In this topic, I will migrate SETs created from hosts (standard switch) to SETs managed by VMM (logical switch). I will not use the new feature of VMM that enables to migrate from a standard switch to a logical switch automatically.

Lab overview

To write this topic, I have deployed a Three-Nodes Hyper-V cluster (this is a hyperconverged cluster because I use also Storage Spaces Direct on these nodes). On each node I have deployed a Switch Embedded Teaming called SW-1G. Two NICs called LAN01 and LAN02, are members of this SET. This SET manages the following networks:

• Management-0: 10.10.0.0/24, VID 10 (Native VLAN)
• DMZ-20: 10.10.1.0/24, VID: 20
• Cluster-100: 10.10.100.0/24, VID 100

Logical switch creation

Since VMM 2016 TP5 Cumulative Update 2, you can select Embedded Teaming in Uplink mode when you create a logical switch. Before creating the logical switch, you have to create the logical network, port profile, IP Address Pool and so on. For further information about the network management in VMM, you can read this topic.

Then add the classifications and the virtual ports that part to the logical switch.

In Virtual Machine Manager TP5, you can now specify the vNICs that will be created on the hosts in the logical switch wizard. In this way, you have not to specify anymore the vNIC to create in each host properties. When you will apply the virtual switch to the host, the vNIC will be automatically created regarding this configuration.

Add nodes to Virtual Machine Manager

Once the virtual switch is created, you can add the Hyper-v hosts to VMM. Select a host group, and select Add Hyper-V Hosts and Cluster.

Then specify the name of each Hyper-V host and click on next. Don’t forget to add the run as service acount to local administrator of each node.

Once the nodes are added, the virtual machines are in Unsupported Cluster configuration due to network configuration.

Manage Switch Embedded Teaming from VMM

Before managing SET from VMM, I remove a NIC from the SET. Then I rename it to Old_SW-1G to avoid conflict with the logical switch name.

Then I come back to VMM and I edit the properties of a Hyper-V host. I add the logical switch called SW-1G. I specify the physical adapters that I have removed from Old_Sw-1G. As you can see below, the vNIC will be created automatically.

Once the logical switch is created, I come back to the PowerShell session of the Hyper-V host to check the VMSwitch configuration. As you can see below, the EmbeddedTeaming property is set to True.

You can repeat these steps in each Hyper-V host properties.

Change the VM’s virtual switch

Before removing the old VMSwitch, we have to change the virtual switch in each VM. Because the VMs are still in unsupported configuration in the cluster, I change the setting from the failover cluster console. For each VM and each network adapter, I change the virtual switch to SW-1G.

Next I refresh each VM in VMM console. Then the VMs are not anymore in an unsupported configuration.

Then I edit again the network adapters properties of each VM from VMM to set the right classification.

Delete the standard switch

Once the VMs are well configured, I edit the Hyper-V host properties from VMM console. Then I remove the Old_SW-1G standard switch.

Once the Old_SW-1G is removed, I edit again the Hyper-V host properties to add the second physical adapter to SW-1G logical switch.

In the same time, I verify the IP address of each vNIC and I associate the wanted IP address.

As you can see below, the vNIC IP addresses are well configured and the VMSwitch is composed of the two physical network adapters.

You can repeat these steps for each Hyper-V host.

Conclusion

Since VMM TP5, we are able to manage from VMM the Switch Embedded Teaming (SET). SET brings the support of features as RDMA or RSS on vNIC in the parent partition. So I recommend in Windows Server 2016 to use SET instead of classical network teaming. Now that it is supported in VMM, there is no reason to not use SET J

The post Manage Switch Embedded Teaming from VMM 2016 appeared first on Tech-Coffee.

Requirements

To follow this topic you need:

• A Scale-Out File Server implementation. In this topic I use storage space direct;
• A Virtual Machine Manager 2012R2 Update Rollup 8 installation (on my side I’m in Technical Preview 3).

Storage Space Direct implementation

To make this topic, I have deployed four virtual machines on Windows Server 2016 Technical Preview 3. These machine are in a cluster called HyperConverged.int.homecloud.net. I have installed Hyper-V and File Servers role on these servers because it is a POC for Hyper-Convergence (I’m waiting for nested Hyper-V on Windows Server J). Each virtual machine is connected to 5 disks of 40GB.

