Hyper-V Overview Study Notes

Chapter 5: Hyper-V Overview

Class Schedule

  • Day 5 - Today

    • Attendance

    • Lab Quiz 2 and 3

    • Quiz 1: Chapters 1 and 2

    • Lecture on Chapter 5

    • Xtreme Labs Lab 4 and 5 (both should be completed today)

  • Day 6 - Next Class

    • Attendance

    • Lab Quiz 4 and 5

    • Quiz 2: Chapters 3 and 4

    • Lecture on Chapter 6

    • Xtreme Labs Lab 6

    • Note: Chapters, Labs, and Modules are synonymous.

Overview

  • Learn to determine hardware and compatibility requirements for installing Hyper-V

  • Install Hyper-V

  • Install management tools

  • Create and configure Generation 1 and 2 Virtual Machines (VMs) and determine appropriate usage scenarios

  • Implement enhanced session mode

  • Import, export, and copy VMs

  • Add and remove virtual network interface cards (vNICs)

  • Configure Hyper-V virtual switches

Terminology

Guests

  • The Guest(s) refers to the Operating System (OS) that is running on the Host.

    • You can have several Guests running on a Host.

    • Other names used for Guest include VM, Image, etc.

Host

  • The Host is the computer that runs Hyper-V.

    • Questions related to the number of guests, VMs, or images running on the server can be asked.

Installing and Configuring Hyper-V

  • Hyper-V allows the use of virtual machine technology to run multiple operating systems concurrently on a single machine, enabling the separation of services.

  • It also facilitates the creation of a safe, self-contained test environment.

  • Hyper-V is a hypervisor-based virtualization system that was first rolled out with Windows Server 2008, although its early versions were basic and did not match VMware's capabilities.

  • Hyper-V is a software implementation that controls the hardware to enable virtualization.

  • Hyper-V is a server role installed via Server Manager.

  • Once installed, the hypervisor isolates the OS and applications from the physical computer's hardware.

    • Definition of hypervisor: It is a process (software) that separates the OS from the underlying physical hardware, allowing virtualization to take place.

Enhanced Features in Newer Versions of Hyper-V

  1. Host Resource Protection: Prevents a VM from consuming all the resources on the Hyper-V host, ensuring other VMs function properly.

  2. Hyper-V Manager Improvements: Allows the use of alternate credentials while connecting to a Hyper-V host.

  3. Nested Virtualization: Enables the installation of Hyper-V inside a virtual machine (applicable to Windows Server 2016 or higher).

  4. Shielded Virtual Machines: Enhances security by encrypting a virtual machine.

  5. Start Order Priority: Specifies the startup order for VMs, useful for services reliant on one another (e.g., Exchange and Skype).

  6. Windows PowerShell Direct: Allows running PowerShell cmdlets on a VM from the Hyper-V host.

Determining Hardware & Compatibility Requirements for Installing Hyper-V

  • Key technologies required on the host include:

    1. A 64-bit processor with Second Level Address Translation (SLAT) technology, which reduces hypervisor overhead.

    2. A minimum of 4 GB of RAM.

    3. Intel or AMD Virtualization Technology: Allows the CPU to simulate multiple independent computers.

Installing Hyper-V

  • Before installation, ensure the host running Windows Server has all necessary drivers and updates.

  • Check the server for errors (evaluate using Event Viewer).

  • Install the Hyper-V server role via Server Manager or Windows PowerShell:

    • To install using Server Manager, Windows Server must be the Standard or Datacenter edition.

    • PowerShell command to install:

    • Command:
      DISM /online /enable-feature /featurename:Microsoft-Hyper-V

    • Administrative permissions on the host are required.

    • Best practices caution: Do not install Hyper-V on a Domain Controller (DC); later Windows versions prohibit this.

Installing Management Tools

  • Hyper-V is managed using both the Hyper-V Manager or Windows PowerShell.

  • Hyper-V Manager serves as the administrative tool for the creation, alteration, and deletion of VMs and virtual switches, also managing virtual storage.

  • Hyper-V Manager is installed on the host once the Hyper-V role is added.

  • To manage Hyper-V from another computer (like Windows 10), Hyper-V management tools must be installed on that computer.

  • Poll: Can you install Hyper-V on Windows Essentials? Answer: No.

Performing Remote Management of Hyper-V Hosts

  • After installing Hyper-V Management Tools, you can manage either local or remote Hyper-V hosts.

  • Typically, the host is located in a server room, while management occurs from a desktop (e.g., Windows 10) possibly in an office or home.

  • Hyper-V Manager can manage multiple Hyper-V hosts through a single instance.

