What’s New in Microsoft Hyper-V in the Windows 10 Fall Creators Update

With the latest release of Hyper-V, Microsoft has made some great improvements to their Hypervisor. For many reasons, Hyper-V has become a major player in virtualization. In this article, Nicolas Prigent describes new Hyper-V updates and enhanced Hyper-V features that were introduced with Windows 10 and Windows Server 2016.

Microsoft offers a ‘feature update’ to Windows 10 every six months, and continues to unify its Windows development and deliver new features. Microsoft’s next major update for Windows 10 is at its last phase of development and is planned for a September release with the Windows 10 Fall Creator Update. In mid-June, Microsoft announced a major change to how it will deliver new releases of Windows Server. Microsoft will now move to a semi-annual cycle. This new release cadence, which is similar to what Microsoft is doing with Windows 10, will allow every company to take advantage of new innovations.

Technology is moving so fast so that sysadmins must be aware of every new feature and update those that are already released. This article will be focused on Hyper-V and especially all the new changes in Windows 10 and Windows Server 2016.

Hyper-V and Windows 10

The next major update to Windows 10 comes with many improvements, including enhanced Hyper-V changes as well. So let’s review these changes and start with one of my favorites.

Quick Create

Quick Create is a single-page wizard that let you create a virtual machine in few seconds. The single-page wizard is quite unlike the traditional ‘next-next-next’ wizard. These traditional wizards offer a lot of options but sometimes you just need to create a basic Virtual Machine quickly for testing an application. Now, you can use the Quick Create option for this sort of job. Open the Hyper-V Manager and click “Quick Create” in the Actions panel.

The Virtual Machine will use these default settings below:

  • Generation: 2
  • Startup RAM: 2GB
  • Dynamic RAM: Enabled
  • Virtual Processors: 4
  • A NIC connected to the virtual switch

If successful, the results screen should display information with the options to Connect or to Edit settings to customize the virtual machine before you continue.

Dynamic resize for VM Connect

Have you ever wondered why the VMConnect window could not be resized? Well, the enigma is over! You can now resize the display for a session in VMConnect just by dragging the corner of the window. There is just one requirement for dynamic resizing to work: you must be running in enhanced session mode.

Added Checkpoint and Save for Nested Hyper-V

Microsoft had introduced Nested Virtualization. Nested virtualization lets us create Hyper-V virtual machines inside another Hyper-V virtual machine (or Hyper-V host). A common problem was that Hyper-V did not support the virtual hosts being put into a saved state or being saved to a checkpoint. Microsoft has solved this problem in the latest update and we can now take checkpoints and saved states in a Virtual Machine which is acting as a Nested Hyper-V hosts.

Zoom for VMConnect

Here is a gadget, but for some people it can be very useful. Under the View menu in VMConnect, you will find a new Zoom option. You now have the option for adjusting the Zoom Level if you can’t read something in your Virtual Machine. This can be helpful on high-resolution devices. Note that you must disable the “Enhanced Session” option before using the Zoom level option.

Improved Memory Management

Hyper-V used to allocate memory in a conservative manner, which is a good idea but some developers faced out-of-memory errors. In the Creator Update, you can now allocate all the memory to be used. This means that you run the risk of running out of memory on the host, so Hyper-V administrators must be careful.

What’s new in Build 16226 for Windows 10?

You can now use the new VM Sharing feature to share your VMs with ease. In the build called “16226”, you will find a new icon in Virtual Machine Connection (VMConnect) that will let you compress any virtual machines into a “.vmcz” archive. This “.vmcz” file is like a ZIP archive so that you can extract and open it with the file explorer. Let’s check the contents of this archive with PowerShell:

When the compression is done, you will be able to copy and paste this file on another machine or server. Then, the only thing to do is to double click this file on your destination machine to start the import process. In the background, the utility called “C:\Program Files\Hyper-V\vmimport.exe” will be used. It is a very simple process to export a virtual machine, which can help you to backup a virtual machine!

Hyper-V and Windows Server 2016

Let’s see the new Hyper-V features on Windows Server 2016.

Host resource protection

Hyper-V should prevent virtual machines from consuming too many resources and impacting other virtual machines but there are a number of situations in which a virtual machine can consume more hardware resources. In this case, the performance of the host and other VMs will be impacted. A new feature has been introduced in order to avoid excessive activities. This feature must be enabled with PowerShell:

Linux Secure Boot

Linux operating systems running on generation 2 virtual machines can now boot with the ‘Secure Boot’ option enabled. ‘Secure Boot’ ensures that an operating system’s loading utility has not been tampered with. This is an effective preventive measure against malicious code being injected into a computer’s startup cycle ahead of the operating system. Below are the compatible versions:

  • Ubuntu 14.04 and later
  • SUSE Linux Enterprise Server 12 and later
  • Red Hat Enterprise Linux 7.0 and later
  • CentOS 7.0 and later

Shut down the Virtual machine and open the properties. Select the “Enable Secure Boot” checkbox from the Security tab:

Of course, you can enable the Secure Boot with Windows PowerShell:

You can get the name of the templates with the following command:

Nested virtualization

Creating a virtual machine within a virtual machine was previously just a theoretical concept. With Windows Server 2016, you can run Hyper-V virtual machines inside another Hyper-V virtual machine. You will need a processor with Intel VT-x in order to use Nested Virtualization. Below is a screenshot from Ben Armstrong’s Virtualization Blog: https://blogs.msdn.microsoft.com/virtual_pc_guy/2015/10/13/nested-virtualization-in-windows-10-build-10565/.

