20409B ENU TrainerHandbook

M I C R O S O F T
20409B
L E A R N I N G
P R O D U C T
MCT USE ONLY. STUDENT USE PROHIBITED
O F F I C I A L
Server Virtualization with Windows Server

Hyper-V and System Center
Server Virtualization with Windows Server Hyper-V and System Center
ii
Information in this document, including URL and other Internet Web site references, is subject to change
without notice. Unless otherwise noted, the example companies, organizations, products, domain names,
e-mail addresses, logos, people, places, and events depicted herein are fictitious, and no association with
any real company, organization, product, domain name, e-mail address, logo, person, place or event is
intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the
user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in
or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical,
photocopying, recording, or otherwise), or for any purpose, without the express written permission of
Microsoft Corporation.
Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property
rights covering subject matter in this document. Except as expressly provided in any written license
agreement from Microsoft, the furnishing of this document does not give you any license to these
patents, trademarks, copyrights, or other intellectual property.
The names of manufacturers, products, or URLs are provided for informational purposes only and
Microsoft makes no representations and warranties, either expressed, implied, or statutory, regarding
these manufacturers or the use of the products with any Microsoft technologies. The inclusion of a
manufacturer or product does not imply endorsement of Microsoft of the manufacturer or product. Links
may be provided to third party sites. Such sites are not under the control of Microsoft and Microsoft is not
responsible for the contents of any linked site or any link contained in a linked site, or any changes or
updates to such sites. Microsoft is not responsible for webcasting or any other form of transmission
received from any linked site. Microsoft is providing these links to you only as a convenience, and the
inclusion of any link does not imply endorsement of Microsoft of the site or the products contained
therein.
2014 Microsoft Corporation. All rights reserved.
Microsoft and the trademarks listed at http://www.microsoft.com/about/legal/en/us/IntellectualProperty
/Trademarks/EN-US.aspx are trademarks of the Microsoft group of companies. All other trademarks are
property of their respective owners.
Product Number: 20409B

Part Number: X19-32457
Released: 02/2014
MICROSOFT LICENSE TERMS

MICROSOFT INSTRUCTOR-LED COURSEWARE
These license terms are an agreement between Microsoft Corporation (or based on where you live, one of its
affiliates) and you. Please read them. They apply to your use of the content accompanying this agreement which
includes the media on which you received it, if any. These license terms also apply to Trainer Content and any
updates and supplements for the Licensed Content unless other terms accompany those items. If so, those terms
apply.
BY ACCESSING, DOWNLOADING OR USING THE LICENSED CONTENT, YOU ACCEPT THESE TERMS.
IF YOU DO NOT ACCEPT THEM, DO NOT ACCESS, DOWNLOAD OR USE THE LICENSED CONTENT.
If you comply with these license terms, you have the rights below for each license you acquire.
1.
DEFINITIONS.
a. Authorized Learning Center means a Microsoft IT Academy Program Member, Microsoft Learning
Competency Member, or such other entity as Microsoft may designate from time to time.
b. Authorized Training Session means the instructor-led training class using Microsoft Instructor-Led
Courseware conducted by a Trainer at or through an Authorized Learning Center.
c.
Classroom Device means one (1) dedicated, secure computer that an Authorized Learning Center owns
or controls that is located at an Authorized Learning Centers training facilities that meets or exceeds the
hardware level specified for the particular Microsoft Instructor-Led Courseware.
d. End User means an individual who is (i) duly enrolled in and attending an Authorized Training Session
or Private Training Session, (ii) an employee of a MPN Member, or (iii) a Microsoft full-time employee.
e. Licensed Content means the content accompanying this agreement which may include the Microsoft
Instructor-Led Courseware or Trainer Content.
f.
Microsoft Certified Trainer or MCT means an individual who is (i) engaged to teach a training session
to End Users on behalf of an Authorized Learning Center or MPN Member, and (ii) currently certified as a
Microsoft Certified Trainer under the Microsoft Certification Program.
g. Microsoft Instructor-Led Courseware means the Microsoft-branded instructor-led training course that
educates IT professionals and developers on Microsoft technologies. A Microsoft Instructor-Led
Courseware title may be branded as MOC, Microsoft Dynamics or Microsoft Business Group courseware.
h. Microsoft IT Academy Program Member means an active member of the Microsoft IT Academy
Program.
i.
Microsoft Learning Competency Member means an active member of the Microsoft Partner Network
program in good standing that currently holds the Learning Competency status.
j.
MOC means the Official Microsoft Learning Product instructor-led courseware known as Microsoft
Official Course that educates IT professionals and developers on Microsoft technologies.
k. MPN Member means an active Microsoft Partner Network program member in good standing.
l.
Personal Device means one (1) personal computer, device, workstation or other digital electronic device
that you personally own or control that meets or exceeds the hardware level specified for the particular
Microsoft Instructor-Led Courseware.
m. Private Training Session means the instructor-led training classes provided by MPN Members for
corporate customers to teach a predefined learning objective using Microsoft Instructor-Led Courseware.
These classes are not advertised or promoted to the general public and class attendance is restricted to
individuals employed by or contracted by the corporate customer.
n. Trainer means (i) an academically accredited educator engaged by a Microsoft IT Academy Program
Member to teach an Authorized Training Session, and/or (ii) a MCT.
o. Trainer Content means the trainer version of the Microsoft Instructor-Led Courseware and additional
supplemental content designated solely for Trainers use to teach a training session using the Microsoft
Instructor-Led Courseware. Trainer Content may include Microsoft PowerPoint presentations, trainer
preparation guide, train the trainer materials, Microsoft One Note packs, classroom setup guide and Prerelease course feedback form. To clarify, Trainer Content does not include any software, virtual hard
disks or virtual machines.
2.
USE RIGHTS. The Licensed Content is licensed not sold. The Licensed Content is licensed on a one copy
per user basis, such that you must acquire a license for each individual that accesses or uses the Licensed
Content.
2.1
Below are five separate sets of use rights. Only one set of rights apply to you.
a. If you are a Microsoft IT Academy Program Member:

i. Each license acquired on behalf of yourself may only be used to review one (1) copy of the Microsoft
Instructor-Led Courseware in the form provided to you. If the Microsoft Instructor-Led Courseware is
in digital format, you may install one (1) copy on up to three (3) Personal Devices. You may not
install the Microsoft Instructor-Led Courseware on a device you do not own or control.
ii. For each license you acquire on behalf of an End User or Trainer, you may either:
1. distribute one (1) hard copy version of the Microsoft Instructor-Led Courseware to one (1) End
User who is enrolled in the Authorized Training Session, and only immediately prior to the
commencement of the Authorized Training Session that is the subject matter of the Microsoft
Instructor-Led Courseware being provided, or
2. provide one (1) End User with the unique redemption code and instructions on how they can
access one (1) digital version of the Microsoft Instructor-Led Courseware, or
3. provide one (1) Trainer with the unique redemption code and instructions on how they can
access one (1) Trainer Content,
provided you comply with the following:
iii. you will only provide access to the Licensed Content to those individuals who have acquired a valid
license to the Licensed Content,
iv. you will ensure each End User attending an Authorized Training Session has their own valid licensed
copy of the Microsoft Instructor-Led Courseware that is the subject of the Authorized Training
Session,
v. you will ensure that each End User provided with the hard-copy version of the Microsoft InstructorLed Courseware will be presented with a copy of this agreement and each End User will agree that
their use of the Microsoft Instructor-Led Courseware will be subject to the terms in this agreement
prior to providing them with the Microsoft Instructor-Led Courseware. Each individual will be required
to denote their acceptance of this agreement in a manner that is enforceable under local law prior to
their accessing the Microsoft Instructor-Led Courseware,
vi. you will ensure that each Trainer teaching an Authorized Training Session has their own valid
licensed copy of the Trainer Content that is the subject of the Authorized Training Session,
vii. you will only use qualified Trainers who have in-depth knowledge of and experience with the
Microsoft technology that is the subject of the Microsoft Instructor-Led Courseware being taught for
all your Authorized Training Sessions,
viii. you will only deliver a maximum of 15 hours of training per week for each Authorized Training
Session that uses a MOC title, and
ix. you acknowledge that Trainers that are not MCTs will not have access to all of the trainer resources
for the Microsoft Instructor-Led Courseware.
b. If you are a Microsoft Learning Competency Member:

