VMware vSphere 6.0 VS Microsoft Hyper-v Server 2012 R2

Since the emergence of vSphere 6.0, I would like to write an article on vSphere 6.0 vs Windows Server 2012 R2. I collected vSphere 6.0 features from few blogs and VMware community forum. Note that vSphere 6.0 is in beta program which means VMware can amend anything before final release. New functionalities of vSphere 6.0 beta are already available in Windows Server 2012 R2. So let’s have a quick look on both virtualization products.

Features vSphere 6.0 Hyper-v Server 2012 R2
Certificates

 

Certificate Authority Active Directory Certificate Services
Certificate Store Certificate Store in Windows OS
Single Sign on VMware retained SSO 2.0 for vSphere 5.5 Active Directory Domain Services
Database vPostgres database for VC Appliance up to 8 vCenter Microsoft SQL Server

No Limitation

Management Tools Web Client & VI

VMware retained VI

SCVMM Console & Hyper-v Manager
Installer Combined single installer with all input upfront Combined single installer with all input upfront
vMotion Long distance Migration up to 100+ms RTTs Multisite Hyper-v Cluster and Live Migration
Storage Migration Storage vMotion with shared and unshared storage Hyper-v Live Storage Migration between local and shared storage
Combined Cloud Products Platform Services Controller (PSC) includes vCenter, vCOPs, vCloud Director, vCoud Automation Microsoft System Center combined App Controller, Configuration Manager, Data Protection Manager, Operations Manager, Orchestrator, Service Manager, Virtual Machine Manager
Service Registration View the services that are running in the system. Windows Services
Licensing Platform Services Controller (PSC) includes Licensing Volume Activation Role in Windows Server 2012 R2
Virtual Datacenters A Virtual Datacenter aggregates CPU, Memory, Storage and Network resources. Provision CPU, Memory, Storage and network using create Cloud wizard

Another key feature to be compared here that those who are planning to procure FC Tape library and maintain a virtual backup server note that vSphere doesn’t support FC Tape even with NPIV and Hyper-v support FC Tape using NPIV.

References:

http://www.wooditwork.com/2014/08/27/whats-new-vsphere-6-0-vcenter-esxi/

https://araihan.wordpress.com/2014/03/25/vmware-vs-hyper-v-can-microsoft-make-history-again/

https://araihan.wordpress.com/2013/01/24/microsofts-hyper-v-server-2012-and-system-center-2012-unleash-ko-punch-to-vmware/

https://araihan.wordpress.com/2015/08/20/hyper-v-server-2016-whats-new/

VMware vs Hyper-v: Can Microsoft Make History Again?

In 1852 Karl Marx published “The Eighteenth Brumaire of Louis Napoleon”. In his book, Karl Marx quotes “that history repeats itself, “the first as tragedy, then as farce”, referring respectively to Napoleon I and to his nephew Louis Napoleon (Napoleon III).

Here I am not talking about Karl Marx, I am not a specialist on this matter. I am a computer geek. So Why I am refer to Karl Marx? I believe above remarks can be connected to a history between Microsoft and Novell.

In my past blog I compared VMware and Hyper-v:

http://microsoftguru.com.au/2013/01/24/microsofts-hyper-v-server-2012-and-system-center-2012-unleash-ko-punch-to-vmware/

http://microsoftguru.com.au/2013/09/14/vsphere-5-5-is-catching-up-with-hyper-v-2012-r2/

http://microsoftguru.com.au/2013/04/07/is-vmwares-fate-heading-towards-novell/

I found some similar articles echoed by other commentator:

http://blogs.gartner.com/david_cappuccio/2009/06/30/just-a-thought-will-vmware-become-the-next-novell/

http://virtualizedgeek.com/2012/12/04/is-vmware-headed-the-slow-painful-death-of-novell/

Here is Gartner Inc.’s verdict:

http://www.gartner.com/technology/reprints.do?id=1-1GJA88J&ct=130628&st=sb

http://www.gartner.com/technology/reprints.do?id=1-1LV8IX1&ct=131016&st=sb

So the question is; can Microsoft defeat VMware? Can Microsoft make history again? Here is why I believe Microsoft will make history once again regardless what VMware fan boy think. Let start….

What’s New in Windows Server 2012 R2 Hyper-V

Microsoft has traditionally put out point releases to its server operating systems about every two years. Windows Server operating systems is no longer a traditional operating systems. This is cloud OS in true terms and uses. Let’s see what’s new in Windows Server 2012 R2 in terms of virtualization.

· New Generation 2 Virtual Machines

· Automatic Server OS Activation inside VMs

· Upgrade and Live Migration Improvements in Windows Server 2012 R2

· Online VHDX Virtual Disk Resize

· Live VM Export and Clone

· Linux Guest V Enhancements

· Storage Quality of Service ( QoS )

· Guest Clustering with Shared VHDXs

· Hyper-V Replica Site-to-Site Replication Enhancements

Generation 2 VMs

Hyper-V in Windows Server 2012 R2 supports the concept of a totally new architecture based on modern hardware with no emulated devices. This makes it possible to add a number of new features, such as secure boot for VMs and booting off of virtual SCSI or virtual network adapters.

VM Direct Connect

In Windows Server 2012 R2 Hyper-V with the addition of VM Direct Connect allows a direct remote desktop connection to any running VM over what’s now called the VM bus. It’s also integrated into the Hyper-V management experience.

Extend replication to a third site

Hyper-V Replica in Windows Server 2012 is currently limited to a single replication target. This makes it difficult to support scenarios like a service provider wanting to act both as a target for a customer to replicate and a source to replicate to another offsite facility. Windows Server 2012 R2 and Hyper-V now provide a tertiary replication capability to support just such a scenario. By the same token, enterprises can now save one replica in-house and push a second replica off-site.

