trunk Management Network – 10 . 184 . 108 . 0 / 24 Management Network routes off - cloud to other management subnets
SDN topology
SDN topology HNV VLAN HNV VLAN HNV VLAN HNV VLAN
SDN topology
SDN topology Host - 4 Host - 3 Host - 2 Host - 1
SDN topology Host - 4 Host - 3 Host - 2 Host - 1
SDN topology Host - 4 Host - 3 Host - 2 Host - 1
SDN topology
Demo Deploy Network Controller
Journey trivia #4 What is the newest country in the world? South Sudan Jul 9, 2011
7. Control VM network traffic
Port ACLs Centrally configure and manage Hyper-V port access control lists (ACLs) to control network traffic
Tenant 2 VMs Tenant Network 2 Tenant 1 VMs Tenant Network 1 Internet/Intranet Port ACLs VMM Port ACL Port ACL VMM Networking Primitive Port ACL Rule1 Rule2 Rule3 VMM Networking Primitive VMM networking primitives: 0. VMM server – Global setting VM network VM subnet Virtual network adapter
Demo Apply a port ACL
8. Deploy minimal-footprint servers
Nano Server Nano Server New minimal-footprint installation option in WS2016 Better resource utilization Faster reboots Fewer updates Bare metal to Nano Server Compute clusters Storage clusters (hyper-converged or disaggregated) Nano Server VMs Regular or shielded
Things to note Nano Server File Server Hyper-V Clustering VMM Agent Microsoft- NanoServer -SCVMM-Package Microsoft- NanoServer -SCVMM-Compute-Package Microsoft- NanoServer - FailoverCluster -Package Microsoft- NanoServer -Storage-Package (also for OSD)Nano VHDfor host++++
Demo Connect to a Nano Server-based VM
Summary
Rolling cluster OS upgrade Shielded VMsHyper-converged clusters (S2D) Storage quality of service ( QoS ) Storage Replica (SR) Software-defined networking (SDN) Port ACLs Nano Server Journey
Security Lifecycle management of guarded hosts & shielded VMs Shield existing VMs Compute Nano Server management Rolling cluster OS upgrade Production checkpoints Streamlined workflow for creating Hyper-V and SOFs clusters Modify running VMs HAVMM upgrade Storage Storage Spaces Direct (S2D) Storage Replica (SR) Storage Quality of Service ( QoS ) Networking Template-based deployment SDN components Isolation & filtering of VM traffic through PortACLsSwitch Embedded Teaming (SET)Consistent naming of vNICsAtomic logical switch deployment Build highly available storage at low cost Enhance security Effectively upgrade & manage datacenter environment Configure network using software instead of hardware IT demands Virtual Machine Manager 2016 capabilities An infrastructure provisioning and management solution for software-defined datacenters Virtual Machine Manager 2016
Thank You!
Free IT Pro resources To advance your career in cloud technology Cloud role mapping Expert advice on skills needed Self-paced curriculum by cloud role $300 Azure credits and extended trials Pluralsight 3 month subscription (10 courses) Phone support incident Weekly short videos and insights from Microsoft’s leaders and engineers Connect with community of peers and Microsoft experts Microsoft IT Pro Career Center www.microsoft.com/itprocareercenter Microsoft IT Pro Cloud Essentials www.microsoft.com/itprocloudessentials Microsoft Mechanics www.microsoft.com/mechanics Microsoft Tech Community https://techcommunity.microsoft.com Plan your career path Get started with Azure Connect with peers and experts Demos and how-to videos
From your PC or Tablet visit MyIgnite at http://myignite.microsoft.com From your phone download and use the Ignite Mobile App by scanning the QR code above or visiting https://aka.ms/ignite.mobileapp Please evaluate this session Your feedback is important to us!