470 likes | 1.7k Views
VIR309. Hyper-V R2 Healthcheck ( Configuration and Performance). Mark Ghazai Sr. Premier Field Engineer (PFE) Microsoft Corporation Peter Meister Group Product Manager Microsoft Corporation. Session Objectives. Tools used on the field for the Hyper-V Health Checks
E N D
VIR309 Hyper-V R2 Healthcheck(Configuration and Performance) Mark Ghazai Sr. Premier Field Engineer (PFE) Microsoft Corporation Peter Meister Group Product Manager Microsoft Corporation
Session Objectives • Tools used on the field for the Hyper-V Health Checks • Hyper-V BPA (Full and Server Core) • MAP Toolkit • Hyper-V R2 Best Practices • HAVM, Failover Clustering • Cluster Validation Wizard (in case of Hyper-V Cluster) • Performance Monitor and PAL for Hyper-V R2 • New Premier Hyper-V Health Checks Offering
Hyper-V Health Check tools Hyper-V Best Practices Analyzer
Best Practices Analyzer (BPA)What is the BPA? • TechNet definition • Best Practices Analyzer (BPA) is a server management tool that is available in Windows Server® 2008 R2. BPA can help administrators reduce best practice violations by scanning one or more roles that are installed on Windows Server 2008 R2, and reporting best practice violations to the administrator. Administrators can filter or exclude results from BPA reports that they don’t need to see. Administrators can also perform BPA tasks by using either the Server Manager GUI, or Windows PowerShell cmdlets.
Hyper-V R2 BPARequirements • Windows Server 2008 R2 • Core or Full Edition • Hyper-V Role • Update 977238 required on Hyper-V Hosts • Server Manager remote access (Optional) • Server Manager and BPA modules for Powershell execution
Hyper-V BPATips and Recommendations • Export scan results to HTML format • http://blogs.technet.com/b/cedward/archive/2011/01/11/hyper-v-bpa-html-report.aspx • Configure Server Manager for remote administration • http://blogs.technet.com/b/mghazai/archive/2010/06/08/hyper-v-best-practices-analyzer-powershell-automation.aspx • Apply specific filters to avoid false positives or known errors • Some warning or errors can be safely ignored depending on the your environment or requirements • Apply Hyper-V BPA Updates (i.e. KB2485986 ) • Run BPA remotely with Powershell to a group of servers • http://gallery.technet.microsoft.com/scriptcenter/en-us/84d3e608-1404-4ee9-b5e2-24452ecc8b94
Hyper-V R2 BPA demo
Sample PS Script: Hyper-V R2 BPA • Import-Module failoverclusters • $OutputPath = "c:\temp\hvbpa.csv" • $clustername = "ServerName" • $s = Get-ClusterNode -cluster $clustername | New-PSSession • invoke-command -session $s -scriptblock { • import-module BestPractices • Invoke-BpaModel Microsoft/Windows/Hyper-V | out-null • Get-BPAResult Microsoft/Windows/Hyper-v | select ResultNumber,@{Name="Server Name"; Expression={hostname}},ModelId,RuleId,ResultId,Severity,NeutralSeverity,Category,Title,Problem,Impact,Resolution,Compliance,Help,Excluded • } | Export-Csv $OutputPath • Remove-PSSession $s
Hyper-V Health Check tools Microsoft Assessment and Planning Toolkit
MAP Toolkit (5.5)Tips and Recommendations • Enhanced server consolidation capabilities • Migration to cloud-based services • Server virtualization with Hyper-V • http://technet.microsoft.com/en-us/library/bb977556.aspx
Hyper-V Health Check tools Security
Hyper-V Security • Hardening Hyper-V and Parent Partition • Hyper-V R2 SKU or Server Core • No Other Apps/Roles/Features • Patch and A/V • Isolate network traffic (separate NICs and VLANs) • Bitlocker
Hyper-V Security • Delegating Virtual Machine Management • VM Admins no access to Parent • Authorization Manager (AzMan.msc) • SCVMM and Self Service Portal • Harden Management host OS • Virtual Machine Servicing Toolkit (VMST) • http://technet.microsoft.com/en-us/library/cc501231.aspx • Offline VMs in SCVMM library • Stopped and saved state VMs on a host • VM Templates. • Offline VHDs in SCVMM library by injecting update packages
Hyper-V Security • Protecting Virtual Machines • Patch and A/V • OS hardening • Encryption (i.e. EFS) • Audit • Permission • Hyper-V Security Guide • http://technet.microsoft.com/en-us/library/dd569113.aspx • Microsoft Security Compliance Manager • http://technet.microsoft.com/en-us/library/cc677002.aspx
MBSAWhat is the Microsoft Baseline Security Analyzer? • TechNet definition • Microsoft Baseline Security Analyzer (MBSA) is an easy-to-use tool designed for the IT professional that helps small- and medium-sized businesses determine their security state in accordance with Microsoft security recommendations and offers specific remediation guidance. Improve your security management process by using MBSA to detect common security misconfigurations and missing security updates on your computer systems.