Each server is connected to four networks.

• Cluster: cluster communication;
• Management: AD, RDP, MMC and so on;
• Storage: dedicated network between Hyper-V and cluster for storage workloads;
• Live-Migration: dedicated network to migrate VM from one host to another.

The Scale-Out File Server role is deployed in the cluster. I called it VMSto. VMSto can be reachable from storage network.

To finish, I have added a vmm runas account in the Administrators group in each server.

Manage Storage Space Direct

Now I’m connecting to Virtual Machine Manager in the Fabric. I add a Storage Device (right click on Arrays, Add Storage Devices).

Next select the provider type. With Scale-Out File Server, select Windows-Based File Server.

Next type the cluster name and select the RunAs account related to the account that you have added in local Administrators group in each server.

Then the Scale-Out File Server should be discovered with 0GB capacity. It is because there is no Storage Pool created yet. Just click on next.

Then select the Scale-Out File Server to place under management and click on next.

Once the storage device is added to VMM, you can navigate to File Servers and right click on the device. Select Manage Pools.

In the next window, there is the list of storage pool. Because no storage pool is created nothing appears. So click on New to create a storage pool.

Give a name to the storage pool and select a classification.

Then select disks that will be in this storage pool.

To finish you can specify the Interleave.

Once the storage pool is created, you should see it in Storage Pools window as below.

Next run a rescan on the provider and navigate to Array. Now a pool is managed by VMM.

Moreover it has been added to the right classification.

Now, I create a file share to store my VMs. So I select create file share. I give a name to the share and I select a storage pool.

Then I specify a size for the volume, a file system, the resiliency and an allocation unit size. If you have SSD and HDD in the pool, VMM will ask you if you want to Enable Storage Tiers.

Once the share is created, a new LUN (in fact it is a Cluster Share Volume) is added under the storage pool.

In File Share view, you should have your new File Share.

Now you have just to add the share in the Hyper-V configuration as below.

Now you can deploy VMs in this share as you can see below.

Overview in Failover Clustering console

If we come back in the failover clustering console, you should retrieve the Storage Pool, CSV and share that we have created from VMM. First if you navigate to Pools, you should have a new storage pool called Bronze-Tier01.

Then in Disks, you should have a new CSV belonging to your storage pool.

To finish, if you navigate to the Scale-Out File Server role and you select share tab, you should see the new file share.

Manage using PowerShell

Create the storage Pool

You can list disks available from VMM to add them to a storage pool. For that I used Get-SCStoragePhysicalDisk cmdlet.

Then I use the below script to create a storage pool with the selected physical disk.

$storageArray = Get-SCStorageArray -Name "Clustered Windows Storage on HyperConverged"
$disksToAdd = @()
$disksToAdd += Get-SCStoragePhysicalDisk -ID "69d0702d-5de1-4ac4-82f2-224d1b47676c"
$disksToAdd += Get-SCStoragePhysicalDisk -ID "a77c70bd-96df-482c-87e2-314f288e7142"
$disksToAdd += Get-SCStoragePhysicalDisk -ID "cb94acd1-4269-4db5-bab9-42aeea1897dd"
$disksToAdd += Get-SCStoragePhysicalDisk -ID "97dd5243-7502-48cc-9302-433288a487f3"
$disksToAdd += Get-SCStoragePhysicalDisk -ID "e44d24ab-9e47-44bd-94ea-5d57f25d8d66"
$disksToAdd += Get-SCStoragePhysicalDisk -ID "c77e6d97-e7c7-4d88-abd8-72ffe468418d"
$disksToAdd += Get-SCStoragePhysicalDisk -ID "90d7408f-d7be-4aaf-b88c-7cb3c0860c2e"
$disksToAdd += Get-SCStoragePhysicalDisk -ID "5b6217ce-5eff-489c-b074-c97c64c9d1c6"
$classification = Get-SCStorageClassification -Name "Bronze"
$pool_0 = New-SCStoragePool -Name "Bronze-Tier01" -StoragePhysicalDisk $disksToAdd -StorageArray $storageArray -StorageClassification $classification

Create the file share

To create the file share in a storage pool, I use the New-SCStorageFileShare cmdlet as below.

