SlideShare a Scribd company logo

The Devopsification of Windows Server

Download as PPTX, PDF
J
Jeffrey Snover
1 of 57
The DevOpsification of Windows Server Jeffrey Snover Microsoft Technical Fellow Chief Architect Enterprise Cloud Group @JSNOVER
What is DevOps?
DevOps is about culture and processes
DevOps is NOT about tools and technology
But…..
This is wrong
Tools and technology play a critical role
Tools and technology can make DevOps easy or hard
Windows Server 2016 is architected to make DevOps easy
Windows Server 2016 resolves the interface between devs and ops
Windows Server has been silent on the interface between Devs and Ops • No architecture • 1,000 blossoms bloomed
1,000 conflicts also bloomed
WS2016 resolves that interface • Traditional ops model • Emerging ops model using Containers
Why?
Evolution of Windows Server Server for the Masses Enterprise Servers Datacenter Servers Cloud Servers
Cloud Competitive • Small and fast • Minimize attack service • Minimize patches/reboots • Optimized for DevOps
Cloud + DevOps Saving $ => Making $$$$$$$$
DevOpsification of Windows • Componentization: NanoServer and PowerShell Core • Development • Packaging & deployment • Configuration • Containers & Docker • Operational Validation Testing • Operating Securely
Componentization Optimized for cloud infrastructure & next-gen distributed applications Containers and next-gen applications Server And Desktop Specialized workloads Third-party applications RDS experience Server Core Lower maintenance server environment Traditional VM workloads Nano Server Just enough OS
Zero-footprint model Server Roles and Optional Features live outside of Nano Server Standalone packages that install like applications Key Roles & Features Clustering, Hyper-V, Storage (SoFS), and DNS Server IIS, .NET Core, and ASP.NET Core Full Windows Server driver support Antimalware optional package System Center VMM and OM agents available Nano Server: Optimized for the Cloud Era
Nano Server – PowerShell Core • Refactored to run on .NET Core • Full PowerShell language compatibility & remoting • Invoke-Command, New-PSSession, Enter-PSSession, etc. • Most core engine components • Support for all cmdlet types except workflow • C#, Script, and CIM • Limited set of cmdlets initially • Growing fast
DevOpsification of Windows • Componentization • Development: NanoServer SDK • Packaging & deployment • Configuration • Containers & Docker • Operational Validation Testing • Operating Securely
DevOpsification of Windows • Componentization • Development • Packaging & deployment: WSA & PackageManagement (OneGet) • Configuration • Containers & Docker • Operational Validation Testing • Operating Securely
First a word about MSI • Not supported on Nano Server • MSI has GUI dependencies • Custom Actions are the portal to hell
Windows Server App installer (WSA) • New declarative Server installer • Extends the AppX schema • Allows for Server-specific extensions, such as NT Services, Perf Counters, COM Objects, WMI providers, ETW events • No custom actions • 4 out of 5 kittens love WSA
Cmdlet ACTION Find-Package Search for a package Install-Package Install the package Save-Package Download the package but don’t install it Get-Package Inventory of installed packages Uninstall-Package Uninstall the package
PackageManagement End User PackageManagement PowerShell cmdlets PackageManagement Core Discovery Install/Uninstall Inventory PackageManagement Providers Windows Server App (WSA) PowerShellGet Windows Container NuGet NanoServerPackage … Package Sources WSA Package Repository… PowerShell Gallery Container Gallery, Docker NuGet Gallery … www.NPMjs.com WordPress, …
DevOpsification of Windows • Componentization • Development • Packaging & deployment • Configuration: Desired State Configuration • Containers & Docker • Operational Validation Testing • Operating Securely
Cloud scale configuration management Declare the state of a server (e.g User X should exist & be a member of the Adminstrator group ) Apply expert knowledge as common tasks – easier than scripting DSC is the platform Works in collaboration with DevOps tool chain (Chef, Puppet, etc.) Windows 2008R2 and later, and Linux via OMI Solutions available from OMS and 3rd parties (e.g. Chef,Puppet) Open source DSC Resource Kit (302) resources https://gallery.technet.microsoft.com/scriptcenter/DSC-Resource-Kit-All-c449312d DSC Overview https://msdn.microsoft.com/en-us/powershell/dsc/overview Desired State Configuration
DevOpsification of Windows • Componentization • Development • Packaging & deployment • Configuration • Containers & Docker • Operational Validation Testing • Operating Securely
Running WS2016 Applications Containers and next-gen applications Server And Desktop Specialized workloads Third-party applications RDS experience Server Core Lower maintenance server environment Traditional VM workloads Nano Server Just enough OS
Virtual Machine Host Nested Virtual Machine
Container Management Docker Windows Container Images Hyper-V Container Windows Server Container
DevOpsification of Windows • Componentization • Development • Packaging & deployment • Configuration • Containers & Docker • Operational Validation Testing • Operating Securely
DevOpsification of Windows • Componentization • Development • Packaging & deployment • Configuration • Containers & Docker • Operational Validation Testing • Operating Securely: JEA
“Who better to target than the person that already has the ‘keys to the kingdom’?” You’re an Admin Thanks, you’re PWND!! Edward Snowden • Age 30 • College dropout Michael Hayden • Four star general • Director of the NSA • Director of the CIA • Director of National Intelligence
Safe functions required by role Dangerous functions attackers could abuse Just Enough Admin Allows you to perform administrative tasks without being a full administrator • On a Server - almost any administrative action requires a user be an administrator • Once an administrator, a user can do anything on the server with no oversight • A compromised machine or a breached administrator account enables attacker movement to other assets From full admin to role based admin Just Enough Administration (JEA) using PowerShell WMF 5.0
JEA Resources: https://github.com/PowerShell/JEA https://gallery.technet.microsoft.com/Just-Enough-Administration-6b5ad370 PS C:> Enter-JEAsession Server1 –Name Maintenance Server1> Restart-Service MSSQLSERVER HR Server Server1> Steal-Secrets * Error: You are not authorized to Steal-Secrets
DevOpsification of Windows • Componentization • Development • Packaging & deployment • Configuration • Containers & Docker • Operational Validation Testing • Operating Securely
DevOpsification of Windows • Componentization • Development • Packaging & deployment • Configuration • Containers & Docker • Operational Validation Testing • Operating Securely Available DownlevelWS2016
Cloud Competitive • Small and Fast • Minimize attack service • Minimize patches/reboots • Optimized for DevOps
0 5 10 15 20 25 Critical Bulletins Nano Server Server Core Full Server 0 5 10 15 20 25 30 Important Bulletins Nano Server Server Core Full Server 0 2 4 6 8 10 12 Number of Reboots Nano Server Server Core Full Server 23 8 2 9 23 26 6 11 3
0 5 10 15 20 25 30 Ports open Nano Server Server Core 0 5 10 15 20 25 30 35 40 45 50 Services running Nano Server Server Core 0 20 40 60 80 100 120 Drivers loaded Nano Server Server Core 11 26 25 44 73 98
0 50 100 150 200 250 300 Boot IO (MB) Nano Server Server Core 0 5 10 15 20 25 30 Process Count Nano Server Server Core 0 20 40 60 80 100 120 140 160 Kernel memory in use (MB) Nano Server Server Core 26 21 61 139 108 306
0 50 100 150 200 250 300 350 Setup Time (sec) Nano Server Server Core 0 1 2 3 4 5 6 Disk Footprint (GB) Nano Server Server Core 0 1 2 3 4 5 6 7 VHD Size (GB) Nano Server Server Core .41 6.3 40 300 5.42 .4
DevOps is about culture and processes
Tools and technology can make DevOps easy or hard
Windows Server 2016 is architected to make DevOps easy
In times of change, sometimes the job outgrows good people
Where are you going? Do you have the right people, partners & tools to get there?
Q&A

