TechEd 2014: Software defined storage in WS2012 R2

Session: DCIM-B349. Software defined storage with Windows Server 2012 R2 and System Center 2012 R2. This was a jam packed session with tons of content on each slide. Great in-depth talk about what’s new in the 2012 R2 wave which came out last year. I only captured 25% of the slide content below, so be sure to check out the Channel 9 video and slide deck when they get posed, for all the goodies.

Storage Enhancements

  • New approach to storage: File based storage (SMB3) other Ethernet networks. Cost effective storage.
  • Faster enumeration of SMI-S storage providers
  • Virtual Fibre Channel integration in SC 2012 R2
  • SC can now leverage ODX for fast VM copy operations
  • Investments in Fibre Channel switch discovery and pulling that into VMM. Shows a demo of creating a FC zone in VMM. Also shows provisioning a LUN from with VMM from a Fibre Channel array. You can configure a LUN in a service template, so all VMs get access to the LUN.

Focused Scenarios for 2012 R2 Wave

  • Reducing CAPEX and OPEX

Infrastructure-as-a-Service Storage Vision

  • Dramatically lowering the costs and efforts of delivering IaaS storage services
  • Disaggregrated compute and storage – Independent management and scale at each layer
  • Industry standard servers, networking and storage – Inexpensive networks, inexpensive shared JBOD storage
  • Microsoft is heavily investing in the SMB protocol and will use this going forward as the basis of storage
  • Overall objective is to reduce cost. The cheapest storage is the storage you already own.
  • Ability to use “Spaces” with low cost JBOD
  • Ability to manage the full solution within System Center

Storage Management in System Center 2012 R2

  • Insight, Flexibility, Automation
  • Storage Management API (SM-API)
  • New architecture for 10x faster enumerations
  • Capacity management, scale-out-file-server, and a lot more

Guest Clustering with shared virtual disks

  • Guest clustering with commodity storage
  • Sharing VHDX files
  • VM presented a shared virtual SAS disk

iSCSI Target Server

  • VHDX support
  • Support up to 64TB LUNs
  • Dynamically grow LUNs

File Based Storage

  • SMB Direct support (uses RDMA)
  • 50% improvement for small IO workloads

Scale out File Server

  • SMB session management for back-end IO distribution

Live Migration

  • SMB as a transport for live migration
  • Delivers performance using RDMA – so no CPU hit on the host
  • Adds compression (75% faster)

SMB Bandwidth Management

  • Restrict bandwidth for different workloads (e.g. file copy, live migration, storage access)

Data Deduplication

  • Can dedupe open files – VDI scenarios is a good use case
  • Good for high reads, low write VHDXs
  • Added support for CSV

Storage Spaces

  • Optimized data placement – Pool consists of both HDDs and SSDs with automated tiering
  • Write-back cache – Smooths out workload IOPS

TechEd: Comparing Microsoft and VMware Private Clouds (MDC-B352)

This was Part 2 of a two part series on comparing VMware and Microsoft virtualization/Cloud offerings. Part 1 was focused on the hypervisor and how Hyper-V and ESXi compare. I had a schedule conflict with part 1, so I didn’t attend it. This is part 2, focusing on the private cloud offerings. I thought Microsoft did a decent job in the 75 minutes provided. VMware has a leg up in areas, while other areas Microsoft has a leg up or a longer track record (such as Operations and Configuration manager).

A lot of differences in both products were not discussed, and would take a lot more time than 75 minutes. But it’s clear with Windows Server 2012 R2 and System Center 2012 R2 that they are making rapid and big strides in the private cloud and virtualization arena. Now that VMware and Microsoft appear to be on a yearly release cadence, I see the “Cloud OS” battle really heating up. MS has a lot of ground to make up, and they clearly knew it.

Private Cloud Technologies

Speaker acknowledges this is not a perfect comparison, as some products from each vendors package up features differently. For example, vCloud Director does a lot more than just self-service, but MS VMM has vCloud directly-like functionality not found in vCenter. So you can’t exactly line up products and say they are the same. But combine the entire stack from each vendor to really see how they shape up instead of doing per-product comparisons.

  • Hypervisor: Microsoft – Hyper-V; VMware – vSphere Hypervisor
  • VM Management – Microsoft – VMM; VMware – vCenter Server
  • Self-Service – Microsoft – App Controller; VMware – vCloud Director.
  • Monitoring – Microsoft – Operations Manager; VMware – vCenter Operations Management Suite
  • Protection – Microsoft – Data Protection Manager; VMware – vSphere Data Protection
  • Service Management – Microsoft – Service Manager ; VMware – vCloud Automation Center
  • Automation – Microsoft – Orchestrator; VMware – vCenter Orchestrator

Private Cloud Software Licensing

For both suites both vendors license the products by the socket basis. You can buy some VMware products a la carte, and some lesser known products aren’t included in the vCloud Suite. So depending on what features you need, you may need a different set up products.