Compression for faster migration

Two new options in Windows Server 2012 Hyper-V help improve the performance of live migrations. The first is the ability to enable compression on the data to reduce the total number of bytes transmitted over the wire. The obvious caveat is that tapping CPU resources for data compression could potentially impact other operations, so you’ll need to take that into consideration. The second option, SMB Direct, requires network adapters that support RDMA. Microsoft’s advice: If you have 10 GB available, use RDMA (10x improvement); otherwise, use compression (2x improvement). Compression is the default choice and it works for the large majority of use cases.

Online VM exporting and cloning

It’s now possible to export or clone a running VM from System Center Virtual Machine Manager 2012 R2 with a few mouse clicks. As with pretty much anything related to managing Windows Server 2012, you can accomplish the same task using Windows PowerShell.

Online VHDX resizing

In Windows Server 2012 Hyper-V, it is not possible to resize a virtual hard disk attached to a running VM. Windows Server 2012 R2 removes this restriction, making it possible to not only expand but even reduce the size of the virtual disk (VHDX format only) without stopping the running VM.

Storage QoS

Windows Server 2012 R2 includes the ability to limit individual VMs to a specific level of I/O throughput. The IOPS are measured by monitoring the actual disk rate to and from the attached virtual hard drives. If you have applications capable of consuming large amounts of I/O, you’ll want to consider this setting to ensure that a single I/O-hungry VM won’t starve neighbor VMs or take down the entire host.

Dynamic Memory support for Linux

In the Windows Server 2012 R2 release, Hyper-V gains the ability to dynamically expand the amount of memory available to a running VM. This capability is especially handy for any Linux workload (notably Web servers) where the amount of memory needed by the VM changes over time. Windows Server 2012 R2 Hyper-V also brings Windows Server backups to Linux guests.

Shared VHDX

With Windows Server R2 Hyper-V, Windows guest clusters (think traditional Windows Server failover clustering but using a pair of VMs) no longer require an iSCSI or Fibre Channel SAN, but can be configured using commodity storage: namely a shared VHDX file stored on a Cluster Shared Volume. Note that while the clustered VMs can be live migrated as per usual, a live storage migration of the VHDX file requires one of the cluster nodes to be taken offline.

Bigger Bang for the Buck: Licensing Windows Server 2012 R2

The Windows Server 2012 R2 product is streamlined and simple, making it easy for customers to choose the edition that is right for their needs.

Datacenter edition – Unlimited Windows Server 2012 R2 virtualization license.

Standard edition 2 virtualized server license or lightly virtualized environments.

Essentials edition for small businesses with up to 25 users running on servers with up to two processors.

Foundation edition for small businesses with up to 15 users running on single processor servers.

Edition

Feature comparison

Licensing model

Server Pricing*

Datacenter

Unlimited virtual OSE

All features

Processor + CAL

$6,155

Standard

Two virtual OSE

All features

Processor + CAL

$882

Essentials

2 processor

One OSE

Limited features

Server

25 user limit

$501

Foundation

1 processor

Limited features

Server

15 user limit

OEM Only

Client Access Licenses (CALs) will continue to be required for access to Windows Server 2012 R2 servers and management access licenses continue to be required for endpoints being managed by System Center. You need Windows Server 2012 CAL to access Windows Server 2012. You also need CAL to access Remote Desktop Services (RDS) and Active Directory Rights Management Services (AD RMS).

What’s New SCVMM 2012 R2

· Public Cloud for Service Provider using Windows Azure 

· Private Cloud with System Center 2012 R2 VMM

· Any storage approach- Use any kind of Storage: DAS, SAN, NAS, Windows Server 2012 File Server, Scale-out File Server Cluster

· Networking – Management of physical network switches via OMI as well as virtual network infrastructure ( PVLANs, NV-GRE Virtualized Networks, NV-GRE Gateways )

· Virtualization host agnostic – Intel/AMD/OEM Hardware running Windows Server 2012/R2/2008 R2 Hyper-V, VMware or Citrix XenServer

· Cisco Nexus 1000V Switch

· Bootstrapping a repeatable architecture

· Bare-Metal Provisioning Scale-Out File Server Cluster and Storage Spaces

· Provisioning Synthetic Fibre Channel in Guest VMs using VMM

· Guest Clustering with Shared VHDXs

· VMM Integration with IP Address Management ( IPAM )

· Hybrid Networking with Windows Azure Pack and System Center 2012 R2 VMM

· Windows Azure Hyper-V Recovery Manager

· Delegating Access Per Private Cloud

· OM Dashboard for VMM Fabric Monitoring

Fire Power of System Center: Licensing System Center 2012 R2

System Center 2012 R2 has two version: Data Center and Standard. Both version is comprised with the following components

· Operations Manager

· Configuration Manager

· Data Protection Manager

· Service Manager

· Virtual Machine Manager

· Endpoint Protection

· Orchestrator

· App Controller

System Center license is per processor based license. Cost of System Center 2012 R2 data center is USD 3607 and cost of System Center 2012 R2 Standard is USD1323. System Center license comes with a SQL Server standard edition license. This SQL server can only be used for System Center purpose. You can virtualized unlimited number of VMs in SC 2012 R2 data center edition.

Comparing Server 2008 R2 and Server 2012 R2 in terms of virtualization.

Hyper-v is not the same as you knew in Windows Server 2008. To clear fog of your mind about Hyper-v, the following table shows the improvement Microsoft has made over the years.