Recommended

WinOps Conf 2016 - Jeffrey Snover - The DevOpsification of Windows Server
WinOps Conf 2016 - Jeffrey Snover - The DevOpsification of Windows ServerWinOps Conf 2016 - Jeffrey Snover - The DevOpsification of Windows Server
WinOps Conf 2016 - Jeffrey Snover - The DevOpsification of Windows ServerWinOps Conf
 
WinOps Conf 2016 - Richard Siddaway - DevOps With Nano Server and Windows Con...
WinOps Conf 2016 - Richard Siddaway - DevOps With Nano Server and Windows Con...WinOps Conf 2016 - Richard Siddaway - DevOps With Nano Server and Windows Con...
WinOps Conf 2016 - Richard Siddaway - DevOps With Nano Server and Windows Con...WinOps Conf
 
Lateral Movement with PowerShell
Lateral Movement with PowerShellLateral Movement with PowerShell
Lateral Movement with PowerShellkieranjacobsen
 
WinOps Conf 2016 - Ed Wilson - Configuration Management with Azure DSC
WinOps Conf 2016 - Ed Wilson - Configuration Management with Azure DSCWinOps Conf 2016 - Ed Wilson - Configuration Management with Azure DSC
WinOps Conf 2016 - Ed Wilson - Configuration Management with Azure DSCWinOps Conf
 
WinOps Conf 2015 - Microsoft Azure & Open Source
WinOps Conf 2015 - Microsoft Azure & Open SourceWinOps Conf 2015 - Microsoft Azure & Open Source
WinOps Conf 2015 - Microsoft Azure & Open SourceWinOps Conf
 
Selenium StudyGroup
Selenium StudyGroupSelenium StudyGroup
Selenium StudyGroupMarc Myers
 
05 security automationwithansible
05 security automationwithansible05 security automationwithansible
05 security automationwithansibleKhairul Zebua
 
WinOps Conf 2016 - Michael Greene - Release Pipelines
WinOps Conf 2016 - Michael Greene - Release PipelinesWinOps Conf 2016 - Michael Greene - Release Pipelines
WinOps Conf 2016 - Michael Greene - Release PipelinesWinOps Conf
 

Recommended

WinOps Conf 2016 - Jeffrey Snover - The DevOpsification of Windows Server
WinOps Conf 2016 - Jeffrey Snover - The DevOpsification of Windows ServerWinOps Conf 2016 - Jeffrey Snover - The DevOpsification of Windows Server
WinOps Conf 2016 - Jeffrey Snover - The DevOpsification of Windows ServerWinOps Conf
 
WinOps Conf 2016 - Richard Siddaway - DevOps With Nano Server and Windows Con...
WinOps Conf 2016 - Richard Siddaway - DevOps With Nano Server and Windows Con...WinOps Conf 2016 - Richard Siddaway - DevOps With Nano Server and Windows Con...
WinOps Conf 2016 - Richard Siddaway - DevOps With Nano Server and Windows Con...WinOps Conf
 
Lateral Movement with PowerShell
Lateral Movement with PowerShellLateral Movement with PowerShell
Lateral Movement with PowerShellkieranjacobsen
 
WinOps Conf 2016 - Ed Wilson - Configuration Management with Azure DSC
WinOps Conf 2016 - Ed Wilson - Configuration Management with Azure DSCWinOps Conf 2016 - Ed Wilson - Configuration Management with Azure DSC
WinOps Conf 2016 - Ed Wilson - Configuration Management with Azure DSCWinOps Conf
 