  • Microsoft – System Center 2012 SP1 (per socket) & Hyper-V
  • VMware – vCloud Suite & vCenter

Key Focus Area for this Session

  • Granular App & Service Deployment
  • Deeper insight and remediation
  • Protection for key apps andworkloads
  • Hybrid Infrastructure
  • Costs

Granular App & Service Deployment

  • On VMware you use templates to deploy standardized templates. Templates are simple, but static.
  • In VMM you also have a dedicated Library to VM templates (like VMware) and service templates
  • In VMM you can have lots of templates all pointing to the same VHDX image (templates can have different features/etc.). Or small, medium, large, etc. templates all pointing to the same OS image.
  • In VMM you can add roles/features to the guest VM template and capture them in the template
  • You can have separate guest profile, and can marry up them with a hardware profile and a VDHX image without using any extra disk space
  • In VMM you can add applications, such as SQL, and easily create a template
  • VMM can directly configure App-V server packages and inject them into the VM template
  • VMM 2012 has a concept of service templates. Service template allows you to build and model multi-tier services. Ability to configure scale out rules, for example. Drag and drop VM templates onto a canvas and you can customize the VM properties.
  • Anything you can do in VMM you can do in PowerShell
  • VMM is more about delivering services to the business unit, not just deploying individual VMs
  • “Create Cloud” button in VMM. Defines resources, networks, load balancers, VIP templates, Port classifications (NIC), Storage, library, define capacity quotas (vCPUs, memory, storage, VMs, etc.). Ability to select hypervisor (Hyper-V, VMware, XenServer).

Service Manager

  • IT self-service management portal, built on SharePoint (also a full helpdesk ticketing system)
  • ITaaS offering
  • Plugs into VMM, Orchestrator
  • BI is built into service manager for deep reporting
  • Download “Cloud Service Process Pack” which pre-configures VMM, Service Manager and Orchestrator for a self-service VM portal

Orchestrator

  • Custom automation with minimal scripting needed
  • MS Orchestrator has a lot of plug-ins for third party products and hardware (integration packs)

Operations Manager

  • Extensible with MS and third-party management packs. Veeam MP can do deep monitoring of VMware environments.
  • Veeam MP is not free, so if you want to monitor VMware with SCOM you will have to license the excellent MP
  • OpsMgr can also monitor network infrastructure (switch CPU usage, memory, port-level stats, etc.)
  • Maintains the relationship between VMs and physical hardware such as switch ports, etc.
  • Server-side, client-side and synthetic transactions for application monitoring
  • Global Service Monitor (GSS) – MS Azure based global services that will test your private cloud app

Visual Studio Integration

  • VMM Library is accessible from Visual Studio
  • Team Foundation Server can use the “Test & Lab Manager” which will spin out VMs for automated dev testing via VMM

System Center Advisor

  • Provides configuration guidance around specific workloads (SQL, etc.) for troubleshooting. Free from MS.

Data Protection Manager

  • Supports Windows server, SQL server, SharePoint, Exchange, Dynamics
  • Up to every 15 minute differential backups
  • DPM can backup to Azure and tape
  • Changed block tracking for VM backups
  • Cluster aware – integrates with CSV
  • Item-level restore
  • DPM has no inline dedupe, but VMware data protection does

Heterogeneous Environments

  • VMM can connect to and provide basic management of vCenter
  • Can use VMM service templates on VMware hosts
  • Many integration and management packs for third party software and hardware (HP, NetApp, Cisco, etc.)

Hybrid Infrastructure

  • Private cloud (VMM can manage XenServer, vSphere, Hyper-V)
  • System Center can link to Service Provider and Azure
  • Single Sign on with AD (Azure)
  • Integrated with DEV (Team Foundation)

Cost Scenario

Cost scenarios can be extremely tricky and misleading. Plus large enterprises will likely get big discounts from both VMware and Microsoft. So take the numbers below with a grain of salt. Not in the cost calculation is the cost of the guest operating systems, since it was assumed both used the same OSes so the cost was a wash. The costs were only for the hypervisor and cloud stack.

The speaker didn’t mention the Microsoft ECI license (enrollment for core infrastructure). This combines the operating system and system center stack licenses into a single SKU, licensed by the socket. The datacenter edition of ECI allows unlimited VM deployment and management using all cloud features. Even if you are a 100% VMware shop for the hypervisor,  you may still have the ECI license if you use system center components (such as SCCM or SCOM). So you may already be fully licensed from the MS perspective and incur no additional software costs for the MS cloud stack.

  • Example: 500 VM Private cloud; 15:1 VM to host ratio; 34 hosts, 2 sockets with 16 cores; Windows Server licensing additional; comprehensive management; 68 licenses of Windows server datacenter
  • 68 CPUs Hyper-V: $0; 68 CPUs of System Center $122K
  • 68 CPUs vCloud Enterprise Suite $781K, vCenter $5K

TechEd: IaaS with the Azure Pack (MDC-B364)

This session covers how to develop on-prem IaaS (Infrastructure as a service) using the Azure pack for Windows Server 2012 R2 and VMM 2012 R2. The session was more developer oriented than I thought from the description, so I ended up leaving a bit early since I’m not a developer. However, in the beginning the speaker did several demos of what the Azure pack does, which I found very useful. He then dove into the back-end details on how it all worked and what you have to do to build your own on-prem Azure VM gallery.