MBSA for Windows Server 2008 R2Requirements • MBSA 2.1.1 or greater • MBSA 2.2 recommended • Admin rights on target host to run it remotely • Internet access and Firewall exceptions for remote scanning • TCP port 135, 139 and 445 and UDP 137 and 138 • Remote Registry service, Server service, Workstation service, File and Printer Sharing service, and Automatic Updates service. • MBSA FAQ • http://technet.microsoft.com/en-us/security/cc184922#EWBAC
Hyper-V Health Check Highly Available VM (HAVM)
HAVM EmPOWERED By: Failover Cluster • Failover Cluster provides key features to make Hyper-V VMs Highly Available • Live Migration • CSV (Cluster Shared Volumes) • Health Monitoring • Automatic Recovery
Cluster Validation WizardWhat is the Cluster Validation Wizard? • TechNet definition • The cluster validation wizard is a feature that is integrated into failover clustering in Windows Server 2008 and Windows Server 2008 R2. With the cluster validation wizard, you can run a set of focused tests on a collection of servers that you intend to use as nodes in a cluster. This cluster validation process tests the underlying hardware and software directly, and individually, to obtain an accurate assessment of how well failover clustering can be supported on a given configuration.
Failover Cluster Validation WizardRequirements • Windows Server 2008 or 2008 R2 • Failover Cluster Feature enabled • Storage and Network Connections Configured • Run Validate immediately after setup of Virtual Switches • Validate does not currently check Hyper-V specific config • More info: • http://technet.microsoft.com/en-us/library/cc732035(WS.10).aspx
Hyper-V Health Check Live Migration and CSV Volumes
Live Migration • Identical Processors • May enable Processor Compatibility • Must be same processor manufacturer • Identically named ‘Virtual Switches’ • Ensure that no ISOs are mounted • VM may need to be ‘refreshed’ in Failover Cluster • Specify the network for the VMs to use for Live Migration • Don’t use IPSec on LM network unless required for security • Linux HAVM needs Static MAC Address
CSV – SAN Fault Tolerance I/O Redirected Over CSV Network VM running on Node 2 Coordinator Node SAN Connectivity Failure SAN VHD VHD VHD
CSV Volume • Nodes running Windows Server 2008 R2 • Drive letter of the System Disk must be identical • %SystemDrive%\ClusterStorage • NTLM Protocol enabled on all nodes • Latest Identical HBA/Storage/Drivers/Firmware • SMB used by CSV • Client for Microsoft Networks • File and Printer Sharing for Microsoft Networks • Check Free Space – Use PowerShell Script http://blogs.msdn.com/b/clustering/archive/2010/06/19/10027366.aspx
CSV Settings • Highest priority network = CSV network • Network with lowest ‘metric’ is the highest priority • Manually set CSV network if not set properly: • Get-ClusterNetwork | ft Name, Metric, AutoMetric, Role • ( Get-ClusterNetwork “Cluster Network” ).Metric=900
CSV Performance Baseline • What is the data telling us? • Counters from Parent Partition: • Object: Physical Disk • Disk Reads/sec, Disk Writes/sec, Avg Disk Queue, Current Disk Queue • Multiple nodes are accessing the same CSV • Aggregate data across nodes • Reads/Sec, Writes/Sec • Disk latency issues • Check counters within VMs • http://blogs.technet.com/b/kaitling/archive/2011/02/11/deciphering-performance-data-csv-volumes.aspx
Networking • Best Scenario – 4 physical network access points • 1 – Virtual Machine Access • 2 – Management • 3 – Cluster and CSV • 4 – Live Migration • (5th network when using ISCSI) • Gigabit or faster NICs • Teaming ok – Ensure latest drivers, use good Server Class NICs • All nodes must be on the same ‘logical’ subnet • Configure Network Priority • Consider QoS policy for Live Migration Network • Ensure networks are aptly named • http://technet.microsoft.com/en-us/library/ff428137(WS.10).aspx
Other • Use Possible and Preferred Owners with VM resources • Proper Exclusion in Parent’s Anti-Virus • Proper Page File sizing on parent and VMs • Ensure proper amounts of RAM per node • Base performance on least powerful node (as applicable) • Each node must be able to handle the workload it may be given • SCVMM PRO and SCOM feature for load balancing • Use VMQ in place of Chimney Offload • More efficient copying between networks • With SP1 use MemoryReserve registry value on hosts
Hyper-V Cluster Best Practice Checks Microsoft Approved!
