Prepare Your Windows Server 2008 R2 for Hyper-V Role

**mauricio** · 17-09-2010

Microsoft made a major step forward in the world of virtualization with extensive integration of this technology in the latest generation of its server operating system, Windows Server 2008. This module virtualization will be available in final 180 days after leaving the operating system. A dedicated operating system called Microsoft Virtualization Hyper-V Server is also being prepared. This system will come later but we should not confuse Hyper-V (Windows feature 2008) and Hyper-V Server (stand-alone dedicated system).

Before going into the specifics of the implementation done by Microsoft, here is an overview of technologies and different implementations that are found on the market. Virtualization can be defined as a set of technologies to run multiple operating systems on one machine. For this, we pass by a virtual machine monitor (aka hypervisor or VMM) that will support virtualization and resource allocation of physical hardware. To achieve this goal it is necessary that the execution of processor instructions of the emulated system are not directly produced by the physical CPU that would go beyond the virtual machine monitor and interfere with the host system.

Advantages:

Cost reduction of hardware acquisition. The need is less important servers and use of materials and resources is optimized.
Reduced power consumption and space occupied by servers.
Simplifying the development of platforms for test or production by reducing the time to provision a server. The park management is easier machine which lightens the load of administrators.
Increased server availability with a cover of business faster than a physical machine.
Lower total cost of ownership or TCO (Total Cost of Ownership).

Hyper-V

Hyper-V is the new virtualization solution offered by Microsoft. It comes directly compete with the tenor of the field, VMware. The solution Microsoft has made in particular to operate only on the brand new 64-bit Windows Server 2008.

Better known as the hypervisor or Viridian, Hyper-V is completely integrated in Windows Server 2008. It allows the emulation of many virtual machines on one physical machine without having to install third party software. Each virtual machine runs in its own environment, which allows great flexibility to run multiple operating systems and applications.

Currently, a multitude of overlapping layers between the core operating system, device drivers, virtualization software and virtual machines. This mode adds to the performance of virtual machines that are found far from the material.

The architecture of Hyper-V is designed to give virtual machines access the most direct hardware of the physical machine by reducing the number of layers. For this, the primary operating system becomes a virtual machine (called parent) working at the same level as others. In this architecture, pilots are running in each virtual machine for quick access to devices.

Hyper-V is characterized by the following features:

Virtualizing physical servers 32 and 64 bits. Allows you to host virtual machines and 64-bit multiprocessor what Virtual Server does not allow.
Support for clustering virtual machines (up to 16 knots). Ensures high availability of virtualized machines. The functions of geo-cluster to implement the PRA (disaster recovery business) major.
New architecture of hardware support. Exploiting the dedicated instructions for virtualization in processors. Facilitates access to basic devices (disks, networking, video, etc..) And their use with the architecture VSP / VSC (supplier and customer of virtual services).

Advantages

Level of network security. On the one hand you can test new software, new updates, etc., before deploying them on your computer network. In addition, a cracker will have access to your virtual machines and not the host machine.
Better use of resources of your computer, save on your hardware (especially in energy, accounting software and hardware).
Isolation of concurrent users of the same machine.
Greater ease of installation, deployment and migration of virtual machines from one physical machine to another.
Unlike VMware, Hyper-V is completely free, available for download on the Microsoft site.

There are three main techniques for virtualization of x86 processor:

The emulation which aims to create a shell every processor instruction. The emulated machine instructions are never executed directly by the physical processor. This solution is very expensive resource, but allows complete independence between the architecture and physical architecture emulated (Examples include the emulation of an x86 processor on a PowerPC with Virtual PC for Mac).
Virtualization as we know it (with products like Virtual Server or VMware ESX) analysis to identify those instructions that are sensitive and emulates the operation thereof. Other instructions are executed by the processor which is less than penalizing all emulate.
Para-virtualization puts his hand up for communication between the virtual machine monitor (hypervisor) and the guest system (emulated). 17 instructions to avoid problems, the guest systems making calls to virtual machine monitor (hypercalls) to prevent it. This is the principle most efficient but requires a system modified to run emulated.
Regarding memory, we must catch accesses emulated environments to redirect them to areas dedicated memory. For disk controllers and network cards must be virtualized controllers to get the best performance. Most current products do eMule these devices, and thus lose much in performance.