Comparing VMware with Windows Server 2012 R2

While VMware still number one in Hypervisor markets but the Redmond giant can also leverage on almost a billion Windows OS user globally, as well as its expertise in software and a robust range of services (including Azure, Bing, MSN, Office 365, Skype and many more). A new battle ground is ready between Microsoft and VMware would make 2014 a pivotal hybrid cloud year. The hybrid cloud could indeed give Microsoft the chance to prevail in ways that it couldn’t with the launch of Hyper-V; Hyper-V’s market share has been gradually increasing since early 2011. According to Gartner, Microsoft gained 28% Hypervisor market share last year.

Let’s dig deeper into comparison….

The following comparison is based on Windows Server 2012 R2 Data Center edition and System Center 2012 R2 Data Center edition Vs vSphere 5.5 Enterprise Plus and vCenter Server 5.5.

Licensing:

Options

Microsoft

VMware

# of Physical CPUs per License

2

1

# of Managed OSE’s per License

Unlimited

Unlimited

# of Windows Server VM Licenses per Host

Unlimited

0

Includes Anti-virus / Anti-malware protection

Yes

Yes

Includes full SQL Database Server licenses for management databases

Yes

No

Database, Hosts & VMs

A single database license is enough for 1,000 hosts and 25,000 VMs per management server.

Purchase additional database server licenses to scale beyond managing 100 hosts and 3,000 VMs with vCenter Server Appliance.

Includes licensing for Enterprise Operations Monitoring and Management of hosts, guest VMs and application workloads running within VMs.

Yes

No 

Includes licensing for Private Cloud Management capabilities – pooled resources, self-service, delegation, automation, elasticity, chargeback

Yes

No

Includes management tools for provisioning and managing VDI solutions for virtualized Windows desktops.

Yes

No

Includes web-based management console

Yes

Yes

Virtualization Scalability:

Options

Microsoft

VMware

Maximum # of Logical Processors per Host

320

320

Maximum Physical RAM per Host

4TB

4TB

Maximum Active VMs per Host

1,024

512

Maximum Virtual CPUs per VM

64

64

Hot-Adjust Virtual CPU Resources to VM

Yes

Yes

Maximum Virtual RAM per VM

1TB

1TB

Hot-Add Virtual RAM to VM

Yes

Yes

Dynamic Memory Management

Yes

Yes.

Guest NUMA Support

Yes

Yes

Maximum # of physical Hosts per Cluster

64

32

Maximum # of VMs per Cluster

8,000

4,000

Virtual Machine Snapshots

Yes

Yes

No of Snapshot Per VMS

50

32

Integrated Application Load Balancing for Scaling-Out Application Tiers

Yes

No

Bare metal deployment of new Hypervisor hosts and clusters

Yes

Yes

Bare metal deployment of new Storage hosts and clusters

Yes

No

Manage GPU Virtualization for Advanced VDI Graphics

Yes

Yes

Virtualization of USB devices

Yes

Yes

Virtualization of Serial Ports

Yes

Yes

Minimum Disk Footprint while still providing management of multiple virtualization hosts and guest VM’s

~800KB – Micro-kernelized hypervisor ( Ring -1 )
~5GB – Drivers + Management ( Parent Partition – Ring 0 + 3 )

~155MB – Monolithic hypervisor w/ Drivers( Ring -1 + 0 )
~4GB – Management  ( vCenter Server Appliance – Ring 3 )

Boot from Flash

Yes

Yes

Boot from SAN

Yes

Yes

VM Portability, High Availability and Disaster Recovery:

 Features

Microsoft

VMware

Live Migration of running VMs

Yes

Yes

Live Migration of running VMs without shared storage between hosts

Yes

Yes

Live Migration using compression of VM memory state

Yes

No

Live Migration over RDMA-enabled network adapters

Yes

No

Live Migration of VMs Clustered with Windows Server Failover Clustering (MSCS Guest Cluster)

Yes

No

Highly Available VMs

Yes

Yes

Failover Prioritization of Highly Available VMs

Yes

Yes

Affinity Rules for Highly Available VMs

Yes

Yes

Cluster-Aware Updating for Orchestrated Patch Management of Hosts.

Yes

Yes.

Guest OS Application Monitoring for Highly Available VMs

Yes

Yes

VM Guest Clustering via Shared Virtual Hard Disk files

Yes

Yes

Maximum # of Nodes per VM Guest Cluster

64

5

Intelligent Placement of new VM workloads

Yes

Yes

Automated Load Balancing of VM Workloads across Hosts

Yes

Yes

Power Optimization of Hosts when load-balancing VMs

Yes

Yes

Fault Tolerant VMs

No

Yes

Backup VMs and Applications

Yes

Yes.

Site-to-Site Asynchronous VM Replication

Yes

Yes

Storage:

Features

Microsoft

VMware

Maximum # Virtual SCSI Hard Disks per VM

256

60 ( PVSCSI )
120 (
Virtual SATA )

Maximum Size per Virtual Hard Disk

64TB

62TB

Native 4K Disk Support

Yes

No

Boot VM from Virtual SCSI disks

Yes

Yes

Hot-Add Virtual SCSI VM Storage for running VMs

Yes

Yes

Hot-Expand Virtual SCSI Hard Disks for running VMs

Yes

Yes

Hot-Shrink Virtual SCSI Hard Disks for running VMs

Yes

No

Storage Quality of Service

Yes

Yes

Virtual Fibre Channel to VMs

Yes

Yes.

Live Migrate Virtual Storage for running VMs

Yes

Yes

Flash-based Read Cache

Yes

Yes

Flash-based Write-back Cache

Yes

No

SAN-like Storage Virtualization using commodity hard disks.

Yes

No

Automated Tiered Storage between SSD and HDD using commodity hard disks.

Yes

No

Can consume storage via iSCSI, NFS, Fibre Channel and SMB 3.0.

Yes

Yes

Can present storage via iSCSI, NFS and SMB 3.0.

