Host Configuration Host CPUs (more are better) Processor power is a major limiting factor of how many VMs can be run on the host Hyper-V R2 can use up to 64 logical processors You can scale up to 512 virtual processors and/or 384 VMs
Host Configuration If CPU doesn’t have SLAT, don’t buy it Second Level Address Translation enabled processors provide up to 25% improvement in density Intel calls it Extended Page Tables (EPT), AMD calls it Nested Page Tables (NPT) or Rapid Virtualization Indexing (RVI) SLAT allows for pages of memory to be managed at a hardware level Significant improvement in memory management and allows a significant scale increase over previous processor architectures, especially for memory-intensive workloads
Host Configuration When you have servers with different CPU architecture, use CPU compatibility mode Enables migration of VMs between hosts Use when performing rolling hardware upgrades of a cluster
Host Configuration Host physical memory (more is better) Host RAM is another major limiting factor of how many VMs can be run on the host At least 512 MB for the host itself 300 MB for the Hyper-V role Sum of all the vRAM assigned for all VMs + 32 MB for the 1st GB of vRAM + 8 MB for each additional GB of vRAM Plan for expansion and for failover
Host Configuration Choose the right OS SKU for virtualization Windows Server 2008 R2 Datacenter Edition – Flexible Virtualization Licensing – Supports 2 TB RAM (Core or Full) Hyper-V Server 2008 R2 – Lowest cost hypervisor (free) – Supports 1TB RAM – Supports Live Migration and Failover Clustering
Host Configuration Use Server Core! Windows Server frequently deployed for a single role, especially true for Hyper-V servers – Must deploy and service the entire OS in earlier Windows Server releases Server Core is minimal installation option – Provides essential server functionality – Command Line Interface only, PowerShell, no GUI Benefits – Fundamentally improves availability – Less code results in fewer patches and reduced servicing burden – Low surface area server for targeted roles – More secure and reliable with less management, less human errors
Networking Use separate logical networks For storage, host management, virtual machines, Live Migration
Networking Chimney and RSS Settings Network Adapter level: Chimney and RSS are configured in both operating system and network adapter: Operating System level: Netsh int tcp show global Netsh int tcp set global rss=enabled chimney=enabled http://technet.microsoft.com/en-us/library/gg162681(v=ws.10).aspx
Networking Working with/without IPv6 – Do not unbind IPv6 from a single interface! – The loopback interface keeps IPv6 even if you unselect it from all NICs – Be consistent in the entire enterprise (go either with, or without) – Disabling IPv6 may have an effect on various applications such as HomeGroup, Remote Assistance, Direct Access and others – Windows 2008/7 was designed specifically with IPv6 present, Microsoft does not perform any testing to determine the effects of disabling IPv6 How to disable certain Internet Protocol version 6 (IPv6) components http://support.microsoft.com/kb/929852
Networking Use VMQ if the NIC supports it – VMQ allows the physical NIC to create unique virtual network queues for each virtual machine on the host, allowing network packets to be passed directly from the hypervisor to the VM. – This reduces a lot of overhead normally associated with network traffic. – If both Chimney and VMQ are available on the same NIC at the same time, Windows Server 2008 R2 will use VMQ.
Networking Use Jumbo Frames – Offers significant performance for TCP connections including iSCSI – Max frame size = 9K – Reduces TCP/IP overhead by up to 84% – Must be enabled at all end points (switches, NICs, and target devices) – Virtual switch is defined as an end point – Virtual NIC is defined as an end point – Integration components required – Benefits seen at 8K and above, the higher the IO size the higher the benefit of jumbo frames with 512K request size seeing the best benefit
Networking Use the same Virtual Switch names and Network Interface names on all Hyper-V hosts – Critical when migrating VMs between hosts – Critical for Failover Clustering
Host Storage Carefully monitor disk performance Counters to watch in Performance Monitor snap-in: – Avg. Disk Sec/Read – Avg. Disk Sec/WriteAvg Disk second Read/Write (we wantto see .001 -.010 ideally for peak load)Thresholds for the Operating System:Under .010 (10 milliseconds) is GoodOver .015 (15 milliseconds), but under025ms average is Acceptable to PoorOver .025 (25 milliseconds) average isSerious to Critical
Host Storage Use CSV for better storage utilization
Guest Storage Use Fixed size VHDs for better performance – Reduces VM Disk fragmentation (mainly for non- SAN) – Can’t be used in differencing disk scenarios Although Hyper-V in R2 improved Dynamic VHDs’ performance as much as 8 times when compared to RTM, if possible, only use Dynamic VHDs for lab, demo or testing purposes where performance is not an issue.
Guest Storage When creating a VM from SCVMM, it does not add a SCSI adapter, you will need to manually add it if you need it SCSI vs. IDE in a VM doesn’t matter for performance (when guest is enlightened/IC installed) SCSI adapters will let you connect up to 256 hard disks to the VM SCSI adapters allow to hot-add and hot-remove virtual disks System VHD must be attached to IDE virtual controller
Guest Storage Configure proper disk alignment Needed when VHD was created in pre-Windows Server 2008, or when VM is running pre-Windows Server 2008 Diskpart > Select Disk <x> > List Partition wmic partition get BlockSize, StartingOffset, Name, Index Msinfo32 Components > Storage > Disks
Guest Storage Format volumes with the right block size Volume block size might vary (for example – SQL, Exchange etc.) wmic volume get blocksize, caption, label fsutil fsinfo ntfsinfo <drive letter>:
Guest Storage Use native mount on host to perform AV scans or backups of specific files – Use Disk Management (UI) or Diskpart.exe (CLI)
Guest Storage Be familiar with snapshot – Snapshots (also known as checkpoints in SCVMM) are basically differencing disks (not related to VSS snapshots) – Merging/Deleting can take a considerable amount of time
Guest Configuration Use VM names that match the FQDNs of the VM – This is a must for VDI configuration and is also considered a best practice for SCVMM and possibly 3rd-party tools
Guest Configuration Make sure there is sufficient RAM allocated to the VM – Increased Disk I/O pagefile growth from disk fragmentation (insufficient memory) – Increased fragmentation requires memory management – Lack of memory grows the pagefile… The amount of memory to assign will depend on the workload of the VM, how much physical memory is available on the host machine, and how much memory other VMs running on the same host machine are using.