  • Upon opening Hyper-V Manager on a host, the local host will already be added to the console.

  • To manage additional or remote hosts, simply add them to Hyper-V Manager.

Delegating Virtual Machine Management

  • By default, Hyper-V grants the administrators group the ability to create and manage VMs.

  • Access can be granted by adding a user to either the Administrators or Hyper-V Administrators group.

  • Users can also be allowed to manage VMs by employing the Authorization Manager console (command: azman.msc).

  • To grant access to a user using PowerShell:

    1. Use Grant-VMConnectAccess to provide Console Read or Console Read/Write access.

    2. To check results, use Get.

    3. To revoke access, apply the Revoke-VMConnectAccess cmdlet.

Creating Virtual Machines

  • The simplest method for creating a virtual machine is to use the Hyper-V Manager and utilize the New, Virtual Machine Wizard.

  • To install an OS, the OS must be available as an ISO file on the Host, which the new VM points to for installation.

  • During installation, the installer will prompt all standard questions as if installing on a physical machine.

  • Configuration items such as RAM, NIC, and other settings can be adjusted in the Hyper-V Settings of the VM.

Connecting to a VM

  • Several methods exist to connect to created/installed virtual machines:

    1. Open Hyper-V Manager and double-click the VM.

    2. Right-click the VM and select Connect.

    3. Execute VMConnect.exe from a command line and specify the desired VM.

Managing Virtual Memory

  • When assigning RAM, ensure the total for all VMs does not surpass the physical RAM present in the server.

    • Verify compatibility of applications with Dynamic Memory, as some databases may not function well with it.

  • The Memory Weight setting defines the priority of RAM allocation for this VM relative to others. - Caution: Improper configuration can prevent other VMs from booting due to limited RAM. Regularly monitor the RAM situation, especially when not having substantial RAM available.

Creating and Configuring Generation 1 and 2 VMs

  • When a virtual machine is created, it can be defined as either a Generation 1 or Generation 2 VM, each with distinct characteristics.

Generation 1 VMs

  • Provides virtual hardware used in earlier Hyper-V versions.

  • Supports both 32-bit and 64-bit guest operating systems.

  • Can access a physical DVD drive.

  • Generation 1 is set as default.

Generation 2 VMs

  • Introduces advanced functionality including:

    • PXE boot via a standard network adapter

    • Booting from a SCSI virtual hard disk or logical DVD

    • Secure Boot and UEFI firmware support

  • Only 64-bit guest operating systems are supported.

  • Cannot access a physical DVD drive.

  • Requires VMs to be running Server 2012 or Windows 8 (64-bit) or newer.

  • The host must be Server 2012 R2 or newer.

  • Note: Once created, the generation of a VM cannot be changed.

Importing, Exporting, and Copying VMs

  • When using the Import Virtual Machine Wizard in Windows Server, several options are available, each reliant on unique VM IDs to function correctly.

    1. Register the virtual machine in place: Used when manually placing VM files; does not conflict with other VMs having the same ID.

    2. Restore the virtual machine: Used with VM files on different media, where Hyper-V organizes files and registers the VM.

    3. Copy the virtual machine: Creates a new unique ID, typically used for exporting VMs as templates for quick deployment.

  • Note: Ensure the new unique ID is not confused with Windows Server SID.

Implementing Security Options for Windows and Linux Virtual Machines, Including Secure Boot

1. Secure Boot

  • A UEFI feature ensuring all components loaded during the boot process are digitally signed and validated.

  • Only software trusted by the PC manufacturer or user can boot, preventing malware from executing.

2. BitLocker Drive Encryption

  • Protects against brute force attacks aimed at accessing the fixed drive or other unauthorized installations.

  • Provides full disk encryption for fixed drives (including storage pools) and operating system drives.

3. Shielded Virtual Machine

  • Known as a guarded host, it runs the Host Guarding Service server role.

  • When shielded, VM data and state are protected through the virtual trusted platform module, which encrypts the entire VM disk.

  • Includes key features: Secure Boot, BitLocker encryption, virtual Trusted Platform Module (TPM), and the Host Guardian Service.

Poll

  • Can you mix VMs such as Server and Workstation, and have various different versions (e.g., Windows 7, 8, 10, Server 2016, 2022, along with SUSE, Red Hat, etc.) running on the same host?

Hyper-V Networking

  • Hyper-V virtualization creates virtual networks for VMs, allowing them to communicate with one another and the physical network infrastructure.

  • Virtual devices connect to virtual switches similar to networking in the physical world, providing security, isolation, and quality of service.

  • The Hyper-V virtual switch is a software-based system manageable via Hyper-V Manager.