WinOps Conf 2015 - Microsoft Azure & Open Source
WinOps Conf 2015 - Microsoft Azure & Open SourceWinOps Conf 2015 - Microsoft Azure & Open Source
WinOps Conf 2015 - Microsoft Azure & Open SourceWinOps Conf
 
Selenium StudyGroup
Selenium StudyGroupSelenium StudyGroup
Selenium StudyGroupMarc Myers
 
05 security automationwithansible
05 security automationwithansible05 security automationwithansible
05 security automationwithansibleKhairul Zebua
 
WinOps Conf 2016 - Michael Greene - Release Pipelines
WinOps Conf 2016 - Michael Greene - Release PipelinesWinOps Conf 2016 - Michael Greene - Release Pipelines
WinOps Conf 2016 - Michael Greene - Release PipelinesWinOps Conf
 
Webinar: Continuous Deployment with MongoDB at Kitchensurfing
Webinar: Continuous Deployment with MongoDB at KitchensurfingWebinar: Continuous Deployment with MongoDB at Kitchensurfing
Webinar: Continuous Deployment with MongoDB at KitchensurfingMongoDB
 
Introduction Asp.Net MVC5 |MVC5 Tutorial for Beginners & Advanced | Dot Net T...
Introduction Asp.Net MVC5 |MVC5 Tutorial for Beginners & Advanced | Dot Net T...Introduction Asp.Net MVC5 |MVC5 Tutorial for Beginners & Advanced | Dot Net T...
Introduction Asp.Net MVC5 |MVC5 Tutorial for Beginners & Advanced | Dot Net T...Dot Net Tricks
 
Continuous integration
Continuous integrationContinuous integration
Continuous integrationAndrey Zhupanenko
 
Test-Driven Infrastructure with CloudFormation and Cucumber.
Test-Driven Infrastructure with CloudFormation and Cucumber. Test-Driven Infrastructure with CloudFormation and Cucumber.
Test-Driven Infrastructure with CloudFormation and Cucumber. Stelligent
 
DevOps, Continuous Integration and Deployment on AWS: Putting Money Back into...
DevOps, Continuous Integration and Deployment on AWS: Putting Money Back into...DevOps, Continuous Integration and Deployment on AWS: Putting Money Back into...
DevOps, Continuous Integration and Deployment on AWS: Putting Money Back into...Amazon Web Services
 
A Simple 8-Step Guide to Setting Up a Dev Shop
A Simple 8-Step Guide to Setting Up a Dev ShopA Simple 8-Step Guide to Setting Up a Dev Shop
A Simple 8-Step Guide to Setting Up a Dev ShopScott Porad
 
Moving Windows Applications to the Cloud
Moving Windows Applications to the CloudMoving Windows Applications to the Cloud
Moving Windows Applications to the CloudRightScale
 
How to work with Selenium Grid: a quick walkthrough
How to work with Selenium Grid: a quick walkthroughHow to work with Selenium Grid: a quick walkthrough
How to work with Selenium Grid: a quick walkthroughNoam Zakai
 
No BS, Vendor Neutral Comparison of Application Layering Solutions
No BS, Vendor Neutral Comparison of Application Layering SolutionsNo BS, Vendor Neutral Comparison of Application Layering Solutions
No BS, Vendor Neutral Comparison of Application Layering SolutionsUnidesk Corporation
 
Puppet Camp Charlotte 2015: Managing middleware with Puppet
Puppet Camp Charlotte 2015: Managing middleware with PuppetPuppet Camp Charlotte 2015: Managing middleware with Puppet
Puppet Camp Charlotte 2015: Managing middleware with PuppetPuppet
 
There is No Server: Immutable Infrastructure and Serverless Architecture
There is No Server: Immutable Infrastructure and Serverless ArchitectureThere is No Server: Immutable Infrastructure and Serverless Architecture
There is No Server: Immutable Infrastructure and Serverless ArchitectureSonatype
 
Get Started with ASP.NET Core Training, Tutorial - Beginner to Advance
Get Started with ASP.NET Core Training, Tutorial - Beginner to AdvanceGet Started with ASP.NET Core Training, Tutorial - Beginner to Advance
Get Started with ASP.NET Core Training, Tutorial - Beginner to AdvanceShailendra Chauhan
 
Continuous integration
Continuous integrationContinuous integration
Continuous integrationAaron Eden
 
Inspec: Turn your compliance, security, and other policy requirements into au...
Inspec: Turn your compliance, security, and other policy requirements into au...Inspec: Turn your compliance, security, and other policy requirements into au...
Inspec: Turn your compliance, security, and other policy requirements into au...Kangaroot
 
InSpec - June 2018 at Open28.be
InSpec - June 2018 at Open28.beInSpec - June 2018 at Open28.be
InSpec - June 2018 at Open28.beMandi Walls
 
Continuous Integration and Deployment Best Practices on AWS
Continuous Integration and Deployment Best Practices on AWS Continuous Integration and Deployment Best Practices on AWS
Continuous Integration and Deployment Best Practices on AWS Amazon Web Services
 
Accelerating Innovation with DevOps on AWS
Accelerating Innovation with DevOps on AWSAccelerating Innovation with DevOps on AWS
Accelerating Innovation with DevOps on AWSAmazon Web Services
 
Who *is* Jenkins?
Who *is* Jenkins?Who *is* Jenkins?
Who *is* Jenkins?Andrew Bayer
 
Continuous Integration and Deployment Best Practices on AWS
Continuous Integration and Deployment Best Practices on AWSContinuous Integration and Deployment Best Practices on AWS
Continuous Integration and Deployment Best Practices on AWSDanilo Poccia
 
InSpec at DevOps ATL Meetup January 22, 2020
InSpec at DevOps ATL Meetup January 22, 2020InSpec at DevOps ATL Meetup January 22, 2020
InSpec at DevOps ATL Meetup January 22, 2020Mandi Walls
 