Yes

No

Storage Multipathing

Yes

Yes

SAN Offload Capability

Yes

Yes

Thin Provisioning and Trim Storage

Yes

Yes

Storage Encryption

Yes

No

Deduplication of storage used by running VMs

Yes

No

Provision VM Storage based on Storage Classifications

Yes

Yes

Dynamically balance and re-balance storage load based on demands

Yes

Yes

Integrated Provisioning and Management of Shared Storage

Yes

No

Networking:

 Features

Microsoft

VMware

Distributed Switches across Hosts

Yes

Yes

Extensible Virtual Switches

Yes

Replaceable, not extensible

NIC Teaming

Yes

Yes

No of NICs

32

32

Private VLANs (PVLAN)

Yes

Yes

ARP Spoofing Protection

Yes

No

DHCP Snooping Protection

Yes

No

Router Advertisement Guard Protection

Yes

No

Virtual Port ACLs

Yes

Yes

Trunk Mode to VMs

Yes

Yes

Port Monitoring

Yes

Yes

Port Mirroring

Yes

Yes

Dynamic Virtual Machine Queue

Yes

Yes

IPsec Task Offload

Yes

No

Single Root IO Virtualization (SR-IOV)

Yes

Yes

Virtual Receive Side Scaling ( Virtual RSS )

Yes

Yes

Network Quality of Service

Yes

Yes

Network Virtualization / Software-Defined Networking (SDN)

Yes

No

Integrated Network Management of both Virtual and Physical Network components

Yes

No

Virtualized Operating Systems Support: 

Operating Systems

Microsoft

VMware

Windows Server 2012 R2

Yes

Yes

Windows 8.1

Yes

Yes

Windows Server 2012

Yes

Yes

Windows 8

Yes

Yes

Windows Server 2008 R2 SP1

Yes

Yes

Windows Server 2008 R2

Yes

Yes

Windows 7 with SP1

Yes

Yes

Windows 7

Yes

Yes

Windows Server 2008 SP2

Yes

Yes

Windows Home Server 2011

Yes

No

Windows Small Business Server 2011

Yes

No

Windows Vista with SP2

Yes

Yes

Windows Server 2003 R2 SP2

Yes

Yes

Windows Server 2003 SP2

Yes

Yes

Windows XP with SP3

Yes

Yes

Windows XP x64 with SP2

Yes

Yes

CentOS 5.7, 5.8, 6.0 – 6.4

Yes

Yes

CentOS Desktop 5.7, 5.8, 6.0 – 6.4

Yes

Yes

Red Hat Enterprise Linux 5.7, 5.8, 6.0 – 6.4

Yes

Yes

Red Hat Enterprise Linux Desktop 5.7, 5.8, 6.0 – 6.4

Yes

Yes

SUSE Linux Enterprise Server 11 SP2 & SP3

Yes

Yes

SUS Linux Enterprise Desktop 11 SP2 & SP3

Yes

Yes

OpenSUSE 12.1

Yes

Yes

Ubuntu 12.04, 12.10, 13.10

Yes

Yes

Ubuntu Desktop 12.04, 12.10, 13.10

Yes

Yes

Oracle Linux 6.4

Yes

Yes

Mac OS X 10.7.x & 10.8.x

No

Yes

Sun Solaris 10

No

Yes

Windows Azure:

Here are a special factors that put Microsoft ahead of VMware: Microsoft Azure for on-premises and service provider cloud.

Windows Azure Pack is shipping with Windows Server 2012 R2. The Azure code will enable high-scale hosting and management of web and virtual machines.

Microsoft is leveraging its service provider expertise and footprint for Azure development while extending Azure into data centers on Windows servers. That gives Microsoft access to most if not all of the world’s data centers. It could become a powerhouse in months instead of years. Widespread adoption of Microsoft Azure platform gives Microsoft a winning age against competitor like VMware.

On premises client install Windows Azure pack to manage their system center 2012 R2 and use Azure as self-service and administration portal for IT department and department within organization. To gain similar functionality in VMware you have to buy vCloud Director, Chargeback and vShield separately.

Conclusion:

This is a clash of titanic proportion in between Microsoft and VMware. Ultimately end user and customer will be the winner. Both companies are thriving for new innovation in Hypervisor and virtualization market place. End user will enjoy new technology and business will gain from price battle between Microsoft and VMware. These two key components could significantly increase the adoption of hybrid cloud operating models. Microsoft has another term cards for cloud service provider which is Exchange 2013 and Lync 2013. Exchange 2013 and Lync 2013 are already widely used for Software as a Service (SaaS). VMware has nothing to offer in Messaging and collaboration platform. Microsoft could become for the cloud what it became for the PC. It could enforce consistency across clouds to an extent that perhaps no other player could. As the cloud shifts from infrastructure to apps, Microsoft could be in an increasingly powerful position and increase Hyper-v share even further by adding SaaS to its product line. History will repeat once again when Microsoft defeat VMware as Microsoft defeated Novell eDirectory, Corel WordPerfect and IBM Notes.

References:

http://blogs.technet.com/b/keithmayer/archive/2013/10/15/vmware-or-microsoft-comparing-vsphere-5-5-and-windows-server-2012-r2-at-a-glance.aspx#.UxaKbYXazIV

http://www.datacentertcotool.com/

http://www.microsoft.com/en-us/server-cloud/solutions/virtualization.aspx#fbid=xrWmRt7RXCi

http://wikibon.org/wiki/v/VMware_vs_Microsoft:_It%27s_time_to_stop_the_madness

http://www.infoworld.com/d/microsoft-windows/7-ways-windows-server-2012-pays-itself-205092

http://www.trefis.com/stock/vmw/articles/221206/growing-competition-for-vmware-in-virtualization-market/2014-01-07

Supported Server and Client Guest Operating Systems on Hyper-V

Compatibility Guide for Guest Operating Systems Supported on VMware vSphere

Windows Server Patching Best Practices

This article provides actionable advice about how to manage patches to reduce downtime while still maintaining the security of software services through the proactive reduction of dependencies and the use of workaround solutions.

