Authored by: Casper Manes
We went into more detail about the container integration, improved headless edition, nested virtualization and PowerShell improvements, as the most prominent feature updates of the new Microsoft server operating system.
Windows Server 2016 comes with a ton of new and improved features over its predecessor, and a few weeks ago we presented the top 10 of its features that you as a sysadmin simply need to know about. In this post, we will go deeper into four of the most significant functional upgrades that Microsoft included with its latest server operating system.
Small-footprint Nano Server
Think of Nano as the even smaller footprint successor to Server Core, which was the solution to a problem no one knew they even had. Today, Nano server can "solve" a lot of problems people know they have, and perform tasks that many of us need, such as host virtual machines, work as a DNS or IIS web server, or run container deployed apps. Nano has a much smaller footprint, so uses even fewer resources than Server Core did and can boot much faster than either Core of a full GUI based Windows can. Microsoft claims that Nano Server will have 93% smaller VHD size, 92% fewer critical bulletins and 80% fewer required reboots.
Nano is ideal for compute heavy tasks, or for dedicated purposes such as the mentioned DNS, IIS, or F&P. It runs only 64bit code, has no local login, but can be easily managed remotely using WMI and PowerShell. Think of Nano as the way to go when deploying purpose-built systems to support specific tasks, or to provide services to remote locations where you have minimal hardware and even less staff. Nano can run well on both physical hardware and as a guest VM.
Incidentally, there's a new set of Sysinternals tools for Nano Server. You can download them from the TechNet page for the Sysinternals suite at https://technet.microsoft.com/en-us/sysinternals/bb842062. Since Nano has no GUI, not all the tools will be there, but several of them will work on other systems when run against a Nano server.
Docker containers running on Windows
If you are unfamiliar with Docker, it's a software containerization platform that allows you easier deployment of developed apps and environments. That means that if you have an application which you have developed, and it has dependencies, you can use Docker to wrap your app with everything it needs to run. Your code, runtimes, tools, libraries, or anything else that your application needs to find on the running operating system in order to work can all be included in the container.
So instead of your customer spending hours just installing prerequisites, they can instead install your Docker based application and start running it. Better yet, Docker runs on both Linux and Windows, ensuring portability of your applications. And since the container is isolated from other applications and the operating system, your applications can run more securely and be less vulnerable to malicious code.
Docker isn't for everyone, as it's a way to wrap an application, as opposed to a virtual machine. But if you are in the habit of installing VMs just to support applications, Docker is a way to get the same isolation as you could with VMs, while using much less of the physical resources of the host system.
Even more powerful Hyper-V
Hyper-V has some great new features included. Most of these have to do with either the setup or the maintenance of guest virtual machines. For starters, the integration services are no longer installed by mounting an ISO file as a DVD; they are deployed through Windows Update. But that is just the tip of the iceberg.
Several things that used to require you to shut down a guest before making changes can now be changed on the fly. While a VM is running, you can now add or remove network adapters, and change the amount of memory allocated (add or subtract) even if the VM was not originally set up for dynamic memory allocation.
VMs can now be granted discrete access to devices on the PCIe bus, such as disk controllers, providing for much faster performance. The number of virtual processors a guest can be allocated has increased to 128, and the total amount of memory is now over 4TB.
There's even nested virtualization, so you can run Hyper-V on a VM that is a guest of a Hyper-V server, which is a guest on a Hyper-V server, which is a guest...you get the idea. I am not sure just how many levels of virtualization you could need or support, but I have seen a CTP4 running four layers with barely any noticeable lag on the final level guest.
There are also improvements to snapshots, the ability to resize even shared virtual disks without having to shut down the guests, and new shielded VMs that can be used to ensure that a guest VM is fully secure, even from the Hyper-V host's administrators. The full list is worthy of its own blog post, so check out https://technet.microsoft.com/en-us/windows-server-docs/compute/hyper-v/what-s-new-in-hyper-v-on-windows if you want to see even more on this.
PowerShell 5 is here
Windows Server 2016 comes with the Windows Management Framework 5.1, and that includes the latest version of PowerShell. Leveraging the .NET Framework 4.6, PowerShell 5 comes with several new features, including new cmdlets for managing local users and groups, as well as a new Get-ComputerInfo cmdlet which can dump detailed information on the system.
The PS5 improvements include enforcement for using signed modules when loading modules from remote locations, support for containers, CAB files, and EXEs, and better debugging. At last update, the WMF 5.1 shipping with Server 2016 was still listed as a preview version, with 5.0 also included, but we expect it to change to full release after Windows Server 2016 reaches general availability, which was yesterday, on October 12th.
There is even more to the new server OS from Microsoft, and in our next post we will take a deeper dive into the security focused technologies and improvements that came with Windows Server 2016.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.