컴파일러 Ch01
컴파일러 Ch01컴파일러 Ch01
컴파일러 Ch01Hankyo
 
A range of reading notebooks
A range of reading notebooksA range of reading notebooks
A range of reading notebooksdonamore1
 

More Related Content

What's hot

Webinar: Continuous Deployment with MongoDB at Kitchensurfing
Webinar: Continuous Deployment with MongoDB at KitchensurfingWebinar: Continuous Deployment with MongoDB at Kitchensurfing
Webinar: Continuous Deployment with MongoDB at KitchensurfingMongoDB
 
Introduction Asp.Net MVC5 |MVC5 Tutorial for Beginners & Advanced | Dot Net T...
Introduction Asp.Net MVC5 |MVC5 Tutorial for Beginners & Advanced | Dot Net T...Introduction Asp.Net MVC5 |MVC5 Tutorial for Beginners & Advanced | Dot Net T...
Introduction Asp.Net MVC5 |MVC5 Tutorial for Beginners & Advanced | Dot Net T...Dot Net Tricks
 
Test-Driven Infrastructure with CloudFormation and Cucumber.
Test-Driven Infrastructure with CloudFormation and Cucumber. Test-Driven Infrastructure with CloudFormation and Cucumber.
Test-Driven Infrastructure with CloudFormation and Cucumber. Stelligent
 
DevOps, Continuous Integration and Deployment on AWS: Putting Money Back into...
DevOps, Continuous Integration and Deployment on AWS: Putting Money Back into...DevOps, Continuous Integration and Deployment on AWS: Putting Money Back into...
DevOps, Continuous Integration and Deployment on AWS: Putting Money Back into...Amazon Web Services
 
A Simple 8-Step Guide to Setting Up a Dev Shop
A Simple 8-Step Guide to Setting Up a Dev ShopA Simple 8-Step Guide to Setting Up a Dev Shop
A Simple 8-Step Guide to Setting Up a Dev ShopScott Porad
 
Moving Windows Applications to the Cloud
Moving Windows Applications to the CloudMoving Windows Applications to the Cloud
Moving Windows Applications to the CloudRightScale
 
How to work with Selenium Grid: a quick walkthrough
How to work with Selenium Grid: a quick walkthroughHow to work with Selenium Grid: a quick walkthrough
How to work with Selenium Grid: a quick walkthroughNoam Zakai
 
No BS, Vendor Neutral Comparison of Application Layering Solutions
No BS, Vendor Neutral Comparison of Application Layering SolutionsNo BS, Vendor Neutral Comparison of Application Layering Solutions
No BS, Vendor Neutral Comparison of Application Layering SolutionsUnidesk Corporation
 
Puppet Camp Charlotte 2015: Managing middleware with Puppet
Puppet Camp Charlotte 2015: Managing middleware with PuppetPuppet Camp Charlotte 2015: Managing middleware with Puppet
Puppet Camp Charlotte 2015: Managing middleware with PuppetPuppet
 
There is No Server: Immutable Infrastructure and Serverless Architecture
There is No Server: Immutable Infrastructure and Serverless ArchitectureThere is No Server: Immutable Infrastructure and Serverless Architecture
There is No Server: Immutable Infrastructure and Serverless ArchitectureSonatype
 
Get Started with ASP.NET Core Training, Tutorial - Beginner to Advance
Get Started with ASP.NET Core Training, Tutorial - Beginner to AdvanceGet Started with ASP.NET Core Training, Tutorial - Beginner to Advance
Get Started with ASP.NET Core Training, Tutorial - Beginner to AdvanceShailendra Chauhan
 
Continuous integration
Continuous integrationContinuous integration
Continuous integrationAaron Eden
 
Inspec: Turn your compliance, security, and other policy requirements into au...
Inspec: Turn your compliance, security, and other policy requirements into au...Inspec: Turn your compliance, security, and other policy requirements into au...
Inspec: Turn your compliance, security, and other policy requirements into au...Kangaroot
 
InSpec - June 2018 at Open28.be
InSpec - June 2018 at Open28.beInSpec - June 2018 at Open28.be
InSpec - June 2018 at Open28.beMandi Walls
 
Continuous Integration and Deployment Best Practices on AWS
Continuous Integration and Deployment Best Practices on AWS Continuous Integration and Deployment Best Practices on AWS
Continuous Integration and Deployment Best Practices on AWS Amazon Web Services
 
Accelerating Innovation with DevOps on AWS
Accelerating Innovation with DevOps on AWSAccelerating Innovation with DevOps on AWS
Accelerating Innovation with DevOps on AWSAmazon Web Services
 
Continuous Integration and Deployment Best Practices on AWS
Continuous Integration and Deployment Best Practices on AWSContinuous Integration and Deployment Best Practices on AWS
Continuous Integration and Deployment Best Practices on AWSDanilo Poccia
 
InSpec at DevOps ATL Meetup January 22, 2020
InSpec at DevOps ATL Meetup January 22, 2020InSpec at DevOps ATL Meetup January 22, 2020
InSpec at DevOps ATL Meetup January 22, 2020Mandi Walls
 

What's hot (20)

Webinar: Continuous Deployment with MongoDB at Kitchensurfing
Webinar: Continuous Deployment with MongoDB at KitchensurfingWebinar: Continuous Deployment with MongoDB at Kitchensurfing
Webinar: Continuous Deployment with MongoDB at Kitchensurfing
 
Introduction Asp.Net MVC5 |MVC5 Tutorial for Beginners & Advanced | Dot Net T...
Introduction Asp.Net MVC5 |MVC5 Tutorial for Beginners & Advanced | Dot Net T...Introduction Asp.Net MVC5 |MVC5 Tutorial for Beginners & Advanced | Dot Net T...
Introduction Asp.Net MVC5 |MVC5 Tutorial for Beginners & Advanced | Dot Net T...
 