$storageFileServer = Get-SCStorageFileServer -Name VMSto.int.HomeCloud.net
$storagePool = Get-SCStoragePool -name "Bronze-Tier01"
$storageClassification = Get-SCStorageClassification -Name "Bronze"
$storageFileShare = New-SCStorageFileShare -StorageFileServer $storageFileServer -StoragePool $storagePool -Name "Bronze01" -Description "" -SizeMB 102400 -RunAsynchronously -FileSystem "CSVFS_ReFS" -ResiliencySettingName "Mirror" -PhysicalDiskRedundancy "2" -AllocationUnitSizeKB "64" -StorageClassification $storageClassification

The post Manage Storage Space Direct from Virtual Machine Manager appeared first on Tech-Coffee.

Create Gen 2 VM though VM Role

Since Update Rollup 6 of Windows Azure Pack, it is possible to deploy Gen2 virtual machines through VM Roles. So in the first place I set my VHDX syspreped from a Gen2 virtual machine. For that I run the below PowerShell script. This script set the Family Name, the tags, the release version, the product key and the Operating System on the VHDX located in the VMM library.

$LibraryServers = "library.home.net"
$VHDName = "Gen2-W2012R2"
$FamilyName = "Windows Server 2012 Datacenter"
$Release = "1.0.0.0"
$Tags = "WindowsServer2012"
$AVMAKey = "Y4TGP-NPTV9-HTC2H-7MGQ3-DV4TW"
$MyVHDX = Get-SCVirtualHardDisk | where {$_.Name –eq $VHDName}
$2K12DC = Get-SCOperatingSystem | where { $_.name –eq '64-bit edition of Windows Server 2012 Datacenter'}
Foreach ($Library in $LibraryServers){
    $MyVHDX = Get-SCVirtualHardDisk | where {($_.Name –eq $VHDName) -and ($_.LibraryServer -contains $Library)}
    $oTags = $myVHDX.Tag
    if ( $otags -cnotcontains $Tags ) { $otags += @($Tags) }
    Set-scvirtualharddisk –virtualharddisk $MyVHDX `
                          –OperatingSystem $2K12DC `
                          -FamilyName $FamilyName `
                          -Release $Release `
                          -Tag $oTags `
                          -ProductKey $AVMAKey
}

Then we have to configure a Custom “Cloud” Properties in order to enable the support of Gen2 VM though VM Role. So edit a Cloud from VMM console and select Custom Properties. Then click on Add. On the next window, select Cloud Object Type and click on create. Specify SupportedVMGenerationForVMRole as Name and specify a description. When you have clicked on ok, select your new property and click on Add.

To finish with the Cloud configuration, specify the value 2 on the SupportedVMGenerationForVmRole property.

Next, open the Windows Azure Pack tenant portal, and create a new VM Role. Now you should be able to select your Gen2 VHDX in Operating System Disk menu.

When the VM Role provisioning is finished, you should have a VM in Gen2 J.

The post Deploy Gen2 VM through VM Role in WAP UR6 appeared first on Tech-Coffee.

Requirements

• An operational System Center Virtual Machine Manager up to date;
• An operational System Center Operations Manager up to date;
• (Optional) An operational SCOM reporting service (SSRS) with a SQL Server Analysis Service (SSAS) (the SSRS and SSAS must have the same instance name). The SSRS must allow report access on port 80 (HTTP).

Install the Operations Manager console on VMM servers

The first step is to install the Operations Manager console on all VMM servers. So if you have several VMM node members of a failover cluster, you have to install the Operations Manager console on each node. So mount the SCOM ISO and install the console:

Once the Operations Manager console is installed, you should update it to the same rollup update than your management server.

Import required management packs

First download these management packs:

• Management Pack for SQL Server;
• Management pack for Windows Server Operating System.

Next extract and import these management packs from SCOM console:

Add them from disk.

Once you have selected all files from both management packs, just click on import.

Repeat the above procedure but this time instead of adding management pack from disk, select add from the catalog. Search the below management packs:

• Windows Server Internet Information Services Library;
• Windows Server Internet Information Services 2003;
• Windows Server 2008 Internet Information Services 7;

Once you have found them, you can import them.