User attending the Authorized Training Session and only immediately prior to the
commencement of the Authorized Training Session that is the subject matter of the Microsoft
Instructor-Led Courseware provided, or
2. provide one (1) End User attending the Authorized Training Session with the unique redemption
code and instructions on how they can access one (1) digital version of the Microsoft InstructorLed Courseware, or
3. you will provide one (1) Trainer with the unique redemption code and instructions on how they
can access one (1) Trainer Content,
iv. you will ensure that each End User attending an Authorized Training Session has their own valid
licensed copy of the Microsoft Instructor-Led Courseware that is the subject of the Authorized
Training Session,
v. you will ensure that each End User provided with a hard-copy version of the Microsoft Instructor-Led
Courseware will be presented with a copy of this agreement and each End User will agree that their
use of the Microsoft Instructor-Led Courseware will be subject to the terms in this agreement prior to
providing them with the Microsoft Instructor-Led Courseware. Each individual will be required to
denote their acceptance of this agreement in a manner that is enforceable under local law prior to
vi. you will ensure that each Trainer teaching an Authorized Training Session has their own valid
licensed copy of the Trainer Content that is the subject of the Authorized Training Session,
vii. you will only use qualified Trainers who hold the applicable Microsoft Certification credential that is
the subject of the Microsoft Instructor-Led Courseware being taught for your Authorized Training
Sessions,
viii. you will only use qualified MCTs who also hold the applicable Microsoft Certification credential that is
the subject of the MOC title being taught for all your Authorized Training Sessions using MOC,
ix. you will only provide access to the Microsoft Instructor-Led Courseware to End Users, and
x. you will only provide access to the Trainer Content to Trainers.
c.
If you are a MPN Member:

User attending the Private Training Session, and only immediately prior to the commencement
of the Private Training Session that is the subject matter of the Microsoft Instructor-Led
Courseware being provided, or
2. provide one (1) End User who is attending the Private Training Session with the unique
redemption code and instructions on how they can access one (1) digital version of the
Microsoft Instructor-Led Courseware, or
3. you will provide one (1) Trainer who is teaching the Private Training Session with the unique
redemption code and instructions on how they can access one (1) Trainer Content,
iv. you will ensure that each End User attending an Private Training Session has their own valid licensed
copy of the Microsoft Instructor-Led Courseware that is the subject of the Private Training Session,
v. you will ensure that each End User provided with a hard copy version of the Microsoft Instructor-Led
Courseware will be presented with a copy of this agreement and each End User will agree that their
use of the Microsoft Instructor-Led Courseware will be subject to the terms in this agreement prior to
providing them with the Microsoft Instructor-Led Courseware. Each individual will be required to
denote their acceptance of this agreement in a manner that is enforceable under local law prior to
vi. you will ensure that each Trainer teaching an Private Training Session has their own valid licensed
copy of the Trainer Content that is the subject of the Private Training Session,
vii. you will only use qualified Trainers who hold the applicable Microsoft Certification credential that is
the subject of the Microsoft Instructor-Led Courseware being taught for all your Private Training
Sessions,
viii. you will only use qualified MCTs who hold the applicable Microsoft Certification credential that is the
subject of the MOC title being taught for all your Private Training Sessions using MOC,
ix. you will only provide access to the Microsoft Instructor-Led Courseware to End Users, and
x. you will only provide access to the Trainer Content to Trainers.
d. If you are an End User:

For each license you acquire, you may use the Microsoft Instructor-Led Courseware solely for your
personal training use. If the Microsoft Instructor-Led Courseware is in digital format, you may access the
Microsoft Instructor-Led Courseware online using the unique redemption code provided to you by the
training provider and install and use one (1) copy of the Microsoft Instructor-Led Courseware on up to
three (3) Personal Devices. You may also print one (1) copy of the Microsoft Instructor-Led Courseware.
You may not install the Microsoft Instructor-Led Courseware on a device you do not own or control.
e. If you are a Trainer.
i.
For each license you acquire, you may install and use one (1) copy of the Trainer Content in the
form provided to you on one (1) Personal Device solely to prepare and deliver an Authorized
Training Session or Private Training Session, and install one (1) additional copy on another Personal
Device as a backup copy, which may be used only to reinstall the Trainer Content. You may not
install or use a copy of the Trainer Content on a device you do not own or control. You may also
print one (1) copy of the Trainer Content solely to prepare for and deliver an Authorized Training
Session or Private Training Session.
ii.
You may customize the written portions of the Trainer Content that are logically associated with
instruction of a training session in accordance with the most recent version of the MCT agreement.
If you elect to exercise the foregoing rights, you agree to comply with the following: (i)
customizations may only be used for teaching Authorized Training Sessions and Private Training
Sessions, and (ii) all customizations will comply with this agreement. For clarity, any use of
customize refers only to changing the order of slides and content, and/or not using all the slides or
content, it does not mean changing or modifying any slide or content.
2.2 Separation of Components. The Licensed Content is licensed as a single unit and you may not
separate their components and install them on different devices.
2.3 Redistribution of Licensed Content. Except as expressly provided in the use rights above, you may
not distribute any Licensed Content or any portion thereof (including any permitted modifications) to any
third parties without the express written permission of Microsoft.
2.4 Third Party Notices. The Licensed Content may include third party code tent that Microsoft, not the
third party, licenses to you under this agreement. Notices, if any, for the third party code ntent are included
for your information only.
2.5 Additional Terms. Some Licensed Content may contain components with additional terms,
conditions, and licenses regarding its use. Any non-conflicting terms in those conditions and licenses also
apply to your use of that respective component and supplements the terms described in this agreement.
3.
LICENSED CONTENT BASED ON PRE-RELEASE TECHNOLOGY. If the Licensed Contents subject