Continuous integration
Continuous integrationContinuous integration
Continuous integration
 
Test-Driven Infrastructure with CloudFormation and Cucumber.
Test-Driven Infrastructure with CloudFormation and Cucumber. Test-Driven Infrastructure with CloudFormation and Cucumber.
Test-Driven Infrastructure with CloudFormation and Cucumber.
 
DevOps, Continuous Integration and Deployment on AWS: Putting Money Back into...
DevOps, Continuous Integration and Deployment on AWS: Putting Money Back into...DevOps, Continuous Integration and Deployment on AWS: Putting Money Back into...
DevOps, Continuous Integration and Deployment on AWS: Putting Money Back into...
 
A Simple 8-Step Guide to Setting Up a Dev Shop
A Simple 8-Step Guide to Setting Up a Dev ShopA Simple 8-Step Guide to Setting Up a Dev Shop
A Simple 8-Step Guide to Setting Up a Dev Shop
 
Moving Windows Applications to the Cloud
Moving Windows Applications to the CloudMoving Windows Applications to the Cloud
Moving Windows Applications to the Cloud
 
How to work with Selenium Grid: a quick walkthrough
How to work with Selenium Grid: a quick walkthroughHow to work with Selenium Grid: a quick walkthrough
How to work with Selenium Grid: a quick walkthrough
 
No BS, Vendor Neutral Comparison of Application Layering Solutions
No BS, Vendor Neutral Comparison of Application Layering SolutionsNo BS, Vendor Neutral Comparison of Application Layering Solutions
No BS, Vendor Neutral Comparison of Application Layering Solutions
 
Puppet Camp Charlotte 2015: Managing middleware with Puppet
Puppet Camp Charlotte 2015: Managing middleware with PuppetPuppet Camp Charlotte 2015: Managing middleware with Puppet
Puppet Camp Charlotte 2015: Managing middleware with Puppet
 
There is No Server: Immutable Infrastructure and Serverless Architecture
There is No Server: Immutable Infrastructure and Serverless ArchitectureThere is No Server: Immutable Infrastructure and Serverless Architecture
There is No Server: Immutable Infrastructure and Serverless Architecture
 
Get Started with ASP.NET Core Training, Tutorial - Beginner to Advance
Get Started with ASP.NET Core Training, Tutorial - Beginner to AdvanceGet Started with ASP.NET Core Training, Tutorial - Beginner to Advance
Get Started with ASP.NET Core Training, Tutorial - Beginner to Advance
 
Continuous integration
Continuous integrationContinuous integration
Continuous integration
 
Inspec: Turn your compliance, security, and other policy requirements into au...
Inspec: Turn your compliance, security, and other policy requirements into au...Inspec: Turn your compliance, security, and other policy requirements into au...
Inspec: Turn your compliance, security, and other policy requirements into au...
 
InSpec - June 2018 at Open28.be
InSpec - June 2018 at Open28.beInSpec - June 2018 at Open28.be
InSpec - June 2018 at Open28.be
 
Continuous Integration and Deployment Best Practices on AWS
Continuous Integration and Deployment Best Practices on AWS Continuous Integration and Deployment Best Practices on AWS
Continuous Integration and Deployment Best Practices on AWS
 
Accelerating Innovation with DevOps on AWS
Accelerating Innovation with DevOps on AWSAccelerating Innovation with DevOps on AWS
Accelerating Innovation with DevOps on AWS
 
Who *is* Jenkins?
Who *is* Jenkins?Who *is* Jenkins?
Who *is* Jenkins?
 
Continuous Integration and Deployment Best Practices on AWS
Continuous Integration and Deployment Best Practices on AWSContinuous Integration and Deployment Best Practices on AWS
Continuous Integration and Deployment Best Practices on AWS
 
InSpec at DevOps ATL Meetup January 22, 2020
InSpec at DevOps ATL Meetup January 22, 2020InSpec at DevOps ATL Meetup January 22, 2020
InSpec at DevOps ATL Meetup January 22, 2020
 

Viewers also liked

컴파일러 Ch01
컴파일러 Ch01컴파일러 Ch01
컴파일러 Ch01Hankyo
 
A range of reading notebooks
A range of reading notebooksA range of reading notebooks
A range of reading notebooksdonamore1
 
Diagrama a impimir
Diagrama a impimirDiagrama a impimir
Diagrama a impimircinthya vega
 
Gleason P90 Machine Setup Change Time Analysis
Gleason P90 Machine Setup Change Time AnalysisGleason P90 Machine Setup Change Time Analysis
Gleason P90 Machine Setup Change Time AnalysisSoumitra Khanale
 
Calidad del servicio
Calidad del servicio Calidad del servicio
Calidad del servicio Melani-STP
 
Камчатка-ленд
Камчатка-лендКамчатка-ленд
Камчатка-лендZarinaM
 
03.모바일 실습교재(모바일 공통컴포넌트 실습)
03.모바일 실습교재(모바일 공통컴포넌트 실습)03.모바일 실습교재(모바일 공통컴포넌트 실습)
03.모바일 실습교재(모바일 공통컴포넌트 실습)Hankyo
 
Formato manual de sistemas con los organigramas
Formato manual de sistemas con los organigramasFormato manual de sistemas con los organigramas
Formato manual de sistemas con los organigramasJose A. Gil
 

Viewers also liked (12)