Credentials

To connect Virtual Machine Manager to SCOM, we need an account in the Administrator user role from Virtual Machine Manager. On my side I have added the account Home\sa-omg-mgtact to VMM administrator user role.

Next in Operations Manager, I add the group Home\GG-VMMADM to the Operations Manager Administrators user role. This group contains a service account used by VMM.

Connect Virtual Machine Manager to SCOM

In Virtual Machine Manager console, navigate to settings and System Center Settings. Then right click on Operation Manager Server and click on properties.

First screen details requirements to connect Virtual Machine Manager to Operations Manager. Verify that all is ok and click on next.

Next specify the server name of a management server and select the Run As account that has been added to Operations Manager Administrators user role.

Then specify an Operations Manager account that will be used to connect to Virtual Machine Manager. If you have not already added it to VMM Administrators user role, the wizard will add it for you.

Once Virtual Machine Manager and Operations Manager are connected, you can right click on Operations Manager settings and properties again. The connection status should indicate OK.

SQL Server Analysis Services

First connect to your Analysis Service and add a VMM Run As account to the Server Administrators:

Next you have to install Microsoft® SQL Server® 2012 Analysis Management Objects on each VMM server node.

Come back to the Virtual Machine Manager console and edit properties of Operation Manager Settings. Next select SQL Server Analysis Services. Specify the server that hosts the SCOM Reporting Service and the Analysis Service. Then specify the SSAS instance name, the port (0 means default port) and the Run As account with administrative privilege on SSAS instance.

Be careful, the instance name between the Analysis Service and the Reporting Service must be the same. Moreover the Reporting Service must allow report access on port 80 by HTTP. For further information you can read this TechNet topic.

Monitor Virtual Machine Manager

First thing enabled from Virtual Machine Manager is the Performances and Resources Optimization (PRO). It indicates issues on Hyper-V hosts or Virtual Machines as below.

Next if you navigate in the SCOM console you should have three new folders:

First a diagram view is available that shows what is monitored in the virtualized infrastructure.

Next many monitors are available to check the health of components managed by Virtual Machine Manager. Below you have three examples: the clouds, the hosts and the virtual machine health.

Some performance counters are also available. Below this is an example of performance counters about Hyper-V host free memory and network packets received by a virtual machine.

Import management pack for VMM host and Virtual Machine dashboards

In May 2014, new dashboards were available for Virtual Machine Manager. These dashboards look better than the others. So why not install them? J

Before importing this management pack, make sure that your management server is updated to at least the rollup update 2. Moreover this management pack requires Component Library Management Pack. You can import this management pack from this path:

<Install Dir>\Microsoft System Center 2012 R2\Operations Manager\Server\Management Packs for Update Rollups

Once you have imported this management pack, you can download the management pack for Virtual Machine Manager host and Virtual Machine dashboards here. Next extract it and import it from the SCOM console.

Once the management pack is imported, you should have two new dashboards:

Below this is the VMM Host dashboard J.

The post Monitor Virtual Machine Manager from SCOM appeared first on Tech-Coffee.

• Virtual Machine Manager: KB2992024
• Service Provider Foundation: KB2992021
• Operations Manager: KB2992020
• Service Reporting: KB2992025
• Data Protection Manager: KB3009516
• Service Manager: KB2989601
• Windows Azure Pack: KB2992027
• Windows Azure Pack Websites: KB2992029

I will try these updates this week-end so stay tuned

The post Update Rollup 4 released for System Center 2012R2 and Windows Azure Pack appeared first on Tech-Coffee.

Online backup with Windows Azure has some limitation:

• A disk pool is necessary
• Only primary server can use Windows Azure
• Only two recovery points per day can be created
• The retention range maximum is 120 days (448 days for disk)
• Only Hyper-V SQL and files can be protected in Azure

Before that you install Windows Azure Backup Agent, DPM shows below information:

So first, we have to configure Windows Azure. The first step is to upload the computer certificate, and next to download Windows Azure Backup Agent.

Windows Azure side configuration

First I have created recovery services (create a new vault). I have called this server AzureBackup.

When you click on your service, you have information about the steps to follow to configure your recovery service. First it is necessary to upload the computer certificate. Mine is called DPM1.fabrikam.com.cer.