INSTALL THE HYPER-V ON WINDOWS SERVER 2008 CORE

We will see how to install it on an infrastructure mode 2008 Core, i.e. without a GUI. I suggest you install Core version of Windows Server 2008 (Longhorn). The Core Version is a lighter version provided with options for facilities and minimum configurations. Configuration of components is done in command line only. This version is indeed free of Internet Explorer, Control Panel, and other GUI configuration tools.

This version is ideal for infrastructure components like Active Directory, LDAP, Distribution, Exchange, IIS or DNS, DHCP, etc. But the same is not suitable for applications such as Powershell,. NET is not implemented. Choosing the installation mode Core will be during the installation. You should know that this choice is irreversible. But before you start downloading an evaluation version of Windows Server 2008 (Longhorn) you can try a trail version just for testing the same.

Steps :

After download burn the iso image to DVD
We can then start the installation by booting from the DVD. The start is standard and similar to other systems offered by Microsoft.
Once the locale selected we'll go to the license window. During this installation I still in trial mode (30 days) not returning any registration information.
At this stage we will select the edition Core. I selected this version Standard Core Version.
The upgrade is only available from a server in 2003, I therefore continued in custom installation mode.
Select your system partition
And finally launch the installation
Installation is relatively quick and Core version takes fifteen minutes. During the installation process the system will reboot 2 times. Once finished, we finally arrive on the target Windows Server 2008 classic.
Like the standard version of Windows, you must authenticate with the administrator account without password.
If you want you can change the password. And it must be sufficiently long to be accepted.
I click OK and the desktop will load.

**mauricio** · 17-09-2010

HYPER-V: SERVER INSTALLATION TO THE FIRST GUEST

From current events, I list them here once a small road map with respect to the installation of a Windows Server 2008 systems with Hyper-V role. The steps listed here are no cockpit-order, they reflect only represents the path that is preferred by us. I will, as far as possible give reasons and explanations for each step so that the installation is as transparent as possible.

Enable Virtualization Technology in BIOS :

Enabling Execute Disable Bit "technology (name differs depending on the manufacturer, sometimes referred to as memory protection)
Installing a Windows Server 2008 x64 (version must include Hyper-V version (Standard, Enterprise or Data Center) does not matter)
The finished installed to the current patch level position (Partial certain patches installed until AFTER a successful activation of the operating system)
Check whether (at least) Update KB950050 was installed (RTM version of the hypervisor, in the RTM of Windows Server 2008 is a beta version of the hypervisor contain. This is recommended the following items list of Hyper-V updates )
Enabling Hyper-V role
Setting the Hyper-V Network
Setting the default paths for virtual machine and snapshot files
Create a new virtual machine (if the virtual machine will not start check point 1 and 2. It is important in this case, after the turn of the technologies of computer once made OFF, a simple restart from the bios does not bring out success)

Getting Started with Windows Server 2008

If you install the Core version on Windows Server 2008 for the first time, you probably feel like a huge vacuum. Graphical tools (GUI) that you were so familiar (Control Panel, the management tool of the workstation, the shell, Internet Explorer, etc. ) have completely disappeared.

There remains only the command prompt (prompt) to satisfy us, and that's the whole philosophy of this security issue is particularly suited to the implementation of infrastructure components (DHCP / DNS / Active Directory / files /).

Here the below steps will provide with the very first simple administrative tasks that you must do before going into the world of Server Core .

You can configure the following things :

Display the server name
Rename the server
Configure the network interface
Join the server to an Active Directory
Change the administrator account password do

Installing Windows Server 2008

Insert the DVD into the drive and reboot the PC
Choose the language, date format and currency and keyboard:

Choose Install

Enter the product key or no key for an evaluation. If you have not entered a key, then you must choose the version of Windows Installer, if the latter is imposed by the key and you have the choice between the Core version (translated Core installation) or complete installation.
Choose the type of installation (Upgrade option is available only with a launch of the program from a version of Windows installed on the hard drive).
The choice options also lets you access the creation or extension of partition, or formatting
Pressing next starts the installation.