  • Each VM has a virtual network interface (NIC) connected to the virtual switch.

Virtual/Physical Components

  • In physical networking, each computer includes a network adapter connected to a hardware switch.

  • In Hyper-V, the same principle is applied, using virtual components instead.

  • Each VM can support up to 12 virtual network adapters: 8 Hyper-V standard/synthetic adapters and 4 legacy network adapters.

Adding and Removing vNICs

  • Each VM automatically creates at least one virtual NIC that can be linked to a virtual switch.

  • This allows connection of VMs within a Hyper-V server under various network configurations, potentially including or excluding systems on the physical network.

  • Recommended to use Hyper-V standard network adapters due to their faster communication over the VMBus compared to legacy ones.

Legacy Network Adapters

  • Only available in Generation 1 VMs.

  • Communicate through hypervisor calls, which is slower than VMBus communication.

Configuring Hyper-V Virtual Switches

  • To establish a test network with multiple systems, configure a virtual switch within the Virtual Switch Manager accessible through Hyper-V Manager.

  • The virtual switch facilitates communication within VMs and internet access through the physical network.

  • Hyper-V allows unlimited virtualized ports.

Types of Hyper-V Virtual Switches

  1. External Virtual Switch: Binds to a physical network adapter, enabling VMs to access the physical network and communicate with outside resources.

    • From Windows Server 2016, mapping an external network to a wireless network adapter is possible if the Wireless LAN service is installed and compatible.

  2. Internal Virtual Switch: Allows VMs to communicate with each other and the host but does not connect to external networks.

  3. Private Virtual Switch: Only VMs on the host can communicate with one another, with no external communication.

Virtual NICs on the Guest

  • The virtual NIC appears as a physical NIC.

  • Management of the virtual NIC is conducted through the Network Adapters page, similar to any physical NIC.

  • Management can also be done through command prompt and PowerShell.

Virtual NICs on the Host

  • When a virtual NIC is added to a VM, it is visible as part of the Host as well.

  • The virtual NIC designation typically begins with a ā€œvā€ (unless modified) identifying it as a Hyper-V NIC.

Poll Questions

  • If you want the guests to only communicate with each other, which setting should you use?

    • a. Internal

    • b. External

    • c. Public

    • d. Private

  • If you want the guests to communicate only with each other and the host, which setting should you choose?

    • a. Internal

    • b. External

    • c. Public

    • d. Private

Optimizing Network Performance

  • Ensure that the physical network infrastructure uses links with speeds of at least 1 Gb or faster.

  • Utilize standard network adapters over legacy ones due to superior speeds.

  • Additional performance enhancement configurations include:

    • VLANS for network isolation

    • Bandwidth management to regulate traffic

    • NIC teaming for increased bandwidth capacity

Configuring Network Isolation

  • Network isolation improves performance by limiting communication among systems.

  • Utilize Internal or Private network adapters for segregation.

  • VLANs allow traffic isolation:

    • VLANs serve as logical segments creating separate broadcast domains, facilitating fast connections by switching, not routing, enhancing throughput.

    • Layer 2 refers to the data link layer (involving switches/bridges), while Layer 3 pertains to the network layer (involving routers).

Benefits of VLANs

  • Increased performance on medium to large Local Area Networks (LANs) due to reduced broadcast traffic.

  • Improved organization of network devices, enhancing management.

  • Enhanced security through the segregation of devices on their VLANs.

Result of VLAN Strategy

  • VLAN implementation allows for the orderly arrangement of networking environments, department-based rather than just IP networking, reducing traffic and enhancing performance.

Configuring NIC Teaming

  • NIC Teaming merges multiple NICs into a single unit to enhance performance and provide fault tolerance.

  • Hyper-V VMs can benefit from NIC teaming, limited to teams of only 2; while the host OS can support teams of up to 64 NICs.

  • Note: Teams of larger sizes may be created, but Microsoft does not support this.

Steps for Utilizing NIC Teaming in Hyper-V

  1. Create the NIC team on the Windows Server host.

  2. Create an external virtual switch in Hyper-V Manager linked to the NIC team.

  3. Configure the NIC on the VM to connect to the virtual switch representing the NIC team.

  4. Go to Server Manager, navigate to servers, right-click the designated server, and choose Configure NIC Teaming.

NIC Teaming Modes

  1. Switch Independent Mode: All network adapters connect to different switches for alternative routing (fault tolerance and redundancy).

  2. Switch Dependent Mode: All network adapters connect to the same switch, aggregating their bandwidth for higher throughput.

    • Static teaming and Link Aggregation Control Protocol (LACP) are configurations under switch dependent modes.