Hinted at in this session, and other sessions, is a possible roadmap feature where Microsoft would provide pre-configured gallery templates for certain Microsoft products like System Center and SQL. You would then be able to tweak the config, and easily built up a service catalog, and deploy MS services on Hyper-V in a highly controlled, standardized, and automated way. The R2 Windows Server and System Center release have a lot of the building blocks to enable those features in the future. Given the accelerated release cadence of MS’s cloud platform, customers will get new features much faster than they historically have.

Introduction

  • MS is hyper-focused on consistent cloud experience across the clouds (on-prem, Azure, service provider) at all layers (UX, APIs, PowerShell)
  • IaaS (Infrastructure as a service) – Elastic tiers
  • Customer requests: Enable templates to be deployed to any cloud, Provide a gallery of applications, Provide console access to remote VMs, anaging standalone VMs is not enough
  • Vision (not 100% delivered in R2): A consistent service model amongst Windows Server, System Center and Windows Azure for composing, deploying and scaling virtualized applications and workloads.
  • Four pillars: Portal User experience, deployment artifacts, management APIs, on-prem, hosted clouds and Azure
  • Consistent IaaS Platform: Delivered on portal user experience (Azure Pack), deployment artifacts, management APIs, Clouds

Demo #1

  • Showed a gallery for the VM role (new to Azure). Lists various services (SQL srever, IIS web server, SharePoint, etc.) that the admin has configured and curated. Gallery shows different versions of the same template, and can be tied to a subscription. When deploying a VM you can define the number of instances, for scale-out.
  • VM container, and Application container concepts (application payload is delivered into an OS)
  • The Gallery wizard prompts for a number of service properties (website name, admin names, VM sizes, etc.).
  • Shows a usage portal, which lists cores, RAM, storage, and VM usage. Also lists instances, IP address, disks, subscription, VM operations (power, stop, reset, etc.). Scale slider for increasing VM count.
  • Shows the ability to create a virtual network  (e.g. creating a site-to-site VPN) in the Azure pack.
  • Shows the ability to open a console to a Linux VM, or a VM without a network or OS

Iaas Architecture

  • Stack is: Hyper-V, VMM, Orchestrator, Operations manager, and two portals (tenant and service admin)
  • Steps to setup:
  • Load application extensions to VMM
  • Create a gallery item (VMM role template)
  • Create a service admin
  • Expose to tenant

Remote Console

  • Requires a new RDP client to support the new console version
  • Trust is established between all components (Azure Pack, Hyper-V, RDS gateway)
  • RDPTLSv2 is the new protocol

How to Build your Gallery

  • Definitions: VIEWDEF, RESDEF, RESEXT (consistent naming across Azure and on-prem/service provider)
  • REDEF: Virtual machine role resource definition (VM size, OS settings, OS image reference)
  • RESEXT: Your Application (roles, features, OS image requirements, etc.)
  • VIEWDEF: User GUI experience definition (parameters, grouping, ordering, validation, etc.)
  • RESCONFIG: RESDEF parameter values, single deployment, versioned (e.g. hard coded port number, etc.)
  • Uses JSON not XML files (make it more REST and portal friendly format)
  • Good support for command line installers/scripting (integrate PowerShell desired state, Puppet, etc.)
  • First class support for SQL deployments, IIS, etc. to make it very easy to configure
  • Built-in full localization support with a default language (which you can change)

TechEd: Storage Management with VMM 2012 R2 (MDC-B344)

This session focused on both the platform storage enhances in Windows Server 2012 R2 in addition to VMM 2012 R2. Microsoft was very up front that the 2012 release baked in a huge amount of technology into the platform (OS), but not all of it was exposed through VMM 2012 and even in SP1. In the R2 release both the platform and VMM have been more fully integrated and a lot of new features added. Going forward Windows and System Center will ship on the same schedule. Within Microsoft the OS and System Center teams have been re-aligned into the same org. Just like VMware ships the hypervisor and the mangement suite at the same time, Microsoft is now on the same cadence.

I didn’t get a screenshot, but the presenter had a slide showing the storage features in every version of VMM dating back to 2007. Starting with 2012 there was an explosion in features, with more added in SP1 (shipped in January 2013) and a lot more in R2. The pace at which Microsoft is enhancing the hypervisor and management stack is pretty astounding.

This session was supposed to be heavy on demos, but the speaker’s VPN connection back to the mother ship was not behaving. For his storage demos he was going to use a 3PAR to demonstrate the fibre channel LUN provisioning features in VMM 2012 R2, and NetApp for the SMB 3.0 file share demo. VMM has a lengthy list of storage arrays which are natively supported. If you are a 3PAR customer, you will need 3.1.2 MU1 for full VMM 2012 R2 support.