Commands

In the command prompt type:
Display the server name

Code:

C: \> hostname

Rename the server

Code:

C: \> netdom renamecomputer% computername% / newname: SRV2008

Configure the network interface

Code:

C: \> ipconfig

Default DHCP is enabled, if you are logged in and you have a DHCP service running on your network you should get an address of your network. Otherwise an address type will be assigned APIPA (169.254.xx). This will show the names of the available interfaces to locate the interface you want to configure.

Code:

C: \> netsh interface ipv4 show interfaces

Then you can configure the interface corresponding to our local network by specifying an IP address, mask and gateway on the interface 2.

Code:

C: \> netsh interface ipv4 set address 2 source = static address = 192.168.0.1 mask = 255.255.255.0 gateway = 192.168.0.254

Then adding the address of a primary DNS server in our network

Code:

C: \> netsh interface ipv4 add dnsserver name address = 192.168.0.21 = 2 index = 1

Adding Secondary DNS Server

Code:

C: \> netsh interface ipv4 add dnsserver name address = 192.168.0.22 = 2 index = 2

Check again all by

Code:

C: \> ipconfig / all

Join the server to an Active[/CODE] Directory
You can then join you machine to a domain named domlab.com using a domain administrator account.

Code:

C: \> netdom join% computername% / domain: domlab.com / userd: administrator / passwordd: *

A quick application of typing the password for the administrator account and then to restart the system before the changes are taken into account. For that I type the following command:

Code:

C: \> shutdown / r / t 0

Change the password administrator account
During the installation you have already changed the password for the administrator account, but here's how to change the command line.

Code:

C: \> net user administrator *

**mauricio** · 17-09-2010

CONFIGURING HYPER-V

Now let start by configuring the hypervisor hosting virtual machines. Open the Hyper-V Manager console and select the action bar Hyper-V Settings. Configure the directories for storing virtual disks and virtual machines (configuration files). You can also configure other settings like the shortcut to release the mouse, or behavior with the authentication information.

Also on the Hyper-V Manager console, select the action bar Virtual Network Manager. By using this handler, create the different networks you need for infrastructure (external, internal or private). You'll need to create such a network external to the virtual machines can communicate with the rest of the network.

Adding permissions to the server Web Access server Connection Broker :

Before proceeding in order that the server can interact RD Web Access server and configure the RD Connection Broker, we will have to add the server's computer account RD Web Access security group local TS Web Access Computers Server Connection Broker DR. To do this, connect to server Connection Broker DR.
Open the Control Panel, select Administrative Tools then select Computer Management.
The console Computer Management click Local Users and Groups then Groups.
Click the group TS Web Access Computers, add the computer account Server Connection Broker RD.

Configuring the Remote Desktop Web Access role :

The objective of this part is to configure the Remote Desktop Web Access role for a functioning part of the VDI.
Before embarking on the configuration of R & D Web Access, we will export the certificate to the machine so that it can be added on different clients. This will allow different customers to approve the R & D Web Portal Access. However, this does not apply if you chose the scenario of using a certificate after a public certification authority or if you use your internal CA, and approved by clients.
Connect to server Remote Desktop Web Access, open the Microsoft Management Console (MMC). Add the snap Certificates. Choose to administer the certificates machine account.
The component responsible, expand "Certificates => Personal => Certificates.
Right click on the certificate of the machine (with its FQDN) and select 'All Tasks > Export.
The Certificate Export Wizard opens, skip the Welcome screen.
Pass the screen Export Private Key making sure that the option No, do not export the private key is selected.
On the Export File Format, select DER encodaged binary X.509 (. RECs) and proceed to next step.
On the screen File to Export, select the path and name of the exported certificate. Then complete the export by selecting Finish.
Once the exported certificate, keep it aside for further implementation.
We now set up a source for the Remote Desktop Web Access server.
Click Start, then Administrative Tools, select Services and then open Remote Desktop Remote Desktop Web Access configuration.
Internet Explorer opens with access to the portal R & D Web Access, click on Continue to this website (not recommended).
Enter the login of the administrator of the estate. On the main page, select the Configuration tab.
Then select an R & D Connection Broker server and enter in the "Source Name" NetBIOS name or fully qualified domain of the machine hosting the R & D role Connection Broker.
Click OK to confirm. This operation will configure the portal server but also the Remote Desktop Connection Broker for him to specify the machine acting as a gateway.