matter is based on a pre-release version of Microsoft technology (Pre-release), then in addition to the
other provisions in this agreement, these terms also apply:
a. Pre-Release Licensed Content. This Licensed Content subject matter is on the Pre-release version of
the Microsoft technology. The technology may not work the way a final version of the technology will
and we may change the technology for the final version. We also may not release a final version.
Licensed Content based on the final version of the technology may not contain the same information as
the Licensed Content based on the Pre-release version. Microsoft is under no obligation to provide you
with any further content, including any Licensed Content based on the final version of the technology.
b. Feedback. If you agree to give feedback about the Licensed Content to Microsoft, either directly or
through its third party designee, you give to Microsoft without charge, the right to use, share and
commercialize your feedback in any way and for any purpose. You also give to third parties, without
charge, any patent rights needed for their products, technologies and services to use or interface with
any specific parts of a Microsoft technology, Microsoft product, or service that includes the feedback.
You will not give feedback that is subject to a license that requires Microsoft to license its technology,
technologies, or products to third parties because we include your feedback in them. These rights
survive this agreement.
c.
Pre-release Term. If you are an Microsoft IT Academy Program Member, Microsoft Learning
Competency Member, MPN Member or Trainer, you will cease using all copies of the Licensed Content on
the Pre-release technology upon (i) the date which Microsoft informs you is the end date for using the
Licensed Content on the Pre-release technology, or (ii) sixty (60) days after the commercial release of the
technology that is the subject of the Licensed Content, whichever is earliest (Pre-release term).
Upon expiration or termination of the Pre-release term, you will irretrievably delete and destroy all copies
of the Licensed Content in your possession or under your control.
4.
SCOPE OF LICENSE. The Licensed Content is licensed, not sold. This agreement only gives you some
rights to use the Licensed Content. Microsoft reserves all other rights. Unless applicable law gives you more
rights despite this limitation, you may use the Licensed Content only as expressly permitted in this
agreement. In doing so, you must comply with any technical limitations in the Licensed Content that only
allows you to use it in certain ways. Except as expressly permitted in this agreement, you may not:
access or allow any individual to access the Licensed Content if they have not acquired a valid license
for the Licensed Content,
alter, remove or obscure any copyright or other protective notices (including watermarks), branding
or identifications contained in the Licensed Content,
modify or create a derivative work of any Licensed Content,
publicly display, or make the Licensed Content available for others to access or use,
copy, print, install, sell, publish, transmit, lend, adapt, reuse, link to or post, make available or
distribute the Licensed Content to any third party,
work around any technical limitations in the Licensed Content, or
reverse engineer, decompile, remove or otherwise thwart any protections or disassemble the
Licensed Content except and only to the extent that applicable law expressly permits, despite this
limitation.
5. RESERVATION OF RIGHTS AND OWNERSHIP. Microsoft reserves all rights not expressly granted to
you in this agreement. The Licensed Content is protected by copyright and other intellectual property laws
and treaties. Microsoft or its suppliers own the title, copyright, and other intellectual property rights in the
Licensed Content.
6.
EXPORT RESTRICTIONS. The Licensed Content is subject to United States export laws and regulations.
You must comply with all domestic and international export laws and regulations that apply to the Licensed
Content. These laws include restrictions on destinations, end users and end use. For additional information,
see www.microsoft.com/exporting.
7.
SUPPORT SERVICES. Because the Licensed Content is as is, we may not provide support services for it.
8.
TERMINATION. Without prejudice to any other rights, Microsoft may terminate this agreement if you fail
to comply with the terms and conditions of this agreement. Upon termination of this agreement for any
reason, you will immediately stop all use of and delete and destroy all copies of the Licensed Content in
your possession or under your control.
9.
LINKS TO THIRD PARTY SITES. You may link to third party sites through the use of the Licensed
Content. The third party sites are not under the control of Microsoft, and Microsoft is not responsible for
the contents of any third party sites, any links contained in third party sites, or any changes or updates to
third party sites. Microsoft is not responsible for webcasting or any other form of transmission received
from any third party sites. Microsoft is providing these links to third party sites to you only as a
convenience, and the inclusion of any link does not imply an endorsement by Microsoft of the third party
site.
10.
ENTIRE AGREEMENT. This agreement, and any additional terms for the Trainer Content, updates and
supplements are the entire agreement for the Licensed Content, updates and supplements.
11.
APPLICABLE LAW.
a. United States. If you acquired the Licensed Content in the United States, Washington state law governs
the interpretation of this agreement and applies to claims for breach of it, regardless of conflict of laws
principles. The laws of the state where you live govern all other claims, including claims under state
consumer protection laws, unfair competition laws, and in tort.
b. Outside the United States. If you acquired the Licensed Content in any other country, the laws of that
country apply.
12.
LEGAL EFFECT. This agreement describes certain legal rights. You may have other rights under the laws
of your country. You may also have rights with respect to the party from whom you acquired the Licensed
Content. This agreement does not change your rights under the laws of your country if the laws of your
country do not permit it to do so.
13.
DISCLAIMER OF WARRANTY. THE LICENSED CONTENT IS LICENSED "AS-IS" AND "AS

AVAILABLE." YOU BEAR THE RISK OF USING IT. MICROSOFT AND ITS RESPECTIVE
AFFILIATES GIVES NO EXPRESS WARRANTIES, GUARANTEES, OR CONDITIONS. YOU MAY
HAVE ADDITIONAL CONSUMER RIGHTS UNDER YOUR LOCAL LAWS WHICH THIS AGREEMENT
CANNOT CHANGE. TO THE EXTENT PERMITTED UNDER YOUR LOCAL LAWS, MICROSOFT AND
ITS RESPECTIVE AFFILIATES EXCLUDES ANY IMPLIED WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT.
14.
LIMITATION ON AND EXCLUSION OF REMEDIES AND DAMAGES. YOU CAN RECOVER FROM
MICROSOFT, ITS RESPECTIVE AFFILIATES AND ITS SUPPLIERS ONLY DIRECT DAMAGES UP
TO US$5.00. YOU CANNOT RECOVER ANY OTHER DAMAGES, INCLUDING CONSEQUENTIAL,
LOST PROFITS, SPECIAL, INDIRECT OR INCIDENTAL DAMAGES.
This limitation applies to

o
anything related to the Licensed Content, services, content (including code) on third party Internet
sites or third-party programs; and
o
claims for breach of contract, breach of warranty, guarantee or condition, strict liability, negligence,
or other tort to the extent permitted by applicable law.
It also applies even if Microsoft knew or should have known about the possibility of the damages. The
above limitation or exclusion may not apply to you because your country may not allow the exclusion or
limitation of incidental, consequential or other damages.
Please note: As this Licensed Content is distributed in Quebec, Canada, some of the clauses in this
agreement are provided below in French.
Remarque : Ce le contenu sous licence tant distribu au Qubec, Canada, certaines des clauses
dans ce contrat sont fournies ci-dessous en franais.
EXONRATION DE GARANTIE. Le contenu sous licence vis par une licence est offert tel quel . Toute
utilisation de ce contenu sous licence est votre seule risque et pril. Microsoft naccorde aucune autre garantie
expresse. Vous pouvez bnficier de droits additionnels en vertu du droit local sur la protection dues
consommateurs, que ce contrat ne peut modifier. La ou elles sont permises par le droit locale, les garanties
implicites de qualit marchande, dadquation un usage particulier et dabsence de contrefaon sont exclues.
LIMITATION DES DOMMAGES-INTRTS ET EXCLUSION DE RESPONSABILIT POUR LES