Patching Requirements

Windows Server patches, hotfixes and service pack is critical for compliance, service level agreement and security purposes. Keeping an operating systems and application up to date is the key to align your infrastructure with latest software. Patches and hotfixes also enable you to prevent any security breaches and malware infection.

Windows Patch Classification

The following are strongly recommended patches:

  1. Critical
  2. Security
  3. Definition Updates for malware
  4. Service packs

Windows Product Classification

It is highly recommended that you patch Windows Servers, Windows Clients, Office, Applications (Silverlight, .Net Framework, SQL, Exchange, SharePoint, FF TMG).

Patching Groups

Consultants should take time to test the patches in a non-production environment prior to being deployed to production. This will help to gauge the impact of such changes. Ideally you will have the following patching groups:

1. UAT (UAT1, UAT2, etc)

2. Test Environment (Test1, Test2, etc)

3. Development Environment (Dev1, Dev2 etc)

4. Production (Prod1, Prod2, etc)

If you have clustered environment like SQL, Exchange and SharePoint then create Prod1, prod2 group and place each node on each group.

Change Management

System administrators should maintain a log, written or electronic, of all changes to the operating environment, to include hardware, system security software, operating system, and applications. Prior to any changes being implemented on a system, the system administrator should receive approval of stakeholders.

Backup

Why am I discussing backup with patching best practice? In case of emergency you can rollback completely and restore a server to its original state if necessary. It is very important that servers be backed up on a regular basis. Depending on the use of the server, it may be adequate to backup the server once per week. A backup of a more critical environment may be needed daily, and possibly continuously. The backup program provided with Windows is capable of backing up to virtually any writable media, which can include network drives provided by a server in another physical location. This program is also capable of scheduling backups which can ensure backups occur on a regular interval.

Microsoft strongly recommends that you create the following backups before you install an update rollup, service pack and patch on Exchange and SQL:

  • A full backup of all databases on the server.
  • A full backup of transaction log and log backup
  • A system state backup of the server.
  • A snapshot of virtualized exchange server. Delete snapshot after successful patching and updating.

Application Compatibility

Read release notes of each hotfixes you are going to apply so that you are compliant with the application installed on the server. Consult with application vendor before applying service pack to any server if the server is hosting specific business application. Consult with application engineer about the importance of server patching. Inform and educate application engineer as much as possible to avoid conflict of interest.

Documentation

Documentation released with the updates is usually in the form of web pages, attached Word documents and README.TXT files. These should be printed off and attached to change control procedures as supporting documentation.

Back out Plan

A back-out plan will allow the system and enterprise to return to their original state, prior to the failed implementation. It is important that these procedures are clear, and that contingency management has tested them, because in the worst case a faulty implementation can make it necessary to activate contingency options. Historically, service packs have allowed for uninstalling, so verify there is enough free hard disk space to create the uninstall folder. Create a back out plan electronically and attach with change management software.

User Notifications

You need to notify helpdesk staff and support agencies of the pending changes so they may be ready for arising issues or outages.

Consistency across Servers

Always install the same service packs or hotfixes to each SQL server node, Exchange DAG member and Domain Controller.

Routine Maintenance Window

A scheduled maintenance window must be agreed with business so that application outage and server reboot can maintain a respectable Service Level Agreement (SLA). If you have a large infrastructure with thousands of servers and many regions working round the clock then you must consider application dependencies. A patching schedule can be considered in between every Friday of every month at 6:00 P.M. Friday to 6:00 A.M Monday. Setup maintenance window in system center or deadline for WSUS to make sure patches are applied when you want instead of when patch is available. In this way you will have a complete control over change windows approved by change advisory board (CAB). Do not allow end users to update patches on their client machine according to their wishes and happiness! then user will never install any patch.

Patching Tools

I strongly recommend that you spend few $$$ to buy Microsoft System Center 2012 to manage and deploy Windows patches, service pack and hotfixes. However you can use Windows Server Update Services (WSUS) as poor man’s patching solutions.

Patching DMZ server can be accomplished using WSUS offline patching solutions available for free to download from http://download.wsusoffline.net/.

Automate, Automate and Automate!

Automated patch management using System Center could enable a single IT administrator to access a pre-populated patch policy. He then could execute the command and with the press of a single button, download the patches from Microsoft’s website, install them on a test machine and test for compatibility issues. Meanwhile, an automatic inventory check could search for systems with the affected software, wake them up, check their readiness and push the verified patches out to waiting machines. The patches would then be automatically installed on each system, and they’d reboot as necessary. The final step is an automated report on the status of the remediated devices.

Standardize Patch Management Processes

Standardized patch management processes could allow for daily assessment and remediation of client devices and weekly assessment and remediation for servers. Reports can then be generated to validate system status on a weekly or bi-weekly schedule. A systems monitoring task that used to take days now takes minutes, and patches are deployed more completely and consistently across the entire IT environment. A single IT administrator can proactively manage thousands of systems tasks in the same amount of time it took an entire team to do the tasks manually.

Reboot Windows Computer

Some application may require reboot of server before patching such as RSA Secure Console. However most of the server must be rebooted after patching. Do not suppress reboot after patching in any circumstances or you will have a messy environment and broken clusters.

X86 and X64 Windows Systems

The most prominent 32-bit application you’re likely to see on a 64-bit Windows system is Office. In this sort of situation System Center benefits most because you can adjust and make decision based on architecture and compliance as well. You can approve patches based on “Needed and Not Installed”. If a server or client need update it will install if not then it will not installed. It’s safe to do so.