Storage Management Pillars

  • Insight: end to end mapping, pool, volume and file share classification, monitoring, standards based
  • Flexibility: Provisioning of pools, LUNs, file shares, scalable, allocation and assignment, FC zoning, zone aliases
  • Automation: Rapid provisioning, scale out file server, disaster recovery, bare metal Hyper-V host provisioning, ODX

R2 Enterprise Storage Management

  • More optimized storage discovery (e.g. a 3PAR with hundreds of disks) or VMAX with thousands of LUNs
  • Real-time updates for out of band changes using CIM indications
  • Fibre channel fabric discovery and zone provisioning and activation of zone sets
  • Support for Hyper-V virtual fibre channel
  • ODX optimized virtual machine deployments (copy VM from library)
  • Rapid provisioning using difference disks

Storage Provisioning for Tier 1 Application Demo

  • Fibre Channel switches
  • Hyper-V Host with 2 FC ports
  • Service template to model computer with two virtual HBAs

New to VMM 2012 R2

  • 10x faster SMI-S enumeration
  • Management of scale-out file server underlying spaces storage
  • Added remoting and cluster-awareness for managing storage spaces
  • Abilitity to assign storage and fabric classification at the volume or SMB share level. Allows finer grain SLA control.
  • Fully support iSCSI targets for storage
  • Support for SMB 3.02 (new to WS2012 R2)
  • Spaces provisioning: Discovery of physical spindles, storage pool creation and deletion, mirror and parity spaces creation and deletion
  • Capacity management: pool/volume/file share classification; file share ACL management
  • Scale-out file server deployment: bare metal deployment, creation of scale-out file server cluster, add/remove nodes, file share management

TechEd: Building Clouds on Server 2012 R2 (MDC-B312)

This session was a firehose of information on the design considerations when building your private cloud based on Server 2012 R2. There are ton of new features in WS2012 and R2, so this was a high level roadmap on how to figure out what you want to implement. Bottom line is that with WS2012 R2 and System Center 2012 R2, you have a full Cloud stack available. The 2012 releases built the foundation, but had some missing pieces. The R2 release rounds out those holes, and unifies the release schedule and simplifies the experience.

Introduction

  • Windows Server 2012 is Cloud optimized
  • Clouds are dynamic, multi-tenant, high scale, low cost, manageable and extensible
  • Major new cloud enabling features in Server 2012, released last year
  • 2012 built  a strong platform, but was not a full cloud solution

WS2012 R2 Improvements

  • Live migration is much faster
  • Live migration from 2012 servers
  • Shared VHDX clustering
  • Automated block-level storage tiering
  • write-back cache
  • Per-share auto-redirection to scale-out file servers
  • Dedupe of VDI workloads
  • iSCSI target VHDX support
  • Multi-tenant site-to-site VPN gateway
  • Hyper-V NAT and forwarding gateway
  • vRSS
  • NIC teaming dynamic-mode
  • Desired state configuration
  • Datacenter abstraction layer
  • All aligned with System Center 2012 R2

Blueprint for a Cloud

  • Build your managment stack
  • Start provisioning compute nodes and storage
  • Then you scale out as needed
  • This is a cloud “stamp”
  • Publish a self-service portal or APIs
  • Add network gateways
  • Add users

Infrastructure

  • Think about: workloads, networking, storage, resiliency

Designing for the workload

  • Cloud-aware stateless apps or stateful apps?
  • IaaS cloud can support both but with different design considerations
  • What are the workloads performance requirements
  • 2 socket servers offer the best ROI
  • Some workloads will benefit from hosts with SR-IOV
  • Are workloads trusted? Think about level of isolation between workloads and QoS policies
  • Keep it simple and manageable
  • Can’t optimize a unified infrastructure for all possible workloads
  • Standardize VMs, self-service based, managed to an SLA

Network Design

  • Traffic isolation considerations (tenant generated traffic) and hoster/datacenter traffic (cluster traffic, storage, live migration mgtmt, etc.)
  • Use physical isolation as needed, port ACLs, QoS & VM QoS
  • Between tenants and datacenter: separate networks
  • Between tenant VMs of different tenants: Hyper-V network virtualization & VM QoS
  • Hardware offloads for NICs: HW QoS (DCB), RDMA, RSC, RSS, VMQ, IPsecTo, SR-IOV
  • For storage, if using SMB 3.0, then the NIC would benefit from RDMA feature
  • R2: can also use RDMA for Live Migration
  • Look at RSS and RSC for the NIC which support management (Live Migration, management)
  • Look at IPsecTO and VQM for VM guest NICs
  • SR-IOV bypasses the extensible switch
  • R2: vRSS (spreads NIC traffic load across multiple VM cores

Storage Design

  • Hyper-V servers with internal SAS disks is a perfectly acceptable if you don’t need super high HA
  • 2012: Can pool shared JBOD SAS array for some good HA
  • Scaling options: Block based FC or iSCSI or file based (lower cost w/ high performance)
  • Block based enables storage offload with ODX, and high IOPS

Resiliency Approaches

  • Infrastructure – VMs not designed to handle failures, HA at server level, failover clustering as another layer of protection. High end servers, redundant power and apps.
  • App-Level Resiliency – Cloud-aware apps can sustain failures without infrastructure dependency

WS2012 Representatitve Configurations

  • Three different approaches are fully documented and validated by Microsoft:
  • aka.ms/CloudBlog
  • aka.ms/CloudConfigs
  • aka.ms/CloudPowerShell

How do you deploy and configure?