DOMMAGES. Vous pouvez obtenir de Microsoft et de ses fournisseurs une indemnisation en cas de dommages
directs uniquement hauteur de 5,00 $ US. Vous ne pouvez prtendre aucune indemnisation pour les autres
dommages, y compris les dommages spciaux, indirects ou accessoires et pertes de bnfices.
Cette limitation concerne:
tout ce qui est reli au le contenu sous licence, aux services ou au contenu (y compris le code)
figurant sur des sites Internet tiers ou dans des programmes tiers; et.
les rclamations au titre de violation de contrat ou de garantie, ou au titre de responsabilit
stricte, de ngligence ou dune autre faute dans la limite autorise par la loi en vigueur.
Elle sapplique galement, mme si Microsoft connaissait ou devrait connatre lventualit dun tel dommage. Si
votre pays nautorise pas lexclusion ou la limitation de responsabilit pour les dommages indirects, accessoires
ou de quelque nature que ce soit, il se peut que la limitation ou lexclusion ci-dessus ne sappliquera pas votre
gard.
EFFET JURIDIQUE. Le prsent contrat dcrit certains droits juridiques. Vous pourriez avoir dautres droits
prvus par les lois de votre pays. Le prsent contrat ne modifie pas les droits que vous confrent les lois de votre
pays si celles-ci ne le permettent pas.
Revised July 2013
xi
Acknowledgments
xii
Microsoft Learning wants to acknowledge and thank the following for their contribution toward
developing this title. Their effort at various stages in the development has ensured that you have a good
classroom experience.
Slavko Kukrika Content Developer
Slavko Kukrika has been a Microsoft Certified Trainer (MCT) for more than 15 years. He holds many
technical certifications, and he is honored to be one of Microsoft Most Valuable Professionals (MVPs).
He has worked with virtualization since the early days of Windows Virtual PC, and he cannot imagine life
without it. He regularly presents at technical conferences, and he is author of several Microsoft Official
Courses. In his private life, Slavko is the proud father of two sons, and he tries to extend each day to at
least 25 hours!
Dave Franklyn Content Developer
Dave Franklyn, MCT, Microsoft Certified Solutions Expert (MCSE), Microsoft Certified IT Professional
(MCITP), Microsoft MVP Windows Expert--It Pro, is a Senior Information Technology Trainer and
Consultant at Auburn University in Montgomery, Alabama, and is the owner of DaveMCT, Inc. LLC. He also
is an East U.S.A. Microsoft Regional Lead MCT. Dave has been a Microsoft MVP since 2011, and has been
teaching at Auburn University since 1998. Working with computers since 1976, Dave started out in the
mainframe world, and moved early into the networking arena. Before joining Auburn University, Dave
spent 22 years in the US Air Force as an electronic communications and computer systems specialist,
retiring in 1998. Dave is president of the Montgomery Windows IT Professional Group.
Orin Thomas Subject Matter Expert
Orin Thomas is an MVP, an MCT and has a string of Microsoft MCSE and MCITP certifications. He has
written more than 20 books for Microsoft Press and is a contributing editor at Windows IT Pro magazine.
He has been working in IT since the early 1990s. He is a regular speaker at events such as TechED in
Australia and around the world on Windows Server, Windows Client, System Center, and security topics.
Orin founded and runs the Melbourne System Center Users Group.
Mitch Garvis Technical Reviewer
Mitch Garvis is a renaissance man of the IT world. In addition to being a Virtual Technical Evangelist
for Microsoft Canada, he also is a senior partner with SWMI Consulting Group. Among his numerous
certifications are several MCITPs, as well as the new MCSE: Private Cloud. He lectures and trains on a
variety of topics, including System Center, server virtualization, desktop deployment, and security. You can
read his blog at www.garvis.ca, and follow him on Twitter as @MGarvis. In his spare time, he likes to break
things, and has recently earned his Second Degree Black Belt in Taekwondo. He makes his home outside
Toronto, Canada, where he has a wife, two kids, two dogs, and three minutes to himself every day.
Contents
Module 1: Evaluating the Environment for Virtualization
Lesson 1: Overview of Microsoft Virtualization
1-2
Lesson 2: Overview of System Center 2012 R2 Components
1-9
Lesson 3: Evaluating the Current Environment for Virtualization
1-16
Lesson 4: Extending Virtualization to the Cloud Environment
1-25
Lab: Evaluating the Environment for Virtualization
1-29
Module 2: Installing and Configuring the Hyper-V Role

Lesson 1: Installing the Hyper-V Role
2-2
Lesson 2: Managing Hyper-V
2-12
Lesson 3: Configuring Hyper-V Settings
2-20
Lesson 4: Hyper-V Host Storage and Networking
2-26
Lab: Installing and Configuring the Hyper-V Role
2-33
Module 3: Creating and Managing Virtual Hard Disks, Virtual Machines,

and Checkpoints
Lesson 1: Creating and Configuring Virtual Hard Disks
3-3
Lesson 2: Creating and Configuring Virtual Machines
3-14
Lab A: Creating and Managing Virtual Hard Disks and Virtual Machines
3-24
Lesson 3: Installing and Importing Virtual Machines
3-30
Lesson 4: Managing Virtual Machine Checkpoints
3-37
Lesson 5: Monitoring Hyper-V
3-46
Lesson 6: Designing Virtual Machines for Server Roles and Services
3-53
Lab B: Creating and Managing Checkpoints and Monitoring Hyper-V
3-60
Module 4: Creating and Configuring Virtual Machine Networks

Lesson 1: Creating and Using Hyper-V Virtual Switches
4-2
Lab A: Creating and Using Hyper-V Virtual Switches
4-9
Lesson 2: Advanced Hyper-V Networking Features
4-13
Lab B: Creating and Using Advanced Virtual Switch Features
4-23
Lesson 3: Configuring and Using Hyper-V Network Virtualization
4-26
Lab C: Configuring and Testing Hyper-V Network Virtualization
4-34
Module 5: Virtual Machine Movement and Hyper-V Replica

Lesson 1: Providing High Availability and Redundancy for Virtualization
5-2
Lesson 2: Implementing Virtual Machine Movement
5-8
Lab A: Moving Virtual Machine and Configuring Constrained Delegation
5-14
Lesson 3: Implementing and Managing Hyper-V Replica
5-18
Lab B: Configuring and Using Hyper-V Replica
5-29
xiii
Module 6: Implementing Failover Clustering with Hyper-V

Lesson 1: Overview of Failover Clustering
6-2
Lesson 2: Configuring and Using Shared Storage
6-12
Lesson 3: Implementing and Managing Failover Clustering with Hyper-V
6-22
Lab: Implementing Failover Clustering with Hyper-V
6-31
Module 7: Installing and Configuring Microsoft System Center 2012 R2

Virtual Machine Manager
Lesson 1: Integrating System Center and Server Virtualization
7-2
Lesson 2: Overview of VMM
7-13
Lesson 3: Installing VMM
7-19
Lesson 4: Adding Hosts and Managing Host Groups
7-28
Lab: Installing and Configuring System Center 2012 R2 Virtual

Machine Manager
7-41
Module 8: Managing the Network and Storage Infrastructure in Microsoft

System Center 2012 R2 Virtual Machine Manager
Lesson 1: Managing Networking Infrastructure
8-2
Lab A: Network Infrastructure Management
8-18
Lesson 2: Managing Storage Infrastructure
8-22
Lab B: Managing Infrastructure Storage
8-32
Lesson 3: Managing Infrastructure Updates
8-36
Lab C: Infrastructure Updates Management
8-42
Module 9: Creating and Managing Virtual Machines by Using Microsoft

Lesson 1: Virtual Machine Management Tasks in VMM
9-2
Lesson 2: Creating, Cloning, and Converting Virtual Machines
9-13
Lesson 3: Overview of Virtual Machine Updating
9-22
Lab: Creating and Managing Virtual Machines by Using System

Center 2012 R2 Virtual Machine Manager
9-26
Module 10: Configuring and Managing the Microsoft System Center 2012 R2
Virtual Machine Manager Library and Library Objects
Lesson 1: Overview of the Virtual Machine Manager Library
10-2
Lesson 2: Working with Profiles and Templates
10-9
Lab: Configuring and Managing the Microsoft System Center 2012 R2

10-23
xiv
Module 11: Managing Clouds in Microsoft System Center 2012 R2 Virtual

Machine Manager
Lesson 1: Introduction to Clouds
11-2
Lesson 2: Creating and Managing a Cloud
11-11
Lesson 3: Working With User Roles in Virtual Machine Manager
11-19
Lab: Managing Clouds in Microsoft System Center 2012 R2

11-27
Module 12: Managing Services in Microsoft System Center 2012 R2 Virtual

Machine Manager and App Controller
Lesson 1: Understanding Services in VMM
Lesson 2: Creating and Managing Services in VMM
Lesson 3: Using App Controller
12-2
12-9
12-16
Lab: Managing Services in Microsoft System Center 2012 R2