Antivirus and Antispyware

Servers are vulnerable to many forms of attack. Implementation and standardization of security methods should be developed to allow early and rapid deployment on servers. It’s important that a Windows server be equipped with a latest centrally managed Antivirus program. Antivirus update must be scheduled with the same maintenance window to update antivirus with latest definition.

Audit Practices

Servers have a powerful auditing feature built in. Typically, server managers would want the auditing system to capture logins, attempted logins, logouts, administrative activities, and perhaps attempts to access or delete critical system files. Auditing should be limited to gathering just the information that is needed, as it does require CPU and disk time for auditing to gather information. Log Management software should be used, if possible, for ease of managing and analysing information. Report can be generated from Systems Center and WSUS as proof of patching cycle.

Log Retention

Servers keep multiple logs and, by default, may not be set to reuse log file entries. It is a good practice to expand the size of the allowed log file and to set it to reuse space as needed. This allows logging to continue uninterrupted. How far back your log entries go will depend on the size of the log file and how quickly you are accumulating log data. If your server environment is critical, you may wish to ensure that the log file size is sufficient to store about 30 days of logging information, and then rotate log files once per month.

Installing Updates on a single Exchange Server

Download Exchange Update from Microsoft Download Center. Record Current Exchange Version information

Check for publisher’s certificate revocation

1. Start Internet Explorer.

2. On the Tools menu, click Internet Options.

3. Click the Advanced tab, and then locate the Security section.

4. Clear the Check for publisher’s certificate revocation check box, and then click OK.

5. After the update rollup installation is complete, select the Check for publisher’s certificate revocation option.

Pre-check before installing

1. Determine which update rollup packages are installed on your Exchange server roles

2. Determine whether any interim updates are installed

3. Review interim updates

4. Obtain the latest update rollup package

5. Apply on a Test Exchange Server

Install Exchange Update

1. Ensure that you have downloaded the appropriate rollup to a local drive on your Exchange servers, or on a remote network share.

2. Run the Windows Installer *.msp Setup file that you downloaded in step 1.

Install Exchange Update on DAG Member

To update all DAG members, perform the following procedures on each DAG member, one at a time. Set the member server in maintenance mode using this PowerShell Command.

.StartDagServerMaintenance.ps1 <ServerName>

Install the update rollup

1. Close all Exchange management tools.

2. Right-click the Exchange update rollup file (.msp file) you downloaded, and then select Apply.

3. On the Welcome page, click Next.

4. On the License Terms page, review the license terms, select I accept the License Terms, and then click Next.

5. On the Completion page, click Finish.

Once installed exit from maintenance mode run the StopDagServerMaintenance.ps1 script. Run the following command to re-balance the DAG, as needed

.RedistributeActiveDatabases.ps1 -DagName <DAGName> -BalanceDbsByActivationPreference -ShowFinalDatabaseDistribution

When the installation is finished, complete the following tasks:

  • Start the Services MMC snap-in, and then verify that all the Exchange-related services are started successfully.
  • Log on to Outlook Web App to verify that it’s running correctly.
  • Restore Outlook Web App customizations, and then check Outlook Web App for correct functionality.
  • After the update rollup installation is complete, select the Check for publisher’s certificate revocation option in Internet Explorer. See “Certificate Revocation List” earlier in this topic.
  • Check Exchange 2010 version information
  • View Update rollup in Control Panel>Programs and Features

Patching Microsoft Failover Cluster

You can install Windows service packs on Windows Server Failover Cluster nodes using the following procedure. Administrative privilege is required to perform the following tasks.

Procedure to install Windows service pack or hotfixes in Windows Server 2003:

  1. Check the System event log for errors and ensure proper system operation.
  2. Make sure you have a current backup and updated emergency repair disk for each system. In the event of corrupt files, power outage, or incompatibility, it may be necessary to revert back to the state of the system prior to attempting to install the service pack/hotfixes.
  3. Expand Node A, and then click Active Groups. In the left pane, right-click the groups, and then click Move Group to move all groups to Node B.
  4. Open Cluster Administrator, right-click Node A, and then click Pause Node.
  5. Install the service pack on Node A, and then restart the computer.
  6. Check the System event log for errors. If you find any errors, troubleshoot them before continuing this process.
  7. In Cluster Administrator, right-click Node A, and then click Resume Node.
  8. Right-click Node B, and then click Move Group for all groups owned by Node B to move all groups to Node A.
  9. In Cluster Administrator, right-click Node B, and then click Pause Node.
  10. Install the service pack on Node B, and then restart the computer.
  11. Check the system event log for errors. If you find any errors, troubleshoot them before continuing this process.
  12. In Cluster Administrator, right-click Node B, and then click Resume Node.
  13. Right-click each group, click Move Group, and then move the groups back to their preferred owner.

Procedure to install Windows service pack or hotfixes in Windows Server 2008 and Windows Server 2012:

  1. Check the event log for errors and ensure proper system operation.
  2. Make sure you have a current backup and updated emergency repair disk for each system. In the event of corrupt files, power outage, or incompatibility, it may be necessary to revert back to the state of the system prior to attempting to install the service pack/hotfixes.
  3. On Node A, Expand Services and Applications, and then click the service or application
  4. Under Actions (on the right), click Move this service or application to another node, then choose the node or select Best possible.
  5. In the Failover Cluster Manager snap-in, right-click Node A, and then click Pause.
  6. Install the service pack/hotfixes on Node A, and then restart the computer.
  7. Check the event log for errors. If you find any errors, troubleshoot them before continuing this process.
  8. In Failover Cluster Manager snap-in, right-click Node A, and then click Resume.
  9. Under Actions (on the right), click Move this service or application to another node, then choose the node.
    Note: As the service or application moves, the status is displayed in the results pane (in the center pane). Follow the Step 9 and 10 for each service and application configured on the cluster.
  10. Install the service pack/hotfixes on Node B, and then restart the computer.
  11. Check the event log for errors. If you find any errors, troubleshoot them before continuing this process.
  12. From the Failover Cluster Manager snap-in, right-click Node B, and then click Pause.
  13. In Failover Cluster Manager, right-click Node B, and then click Resume.
  14. Right-click each group, click Move Group, and then move the groups back to their preferred owner.