Hyper-V Health Check Performance monitor and PAL
Performance monitor and PALThings you must know • New PAL version available – http://pal.codeplex.com • Version 2.06 include Hyper-V R2 SP1 counters thresholds for Dynamic Memory analysis
Performance monitor and PALThings you must know • LPs and Hyper threading • Hyper threading is not multiplying processors for real • Capacity planning must be done without Hyperthreading • Support Statements are based on LPs/VPs ratios • 1:8 Ratio is the supported limit for Server Virtualizations scenarios • 1:12 Ratio is the supported limit for VDI scenarios with Windows 7 w/SP1 • > 32 Procs – Do NOT enable HT
Performance monitor and PALWhat to monitor • Host processes CPU consumption • “\Process\% Processor time” and “\Process\Working Set” to identify problems on the parent partition with monitoring agents, AV, drivers or other Apps • VHDs reads and writes profiling • “\Hyper-V Virtual Storage device\reads /sec and writes/sec” to identify what VMs or disks are demanding more IOs • VMs network adapters bandwidth profiling • “Hyper-V Virtual Network Adapter\Bytes/sec” to identify what VMs are demanding more bandwidth
Premier Hyper-V Health Check Ask your TAM Offering
Premier Hyper-V Health Check Offering • OS Configuration • Driver versions • Page file • Memory Dump • Service Packs and recommended Hotfixes • Antivirus Exclusion • Firewall settings • Storage • Storage Types • Connections • Network • Interface • Configuration • Virtual Switches
Premier Hyper-V Health Check Offering • Hyper-V Host configuration • Capacity Planning • Supportability issue • Virtual Machine • Configuration • Integration Components • Snapshots • Cluster • Configuration • CSV / Live Migration implementation • Disaster Recovery • Backup Method • Restore Method • Performance • Detailed performance analysis with “perfmon”
Related Content • VIR201 Virtualization: State of the Union • VIR306 Hyper-V and Dynamic Memory in Depth • VIR310 Inside the LAB: Building Your Own Private Cloud Infrastructure • VIR327 Hyper-V Cloud Fast Track: A Reference Architecture for Private • VIR371-HOL Simplify Windows Server 2008 R2 Migrations and Hyper-V Server Consolidation Assessments with the Microsoft Assessment and Planning (MAP) 5.5 Toolkit • C4E266 | Cram4Exam on Windows Server 2008 R2 Virtualization IT Professional Series: Exam 70-693 • TLC: VIR 18 Windows Server 2008 R2 Hyper –V Station
Track Resources • Don’t forget to visit the Cloud Power area within the TLC (Blue Section) to see product demos and speak with experts about the Server & Cloud Platform solutions that help drive your business forward. • You can also find the latest information about our products at the following links: • Cloud Power - http://www.microsoft.com/cloud/ • Private Cloud - http://www.microsoft.com/privatecloud/ • Windows Server - http://www.microsoft.com/windowsserver/ • Windows Azure - http://www.microsoft.com/windowsazure/ • Microsoft System Center - http://www.microsoft.com/systemcenter/ • Microsoft Forefront - http://www.microsoft.com/forefront/
Resources • Connect. Share. Discuss. http://northamerica.msteched.com Learning • Sessions On-Demand & Community • Microsoft Certification & Training Resources www.microsoft.com/teched www.microsoft.com/learning • Resources for IT Professionals • Resources for Developers http://microsoft.com/technet http://microsoft.com/msdn
© 2011 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.