Guest Configuration Dynamic Memory – Allows to set a startup and maximum RAM range for a VM that supports it – When VM starts, it uses the startup RAM amount, and can be assigned more RAM based upon need (i.e. Hot-Add memory) – Additional memory allocation to the VM is subject to priority assigned to the VM http://technet.microsoft.com/en-us/library/ff817651(v=ws.10).aspx Note that Dynamic Memory is NOT overcommitting memory…
Guest ConfigurationDynamic Memory - Adding/Removing Adding Memory – Enlightened fashion • Synthetic Memory Driver (VSP/VSC Pair) – No hardware emulation – Light weight Removing Memory – Memory Ballooning • Confuses task manager in the guest OS
Guest ConfigurationDynamic Memory Requirements Parent Requirements: – Windows Server 2008 R2 SP1 – Microsoft Hyper-V Server 2008 R2 SP1 Guest Requirements: – Windows Server 2003, 2008 & 2008 R2 • 32-bit & 64-bit versions You must install – Windows Vista and Windows 7 the latest Integration • Enterprise and Ultimate Editions only Components! • 32-bit & 64-bit versions
Guest Configuration Use Integration Components for best performance on VM IC are built-in into Windows Server 2008/R2/Vista/7 When migrating a VM from Hyper-V RTM to R2, make sure you update the IC on the guest. IC are required for VSS backups. Also available for Linux versions (supporting SMP)
Guest Configuration Enable support for time synchronization If any VM on a host belongs to a domain but the host itself does not, ensure that the host synchronizes with the same time source used by the domain to eliminate synchronization conflicts between the host and domain. Client < DC < PDC Emulator < External time source
Guest Configuration When creating a VM with SCVMM, make sure you use an Syntetic NIC Otherwise, you will have network performance issues
Guest Configuration Configure automatic Start Action Enables VM to automatically start when host was rebooted Stagger automatic booting in order to properly load dependency services or applications
Security Treat VMs just like physical servers Harden each virtual machine according to the server roles it performs. Perform routine Windows Updates, just like on regular hosts – Many VMs are often kept offline for long periods of time. – If deployed and started, the out-of-date virtual machine might be vulnerable to attack or could be capable of attacking other network resources. (Conficer) Consider using the Offline Virtual Machine Servicing Tool http://www.microsoft.com/downloads/details.aspx?FamilyId=8408ECF5- 7AFE-47EC-A697-EB433027DF73&displaylang=en
Security Impose limits on processor usage By default, each VM is allowed to use 100% of the processing power of a single processor core. A compromised VM that can use all of the processing power on the host machine could cause the host machine and other VMs running on it to become unresponsive.
Anti-Virus / Backup – Exclude directories, files and processes from AV scan http://support.microsoft.com/kb/961804 – Default virtual machine configuration directory (C:ProgramDataMicrosoftWindowsHyper-V) – Custom virtual machine configuration directories – Default virtual hard disk drive directory (C:UsersPublicDocumentsHyper-VVirtual Hard Disks) – Custom virtual hard disk drive directories – Snapshot directories – Vmms.exe and Vmwp.exe – Additionally, when you use Live Migration together with Cluster Shared Volumes on Windows Server 2008 R2, exclude the CSV path "C:Clusterstorage" and all its subdirectories. – http://support.microsoft.com/kb/822158
Anti-Virus / Backup Stagger AV scans schedule – If all of the VMs are scanned at 2 AM, then the entire system may come to a crawl until the scan is complete.
Anti-Virus / Backup Use VSS aware backup to backup entire VMs When using Pass-Through disks for VMs, be aware that VSS-based backups will not back these drives Make sure IC are installed and enabled for backups If VSS backup cannot be performed, the VM will be paused temporarily
Types of VM Backups Three types of Backups: – Backing up the host system • May be necessary to maintain host configuration • But often, not completely necessary • The fastest fix for a broken host is often a complete rebuild – Backing up Virtual Disk Files • Fast and can be done from a single host-based backup client • Challenging to do file-level restore – Backing up VM’s from inside the VM • Slower and requires backup clients in every VM. • Resource intensive on host • Capable of doing file-level restores
Useful Commands Wmic nic get netconnectionid,speed Wmic volume get caption,blocksize,label wmic service where "State=Running" get caption wmic volume where "Caption=C:" get Label wmic volume where "Caption=C:" set Label=System wmic pagefileset where name="c:pagefile.sys" delete wmic.exe pagefileset create name="C:pagefile.sys" sc config msiscsi start= auto Features/Roles: – Import-Module Servermanager – Get-WindowsFeature – Add-WindowsFeature <name> -restart – Add-WindowsFeature <name1>, <name2>, <name3> Teaming: – BROADCOM: C:Program FilesBroadcomBACS>BACS.exe – INTEL: C:Program FilesIntelDMIXCL>PROSetCL.exe prosetcl.exe Team_Create 1,2 VMs VMLB
Virtualization is constantly evolvingNew technologies = New best practicesUse common senseQuestions?