You can use the following PowerShell Cmdlet to accomplish the same.

1. Load the module with the command: Import-Module FailoverClusters

2. Suspend (Pause) activity on a failover cluster nodeA: Suspend-ClusterNode nodeA

3. Move a clustered service or application (a resource group) from one node to another: Get-ClusterNode NodeA | Get-ClusterGroup | Move-Cluster Group

4. Resume activity on nodeA that was suspended in step 5: Resume-ClusterNode nodeA

5. Move a clustered service or application (a resource group) from one node to another: Get-ClusterNode NodeB | Get-ClusterGroup | Move-Cluster Group

6. Suspend (Pause) activity on other failover cluster node: Suspend-ClusterNode nodeB

7. Resume activity on nodeB that was suspended in step 10 above: Resume-ClusterNode nodeB

Conclusion

It is critical that when service packs, hotfixes, and security patches are required to be installed, that these best practices be followed.

Bottom line

1. Read all related documents.

2. Use a change control process.

3. Apply updates that are needed.

4. Test patches and hotfixes on test environment.

5. Don’t get more than 2 service packs behind.

6. Target non-critical servers first.

7. Service Pack (SP) level consistency.

8. Latest SP instead of multiple hotfixes.

9. Apply only on exact match.

10. Subscribe to Microsoft email notification.

11. Always have a back-out plan.

12. Have a working Backup and schedule production downtime.

13. Consistency across Domain Controllers and application servers.

Additional Readings:

SQL Server failover cluster rolling patch and service pack process

Patch Management on Business-Critical Servers

Microsoft’s Hyper-v Server 2012 and System Center 2012 Unleash KO Punch to VMware

Hyper-V has been integral part of Windows Server 2008 and enhanced with great features in Windows Server 2012. According to Gartner’s magic quadrant Microsoft Hyper-v has been positioned in the leader category second to VMware. Combining Windows Server 2012 and System Center 2012 provide you a high performance Cloud Technology. Microsoft licensing model is highly flexible and charges only by physical processors and offer unlimited virtualization rights with Datacenter editions. With Hyper-v, your return on investment (ROI) increases as your workload density increases.

Pricing Comparison:

The pricing is based on the following assumptions:

  • Average consolidation ratio of 12 VMs per physical processor.
  • Number of physical hosts required 21. Each physical host contains 2 physical processors with six cores each.
  • Three years License and Maintenance; VMware cost includes Windows Server 2012 Datacenter edition for running guests
  • costs do not include hardware, storage or project cost
  • Pricing is based on published US prices for VMware and Microsoft as of September, 2012.
  • The cost above doesn’t include Microsoft Windows Server license cost for guest operating system.
  • Windows Server 2012 Datacenter allows you to run unlimited Windows Server 2012 on Hyper-v Server 2012 host.

Server Virtualization Environment:

image

Pricing Summary:

image

Microsoft Server Virtualization Cost break-down

image

VMware Server Virtualization Cost break-down

image

Features VS Cost Breakdown- Multi-Site Private Cloud Computing

Together with Windows Server 2012 and System Center 2012 is truly a cloud and datacenter management solution with eight separate components such as management, monitoring, provisioning, disaster recovery integrated into one unified product. A unified System Center management solution delivers greater OPEX cost savings than VMware in addition to CAPEX cost savings.

image

Number Game:

image

Breakdown in resources (/Host/Guest/Cluster):

image

Network Virtualization

 image

DR Solutions

image

Truth about VMware lies:

You don’t have to be Einstein to understand that VMware is in significant pressure from all sides. Hence they are misleading Cloud market with biased information. I would strongly recommend you to assess your business position, compare apple to apple before renewing/buying your next Cloud products. Though VMware is still no.1 player in Cloud Computing market but their fear is real that VMware loyal Customer is switching continuously to Microsoft Cloud Technology. A declining enterprise market leads them to spread the following one sided information.

1. VMware claim: VMware vSphere 5.1 can achieve an 18.9% higher VM density per host than with Microsoft Hyper-V.

Facts: In one of VMware’s own tests, when provided adequate memory to support the number of users the performance variance between vSphere 5.1 and Hyper-V R2 SP1 was only 2% (using 24VM’s).

2. VMware claim: Hyper-V performance is poor. If performance is important to you, choose VMware.

Facts: In reality, Hyper-V offers near-native levels of virtualization performance, for which there are multiple supporting proof points (including independent third party validations):

  • Enterprise Strategy Group Report (2011) – SharePoint, Exchange, & SQL on Hyper-V Host.
  • Microsoft & Intel – 700,000 IOPS to a VM | Near Native with VMq: Windows Server and Hyper-V are not a limiting factor to IO performance. There shouldn’t be any significant concern around IO for virtualizing with Hyper-V.
  • Project Virtual Reality Check (Terminal Services on Hyper-V).

3. VMware claim: Hyper-V isn’t ready for the enterprise. It can’t handle the most intensive of workloads like VMware can.

Facts: Hyper-V offers near native levels of performance for key workloads, ensuring that customers can virtualize their mission critical, high-performance applications and workloads with confidence on Hyper-V. Additionally, a growing number of enterprise customers are running their businesses on Microsoft Hyper-V. Please read Microsoft Private Cloud success stories.