컴파일러 Ch01
컴파일러 Ch01컴파일러 Ch01
컴파일러 Ch01
 
A range of reading notebooks
A range of reading notebooksA range of reading notebooks
A range of reading notebooks
 
Diagrama a impimir
Diagrama a impimirDiagrama a impimir
Diagrama a impimir
 
port2-2
port2-2port2-2
port2-2
 
Gleason P90 Machine Setup Change Time Analysis
Gleason P90 Machine Setup Change Time AnalysisGleason P90 Machine Setup Change Time Analysis
Gleason P90 Machine Setup Change Time Analysis
 
Lezing act
Lezing actLezing act
Lezing act
 
Calidad del servicio
Calidad del servicio Calidad del servicio
Calidad del servicio
 
Камчатка-ленд
Камчатка-лендКамчатка-ленд
Камчатка-ленд
 
Office365
Office365Office365
Office365
 
03.모바일 실습교재(모바일 공통컴포넌트 실습)
03.모바일 실습교재(모바일 공통컴포넌트 실습)03.모바일 실습교재(모바일 공통컴포넌트 실습)
03.모바일 실습교재(모바일 공통컴포넌트 실습)
 
Formato manual de sistemas con los organigramas
Formato manual de sistemas con los organigramasFormato manual de sistemas con los organigramas
Formato manual de sistemas con los organigramas
 
summer_camp_story
summer_camp_storysummer_camp_story
summer_camp_story
 

Similar to The Devopsification of Windows Server

Morning Coffee - Windows Server 2016
Morning Coffee - Windows Server 2016Morning Coffee - Windows Server 2016
Morning Coffee - Windows Server 2016Primend
 
Windows 2012 R2 Multi Server Management
Windows 2012 R2 Multi Server ManagementWindows 2012 R2 Multi Server Management
Windows 2012 R2 Multi Server ManagementSharkrit JOBBO
 
DevOps on Windows: How to Deploy Complex Windows Workloads | AWS Public Secto...
DevOps on Windows: How to Deploy Complex Windows Workloads | AWS Public Secto...DevOps on Windows: How to Deploy Complex Windows Workloads | AWS Public Secto...
DevOps on Windows: How to Deploy Complex Windows Workloads | AWS Public Secto...Amazon Web Services
 
Infrastructure as Code
Infrastructure as CodeInfrastructure as Code
Infrastructure as CodeRobert Greiner
 
DevOps in the Cloud
DevOps in the CloudDevOps in the Cloud
DevOps in the CloudEran Stiller
 
Devoxx 2016 - Docker Nuts and Bolts
Devoxx 2016 - Docker Nuts and BoltsDevoxx 2016 - Docker Nuts and Bolts
Devoxx 2016 - Docker Nuts and BoltsPatrick Chanezon
 
Introducing AWS OpsWorks, a DevOps application management platform
Introducing AWS OpsWorks, a DevOps application management platformIntroducing AWS OpsWorks, a DevOps application management platform
Introducing AWS OpsWorks, a DevOps application management platformAmazon Web Services
 
Continuous Integration - Mobile Practice
Continuous Integration - Mobile PracticeContinuous Integration - Mobile Practice
Continuous Integration - Mobile PracticeHARMAN Services
 
Containerisation Hack of a Legacy Software Solution - Alex Carter - CodeMill ...
Containerisation Hack of a Legacy Software Solution - Alex Carter - CodeMill ...Containerisation Hack of a Legacy Software Solution - Alex Carter - CodeMill ...
Containerisation Hack of a Legacy Software Solution - Alex Carter - CodeMill ...CodeMill digital skills
 
Jumping from Continuous Integration to Continuous Delivery with Jenkins Enter...
Jumping from Continuous Integration to Continuous Delivery with Jenkins Enter...Jumping from Continuous Integration to Continuous Delivery with Jenkins Enter...
Jumping from Continuous Integration to Continuous Delivery with Jenkins Enter...CloudBees
 
My personal story from azure it pro to azure dev ops
My personal story from azure it pro to azure dev opsMy personal story from azure it pro to azure dev ops
My personal story from azure it pro to azure dev opsnj-azure
 
Continuous Integration for OpenVMS with Jenkins
Continuous Integration for OpenVMS with JenkinsContinuous Integration for OpenVMS with Jenkins
Continuous Integration for OpenVMS with Jenkinsecubemarketing
 
Oscon London 2016 - Docker from Development to Production
Oscon London 2016 - Docker from Development to ProductionOscon London 2016 - Docker from Development to Production
Oscon London 2016 - Docker from Development to ProductionPatrick Chanezon
 
321 codeincontainer brewbox
321 codeincontainer brewbox321 codeincontainer brewbox
321 codeincontainer brewboxLino Telera
 
Devops continuousintegration and deployment onaws puttingmoneybackintoyourmis...
Devops continuousintegration and deployment onaws puttingmoneybackintoyourmis...Devops continuousintegration and deployment onaws puttingmoneybackintoyourmis...
Devops continuousintegration and deployment onaws puttingmoneybackintoyourmis...Emerson Eduardo Rodrigues Von Staffen
 

Similar to The Devopsification of Windows Server (20)

B875.pptx
B875.pptxB875.pptx
B875.pptx
 
Morning Coffee - Windows Server 2016
Morning Coffee - Windows Server 2016Morning Coffee - Windows Server 2016
Morning Coffee - Windows Server 2016
 
Windows 2012 R2 Multi Server Management
Windows 2012 R2 Multi Server ManagementWindows 2012 R2 Multi Server Management
Windows 2012 R2 Multi Server Management
 
DevOps on Windows: How to Deploy Complex Windows Workloads | AWS Public Secto...
DevOps on Windows: How to Deploy Complex Windows Workloads | AWS Public Secto...DevOps on Windows: How to Deploy Complex Windows Workloads | AWS Public Secto...
DevOps on Windows: How to Deploy Complex Windows Workloads | AWS Public Secto...
 