Virtual Machine Manager and App Controller
12-24
Module 13: Protecting and Monitoring Virtualization Infrastructure

Lesson 1: Overview of Backup and Restore Options for Virtual Machines
13-2
Lesson 2: Protecting Virtualization Infrastructure by Using DPM
13-9
Lesson 3: Using Operations Manager for Monitoring and Reporting
13-21
Lesson 4: Integrating VMM with Operations Manager
13-29
Lab: Monitoring and Reporting Virtualization Infrastructure
13-35
Module Review and Takeaways
13-40
Lab Answer Keys

Module 1 Lab: Evaluating the Environment for Virtualization
L1-1
Module 2 Lab: Installing and Configuring the Hyper-V Role
L2-7
Module 3 Lab A: Creating and Managing Virtual Hard Disks and

Virtual Machines
L3-17
Module 3 Lab B: Creating and Managing Checkpoints and

Monitoring Hyper-V
L3-25
Module 4 Lab A: Creating and Using Hyper-V Virtual Switches
L4-35
Module 4 Lab B: Creating and Using Advanced Virtual Switch Features
L4-40
Module 4 Lab C: Configuring and Testing Hyper-V Network

Virtualization
L4-43
Module 5 Lab A: Moving Virtual Machine and Configuring

Constrained Delegation
L5-47
Module 5 Lab B: Configuring and Using Hyper-V Replica
L5-52
Module 6 Lab: Implementing Failover Clustering with Hyper-V
L6-57
Module 7 Lab: Installing and Configuring System Center 2012 R2

L7-65
Module 8 Lab A: Network Infrastructure Management
L8-73
Module 8 Lab B: Managing Infrastructure Storage
L8-78
xv
Module 8 Lab C: Infrastructure Updates Management
L8-81
Module 9 Lab: Creating and Managing Virtual Machines by Using

L9-83
Module 10 Lab: Configuring and Managing the Microsoft System

Center 2012 R2 Virtual Machine Manager Library and Library Objects
L10-87
Module 11 Lab: Managing Clouds in Microsoft System

L11-91
Module 12 Lab: Managing Services in Microsoft System

Center 2012 R2 Virtual Machine Manager and App Controller
L12-99
Module 13 Lab: Monitoring and Reporting Virtualization

Infrastructure
L13-105
xvi
About This Course

This section provides a brief description of the course, audience, suggested prerequisites, and course
objectives.
Course Description
About This Course
xvii
This course will provide you with the knowledge and skills necessary to create, maintain, monitor, and
protect a virtualization infrastructure. You will learn about creating and managing virtual machines,
managing virtual machine networks, and providing high availability for a Windows Server 2012 R2
Hyper-V environment. This course also will describe how to create and manage virtual machines, clouds,
and services by using Microsoft System Center 2012 R2 Virtual Machine Manager (VMM).
Audience
This course is intended for IT professionals who design, implement, manage, and maintain virtualization
infrastructures, and for IT decision makers who will determine which virtualization product to implement
in their data centers. This course also is suitable for IT professionals who want to learn about current
Microsoft virtualization technologies.
Student Prerequisites
This course requires that you meet the following prerequisites:
An understanding of TCP/IP, iSCSI, and networking.
An understanding of different storage technologies.
The ability to work on a team or a virtual team.
Good documentation and communication skills to create proposals and make budget
recommendations.
An understanding of Windows PowerShell.
Course Objectives
After completing this course, students will be able to:
Evaluate their organizations virtualization requirements and plan for server virtualization.
Install and configure the Hyper-V role.
Create virtual machines, create and manage virtual hard disks, and work with checkpoints.
Create and configure virtual machine networks in a Hyper-V environment.
Implement virtual machine movement and the Hyper-V Replica feature.
Provide high availability for a Hyper-V environment by implementing failover clustering.
Manage a virtual environment by using VMM.
Manage networking and storage infrastructure in VMM.
Create and manage virtual machines by using VMM.
Configure and manage a VMM library and library objects.
Create and manage clouds by using VMM.
Create and manage services in VMM.
Protect virtualization infrastructure by using Windows Server Backup and Data Protection Manager.
About This Course
Course Outline
The course outline is as follows:
xviii
Module 1, Evaluating the Environment for Virtualization" describes the Microsoft virtualization products
and System Center 2012 R2 components. It provides a broad overview of virtualization and a foundation
for the following modules.
Module 2, Installing and Configuring the Hyper-V Role" describes the Windows Server 2012 R2 features
that are beneficial for Hyper-V. It also describes how to add the Hyper-V role to Windows Server 2012 R2,
and how to configure the role.
Module 3, Creating and Managing Virtual Hard Disks, Virtual Machines, and Checkpoints" describes how
to create and configure virtual hard disks, virtual machines, and their components in the Hyper-V
environment. It also describes checkpoints and how to manage them in the Hyper-V environment.
Module 4, Creating and Configuring Virtual Machine Networks" describes Hyper-V virtual machine
networking options and explains how network virtualization works in the Hyper-V environment. It also
describes the different types of virtual switches, and how you can create and manage them.
Module 5, Virtual Machine Movement and Hyper-V Replica" describes the configuration and use of
Hyper-V, and the options that you can use to provide high availability in the Hyper-V environment. It also
describes how to move virtual machines between Hyper-V hosts and how to use Hyper-V Replica.
Module 6, Implementing Failover Clustering with Hyper-V" describes failover clustering, and how you
can implement and manage it in the Hyper-V virtual environment. It also describes how you can use
failover clustering to provide high availability for the Hyper-V environment.
Module 7, Installing and Configuring Microsoft System Center 2012 R2 Virtual Machine Manager"
describes how to install VMM, and explains its main features. It also describes how to add virtualization
hosts to VMM, and manage virtualization hosts and host groups.
Module 8, Managing the Network and Storage Infrastructure in Microsoft System Center 2012 R2 Virtual
Machine Manager" describes VMM networking options, and how to manage storage infrastructure and
infrastructure updates in VMM.
Module 9, Creating and Managing Virtual Machines by Using Microsoft System Center 2012 R2 Virtual
Machine Manager" describes how to create and manage virtual machines in VMM, and how to configure
virtual machine updating.
Module 10, Configuring and Managing the Microsoft System Center 2012 R2 Virtual Machine Manager
Library and Library Objects" describes how to use and manage the Virtual Machine Manager library, and
how to configure library settings. It also explains how to use profiles and templates in VMM.
Module 11, Managing Clouds in Microsoft System Center 2012 R2 Virtual Machine Manager" describes
how to create and manage clouds and user roles in VMM.
Module 12, Managing Services in Microsoft System Center 2012 R2 Virtual Machine Manager and App
Controller" describes services in VMM and App Controller, and how to manage them. It also explains how
to use App Controller for cloud management.
Module 13, Protecting and Monitoring Virtualization Infrastructure" describes how to use the backup
and restore options in VMM, and how to protect the virtualization infrastructure by using DPM. It also
describes how to monitor the virtualization infrastructure and generate reports by using System Center
2012 R2 Operations Manager, and how to configure Operations Manager integration with VMM.
Course Materials
The following materials are included with your kit:
Course Handbook: a succinct classroom learning guide that provides the critical technical
information in a crisp, tightly-focused format, which is essential for an effective in-class learning
experience.
About This Course
xix
Lessons: guide you through the learning objectives and provide the key points that are critical to
the success of the in-class learning experience.
Labs: provide a real-world, hands-on platform for you to apply the knowledge and skills learned
in the module.
Module Reviews and Takeaways: provide on-the-job reference material to boost knowledge
and skills retention.
Lab Answer Keys: provide step-by-step lab solution guidance.
Course Companion Content on the http://www.microsoft.com/learning/en/us