Configuring the Remote Desktop Connection Broker role :

The next step will allow us to configure the Remote Desktop Connection Broker role so that it can operate within the framework of virtual desktops offered by Microsoft VDI.
You just connect to the server hosting this role and open the administrative console Remote Desktop Connection Manager. For that go to Start > All Programs > Admin Tools > Remote Desktop Services > Remote Desktop Connection Manager.
Open the console, right-click the node Remote Desktop Connection Manager and select Configure Virtual Desktops.
The Configuration Wizard opens virtual office, read the screen "Before You Begin.
In step Specify year R & D Virtualization Host Server, enter the hostname of the server that hosts the Hyper-V role Remote Desktop Virtualization Host and click Add.
Add as many servers Hyper-V you need for your infrastructure. This depends on the number of virtual desktops you want to provide.
On the screen Configure Redirection Settings, here you must enter the server information for specifying the server Host Session DR.
Before completing this screen, if you want to make the feature available to customers using Remote Desktop Connection (RDC) 6.1, we will have to configure an alternate name for this server.
To do this, go to the console of your DNS server (DNS Manager).
Add a Record Type Alias (CNAME) for the Host Server Remote Desktop Session (in my case RDSSH-WT) by specifying an alternate name. Personally, I chose to WT-TSSH TerminalServerSessionHost.
Once this configuration is done, return to the setup wizard on the server DR Connection Broker. In the field Server Name, enter the fully qualified domain name (FQDN) of your Server Remote Desktop Session Host.
If you have customers using Remote Desktop Connection (RDC) 6.1, check Enable redirect DRC for Earlier Versions and specify the alternate name previously configured.
Finally in the Automatic Configuration, make sure the box Do not automatically configure to the wizard automatically configures the Server Remote Desktop Session Host redirection mode. If you want to handle this manually.
Reminder: Note that a server using Remote Desktop Session Host in VDI mode redirection cannot use the sessions to access applications hosted on that server.
The step Specify an R & D Web Access Server does not require any operation since the specification of the portal Web Access server Connection Broker DR was operated under the previous section. However, if you have not followed my instructions above, you can specify the server name RD Web Access. I also invite you to see the previous section as to configure the access permissions to the server R & D Web Access.
Finally on the screen Confirm Changes, confirm the configuration by clicking Apply
On the summary page, make sure all settings are in green and click on Finish

Organization of Active Directory :

Make a point side Active Directory, this part is written purely for informational purposes.
Each site contains a folder Groups, Servers, Users, Workstations. The Servers folder contains a folder containing all the RDS server has a role in RDS. The container contains a Workstations OU "VDI VMs. The same container has two organizational units for each type of operating system. The goal of course is separate virtual machines from the rest of VDI workstations, differentiating between the operating system they propose.
I created a GPO to distribute the certificate of the machine R & D Web Access to workstations in my organization so that they have no problem with the certificate when using the portal.
I also created a GPO for VDI VMs to allow Remote Desktop connections through the firewall and the firewall for advanced Windows 7 and the Firewall Classic Windows XP.

Customizing the Web Access RD :
[LIST]

Connect to server Remote Desktop Connection Broker. Open the administrative console "Remote Desktop Connection Manager. (Start > All Programs > Admin Tools > Remote Desktop Services > Remote Desktop Connection Manager).
Open the console, open the tree Remote Desktop Connection Manager and select Change in the Properties next to Display Name. The properties window opens Connection RemoteApp and Desktop, change the display name by specifying the name of your company.
Make sure the fully qualified domain name (FQDN) is entered in the Connection ID.
In the R & D Web Access, verify that the Remote Desktop Web Access servers are present in the list. You can add servers DR Web Access as needed in order to give them the necessary information (pool of virtual offices, virtual offices personal ) to access resources.