Infrastructure as Code
Infrastructure as CodeInfrastructure as Code
Infrastructure as Code
 
DevOps in the Cloud
DevOps in the CloudDevOps in the Cloud
DevOps in the Cloud
 
Devoxx 2016 - Docker Nuts and Bolts
Devoxx 2016 - Docker Nuts and BoltsDevoxx 2016 - Docker Nuts and Bolts
Devoxx 2016 - Docker Nuts and Bolts
 
Introducing AWS OpsWorks, a DevOps application management platform
Introducing AWS OpsWorks, a DevOps application management platformIntroducing AWS OpsWorks, a DevOps application management platform
Introducing AWS OpsWorks, a DevOps application management platform
 
Continuous Integration - Mobile Practice
Continuous Integration - Mobile PracticeContinuous Integration - Mobile Practice
Continuous Integration - Mobile Practice
 
DevOps tools for winning agility
DevOps tools for winning agilityDevOps tools for winning agility
DevOps tools for winning agility
 
Containerisation Hack of a Legacy Software Solution - Alex Carter - CodeMill ...
Containerisation Hack of a Legacy Software Solution - Alex Carter - CodeMill ...Containerisation Hack of a Legacy Software Solution - Alex Carter - CodeMill ...
Containerisation Hack of a Legacy Software Solution - Alex Carter - CodeMill ...
 
PP_Eric_Gandt
PP_Eric_GandtPP_Eric_Gandt
PP_Eric_Gandt
 
Jumping from Continuous Integration to Continuous Delivery with Jenkins Enter...
Jumping from Continuous Integration to Continuous Delivery with Jenkins Enter...Jumping from Continuous Integration to Continuous Delivery with Jenkins Enter...
Jumping from Continuous Integration to Continuous Delivery with Jenkins Enter...
 
My personal story from azure it pro to azure dev ops
My personal story from azure it pro to azure dev opsMy personal story from azure it pro to azure dev ops
My personal story from azure it pro to azure dev ops
 
Continuous Integration for OpenVMS with Jenkins
Continuous Integration for OpenVMS with JenkinsContinuous Integration for OpenVMS with Jenkins
Continuous Integration for OpenVMS with Jenkins
 
Past, Present and Future of DevOps Infrastructure
Past, Present and Future of DevOps InfrastructurePast, Present and Future of DevOps Infrastructure
Past, Present and Future of DevOps Infrastructure
 
Selenium practical
Selenium practicalSelenium practical
Selenium practical
 
Oscon London 2016 - Docker from Development to Production
Oscon London 2016 - Docker from Development to ProductionOscon London 2016 - Docker from Development to Production
Oscon London 2016 - Docker from Development to Production
 
321 codeincontainer brewbox
321 codeincontainer brewbox321 codeincontainer brewbox
321 codeincontainer brewbox
 
Devops continuousintegration and deployment onaws puttingmoneybackintoyourmis...
Devops continuousintegration and deployment onaws puttingmoneybackintoyourmis...Devops continuousintegration and deployment onaws puttingmoneybackintoyourmis...
Devops continuousintegration and deployment onaws puttingmoneybackintoyourmis...
 