/companion-moc.aspx Site: searchable, easy-to-browse digital content with integrated premium
online resources that supplement the Course Handbook.
Modules: include companion content, such as questions and answers, detailed demo steps and
additional reading links, for each lesson. Additionally, they include Lab Review questions and
answers and Module Reviews and Takeaways sections, which contain the review questions and
answers, best practices, common issues and troubleshooting tips with answers, and real-world
issues and scenarios with answers.
Resources: include well-categorized additional resources that give you immediate access to the
most current premium content on TechNet, MSDN, or Microsoft Press.
Student Course files on the http://www.microsoft.com/learning/en/us/companion-moc.aspx

Site: includes the Allfiles.exe, a self-extracting executable file that contains all required files for the
labs and demonstrations.
Course evaluation: At the end of the course, you will have the opportunity to complete an online
evaluation to provide feedback on the course, training facility, and instructor.
To provide additional comments or feedback on the course, send an email to

support@mscourseware.com. To inquire about the Microsoft Certification Program, send an
email to mcphelp@microsoft.com.
About This Course
Virtual Machine Environment
xx
This section provides the information for setting up the classroom environment to support the business
scenario of the course.
Virtual Machine Configuration

In this course, you will use Microsoft Hyper-V to perform the labs.
The following table shows the role of each virtual machine that is used in this course:
Virtual machine
Role
20409B-LON-HOST1
Boot to VHD image one of a pair
20409B-LON-HOST2
Boot to VHD image second server in the pair
20409B-LON-DC1
Domain controller in the Adatum.com domain
20409B-LON-SVR1
Member server in the Adatum.com domain
20409B-LON-SVR2
Member server in the Adatum.com domain
20409B-LON-VMM1
Member server in the Adatum.com domain, Microsoft System Center

2012 R2 VMM and Microsoft System Center 2012 R2 App Controller
will be installed on this server
20409B-LON-SS1
Windows Server 2012 R2 with Internet small computer system

interface (iSCSI) target
20409B-LON-OM1
Microsoft System Center 2012 R2 Operations Manager (Operations

Manager)
20409B-LON-WSUS
A Window Server Update Services server
20409B-LON-CL1
Windows 8.1 client with Microsoft Office 2013 installed
20409B-LON-CL2
Windows 8.1 client with Office 2013 installed
20409B-LON-TEST1
Stand-alone server
20409B-LON-TEST2
Stand-alone server
20409B-LON-PROD1
Stand-alone Windows 8.1 client
20409B-LON-PROD2
Stand-alone Windows 8.1 client
Classroom Setup
This course requires two host computers for the instructor and for each student (or pair of students
working in a team). The two computers for each person must have network connectivity with each other,
but must not be able to communicate with other computers on the network.
The two host computers will be configured to run Hyper-V as part of the classroom installation, or as part
of the student labs. Each host computer will also host several virtual machines.
Course Hardware Level
About This Course
To ensure a satisfactory student experience, Microsoft Learning requires a minimum equipment

configuration for trainer and student computers in all Microsoft Certified Partner for Learning Solutions
(CPLS) classrooms in which Official Microsoft Learning Product courseware is taught.
Hardware Level 7
64-bit Intel Virtualization Technology (Intel VT) or AMD Virtualization (AMD-V) processor (2.8
gigahertz [GHz] dual core or more recommended)
Dual 500 gigabyte (GB) hard disks, 7200 RPM Serial ATA (SATA) or faster. Each hard disk must be
configured as a separate drive labeled Drive C and Drive D
16 GB RAM
DVD (dual layer recommended)
Network adapter
Dual SVGA monitors that are 17 inches or larger, supporting 1,440 x 900 minimum resolution
Microsoft mouse or compatible pointing device
Sound card with amplified speakers
Additionally, the instructor computer must be connected to a projection display device that supports
1,280 x 1,024 pixels, with 16-bit color.
Navigation in Windows Server 2012 R2 or Windows 8.1

If you are not familiar with the user interface in Windows Server 2012 R2 or Windows 8.1, then the
following information will help orient you to the new interface.
Sign in and Sign out replace Log in and Log out.
Administrative tools are found in the Tools menu of Server Manager.
Move your mouse to the lower right corner of the desktop to open a menu with:
Settings: This includes Control Panel and Power.
Start menu: This provides access to some applications.
Search: This allows you to search applications, settings, and files.
You also may find the following shortcut keys useful:
Windows: Opens the Start menu.
Windows+C: Opens the same menu as moving the mouse to the lower right corner.
Windows+I: Opens Settings.
Windows+R: Opens the Run window.
xxi

1-1
Module 1
Evaluating the Environment for Virtualization
Contents:
Module Overview
1-1
Lesson 1: Overview of Microsoft Virtualization
1-2
Lesson 2: Overview of System Center 2012 R2 Components
1-9
Lesson 3: Evaluating the Current Environment for Virtualization
1-16
Lesson 4: Extending Virtualization to the Cloud Environment
1-25
1-29
1-33
Module Overview
Microsoft offers several virtualization technologies that organizations can use to resolve challenges
that they encounter when running traditional server computing environments. For example, server
virtualization can help reduce the number of physical servers, and provide a flexible and resilient server
solution for businesses. This module provides an overview of the different Microsoft virtualization
technologies, and explains how you can use these technologies to manage both virtualization and
traditional infrastructures. This module also describes how to evaluate your business environment to
plan for virtualization.
Note: For the purpose of this course, all instances of Microsoft System Center 2012 R2
Virtual Machine Manager are referred to as VMM.
Objectives
After completing this module, you will be able to:
Describe the various virtualization technologies and the scenarios where you would apply each
technology.
Describe the different Microsoft System Center 2012 R2 components, and explain how you can use
them to manage both traditional and modern infrastructure solutions.
Evaluate your organizations virtualization requirements and plan for server virtualization.
Lesson 1
Overview of Microsoft Virtualization
1-2 Evaluating the Environment for Virtualization
Microsoft offers a number of virtualization technologies that administrators and infrastructure architects
can use to create and administer a virtual environment. To use these tools effectively, it is important for
administrators and infrastructure architects to know how and when to apply which Microsoft technology.
In many cases, you can combine multiple technologies to build an effective virtualized business solution.
For example, a new email infrastructure may consist of a server and several client systems, and you may
want to consider the various virtualization technologies available before deciding on and implementing
the one that best meets your business requirements. This lesson describes the different types of
virtualization technologies and the principles of cloud computing.
Lesson Objectives
After completing this lesson, you will be able to:
Describe the different types of virtualization technologies.
Explain the scenarios where you would implement server virtualization.
Describe the features and benefits of network virtualization.
Describe the features and benefits of user state virtualization.
Describe the features and benefits of presentation virtualization.
Describe the features and benefits of application virtualization.
Describe the features and benefits of cloud computing.
Different Types of Virtualization