  • In 2012 it was a mixture of GUI and a lot of PowerShell
  • With R2 and aligning with system center 2012 R2, it is much much easier
  • “Physical computer profile” is new in SC2012R2 – Deploy Hyper-V to bare metal
  • Demo showed provisioning a new scale out file server and creating a file share, all from a GUI

Scaling Considerations

  • Compute (Hyper-V) cluster size
  • Larger clusters improve overall efficiency
  • Consider clustering across failure domains (e.g. cross-rack)
  • Storage: Need JBODs with appropriate number of SAS interfaces

Management Stack Improvements In R2

  • Provides a unified Powershell method to manage physical devices, such as switches
  • MS created a logo program that vendors can certify against
  • MS open sourced the OMI standard for anyone to use
  • Desired State Configuration (DSC) MDC-B302 session

Windows Azure Pack

  • Same self-service portal as Azure
  • Common management experience
  • Workload portability
  • As future services are delivered in Azure, they will transfered into the private cloud

TechEd: SQL Virtualization and Management Best Practices (MDC-B328)

This session focused on how to manage a virtualized SQL workload with system center. By using VMM, Operations Manager, and other SC components, you can automate, monitor, and easily deploy new SQL instances in a cookie cutter manner. This session applies to you whether you use VMware or Hyper-V hypervisors. Much of the session was live demos, so I don’t have extensive notes from the session. But it was a good eye opening experience on how well the System Center stack plays together, and can orchestrate your datacenter.

Benefits of Virtualizing SQL with System Center

  • Performance and scalability
  • Flexible storage and availablity
  • Depoyment and management
  • Portability of development workloads
  • On demand platform provisioning
  • Lower costs

Pitfalls of Virtualizing SQL

  • SQL server VM sprawl – Huge problem! Create an approval process.
  • Licensing challenges
  • Additional layer of monitoring

System Center 2012 Benefits

  • Deploy SQL server using SCVMM on Hyper-V or VMware
  • Provide self-service capabilities using SC Service Manager
  • Manage SQL server automations using SC Orchestrator
  • Manage SQL server operations using SC Operations Manager
  • Self-service backup and restore of SQL services using SC Data Protection Manager

SCVMM and SQL Server

  • Ability to deploy SQL server VMs on Hyper-V and VMware
  • Ability to create a SQL server profile to standarize VM templates and configuration
  • Ensures a SQL server is deployed every time exactly as you want, every single time
  • You can provide a SQL .ini configuration file for a standardized deployment config
  • You can mix and match SQL profiles with different operating systems

SQL Server Task Automation

  • Use SC Orchestrator (SCORCH)
  • Standardizes automated task management
  • Create a process in SCORCH which can be performed in a workflow manner
  • Enables end to end automation
  • Eg. Create a SQL backup, or database snapshot. With Service Manager you could provide user self service for SQL activities.
  • Complex tasks may take a day or two to configure in ORCH, but many tasks can be done in 1 hour or less of work

SQL Server Monitoring

  • Monitor SQL synthetic transactions and perspectives
  • Monitor SQL queries using application performance monitoring
  • Manage SQL server using distributed application
  • Ability to trend SQL database response times

TechEd: System Center 2012 R2 (MDC-B206)

For the second session of the day is MDC-B206, what’s new in System Center 2012 R2. Right on the heels of System Center 2012 SP1, which was a major update, R2 is right around the corner coming out later this year. This was an overview session, just touching on many of the high level features. Additional sessions this week will deep dive into varous System Center 2012 R2 features.

System Center 2012 Capability Primer

  • Self-service portal
  • Service model
  • Process automation
  • IT service management
  • Tools to deploy, configure, migrate, inventory, monitor and protect
  • Seamless deployment on-premises, Azure or service provider
  • Cloud OS is three datacenters (private cloud, hosted cloud or Azure) and should all be managed in the same manner with the same tools

System Center 2012 R2 Features

Infrastructure Provisioning

  • Windows Server 2012 R2: Dynamic VHDX resizing, dynamic memory support for Linux, snapshot of running VM, synthetic fiber channel HBA in guest
  • Service templates & run books for system center components
  • Automated standards-based Top of Rack configuration
  • Multi-tenant edge gateway
  • Built-in Site to Site connectivity VPN
  • Bring your own IP
  • Service management automation
  • Orchestrator integration pack for Azure

Multi-tenant cloud infrastructure

  • In-box service templates and runbooks for system center components
  • Bult-in multi-tenant isolation and scale across multiple system center instances
  • Service management automation (new in R2) – Web based authoring, workflow automation, integration with CMDB, ticketing, billing, management systems
  • Capacity planning and chargeback – Enhanced in R2
  • Granular metering of resource usage by tenant, including CPU, memory & storage
  • Virtual network support – Provision in-box multi-tenant edge gateway for seamless connectivty between physical and virtual systems