Configurations of virtual desktops

To do this, connect to server Remote Desktop Connection Broker. Open the administrative console Remote Desktop Connection Manager (Start > All Programs > Admin Tools > Remote Desktop Services > Remote Desktop Connection Manager).
Open the console, open the tree Remote Desktop Connection Manager > RD Virtualization Host Servers. Right click on R & D Virtualization Host Servers and select Create Virtual Desktop Pool. The properties window opens virtual office.
On the tab Forwarding Settings, verify that the server name is the fully qualified domain name server Host Session DR. You can also specify an alternative name to enable the customer support RDC 6.1 or less.
The tab DR Gateway Settings allows you to specify settings related to Remote Desktop gateway (Gateway RD). You can automatically detect the server settings RD Gateway or specify the settings manually.
Finally, the tab Digital Signature is used to sign the RDP file communicated to customers (through the portal Web Access or feed aggregation RemoteApp and Remote Desktop Connections). This adds extra security to your infrastructure. You then add the fingerprint of the certificate so that it is approved by clients of the domain.

**mauricio** · 17-09-2010

Upgrade

During the upgrade, the report on compatibility issues informs you that you must remove the Hyper-V using the Server Manager before proceeding with the upgrade. This operation is not necessary. However, before continuing with the upgrade, note the following:

All virtual machines must be stopped before the upgrade. The functionality of the states of storage (saved state) is inconsistent between Windows Server 2008 and Windows Server 2008 R2. If the parent partition is upgraded with a virtual machine in a saved state, you must click the right mouse button on the virtual machine and click Ignore the state of storage to enable the virtual machine.

The functionality of the control points (snapshots under Hyper-V) is not fully compatible with Windows Server 2008 and Windows Server 2008 R2. Virtual machines boot up fine with a checkpoint (snapshot) was achieved when the virtual machines were turned off. This is indicated in the Manager Hyper-V by a green arrow, located below the control point, which points to now.

After importing upgraded the host server, update the integration services. To do this, open the Virtual Machine Connection, click the button to insert the installation disc integration services in the Action menu. On a Windows Server 2008 R2 integration services for Windows Vista and Windows Server 2008 will be listed in the Programs and Features under number KB955484.

Hyper-V requires the following minimum hardware configuration for installation:

64-bit processor. Indeed, the hypervisor will only work with 64-bit platforms such as Windows Server 2008 x64 Standard, Windows Server 2008 x64 Enterprise and Windows Server 2008 Datacenter x64.
A hardware-assisted AMD Virtualization-V (AMD Virtualization, known by the code name "Pacifica") or Intel VT (Virtualization Technology).
Physical protection of the performance data (This feature prevents the CPU to execute instructions in memory that have not been charged as a program but as data).

Regarding costs, the price is very attractive because the license will be $ 28. This license will include not only the rights to use the Hyper-V but also licenses for virtual instances that execute. The instance number included with the license varies depending on the editions of Windows Server 2008. In this case:

A virtual instance for Windows Server 2008 Standard.
Four virtual instances for Windows Server 2008 Enterprise.

Virtual Server

Microsoft offers Virtual Server and Virtual PC for quite some time for the hardware virtualization software, but this was not generally suitable for businesses with high quality standards. As part of Windows Server 2008, the Redmond Company, the beta version of a new virtualization technology called Hyper-V have adopted. The final version is scheduled within 180 days after the launch of Windows Server 2008 be available.

Hyper-V is - as the name suggests - a so-called hypervisor. This defines itself as virtualization and abstraction layer between the hardware and the Windows operating system. The hypervisor software is less than 1 MB in size and is only 64-bit version of Windows Server 2008 or Windows Server 2008 Core than on role . activate Windows Server 2008 Core is a "stripped down" version of the operating system, the more the familiar graphical user interface has not, but only text-based user interface has one. The resulting resource requirements of such a system is much lower, and the attack surface for malware is thus reduced considerably.

Enabling Hyper-V is possible only if the used physical processor based 64-bit and virtualization support on special extensions. For Intel this is VT (codenamed Vanderpool) and AMD with AMD-V (code-named Pacifica) realized with. Before Hyper-V can be set up on a server, level, and these virtualization capabilities on the CPU may be the BIOS to enable it on. This, however, depends on the server hardware manufacturer. The associated processor extensions then take over the tasks of virtualization, which are difficult or inefficient are implemented in software.