Microsoft provides a host of virtualization options,
each of which you can use to meet a specific set
of challenges. The following list provides an
overview of each type of virtualization:
Server virtualization. You can use server

virtualization to host a large number of
virtual machines. Server Virtualization uses
the Windows Server 2012 Hyper-V platform.
Desktop virtualization. Desktop virtualization

can refer to either client side virtualization,
such as the Hyper-V client on a computer
running Windows 8.1, or virtual desktop
infrastructure, where the client computer operating systems run on a server virtualization host.
User state virtualization. User state virtualization captures and centralizes application and Windows
operating system settings for users. This enables users to sign in to any device while retaining their
settings.
Presentation virtualization. Presentation virtualization allows desktops and applications that are
running on a Remote Desktop Services server to display on remote clients.
1-3
Network virtualization. Network virtualization enables you to isolate networks used in server
virtualization without requiring the implementation of virtual local area networks (VLANs).
Application virtualization. You can use application virtualization to virtualize applications, which then
enables applications to run in or be streamed to special containers on a host operating system.
Note: Later topics in this lesson discuss in more detail each type of virtualization and the
scenarios in which you would deploy them.
What Is Server Virtualization?
In Microsoft environments, server virtualization

involves running virtual machines on a host that
is running the Hyper-V role. Server virtualization
abstracts a physical servers resources, and then
presents the resources to each virtual machine
that is running on the physical host. For example,
server virtualization allows y multiple virtual
machines to share the same physical hardware,
yet appear as separate servers on the organization
network. Virtual machines (known as guests) that
run on a Hyper-V server (known as a host) can
run any supported operating system including
Windows Server, Windows client operating systems (such as Windows 8) and supported distributions of
Linux.
Server virtualization allows you to use hardware resources more efficiently. Consider a scenario where you
have separate computers running Microsoft Exchange Server 2013, Microsoft SQL Server 2012, Microsoft
SharePoint Server 2013, file and print services, Domain Name System (DNS), Dynamic Host Configuration
Protocol (DHCP). Additionally, you have another server functioning as an Active Directory domain
controller. If you use server virtualization, you can instead configure a single appropriately provisioned
server and run each of these separate computers as virtual machine guests. You can even make these
virtual machines highly available by deploying additional appropriately provisioned servers running
Hyper-V and configuring them in a failover cluster relationship.
Server virtualization allows you to detach the computer that is hosting a particular service or workload
from the hardware on which that service or workload runs. For example, you may have a virtualized
computer that hosts a SQL Server 2012 instance that is a guest on a Hyper-V host with other virtualized
computers. If the virtualized computer that hosts the SQL Server 2012 instance requires more computing
resources than are available on the current host, you can simply move the virtual machine to another
Hyper-V host that has resources that better meet the requirements of the workload.
What Is Desktop Virtualization?

Desktop virtualization often represents two
separate concepts:
Client-side virtualization. A hypervisor runs

on a desktop operating system such as
Windows 8.1 and hosts a small number of
virtual machines that the user will utilize.
Virtual Desktop Infrastructure (VDI). The client

operating system runs on a remote server,
and users connect to it by using a Remote
Desktop client.
Client-Side Virtualization
Client-side virtualization uses the Hyper-V role on supported operating system editions and hardware
running Windows 8 and Windows 8.1. Virtual machines running on Hyper-V client are compatible with
servers running Hyper-V. Client-side virtualization is often used as an application compatibility solution,
allowing individual users to run multiple versions of the Windows client operating system simultaneously
on their client computer hardware.
You would typically use client-side virtualization in scenarios where you need to provide application
compatibility to a small number of users. When larger numbers of users require an application
compatibility solution, you should instead host the previous version of the Windows client operating
system on a server running Hyper-V.
For example, consider a scenario where in an organization of several hundred people you have five users
that need to run a series of applications on the Windows XP operating system for several months until a
replacement solution can be found. All users in this organization have desktop computers that run the
Windows 8.1 operating system. In this scenario, you should consider deploying Windows XP in a virtual
machine that runs client Hyper-V. If you have a large number of users that need to run a series of
incompatible applications, or the incompatible applications need to be used on a long-term basis, you
might consider a different solution such as VDI or System Center 2012 R2 Application Virtualization
(App-V).
VDI
VDI enables you to run some or all of an organizations client computers as virtual machines. Users can
connect to those virtual machines by using a Remote Desktop Client from any compatible computer or
device. Client computers in a VDI deployment run as a pool of virtual machines, which provides
organizations with the following benefits:
One client accessible through any device. Because the client operating system runs independently of
hardware, users can access their personal client virtual machine by using a variety of devices. VDI
provides a solution for Bring Your Own Device (BYOD) environments, ensuring that a standardized
environment is available even if each user has their own unique device.
Reduced hardware costs. Instead of having to manage and maintain a client computer for each user,
you only need to meet the minimum requirement of a keyboard, a mouse, and a display capable of
running a Remote Desktop client.
Simplified updates. Rather than updating clients individually, you can update virtual machines in a
VDI deployment in a centralized way.
Simplified deployment. You can deploy a new computer quickly from the existing virtual machine
pool. This is simpler than having to install and manage the operating system, applications, hardware,
and updates for each individual computer that you deploy.
1-5
High availability. Because the client computer is a virtual machine, you can make it highly available by
running it on highly available virtualization hosts. In the event that the hardware or device on which
the client virtual machine runs experiences a hardware failure, you can issue a replacement without
the user losing access to applications or data. This is because the operating system, applications, and
data are kept separate from any client computer hardware.
Backup and recovery. Because virtual machines are data, VDI simplifies the process of centrally
backing up client computers.
What Is Network Virtualization?

Network virtualization provides a way to isolate
virtual networks and the virtual machines that
connect to them, without having to implement
VLANs. Network virtualization is of primary
interest to organizations that host large numbers
of virtual machines that require isolation of one
group of virtual machines from another. Isolation
may be required because the different groups of
virtual machines use the same IP address scheme,
or there may be political or regulatory reasons
why one set of virtual machines must be isolated
from other groups of virtual machines.
By using gateways or virtual private network (VPN) extensions, you can extend virtualized networks for
isolated communication between Hyper-V hosts. Network virtualization provides many of the benefits
that VLANs provide without requiring you to configure physical switches with appropriate VLAN IDs.
Hyper-V Network Virtualization technical details
http://go.microsoft.com/fwlink/?LinkID=285279
What Is User State Virtualization?

User State Virtualization allows users to sign in to
any device while retaining their operating system
and application settings. This provides users with
a consistent Windows operating system and
application experience. UE-V works with locally
installed desktops or VDI with any combination of
locally installed applications, App-Vsequenced
application, and applications that use RemoteApp.
User Experience Virtualization (UE-V) is a

System Center 2012 tool that enables users
to synchronize their user settings for both
applications and operating system across multiple
computers. Virtualizing user settings is also known as user state virtualization. UE-V includes the following
components:
Settings storage location. This is a file share that the UE-V agent uses to store the settings.
User Experience Virtualization agent. This agent is installed on each computer that will synchronize
the settings stored in the Settings storage location.
Settings location templates. These are XML files that define what settings UE-V should monitor. The
UE-V installation includes these templates.
Settings package. These packages are generated by the UE-V agent, and are then copied to the
Settings storage location.
User state virtualization is useful in environments where users might sign in to different computers or
devices but need to access their customized and configured operating system and application settings.
One example might be in a call center environment where users are assigned a separate desk each time
they arrive at work, but where policies allow them to configure their own desktop background (including
shortcuts) and operating system settings.
High-Level Architecture for UE-V 1.0
What Is Presentation Virtualization?