Consumer Self-Service

  • Self-service application provisioning with Azure-consistent user experience
  • Unified view across clouds with app controller
  • Windows Azure integration pack
  • SharePoint integration pack
  • Scalable multi-VM tenant services (VM-tier) for Windows Server environments with Windows Azure-consistent user experience (new to R2)
  • Admin publishes gallary, user can consume them

Application Performance Monitoring

  • Deep Java monitoring including line-of-code traceabiltity
  • Deeply integrated with dev-ops – Faster issue tracking and remediation with system center-visual studio connector
  • Global Service Monitor – inject synthetic transactions and measure various metrics

Infrastructure Monitoring

  • Enhanced cross-platform monitoring of Linux, Solaris, HP-UX, IBM AIX
  • Cross-platform configuration of Windows Server, Linux, Unix

Consistent Management Experience

  • Enhance agility by delivering Windows Azure-consistent services to Windows server
  • Extensible, enterprise-ready service management portal
  • Standardized VM gallery format for Windows Azure and for service providers
  • Windows Azure pack for Windows Server 2012 R2 provides a consistent user experience

Service Consumers

  • Build highly scalable web apps
  • Guaranteed message delivery
  • Standard protocols (REST, etc.)
  • Supports .NET, Java, Node.js, Python

Demo showed a new feature where you can console connect to any running VM, even if the OS is not running or it’s a non-Windows OS like Linux.

Service Providers

  • Create offers of select services (define quotas, offer add-on or upsell, etc.)
  • Consistent interface for all services (REST, OData & JSON)
  • Enable third-party billing providers with ITFM integration
  • Data warehouse
  • Out of the box runbooks to automate delivery of cloud services
  • operational dashboard

TechEd 2013: Configuration Manager 2012 SP1 Lessons Learned

TechEd 2013Welcome to Microsoft TechEd 2013 live blogging! I started off the conference by attending the all-day Microsoft System Center Configuration Manager 2012 SP1 session. Since this was a pre-con, it ran all day so a TON of content was presented. You can find tweets about this session at #TEPRC05. The speakers were Kent Agerlund and Johan Arwidmark. Both were excellent, and presented a lot of real-world deployment information and lessons learned.

There were a few major take-aways that anyone looking at SCCM 2012 SP1 should understand:

  • SQL server design and architecture is hugely critical. You can’t just do a click next install of SQL server and expect SCCM to perform within your expectations. You need to have a detailed understanding of SQL server best practices, including TempDB settings. It’s is also strongly recommended to combine SQL server and your primary site roles onto a single server/VM, unless you are a huge organization (sizing details are below). Yes, let me state that again, don’t use a remote SQL instance that is hosting other databases. Use a dedicated local SQL server instance for SCCM.
  • Once SQL server is installed, it needs regular maintenance to keep it performing well. Backups, re-indexing, and other jobs must be run regularly or performance can tank. Session notes have a lot more details and links to some free tools.
  • If you are using SCCM 2007 or older with multiple primary sites, they should all be collapsed down to a single site. Yes, even for large multi-national companies with 100K clients. Do NOT do multiple primary sites.
  • Use MDT 2012 SP1 to build all of your Windows golden images. The resulting WIM file can then be used by any deployment tool on the market, including SCCM or third-party tools. It will sequence and fully automate the injection of patches, software, and other tweaks. Do not build your OS images in SCCM, or you won’t be able to use them with other deployment solutions.
  • The importance of creating intelligent collections cannot be understated. Read up on the SCCM 2012 collection options (include/exclude, etc.) and do a lot of research before just jumping in and creating a bazillion to manage your environment. You will pay for the lack of planning down the road.
  • Use a third-party program to scan for and patch non-MS updates, such as Java and Adobe products. Solarwinds or Secunia are the only two you should consider. A majority of vulnerablities are now in third-party products, not the MS OS. So if you aren’t properly patching third party software, you are just asking to get hacked.

Session Notes

Configuration Manager 2012 Goals:

  • Empower Users
  • Unify Infrastructure
  • Simplify Administration – Most can consolidate to a single primary site.

System Requirements

  • WS2008 x64 or later (strongly recommend WS2012)
  • At least 16-24 GB RAM for primary site with SQL local. 24-32GB is more typical.
  • 8GB RAM for secondary site
  • Dedicated disk arrays (Disk IO is HUGE. Poor performance is likely due to storage being slow).

Typical disk layout: C: OS, D: Program, E: content library, F: DB files (100GB), G: TempDB (50 GB), H DB Logs (50GB). NTFS allocation size 64KB for SQL volumes.

