Managing Virtual Machines in Windows Server 2012 Hyper-V
In this article I will dive a bit deeper into the new features of Windows Server 2012 Hyper-V, how you can manage virtual machines (VMs), and from which of its new features you can most benefit.
Windows Server 2012 Hyper-V Exclusive Features
My Petri IT Knowledgebase colleague Jeff Hicks has done a multi-part series Windows 8 client Hyper-V, including how to install and configure Windows 8 Client Hyper-V (part one) and how to manage client Hyper-V with PowerShell (part five). Managing VMs on the server side in Windows Server 2012 Hyper-V isn’t that different, although there are some enterprise virtualization features that are exclusive to Windows Server 2012.
The following features are only available in the Windows Server 2012 Hyper-V role and also in the free Hyper-V 2012 Server.
- Hyper-V Replica
- Hyper-V network virtualization
- Virtual Machine Live Migration
- Shared-Nothing Live Migration
- Virtual HBA
- Failover Clustering
- Remote FX
Parameters and Configuring VMs
When it comes to configuring each virtual machine, there are many parameters that can be set. Configuring RAM with Dynamic Memory for VMs has been rewritten and improved in Server 2012 Hyper-V. In this version we use something called Startup Memory, which is memory that will be allocated by the virtual machine before the integration tool starts. Once that process completes, minimum and maximum memory will be utilized.
For example, when a Windows Server with SQL starts, it will allocate what it has configured and what is available. If there is only a minimum memory available the server will not be extending its memory for the database, and that would probably cause that SQL instance to perform more poorly than expected. You should carefully examine the startup and maximum RAM values and change them as needed. The default maximum value of 1TB may not be needed for every VM.
If you are utilizing VLANs in your network environment connected to your Hyper-V virtualization platform, each VM will need to be set with the correct VLAN tag for every network interface it is using.
Doing this with PowerShell for a group of VMs is quite easy, as you can see below.
Get-VM | where Name -match DMZ | Get-VMNetworkAdapter | Set-VMNetworkAdapterVlan -Access -VlanId 200
With PowerShell it is also possible to configure the more advanced VLAN settings for a virtual network card, including setting it in trunk, isolated, community, or promiscuous modes. You can also get some help to learn more about those options and how to configure them:
Get-Help Set-VMNetworkAdapterVlan -full
Bandwidth management can also be enabled, which helps set maximum and minimum bandwidth values for your VM. This can also be set with PowerShell.
Get-VM | where Name -match WIN | Get-VMNetworkAdapter | Set-VMNetworkAdapter -MaximumBandwidth 100000000 -MinimumBandwidthAbsolute 50000000
There are some security parameters in your virtualization environment that should be set on your virtual machines network adapters, mainly to assure that no newly created VMs can start handing out IP addresses as a DHCP server of which you do not have control. An important parameter is the router guard setting – if this isn’t activated, it makes it easier for unauthorized VMs to masquerade as routers and snoop on network traffic.
You can configure this when you set up a new virtual machine and the network adapter, under the advanced settings of the virtual network adapter. This is a perfect example of when to automate and run on all your virtual machines and make sure that they are configured as expected. In this PowerShell example you can see that I have added the –ClusterObject, and I can find all VMs in the cluster regardless of what nodes they currently run on.
Get-VM -ClusterObject (Get-ClusterResource -Cluster HVCL30 | where ResourceType -eq "Virtual Machine") | Get-VMNetworkAdapter | Set-VMNetworkAdapter -DhcpGuard On -RouterGuard On
When setting up a network load-balancing cluster, you want to configure the MAC spoofing on all virtual machines participating in this or your NLB will not work as expected. This allows your virtual network cards to have multiple MAC addresses.
Another setting you might consider changing is the MAC address, which is by default set to Dynamic. That might not be an issue for you, but it can present a problem if you have installed a license server or another application that uses the MAC. This is because if you migrate the VM to another host and restart it, it will change the MAC and then your software inside the virtual machine will fail. This can only be configured when the virtual machine is stopped.
If for some reason you have an old Windows NT Server that needs to be virtualized or migrated from an earlier virtualization platform, you will need to set the limit CPU features in the VM settings or Windows NT will bluescreen on you as the old operating system has not implemented the new feature sets. This setting is not available via the GUI, but you can properly configure it with PowerShell:
Get-VM vmtest | Set-VMProcessor -CompatibilityForOlderOperatingSystemsEnabled $true
Another setting that might be interesting is the processor compatibility mode, which makes it possible to build clusters and live migrate virtual machines between physical processors within different families from the same manufacturer. Live migrating to a Hyper-v host with a newer processor without this setting active is usually no problem; attempting to go the other way can fail as the VM has booted with newer CPU instructions. This setting is also something that has to be set when the virtual machine is stopped.
As you might have noticed along the way, I prefer to use PowerShell instead of the GUI – but if there is a way to automate things or just run it in the shell, that is the way to go!