4. VMware claim: Hyper-V is lacking some of the key VMware features today. Features such as vMotion, HA, Memory Overcommit, DRS, Storage vMotion and Hot-Add are important features for us, and Hyper-V simple doesn’t come close.

Facts: Hyper-V R2 SP1 and System Center 2012 provide Live Migration, High Availability, Storage Live Migration, Dynamic Memory Allocation, Hot-Add and subsequent removal of storage.

5. VMware claim: VMware vSphere 5.1 is more secure than Hyper-V because it’s architecture and small code base.

Facts: Small footprint doesn’t equal a more secure hypervisor. Both vSphere and Hyper-V use the same memory footprint to run. The disk Footprint in ESXi 5.0 (144 MB) doubled from ESXi 4.0 (70 MB). Microsoft follows the rigorous, industry-leading Secure Development Lifecycle (SDL) for all its products. It is possible to achieve a 40-60% reduction in patches using Server Core based on historical data.

6. VMware claim: There is no virtual firewall in Hyper-V while VMware provides vShield Zones.

Facts: Windows Server 2012 also includes an integrated firewall with advanced security features. An old version of vShield Zones is included with vSphere 5.1 (details here) and vShield Zones has several limitations like every VM’s traffic passes through the Zones virtual appliances which slows down the traffic.

7. VMware claim: Microsoft doesn’t offer anything comparable to VMware Fault Tolerance.

Facts: VMware Fault Tolerance has limited applicability and severe limitations. It cannot function with:

  • Thin Provisioning and Linked Clones
  • Storage vMotion
  • Hot plug devices and USB Pass-through
  • IPv6
  • vSMP
  • N-Port ID Virtualization (NPIV)
  • Serial/parallel ports
  • Physical and remote CD/floppy drives
  • no more than 4 FT VMs per host be used

8. VMware claim: VMware significantly support for Linux operating systems than Hyper-V.

Facts: In production environment, Hyper-v supports Microsoft Windows Server and Linux Server without modifying any guest operating systems or installing tools.

9. VMware claim: VMware supports broad applications, while Hyper-V does not.

Facts: Since VMware does not have certified logo program for any application, they are not in position to dictate which application are supported or not. On the contrary, every single application that achieves a logo for Windows Server can be run on guest operating system on a Hyper-V, and is therefore inherently supported. There are over 2500 ISV applications listed on Microsoft Pinpoint that work with Hyper-V. Truth is neither Microsoft nor VMware mention which application you can install on a guest operating systems. It’s completely up to you what you would like to run on guest operating systems.

10. VMware claim: VMware’s Site Recovery Manager (SRM) enables us to simplify our DR story, and provides us with a solution to not only perform a planned failover, but test it whenever we like. Microsoft simply can’t deliver an alternative to this.

Facts: System Center 2012 components like Data Protection Manager and Orchestrator can provide tailored DR solutions. Windows Server 2012 includes an inbox replication capability, Hyper-V Replica, at no cost.

11. VMware claim: Microsoft Hyper-v isn’t ready for Hoster or Service Provider.

Facts: Hyper-v has been adopted by service provider industry to host their own infrastructure and public cloud simultaneously on Hyper-v utilizing Microsoft Network Virtualization. Click here and filter using hosting and public cloud to find the list of hoster. Examples: hostway, softsyshosting , hyper-v-mart , geekhosting , BlueFire and many more.

12. VMware Claim: Hyper-v does not fully comply with Trunking, VLANs

Facts: Microsoft Network virtualization is more advanced than VMware standard Switch and DV Switch. Microsoft Hyper-v is fully compliant with 802.1q trunking, VLANs, VIP, networking Tunneling, multitenant IP management. VMware is catching up on network virtualization. Being in back foot VMware advertised to hire a PR professional to campaign on network virtualization.

Bottom-line: Why Selecting Hyper-v Over VMware

Other than cost savings, the following reasons why you should select Hyper-V and System Center 2012 over VMware vSphere 5.1

1. Built-in Virtualization: Hyper-V is an integral part of Windows Server 2008 and Windows Server 2012

2. Familiarity with Windows: In-house IT staff can utilize their familiarity and knowledge of Windows environment to deploy Hyper-v minimizing training cost and learning time.

3. Single Platform Cloud Management Technology: System Center 2012 enables you to manage physical, virtual, private and public cloud using a common console view for multi-hypervisor management, 3rd party integration and process automation, ability to manage applications via a single view across private and public clouds, and deep application diagnostics and insights.

4. Running common Microsoft Application: It is obvious that Microsoft application will run better on Hyper-v 2012. Still Microsoft has published third-party validated lab results that prove best-in-class performance for Microsoft workloads on Hyper-V.

5. Private, Public or Hybrid Cloud: Microsoft provides complete solutions for Private, Public or Hybrid cloud with next generation computing technology like IaaS, PaaS, SaaS.

6. Value for Money: Microsoft Private Cloud provides value for money. You will receive unrestricted virtualization license once you buy Windows Server 2012 Datacenter and System Center 2012.

7. Easy Migration: Convert VMware virtual machine to Microsoft Hyper-v virtual machine in few easy steps. See this link.

8. Single Vendor: Since your existing virtualization workload is mostly Windows Server, from vendor communication and contract management point of view, having Microsoft Hyper-v make more sense.

References:

Microsoft Cloud Summit Australia

Microsoft Private Cloud Cost Calculator

Microsoft Private Cloud Success Stories

Microsoft Cloud Computing

System Center 2012

Windows Server 2012

Hyper-v Server 2012

Download Microsoft System Center Private Cloud Evaluation Software