SQL Guidelines:

  • Recommend LOCAL SQL install on SCCM server (STRONG RECOMMENDATION!!!! Strongly Microsoft recommended.)
  • Minimum SQL versions: SQL server 2008 SP2 CU9, 2008 R2 SP1 and CU6, 2012 CU3, 2012 SP1
  • SQL 2012 Always On is NOT supported.
  • Don’t use SQL mirroring (may appear to work, but SP upgrades will break)
  • Pre-create the SQL database so you can control the layout. Don’t let SCCM create it, as performance will not be good.
  • Estimate 3-5MB per client for database storage
  • Not a traditional SQL database. Very high SQL load from constant queries from all clients.
  • Site server 1: DB – Site System; Server 2 – DP/SUP/MP
  • Do NOT combine databases from other system center products. Don’t build a giant SQL cluster for all system center products.
  • MUST carefully consider TempDB. 1 file per core, with no more than 8 files.
  • 1 TempDB file per vCPU for VMs
  • Need to manually configure SQL memory usage so OS/SCCM has memory to use. Don’t leave to the default of infinite.
  • Cap SQL log file size in SQL manager to what you think is the max
  • Turn off auto-growth
  • Don’t use full recovery model for Reporting Services database. Use simple for Reporting services.
  • VM snapshots are NOT backups. Use SQL server backup feature. Uses compression for much smaller backups.

Site Sizing:

  • Less than 2000 clients, just install everything on a single VM (including SQL)
  • Less than 20000 clients, Server #1: SQLDB, primary site, SMS provider, endpoint protection, #2: MP, Software Update, DP, app catalog
  • 100K clients: #1: SQL DB, primary site, SMS, endpoint; #2-4: MP, software update, DP, app catalog

Hydration Kit for ConfigMgr 2012 SP1 is here: Automates provisioning AD, SCCM deployment via scripts. If using Hyper-V don’t use dynamic memory for the VM during deployment. You can configure it to use dynamic memory after. Can create a huge bootable ISO and it automates the installation following best practices. Great for creating labs, then deploying in production exactly like the lab. Works on Hyper-V, VMware and physical servers.

Other good tools located at: DeploymentResearch and Deploymentbunny.com.

IMPORTANT: Site maintenance tasks: Rebuild Indexes (always enable it; runs every 7 days). Use a third-party solution as the build-in job is NOT reliable. Use the DB maintennace script from Ola.hallengren.com. Just enter the site code, and use on WSUS database as well. This is a MUST HAVE. USE THE SCRIPT. Microsoft internally uses this script, so you should too.

Strongly recommend only a single primary site. For secondary sites, consider them when you have 500 to 1000 or more clients.

Migrating from ConfigMgr 2007 SP1

  • Don’t need to configure boundary sites since you should only have one primary site
  • Co-existence is perfectly acceptable. Don’t do a big bang migration.
  • SCCM 2012 can pull config data from 2007 SP1, so they are sync’d.
  • DP migration can take many hours or even a week, if you have huge amount of content
  • Migrating collections: Consider security, folders, users & devices. Limit collections. Create a base collection, then use include/exclude to customize the rules.
  • Decide on role based access controls
  • Configure collection refresh cycle after migration
  • Limit use of folders – They are evil as you cannot assign permissions. Good folder name is “Software Updates”.
  • Setup role based administration in 2012 prior to migration

Software Distribution

  • Software and OS packages are so big these days, you should use DPs at branch offices
  • Use WS2012 for DP points. DPs are usually long lived, so start with the new OS. Create PowerShell automation features.
  • You can inject software updates/patches into Win7/Win8 images
  • You can now pre-provision BitLocker with SCCM 2012 SP1, so it starts encryption prior to OS deployment.
  • Make sure server firmware is up to date, since WinPE 4.0 won’t boot on servers with older firmware
  • PXE performance is creaming on WS2012. Can boot a WS2012 WDS image in 4 seconds via PXE.
  • Strongly urge users to add MDT 2012 SP1 to SCCM OS deployment
  • Use Lite Touch mode to create master images
  • Use Zero Touch for added features – 280 new features from MTD 2012 SP1 add-on (free)
  • Dynamic deployments are a HUGE value-add. Can customize OS deployments based on various parameters.
  • New hardware uses UEFI so you need to boot into WinPE 4.0
  • Boot off memory sticks using FAT32, not NTFS, for UEFI support
  • OSD deployment supports new App model
  • You can set primary user of a machine prior to deployment, so its customized for that user
  • User device affinity in CM2012
  • New to CM2012 SP1: WS2012 and Win8 OS deployment
  • Use MDT 2012 Update 1 Lite Touch to create a reference image. Creates images that works with anything. Don’t create your image in SCCM. Image will be compatible with any other deployment solution you have when using MDT 2012. It’s also 2x faster creating an image. You can copy the admin default profile, easy to delegate, and you can suspend deployment if needed.
  • Take a look at the MDT Database admin tool here.
  • MDT needs a separate WSUS instance (not the one you use for ConigMgr) for update approval
  • “Request State Store” task must be added if you want to perform a machine backup
  • You can use WMI queries to insert specific drivers instead of relying on PnP
  • Never share an application between OSD and CM deployment. Create an OSD security role, and limit the permissions to the OSD pacakges to the OSD team.
  • Look at iconarchive.com for application icons

Software Update Management

  • Vulnerabilty intelligence + vulnerability scanning + patch creation + patch deployment
  • Define the update process: pilots, servers with auto restart, servers with manual restart, logically grouped servers, workstations in prod, excluded devices.
  • Can use MS SC Orchestrator to orchestrate SCCM patching
  • Define your SLAs, collection design is #1 (HUGE!!), maintenance windows
  • Create a custom report (computer uptime in days). Can color code uptimes to see most recent reboots.
  • Cortech Update Manager freebie tool
  • Don’t organize software updates by OS. Control everything through maintenance windows.
  • Run a regulary query for expired updates and remove them from ALL deployments.
  • Remember to still do the WSUS DB cleanup and re-index on a regular database
  • Solarwinds patch manager and Secunia are the only two you should consider using. Excellent third party support.