I have an AD CS on my lab infrastructure so I have enroll my DPM server. I have uploaded the above certificate. Once you have upload your certificate, click on Download Agent (Agent for Windows Server and System Center – Data Protection Manager).

That’s all about Windows Azure configuration. Pretty easy no?

Data Protection Manager server configuration

Now it’s time to configure DPM server. First it is necessary to install the Windows Azure Backup Agent. The file is called WABInstaller.

After that the agent is installed, open your DPM administrator console and open Management tab. Now the Azure Backup Agent version is filled. So click on Register to connect your DPM server to Windows Azure.

Select your certificate locally. DPM requests Azure to find the same certificate. Previously we have uploaded the same in Azure so DPM finds a match with AzureBackup recovery service.

Next configure your proxy configuration.

Then configure Throttling settings. This is a feature that limits the bandwidth consumption. You can declare work hours and days and limit bandwidth for work hours and non-work hours.

Next specify a recovery folder that will be used as a temporary location for recovery. When you recover a data sources from Windows Azure, files will be copied on this temporary folder first. When data sources will be recovered, the temporary data will be cleaned up.

Next specify a passphrase to encrypt your data in Windows Azure.

Now you have a new storage support for your protection groups.

Now that DPM is registered for online storage, you can find a reference to your server in Windows Azure. Click on your Recovery Service Dashboard:

 Use Windows Azure with Data Protection Manager

To test the Windows Azure and DPM configuration, I create a protection group to use my online storage. If you don’t know how to create protection group, please view this topic. On Select Group Members screen, I select the temp folder of hyperV01 server. I use a small folder because the goal is to test the solution.

Next I choose to protect my data with online protection.

If you have many data sources in your protection group, it is possible to select only the most critical of them.

Configure the Online protection Goals as short-term goals.

Once you have created your protection group, it appears in Protection tab and the online Protection should be enabled.

The post Use Windows Azure with Data Protection Manager appeared first on Tech-Coffee.

DPM can store backup on disk (disk-to-disk or D2D), on library tape (disk-to-tape or D2T) or on Windows Azure (disk-to-cloud or D2C). These supports can be mixed for high availability: so it is possible to perform D2D2D backup or D2D2T etc. The latest best practice about backup is called 3.2.1 and says that:

• Perform 3 backups.
  
• On 2 different support.
  
• Store replica on 1 remote site.
  

This article is focusing on short-term protection with D2D support to explain protection group (and because I do not have a library tape J).

Disk-to-Disk protection process

When you create a protection group, an initial replica of data protected is created. Then the DPM agent tracks every change on data sources to transfer modification to replica, block per block though DPM server. That means that only changes are synchronized. Then a recovery point is created from the synchronized replica. A recovery point is a point in time from which you can perform a recovery of your data. The scheduling for recovery points creation is configurable.

To synchronize the replica, there are two ways in DPM: the synchronization and the express full backup. The synchronization tracks journal change in the Operating System or in applications and transfer only modification block per block. On express full backup, a full volume shadow copy is created but only changes are transferred. Some applications don’t support the synchronization (such as SQL Server in Simple Recovery Model) so the express full backup is very useful in this case.

Data protected by DPM

DPM can protect Microsoft Exchange, SQL Server, Hyper-V (and virtual machines), SharePoint, File Servers and System State. Thanks to System State protection, Active Directory databases can be saved (including AD DS, AD CS and AD LDS). To finish, DPM can protect and recover a machine as a Bare-Metal. That means that if the machine is broken and need a recovery, this last not need the DPM agent to be restored.

Protection group parameters

Protection group type

This setting defines which kind of machines is saved: Servers or Clients. The Server type is used to save file servers or application servers. You can save SQL databases, files, Hyper-V virtual machines, system states etc. Client type enables to save workstations (laptops or desktops).

Group Members

This setting defines the collection of data sources that you backup. Because that data sources share the same configuration in a protection group, these last are usually the same kind of data. For example to backup Active Directory, a protection group will be created to save system state of domain controller. In this example, the system state is the data source.

Data Protection Method

This is here that you choose short-term or long-term protection. When you choose short-term protection you can select the backup support (disk, tape or cloud) while when you select long-term protection you have to own a tape library.