The Devopsification of Windows Server

  • 1. The DevOpsification of Windows Server Jeffrey Snover Microsoft Technical Fellow Chief Architect Enterprise Cloud Group @JSNOVER
  • 3. DevOps is about culture and processes
  • 4. DevOps is NOT about tools and technology
  • 8. Tools and technology can make DevOps easy or hard
  • 9. Windows Server 2016 is architected to make DevOps easy
  • 10. Windows Server 2016 resolves the interface between devs and ops
  • 11. Windows Server has been silent on the interface between Devs and Ops • No architecture • 1,000 blossoms bloomed
  • 13. WS2016 resolves that interface • Traditional ops model • Emerging ops model using Containers
  • 14. Why?
  • 15. Evolution of Windows Server Server for the Masses Enterprise Servers Datacenter Servers Cloud Servers
  • 16. Cloud Competitive • Small and fast • Minimize attack service • Minimize patches/reboots • Optimized for DevOps
  • 17. Cloud + DevOps Saving $ => Making $$$$$$$$
  • 18. DevOpsification of Windows • Componentization: NanoServer and PowerShell Core • Development • Packaging & deployment • Configuration • Containers & Docker • Operational Validation Testing • Operating Securely
  • 19. Componentization Optimized for cloud infrastructure & next-gen distributed applications Containers and next-gen applications Server And Desktop Specialized workloads Third-party applications RDS experience Server Core Lower maintenance server environment Traditional VM workloads Nano Server Just enough OS
  • 20. Zero-footprint model Server Roles and Optional Features live outside of Nano Server Standalone packages that install like applications Key Roles & Features Clustering, Hyper-V, Storage (SoFS), and DNS Server IIS, .NET Core, and ASP.NET Core Full Windows Server driver support Antimalware optional package System Center VMM and OM agents available Nano Server: Optimized for the Cloud Era
  • 21. Nano Server – PowerShell Core • Refactored to run on .NET Core • Full PowerShell language compatibility & remoting • Invoke-Command, New-PSSession, Enter-PSSession, etc. • Most core engine components • Support for all cmdlet types except workflow • C#, Script, and CIM • Limited set of cmdlets initially • Growing fast
  • 22. DevOpsification of Windows • Componentization • Development: NanoServer SDK • Packaging & deployment • Configuration • Containers & Docker • Operational Validation Testing • Operating Securely
  • 23.
  • 24. DevOpsification of Windows • Componentization • Development • Packaging & deployment: WSA & PackageManagement (OneGet) • Configuration • Containers & Docker • Operational Validation Testing • Operating Securely
  • 25. First a word about MSI • Not supported on Nano Server • MSI has GUI dependencies • Custom Actions are the portal to hell
  • 26. Windows Server App installer (WSA) • New declarative Server installer • Extends the AppX schema • Allows for Server-specific extensions, such as NT Services, Perf Counters, COM Objects, WMI providers, ETW events • No custom actions • 4 out of 5 kittens love WSA
  • 27. Cmdlet ACTION Find-Package Search for a package Install-Package Install the package Save-Package Download the package but don’t install it Get-Package Inventory of installed packages Uninstall-Package Uninstall the package
  • 28.
  • 29. PackageManagement End User PackageManagement PowerShell cmdlets PackageManagement Core Discovery Install/Uninstall Inventory PackageManagement Providers Windows Server App (WSA) PowerShellGet Windows Container NuGet NanoServerPackage … Package Sources WSA Package Repository… PowerShell Gallery Container Gallery, Docker NuGet Gallery … www.NPMjs.com WordPress, …
  • 30. DevOpsification of Windows • Componentization • Development • Packaging & deployment • Configuration: Desired State Configuration • Containers & Docker • Operational Validation Testing • Operating Securely
  • 31. Cloud scale configuration management Declare the state of a server (e.g User X should exist & be a member of the Adminstrator group ) Apply expert knowledge as common tasks – easier than scripting DSC is the platform Works in collaboration with DevOps tool chain (Chef, Puppet, etc.) Windows 2008R2 and later, and Linux via OMI Solutions available from OMS and 3rd parties (e.g. Chef,Puppet) Open source DSC Resource Kit (302) resources https://gallery.technet.microsoft.com/scriptcenter/DSC-Resource-Kit-All-c449312d DSC Overview https://msdn.microsoft.com/en-us/powershell/dsc/overview Desired State Configuration
  • 32. DevOpsification of Windows • Componentization • Development • Packaging & deployment • Configuration • Containers & Docker • Operational Validation Testing • Operating Securely
  • 33. Running WS2016 Applications Containers and next-gen applications Server And Desktop Specialized workloads Third-party applications RDS experience Server Core Lower maintenance server environment Traditional VM workloads Nano Server Just enough OS
  • 36. DevOpsification of Windows • Componentization • Development • Packaging & deployment • Configuration • Containers & Docker • Operational Validation Testing • Operating Securely
  • 37.
  • 38.
  • 39.
  • 40. DevOpsification of Windows • Componentization • Development • Packaging & deployment • Configuration • Containers & Docker • Operational Validation Testing • Operating Securely: JEA
  • 41. “Who better to target than the person that already has the ‘keys to the kingdom’?” You’re an Admin Thanks, you’re PWND!! Edward Snowden • Age 30 • College dropout Michael Hayden • Four star general • Director of the NSA • Director of the CIA • Director of National Intelligence
  • 42. Safe functions required by role Dangerous functions attackers could abuse Just Enough Admin Allows you to perform administrative tasks without being a full administrator • On a Server - almost any administrative action requires a user be an administrator • Once an administrator, a user can do anything on the server with no oversight • A compromised machine or a breached administrator account enables attacker movement to other assets From full admin to role based admin Just Enough Administration (JEA) using PowerShell WMF 5.0
  • 43. JEA Resources: https://github.com/PowerShell/JEA https://gallery.technet.microsoft.com/Just-Enough-Administration-6b5ad370 PS C:> Enter-JEAsession Server1 –Name Maintenance Server1> Restart-Service MSSQLSERVER HR Server Server1> Steal-Secrets * Error: You are not authorized to Steal-Secrets
  • 44. DevOpsification of Windows • Componentization • Development • Packaging & deployment • Configuration • Containers & Docker • Operational Validation Testing • Operating Securely
  • 45.
  • 46. DevOpsification of Windows • Componentization • Development • Packaging & deployment • Configuration • Containers & Docker • Operational Validation Testing • Operating Securely Available DownlevelWS2016
  • 47. Cloud Competitive • Small and Fast • Minimize attack service • Minimize patches/reboots • Optimized for DevOps
  • 48. 0 5 10 15 20 25 Critical Bulletins Nano Server Server Core Full Server 0 5 10 15 20 25 30 Important Bulletins Nano Server Server Core Full Server 0 2 4 6 8 10 12 Number of Reboots Nano Server Server Core Full Server 23 8 2 9 23 26 6 11 3
  • 49. 0 5 10 15 20 25 30 Ports open Nano Server Server Core 0 5 10 15 20 25 30 35 40 45 50 Services running Nano Server Server Core 0 20 40 60 80 100 120 Drivers loaded Nano Server Server Core 11 26 25 44 73 98
  • 50. 0 50 100 150 200 250 300 Boot IO (MB) Nano Server Server Core 0 5 10 15 20 25 30 Process Count Nano Server Server Core 0 20 40 60 80 100 120 140 160 Kernel memory in use (MB) Nano Server Server Core 26 21 61 139 108 306
  • 51. 0 50 100 150 200 250 300 350 Setup Time (sec) Nano Server Server Core 0 1 2 3 4 5 6 Disk Footprint (GB) Nano Server Server Core 0 1 2 3 4 5 6 7 VHD Size (GB) Nano Server Server Core .41 6.3 40 300 5.42 .4
  • 52. DevOps is about culture and processes
  • 53. Tools and technology can make DevOps easy or hard
  • 54. Windows Server 2016 is architected to make DevOps easy
  • 55. In times of change, sometimes the job outgrows good people
  • 56. Where are you going? Do you have the right people, partners & tools to get there?
  • 57. Q&A