Latest posts by Sander Berkouwer (see all)
- Review: Softerra Adaxes - Automating Active Directory management - Thu, Jun 4 2015
- Azure Multi-Factor Authentication - Part 8: Delegating Administration - Tue, Apr 28 2015
- Azure Multi-Factor Authentication - Part 7: Securing AD FS - Thu, Apr 23 2015
Where else, other than in Microsoft’s virtualization solution Hyper-V, would you benefit most from a highly available, highly secure operating system with the smallest possible attack surface, yet packed with features like LBFO, MPIO, and ODX? Server Core installations of Windows Server 2012 are the ideal root partitions for Hyper-V.
Note: All the information contained in today’s contribution also applies to Hyper-V Server 2012, the free Windows Server 2012–based Hyper-V host.
Hyper-V has been part of Server Core installations of Windows Server ever since Windows Server 2008. Just as Hyper-V on Server with a GUI installations, it was updated from beta to RTM after the launch of Windows Server 2008 (with Knowledge Base article 950050) and has seen the steady Hyper-V 2.0 and Hyper-V 3.0 improvements in subsequent Windows Server releases.
In Windows Server versions prior to Windows Server 2012, Hyper-V on Windows Server Standard Edition was limited; it wasn’t capable of running as part of a cluster and offered only limited virtualization rights. In Windows Server 2012, high availability options between Windows Server Standard Edition and Windows Server Datacenter Edition are equal.
Requirements for running Hyper-V ^
To make the most of Hyper-V, you will need the right hardware. The processor needs to be a recent x86-64 one, like an AMD64 or an Intel processor. The motherboard and BIOS should be equipped with hardware-assisted virtualization and hardware-enforced DEP. For maximum performance, the processor needs to support Second Level Address Translation (SLAT). (In Intel processors, this feature is called EPT. AMD labeled this feature NPT in its marketing materials.)
After you’ve enabled virtualization in the BIOS, make sure to cold boot your Server Core installation at least once, since this will actually activate the virtualization stuff.
Installing Hyper-V on Server Core ^
When you’ve fulfilled the requirements, you can install the Hyper-V role with success.
Note: You can also install the Server Role without meeting the requirements, but then you won’t be able to actually run virtual machines.
To install the Hyper-V Server Role, run the following PowerShell command (type PowerShell at the command prompt if you haven’t done so):
Install Hyper-V on Server Core
Configuring Hyper-V ^
With Hyper-V installed, the foundation is laid on which to build virtual machines. Three methods can be used to create and manage virtual machines on Server Core installations of Windows Server 2012:
- PowerShell (both remote and on the console)
- Hyper-V Manager (remote only)
- Third-party tools (both remote and on the console)
As you’d imagine, PowerShell can be used to manage Hyper-V both from the console of your Server Core Hyper-V host as well as from other Windows 8 and Windows Server 2012 installations.
There are 164 PowerShell cmdlets to manage Hyper-V–related settings on your Server Core host, import and export virtual machines, manage the complete virtual machine lifecycle, and every action you might want to perform related to virtual network adapters, virtual disks, virtual floppy drives, virtual iSCSI connections, and virtual Fibre Channel HBAs.
Creating a Hyper-V virtual machine in PowerShell is as easy as typing:
New-VM -name SC1
Now, this command will create the virtual machine, but it won’t have a disk, its default network adapter will not be connected to a virtual network, and it will be equipped with the default amount of virtual RAM (512MB) and a single virtual processor. Not that useful.
To connect a virtual machine’s network adapter to a network, we will first have to create that network. The command below creates an internal network (for test and acceptance purposes only, obviously) named Internal:
New-VMSwitch -Name Internal -SwitchType Internal
Now, that we’ve created a virtual network, we can create a folder on the disk of your Server Core installation to place virtual hard disks into. The command below will do that:
The following, more elaborate commands create a second virtual machine that boots from a connected ISO image, has its disk stored in a specific location, and has its network adapter attached to a certain network:
New-VM -name SC2 -MemoryStartupBytes 1GB -NewVHDPath C:\VMs\SC2.vhdx
Set-VMDvdDrive -VMName SC2 -Path<strong> </strong>C:\users\administrator\Downloads\Windows8.iso
Note: A virtual machine’s BIOS is configured to boot from a connected DVD by default. You don’t need to specify that behavior.
When created, you can start the virtual machine using:
Start-VM -name SC2
With PowerShell, it’s impossible to connect to the desktop of a virtual machine, especially when it’s installed and connected to an internal virtual network. To that purpose, we use the Hyper-V Manager or third-party tools.
When you install the Hyper-V Server Role on Server with a GUI installations of Windows Server 2012, and when you enable the Hyper-V Management Tools on Windows Server 2012 (only available on Server with a GUI installations) or enable them on Windows 8, you gain access to the Hyper-V Manager you install the Remote Server Administration Tools (RSAT).
Note:Hyper-V Remote Management Tools are not part of the RSAT for Windows 8 because they are already part of the operating system, since Hyper-V is now also available in the operating system. You can enable them through Turn Window Features on or off:
HyperV Tools Windows 8
In contrast to earlier versions, it’s easy to connect Hyper-V Manager to Hyper-V hosts. By default, remote management is enabled and configured on Hyper-V hosts. However, when managing Hyper-V hosts over VPN connections, you might not be able to connect. This is a known issue that you can avoid by placing one (virtual) management host on the same side of the VPN connection as the Hyper-V host(s) and remote desktop into that.
Alternatively, you can use third-party tools to create and manage virtual machines on Server Core. However, since Hyper-V hosts are responsible for hosting virtual machines and, therefore, need to be available and secure, introducing third-party software on these hosts might not be the greatest idea ever.
My tip is to make sure you trust the vendor of the software and make sure the software is in active support, comes with a current roadmap, and has a good (online) reputation. Also, keep an inventory of software installed on Server Core installations, since it’s not straightforward to get this information from the command line. From a procedural point of view, you’ll want to place the software, along with licensing information, vendor (support) information, and installation and basic management manuals, in a central location.
Server Core installations of Windows Server 2012 and Hyper-V Server 2012 installations lend themselves as highly available, robust Hyper-V hosts. The array of third-party solutions for local management is an example of how its strength is perceived in the market.