Protection goals (Short-Term)

In this section you can define the retention range, the synchronization and full express backup frequency for files data and application data.

Protection group preparation table

Below an example of how to prepare your short-term protection groups:

I have based the recovery point on the synchronization frequency because in this example, databases support incremental backup using transaction logs in MSSQL. If your databases don’t support incremental (log shipping or Simple Recovery Model), synchronization cannot be used and Express full backup frequency should be increased.

On next section I will implement a protection group based on this table.

Protection group example: MSSQL databases backup

To create a Protection Group, click on Protection tab and select New. I assume that you have created a storage pool in DPM before performing the protection group creation.

To backup MSSQL databases, select the protection group type called Servers.

Then I select databases that I want a backup on my SQL server called VMSQL01. Once data sources are selected, they appear in Selected members list.

Next, type your protection group name and select the protection method. Here I want to perform a D2D backup and a short-term protection.

Then choose your short-term goals. In the below example, I synchronize the replica every 15mn and I create the recovery point every synchronization. An express full backup is performed every day at 20:200. To finish the retention range of recovery point is set to 7 days.

On the next screen, set the disk allocation. You can enable the auto grow of your replica volume and choose to co-locate data.

Next choose when you want to create the initial replica.

Then choose when to run a consistency check: only when a replica becomes inconsistent or on scheduling. The schedule method adds more CPU workload.

Once the protection group is created, the initial replica is created for each data source.

Below, the ReportServer database is protected by a replica and 3 recovery points have been created.

The post Protection groups in Data Protection Manager appeared first on Tech-Coffee.

Now that network configuration is done in VMM fabric, it’s time to prepare the OS deployment. As other OS deployment, a PXE server must be installed and a baseline image should be created. To finish, a Physical Computer Profile will be set to automate the network configuration and some other settings (product key, password etc.).

Add a PXE server to Virtual Machine Manager

To deploy WInPE and VHDX file through the network, a WDS (Windows Deployment Services) server is needed. WDS is a Windows Server role:

Once it is installed, make the first configuration and start the service. Once WDS is installed and prepared you can come back to VMM Fabric. Right click on PXE Servers as below and select Add PXE Server.

Specify the WDS server name and a user account with enough privilege on WDS. When you click on “Add”, you will see the deployment of some image as WinPE. This WinPE is a special version for VMM. When the setting is done successfully, the PXE server appears in VMM as below.

Create a VHDX Syspreped

A VHDX syspreped is necessary for Bare-Metal deployment. This file contains the operating system with some specific settings that you have configured. On my side, I have added the Failover Cluster feature, the OS has been updated with the last patches and I have created a c:\temp folder. To finish I have disabled the firewall for all profiles. This last will be reactivated after that host servers have joined the domain with GPO.

So to prepare an Operating System as I want, I create a Virtual Machine that I called _Baseline – Core – W2012R2 – DTC. I make all change that I want. And when I have finished I shut down the VM. I shutdown the VM because before launch a sysprep, I create a clone of that VM. In this way I have a pre-Sysprep VM in my store (to update my baseline VHDX or to recover quickly if I make a mistake).

Do not add MPIO feature or do not enable Hyper-V role (ok it can be hard on VM :p) in your image preparation. These features will be automatically added by VMM.

Once cloning is done I re-launch the VM to sysprep the Operating System. Below screenshot presents settings to sysprep the VM:

Once the VM is syspreped, I copy the VHDX in VMM library and I delete the Virtual Machine.

Create a Physical Computer profile

Now, it’s time to create a Physical Computer Profile. As other profile in VMM, the Physical Computer Profile is a sort of template for host servers. It can be used to deploy Hyper-V hosts or Scale-Out File servers. So open your Library and right click on Physical Computer Profile and select Create Physical Computer Profile:

In VHD file, select the previous VHDX syspreped created in the previous chapter. On hardware configuration you can configure the network settings that will be applied on the Hyper-V host during provisioning. On my old Dell 1950 I have only two physical NIC so I Add two physical NIC. Next I had 4 virtual NIC while Management NIC is mandatory.

My Management NIC is configured as a virtual network adapter connected to one of physical NIC. I configure the classification as Host Management and it is connected to my Fabrikam vSwitch. To finish with this vNIC, I set to obtain a static IP in IP Pool of VM Network (Yes I know called a VM Network “VM Network” is a bad idea, I realize too late).