https://msdnshared.blob.core.windows.net/media/MSDNBlogsFS/prod.evol.blogs.msdn.com/CommunityServer.Blogs.Components.WeblogFiles/00/00/00/41/22/3771.nest.PNG

Production checkpoints

Microsoft introduced a new ‘Production Checkpoints’ feature in Windows Server 2016. Production Checkpoints are based on backup technologies inside the virtual machine instead of creating a saved state. For Windows guest OSs, the Volume Snapshot Service is used; and it ensures data on disk is in an application-consistent state via a VSS snapshot, the same state as if a backup had been taken. In Hyper-V 2016, Production checkpoints are set by default. Standard checkpoints are set only if production checkpoints cannot be created. Standard Checkpoints capture the state, data, and hardware configuration of a running virtual machine.

Rolling Hyper-V Cluster upgrade

First, note that Hyper-V on Windows 10 doesn’t support failover clustering. A picture is worth a thousand words, so let’s start by the following screenshots (https://docs.microsoft.com/en-us/windows-server/failover-clustering/cluster-operating-system-rolling-upgrade):

Illustration showing the initial state: all nodes Windows Server 2012 R2

Illustration showing the cluster in mixed-OS mode: out of the example 4-node cluster, two nodes are running Windows Server 2016, and two nodes are running Windows Server 2012 R2

Illustration showing that the cluster rolling OS upgrade has been successfully completed; all nodes have been upgraded to Windows Server 2016, and the cluster is running at the Windows Server 2016 cluster functional level

With these screenshots, you will probably understand this new feature better! You can now easily upgrade your nodes without any downtime! You just have to pause one node, evicted the node from the cluster, upgrade it to 2016 and re-add it to the cluster. Do that for each node and your cluster will be upgraded smoothly. The big advantages are that you don’t need to create a new cluster because you can upgrade your existing cluster and the cluster does not need to be stopped or restarted.

Shielded virtual machines

Data protection is a fundamental requirement for every virtualization platform. If a virtual machine file can be copied or moved offsite, then the virtual machine can be run on any other system. To avoid this security issue, Windows Server brings a new feature which is called Shielded VMs. It allows you to restrict access to Hyper-V guests so that they cannot be accessed by Hyper-V administrators. It means that Hyper-V administrator cannot access a Shielded VM content, unless this administrator has explicit permission to do so. Shielded VMs work with TPM module by providing the strongest possible protection.

Start order priority for clustered virtual machines

Windows Server 2016 brings a new feature called “VM Start Order”. This feature lets you make dependencies between virtual machines. It means that for example, you can set the following order:

  1. Start the Domain Controller
  2. Start the Database servers
  3. And finally, start the Web Servers

You will need to configure your “ClusterGroupSet”. A set is a group of virtual machine with the same role that you can, of course, configure with PowerShell. You must import the Failover Clusters PowerShell module.

Windows Containers

Containers do not contain any operating system, so they take up fewer resources than virtual machines on the physical host. Containers simply share the host operating system, including the kernel and libraries, so they don’t need to boot a full OS.

https://www.red-gate.com/simple-talk/wp-content/uploads/2017/01/word-image-92.png

Microsoft includes two different types of container. The first type is based on the Windows Server Core image and is called a Windows Server Container. The second one is called a Hyper-V Container and is based on the Windows Nano Server image. Hyper-V Containers expand on the isolation that is provided by Windows Server Containers by running each container in a highly-optimized virtual machine, so that they provide a full secure isolation. You can get more details from this series: https://www.red-gate.com/simple-talk/sysadmin/virtualization/working-windows-containers-docker-basics/

Windows PowerShell Direct

PowerShell Direct is a new feature that let you to manage your VMs whether or not you have network connectivity, just as long as your virtual machines are located on your Hyper-V host. Since Windows PowerShell version 5, Microsoft has implemented a new way to directly manage your virtual machines without network connectivity. This feature will use the VMBus which is installed with Hyper-V Integration Services. PowerShell Direct relies on the VMBus concept, a Hyper-V internal mechanism that provides a communication channel between the host and the VM. Basically, this is the same syntax as a PowerShell session:

You can get more details from this article: https://www.red-gate.com/simple-talk/sysadmin/powershell/managing-hyper-v-vms-using-powershell-direct/

Windows PowerShell Module

Finally, don’t forget that you can manage your Hyper-V hosts with the Windows PowerShell Hyper-V module. The module is updated on a regular basis. You can find more information about Hyper-V cmdlets from this article: https://www.red-gate.com/simple-talk/sysadmin/powershell/hyper-v-powershell-basics/

Conclusion

Some changes in Windows 10 ‘Fall Creator Update’ are more exciting than others, and we are all interested in different things depending our needs, but two things stand out for many of us:

  • Microsoft has improved its hypervisor in every major update both in Windows 10 and Windows Server
  • Hyper-V has now become a major player in the virtualization market

The use of Hyper-V in Windows 10 works very well, and usefully, in demo, test, and training environments. It allows you to run a complex deployment that allows to perform a range of tasks such as testing clusters, storage spaces direct and Windows Containers. Most of the limitations are now to do with memory and storage.

Some of these new changes will be covered in future articles on Simple-Talk.