Microsoft’s Nano Server is All About the Cloud

Microsoft currently offers both on-premises Windows Server versions and Azure in the cloud. But with the coming generation of Nano Server capabilities in Windows Server vNext, the differences between these product lines are about to blur even further.

You can learn more about Nano Server in Aidan Finn’s article, Microsoft Announces Nano Server. And be sure to check out Russell Smith’s take on how Nano Server will impact DevOps-style workflow in Thoughts on Windows Nano Server. Here, I’d like to expand a bit on what this all means strategically to Microsoft and its customers.

Before getting to that, we need to understand a few terms, in particular Nano Server and container.

Nano Server is a new minimal footprint installation of Windows Server, coming in the next release, which is highly optimized for the cloud, and ideal for containers.

A containers is a way to isolate applications independently of both location—some mix of cloud and on-premises infrastructure, perhaps—and even operating environment (Windows and Linux, for example). Microsoft announced last fall that it was supporting Docker containers in the next Windows Server and that they would run on-premises datacenters, hosted datacenters, or any public cloud provider, including of course Azure. And this week, Microsoft also announced that it is “leveraging and extending” Docker containers with something called Hyper-V container, a new container deployment option with enhanced isolation based on Hyper-V virtualization technologies.

If you’re familiar with Windows Server, you know that Microsoft has evolved this product line from a standalone, interactive, and workgroup-type server to something far more sophisticated. In the wake of the Trustworthy Computing initiative of 2002, the Window Server team started taking steps to reduce the product’s attack surface through a number of means. Windows Server 2003, for example, introduced a firewall and IE Protected Mode (“it’s a server, not a surfboard”). And Windows Server, like its client siblings, has been steadily componentized, leading to, among other things, the Server Core deployment option that debuted in Windows Server 2008.

Server Core and related efforts like MinWin are in many ways the spiritual predecessors of Nano Server. But where Server Core offered a minimal management interface—a command line and a handful of supporting GUI tools—Nano Server offers nothing of the kind. It marks the first time that Windows Server can be deployed in a way that only supports remote management.

And this, I think, is the central point behind Nano Server. That, like Server Core and even Windows Server 2003 before it, the goal is to get administrators to move completely into remote management. And that’s true whether they’re managing individual servers, data centers, or complete hybrid environments. It is in effect cloud management.

“GUIs are great,” Microsoft distinguished engineer Jeffrey Snover explained this week Twitter. “They just need to run on clients and do remote management via formal management APIs so you can automate.” Snover is no stranger to automation: before architecting Nano Servers hand-in-hand with Mark Russinovich and the Azure team, he invented PowerShell. But this partnership gives another hint to the goal of Nano Server technologies, that the management functionality will benefit non-Nano Server installs too.

Snover isn’t prone to hyperbole. But he has described Nano Server as no less than “the future of Windows Server,” noting that he “came to Microsoft 15 years ago wanting to change the OS and change the world. Nano Server is a dream come true.”

And as for the componentization and reduced attack surface that comes along with such a change, Nano Server is “20 times smaller than Server Core.” This means faster installs, of course, and fewer dependencies, leading to better reliability. But as Snover has noted, Nano Server has about 92 percent fewer critical bulletins than a more typical Windows Server install, based upon internal code analysis of a years’ worth of bulletins. And that means it’s a lot more secure. Mission accomplished.

It’s always been obvious that Azure was influenced by—was indeed at one time a cloud version of—Windows Server. But as Azure has matured, it’s become increasingly clear that many of the learnings of a distributed environment like Azure can be funneled back into Windows Server as well, creating a virtuous cycle in which each product benefits the other. We saw a bit of this in the Windows Server 2012 generation products, and with Nano Server and containers in Windows Server vNext, we’re going to see even more.

As you might expect, Microsoft—and Snover—are promising more information about these technologies, and about Windows Server vNext in particular, at both Build (April 29 to May 1, in San Francisco) and Ignite (May 4 to May 8, in Chicago). But I’d pay more attention to Ignite: Snover will be providing six sessions at the show, including co-hosting the Platform Vision and Strategy Overview: Bringing Microsoft Azure to Your Datacenter session with Mark Russinovich and Jeremy Winter, a must-see.