Next, each Physical NIC is configured to be connected to Fabrikam vSwitch with the uplink port profile Host teaming. Because my Dell 1950 is a very old server, it does not support CDN so I not set CDN.

Now I present you a Virtual NIC configuration. I show you one vNIC because others is the same thing, just parameters that change. So on each vNIC I configure the connection with Fabrikam vSwitch and I set the related classification.

Then I set the IP configuration related to vNIC needs. In the below example, the vNIC belong VM Management Network and a static IP will be attributed from the related IP Pool.

Next, some settings are available to configure the disk where will be deployed VHDX (Operating System or not).

On Driver filter, you can specify a drivers tags to install this last. In fact when you add drivers in VMM library you can tag them.

To finish, some OS configuration can be set as below:

At this point, all configurations on VMM is finished. The next step is the provisioning of Hyper-V host.

The post Bare-Metal Deployment Hyper-V host with VMM 2012R2 Part3 – Prepare OS deployment appeared first on Tech-Coffee.

Thanks to virtualization, the provisioning of new virtual machines (VM) is pretty easy and convenient. Several technologies enable to deploy new VMs:

• Cloning to duplicate a server to quickly support scalability (Web Servers for example)
• Create new VMs from template to deploy following standard
• Service deployment (VMM feature) to deploy multiple VMs to support a service (all servers needed for Sharepoint for example)

Usually, when deployment industrialization is well configured, a new VM can be provisioned within a few tens of minute. However the more you add VMs more you need host servers to support machines provisioned. So indirectly time provisioning of VMs is related to host servers’ installation. This is why it is important to automate the provisioning of host servers. This is called Bare-Metal Deployment (BMR). In this series of articles I will present you how to make a BMR of Hyper-V host server with Virtual Machine Manager 2012R2.

How does Bare-Metal Deployment Hyper-V work?

Hyper-V BMR in VMM needs a Baseboard Management Controller (BMC) on a host server to provision. BMC is better known under the name iLO for HP vendor or iDRAC for Dell vendor. This controller supports the standard protocol named IPMI (Intelligent Platform management Interface). Thanks to IPMI, VMM can manage power or discover Network Interface Controller (NIC). If your server support CDN (technology enabling Operating System to read Bios information during deployment to map NIC in good order), VMM can use it to manage host networking.

Next, WDS is needed to deploy operating system over the network. WDS must be connected to VMM to make Hyper-V BMR. It is needed because when VMM connects to WDS, it deploys a VMM Winpe Image. To deploy Operating System, a VHDX is used. This VHDX must be syspreped with OOBE (Out-of the Box Experience) and must be generalized.

Once the operating system is deployed, VMM configure operating system following Physical Server profile configuration. It can be the administrator password, product key or joining a domain. At the end of the configuration, networking is configured on the host (teaming, vNIC etc.).

To resume following are needed to make a Hyper-V BMR in VMM:

• Baseboard Management Controller configured on host server
• Windows Deployment Services
• Networking configuration in VMM fabrics
• A VHDX syspreped (OOBE, Generalized)

Virtual Machine Manager and network

Logical network

A Logical Network is a definition of your network environment. For example, management networks (Cluster workload, iSCSI over Ethernet workload etc.) can be gathered in a logical network called management. The definition of a network is called a Network Site. A network site can be defined with a VLAN number and a subnet (CIDR format like 192.168.1.0/24). Network Sites are associated to Host Groups that you choose.

Hyper-V Port profile

A Hyper-V Port profile is the definition of the capability and the configuration of a network card (physical or virtual). In VMM, There are two sorts of Hyper-V Port profile: uplink port profile and virtual network adapter port profile.

The Uplink Port profile defines the physical NIC configuration (teaming, LACP or load balancing teaming). The Uplink port profile is associated to network sites to support them.

Virtual network adapter port profile enables to select offload configuration (such as SR-IOV), to set some security features (allow guest teaming, enable DHCP guard etc.) and specify bandwidth limit. This type of profile is used for virtual NIC (Virtual Machine or vNIC on host server).

Logical switch

Logical switch defines the capability of your network. Logical switch is dependent of uplink port profiles and virtual network adapter port profiles.