Microsoft System Center 2012 SP1 now available

For those of you eagerly awaiting Microsoft System Center 2012 SP1 RTM, you can now download it from TechNet! Dated just last week you can now download:

Configuration Manager and Endpoint Protection
Data Protection Manager
Virtual Machine Manager
App Controller
Orchestrator
Service Manager

The biggest news for SP1 is full support for Windows Server 2012, Hyper-V 3.0, Windows 8, Azure VM management, and SQL 2012. Lots of other goodies as well, which you can check out in this MS blog about the beta here.

Installing System Center Service Manager 2012 Part 1

Microsoft System Center Service Manager 2012 is an integrated platform for automating and adapting an organization’s IT service management best practices. It has built-in processes for incident and problem management, change management, service request fulfillment, release management, service level management and configuration management. As part of the System Center suite it has connectors available for Virtual Machine Manager, Orchestrator, Operations Manager and Configuration Manager. Below is a sample architecture from Microsoft’s Infrastructure Planning Guide.

Refer to the massive amount of documentation in the System Center 2012 Service Manager Survival Guide, found here. Suffice it to say, to implement SM properly is no small task and the product should be well understood and processes mapped out prior to installing the product. The remainder of this article will just show you how to get the basics installed and launch the Administrator console.

Pre-Requisite check:

  • Server should be allocated at least 8GB of RAM and two cores
  • Latest Windows Server 2008 R2 service pack
  • Full-text search is installed on your separate SQL 2008/R2 Server

I would strongly suggest you review the Service Manager 2012 Planning Guide for additional details, as your environment will be different. Depending on the number of users, high availability requirements, etc. you may need a lot more server resources than what the installer checks for. If all you want to do is get a basic install done for testing in a lab, this is the guide for you. Configuring a high availability instance with SQL mirroring, load balancers, and other features is far beyond the scope of this article.

1. On your Windows Server 2008 R2 Service Manager 2012 server to be install the .Net Framework 3.5.1 ‘feature’.


 

2. Download and install Microsoft Analysis Management Objects.

3. Download and install Microsoft Report Viewer Redistributable 2008.

4. Download and install SQL Server 2008 R2 SP2 Native Client

5. Launch the Service Manager installer and select Service Manager management server. On the Product Registration screen enter your name, organization, product key, and accept the license terms.

3. Change the installation location, if desired, then wait for the requirements check to complete. If all goes well, you should see no red errors, but possibly a couple of yellow warnings depending on how you configured your CPUs and RAM. Assuming no red errors, continue with the installation.

4. Configure the database server name then click on the instance drop down. Should a collation warning pop up, like the one below, pause for a minute and contemplate the implications. If you will only be installing Service Manager for English language users, then you can safely ignore the error. However, if you will be using Service Manager in a multi-lingual environment then consult the Service Manager Planning Guide for what to do.

5. If you acknowledge the error but still can’t proceed with the install, you probably overlooked the pre-req I pointed out at the beginning of this post, SQL Full Text search. At this point you need to install the Full Text search capability on your SQL server. After you complete that operation, and you select the SQL instance, the window will populate with additional options. Configure these options as needed, as your paths will be different than mine.

6. Next you need to name your management group, and select a group that will be the Management Group administrators. Use whatever you like. I have a strict RBAC naming convention that I like to follow.

7. Two service accounts are required for Service Manager. The first is for the system services, and the second will be for the workflows. Create the first service account in Active Directory, then add it to the local administrator’s group on the Service Manager server. Test the credentials to verify everything is good to go.

Note 1: There seems to be a bug in the installer if you test one service account, realize you want to use a different account, and use the new service account. It caches the first name you try, no matter what you use during subsequent installation attempts and the installer will fail and you will have to comb through the installation logs to see why it failed.

Note 2: Don’t try and outsmart the installer and manually add the SM service account to the SQL server logins. The installer will barf if the security principal already exists, so let the installer do the work for you (thank you Microsoft!).

8. The second service account does NOT need local admin rights on the Service Manager server.

9. Join or skip the customer experience program as you wish.

10. Configure Microsoft Update as you wish.

11. Review the Installation Summary to verify everything looks good and click Install. Assuming everything is correctly configured the installer will proceed, import default management packs, then after quite a long install you will be presented with the screen below. Make sure you check the option to run the encryption key wizard.

12. Run through the backup key wizard and save the keys to a safe place and with a password that you will remember. After the wizard complete the console will open up and you should see the following screen.

The basic installation of System Center Service Manager 2012 is now complete, but there is still configuration to do. Stay tuned for future articles, time permitting, on additional configuration steps.