VM Network

A VM network is a network that is virtualized. VM networks can be the extension of physical networks in the virtual environment. The isolation of network is usually performed with VLAN. VM networks can also enable to create multiple virtual networks isolated on the same physical network using NVGRE.

N.B: The NVGRE will not be approached in this series of articles.

IP Pool

An IP Pool is equivalent of DHCP. IP Pool is configured on a VM network to deliver IP on his subnet. This is VMM that manages which IP are assigned.

Mock-up presentation

I have performed my mockup on my home network. So it is not a hyper-v standard design but my “home” design is sufficient to understand the BMR process. Below the list of materials used:

Network overview

The goal of this series of articles is to present how to deploy HyperV02 in the above schema. Below a summary of network component to deploy:

Below the summary of network component to create in VMM.

Logical networks definition

Uplink Port profile definition

Logical switch definition

VM Networks and IP Pool definition

The post Bare-Metal Deployment Hyper-V host with VMM 2012R2 Part1 – Introduction appeared first on Tech-Coffee.

Updating of computer equipment is an aspect often overlooked by companies because there are too many constraints. It is necessary to manage downtime, while patches provide sometime malfunctions. However, updates computer equipment is a necessity for security. In this article series I will introduce you how to update your computers limiting constraints with SCCM Software update.

WSUS

WSUS (Windows Server Update Service) is a role that provides a central management point for Microsoft Update. Thanks to WSUS, all servers no longer need to connect to Microsoft Update to download patches and hotfix. WSUS is in charge of downloading updates and distribute them on different machines.

Because there are a lot of updates for several products, downloading updates is performed according to some rules such as classification, languages or products.

However WSUS can’t be used alone in a big IT infrastructure requiring automation. This product doesn’t have a granular scheduler to deploy update. This is why SCCM is used with WSUS.

 SCCM and WSUS

SCCM has a system role called Software Update Point (SUP). This role has to be installed on WSUS server. When it is set, SCCM can manage updates catalog and binaries to make updates packages. Such as WSUS, packages can be created regarding to classification, products, languages of the update (this is not an exhaustive list). Once these updates packages is created, it can be deployed with SCCM and use its powerful scheduler:

1. WSUS downloads updates catalog and update binaries when SCCM requests them.
2. Primary site configures himself WSUS role. When it is done, Primary site synchronizes updates catalog and requests binaries when the update package is creating.
3. Once an update package is created, it is deployed on Deployment Point
4. Managed servers download this package and install it regarding to maintenance period and scheduling configured on Primary Site.
5. Before installing updates, managed servers download update catalog from WSUS to validate them.

Below the network flow according to above schema:

Regarding the storage part, when WSUS is added to SCCM, it no longer stores the binary files on its own store. Binaries are on SCCM content store. However WSUS still needs a database to store update catalog.

 On the next part, I will present the configuration of an SUP point. WSUS and SCCM are installed on the same machine. But it is the same process when WSUS is installed on another server. After integration of WSUS in SCCM hierarchy, I will deploy updates by two different methods:

• Create packages and deploy it manually
• Automatic Deployment rules

Once SUP is configured correctly, the catalog of updates appears in SCCM console. A filter can be created regarding some criteria (classification, updates id, products etc.). Then updates can be added to a package and can be deployed. The deployment scheduling is configured manually. Then managed servers install updates in their maintenance period. This method is very useful on complex environment such as Exchange or Hyper-V cluster where patching should be orchestrated (move Virtual Machines or databases before patching etc.). The package can be used with System Center Orchestrator to be deployed and orchestrate patching.

Moreover the Cluster-Aware Updating is not compatible with software update from SCCM. An Orchestrator runbook should be created for this task. This is why it is possible to create a package manually and then deploy this last.

Automatic Deployment rules feature provides automatic creation and deployment of updates packages. The package creation can be scheduled (such as every second Tuesday of each month) and the choice of updates is made in function of some criteria (classification, updates id, products etc.). Once the package is created, it is automatically deployed in function of scheduling configuration. Then managed servers install updates in their maintenance period. This method should be used on mockup or simple environment.

The post SCCM Software Update PART 1 – Introduction to SCCM and WSUS appeared first on Tech-Coffee.