Presentation virtualization is another way of
describing the Remote Desktop and RemoteApp
functionality of the Remote Desktop Services role
in Windows Server 2012 R2. With presentation
virtualization, the application, or the entire remote
desktop runs on the server. The application user
interface, or the computers desktop, displays on
the clients device.
Presentation virtualization allows applications

that would normally not be able to run on a client
because of resource constraints, to be accessible
on that client because the application runs on the
server. For example, you can use RemoteApp to run an app that requires 4 gigabytes (GB) of random
access memory (RAM), on a computer with 2 GB of RAM. This is possible because the app will be
executing on the Remote Desktop server. Remote App supports file associations on some client operating
systems. For example, if a user double clicks on a Microsoft Visio document file, a Visio RemoteApp
session may open to a Remote Desktop Services server that is hosting the Visio app.
Remote Desktop client software exists for devices running the Windows RT, Windows Phone, Apple iOS,
Mac OSX, and Android operating systems. This makes Remote Desktop another possible solution in BYOD
environments where users may need to run apps that you do not want to or cannot run locally for
architectural or resource reasons.
What Is App-V?
Application Virtualization (App-V) is a System
Center tool that virtualizes apps by abstracting
them from the operating system. App-V allows
apps to run without having to install them on the
computer or server that the user is accessing. As
App-V apps run in a separate virtualized silo, it
allows you to run apps side by side that would
otherwise cause conflicts. For example, using
App-V you can run different versions of a
Microsoft Office application concurrently, which
is not possible without App-V.
App-V benefits include:
1-7
Running applications that would otherwise conflict. For example, you can run two different versions
of Microsoft Office on the same computer or in an RD Session Host server. Each application has all the
necessary sequenced files that it requires to run.
Virtualized applications display as if they are installed locally. Users can start applications from the
Start Screen, from desktop icons, and by file extension association. App-V applications use local
resources+ and display in Task Manager.
App-V applications can be streamed on demand from an App-V server. This allows an application not
present locally to be started more quickly.
App-V applications can be stored locally once they have completely streamed from the host server.
App-V apps can also be installed.
Simplified management and deployment. With streaming, virtual applications are delivered on
demand from a server, thereby allowing users to download them automatically when they are
required. Administrators can update applications on the server and the App-V Desktop Client will
download the newer version automatically the next time the user runs the application.
What Is Cloud Computing?

Cloud computing is a term that describes the
delivery and consumption of computing and
application resources from a remote location,
often but not necessarily over the Internet. Users
can subscribe to cloud computing resources,
which are usually then measured and billed similar
to utility services. Cloud computing applications
are typically independent of an operating system,
and they are available to users across a wide
variety of devices. From an administrative
perspective, cloud computing infrastructure
should be pooled, should be able to deliver
multitenant services, and should allow rapid scalability.
Cloud computing service models include software as a service (SaaS), platform as a service (PaaS), and
infrastructure as a service (IaaS). Cloud computing has three main deployment models:
Public cloud. Public clouds are infrastructure, platform, or application services that are delivered from
a cloud service provider for access and consumption by the public.
Private cloud. Private clouds are privately owned and managed clouds that offer similar benefits to
that of public clouds, but are designed and secured for use by a single organization.
Hybrid cloud. In a hybrid cloud, a technology binds two separate clouds (public and private) together
for the specific purpose of obtaining resources from both.
Microsoft cloud services provide technology and applications across all of these cloud computing models.
Some examples of Microsoft cloud services are:
Microsoft public cloud services:

o
Windows Azure. Windows Azure is a public cloud environment that offers PaaS, SaaS, and IaaS.
Developers can subscribe to Windows Azure services and create software, which is delivered as
SaaS. Microsoft cloud services uses Windows Azure to deliver some of its own SaaS applications.
Microsoft Office 365. Office 365 delivers online versions of the Microsoft Office applications and
online business collaboration tools.
Microsoft Dynamics CRM Online. Microsoft Dynamics CRM Online is the Microsoft-hosted version
of the on-premises Microsoft Dynamics CRM application.
Microsoft private cloud:

o
Hyper-V in Windows Server 2012 R2 combines with System Center 2012 R2 to create the
foundation for building private clouds. By implementing these products as a combined solution,
you can deliver much of the same functionality offered by public clouds.
Microsoft hybrid cloud:

o
Microsoft provides a number of hybrid cloud solutions that enable you to:
Back up an on-premises cloud application to a service provider.
Manage, monitor, and move virtual machines between different clouds.
Connect and federate directory services that allow your users to access applications that are
constructed across a combination of on-premises, service provider, and public cloud types.
You can reduce the computing costs of your organization by using Microsoft cloud computing
technologies. You can also improve the delivery times for infrastructure and application services, ensure
that they are always available, and monitor their performance.
Lesson 2
Overview of System Center 2012 R2 Components
1-9
System Center 2012 R2 includes several integrated technologies that you can use to deploy, configure,
and manage servers, clients, mobile devices, services, and applications. In this lesson, you will review the
various technologies included in System Center 2012 R2, and explore their features and functionalities.
Lesson Objectives
Explain how to use System Center 2012 R2 to manage a data center.
Describe the features and functionalities of System Center 2012 R2 Virtual Machine Manager.
Describe the features and functionalities of System Center 2012 R2 App Controller.
Describe the features and functionalities of System Center 2012 R2 Operations Manager.
Describe the features and functionalities of System Center 2012 R2 Orchestrator.
Describe the features and functionalities of System Center 2012 R2 Service Manager.
Describe the features and functionalities of System Center 2012 R2 Data Protection Manager.
Using Microsoft System Center 2012 R2 to Manage a Data Center

System Center 2012 R2 is a group of integrated
management technologies that predominantly IT
professionals use to deploy, manage, maintain,
monitor, and automate servers, computers, mobile
devices, services and applications. The following
list summarizes the components and their
purpose.
System Center 2012 R2 Virtual Machine

Manager

(VMM) provides administrators with a single
administrative tool for deploying and managing a
virtualization infrastructure, including managing components such as hosts, storage, networks, libraries,
and update servers. VMM also provides the foundation for managing virtual machines configuration and
deployment.
System Center 2012 R2 App Controller
System Center 2012 R2 App Controller (App Controller) provides a self-service portal for administrators
who are deploying and managing applications and services across one or more sites. App Controller
enables you to access and manage resources from one or more VMM servers, and from multiple Windows
Azure subscriptions.
System Center 2012 R2 Service Manager
System Center 2012 R2 Service Manager (Service Manager) offers service management, process
automation, asset tracking, and a self-service portal to access resources that are defined in a service
catalog. Service Manager offers an easy-to-build configuration management database, which pulls data
from Active Directory Domain Services (AD DS) and System Center components. This allows companies to
establish and use controls and operations based on guidelines of either the Information Technology
Infrastructure Library or Microsoft Operations Framework.
System Center 2012 R2 Orchestrator

System Center 2012 R2 Orchestrator (Orchestrator) is a runbook automation component that allows
administrators to integrate and automate their data centers. Orchestrator utilizes integration packs,
including many built-in authored packs that allow administrators to connect different systems.
System Center 2012 R2 Operations Manager
System Center 2012 R2 Operations Manager (Operations Manager) is the management component that
you use to monitor applications and performance. You can integrate Operations Manager with VMM,
Service Manager, Orchestrator, and DPM. Operations Manager utilizes vendor-authored management
packs that provide detailed information about the application and health-state monitoring.
System Center 2012 R2 DPM

System Center 2012 R2 DPM () is an enterprise backup component that performs application-aware
block-level backups. It utilizes Volume Shadow Copy Service (VSS) writers to help protect and recover
applications such as SQL Server, Exchange Server, SharePoint Server 2012, and AD DS. Additionally, it
provides specific VSS writers for System Center 2012 components.
For more information on what is new in the System Center 2012 R2 components, see:
What's New in System Center 2012 R2
Note: The following topics will examine each of the System Center components, their
features, and their integration capabilities in more depth.
Overview of VMM
VMM provides you with a single administrative
tool for deploying and managing a virtualization
infrastructure. You use VMM to manage large
numbers of virtual machine hosts and virtual
machines. Using VMM, you can deploy and
manage all components of your virtual machine
and virtual machine host infrastructure. You can
use VMM to manage a single virtual machine host
computer, or to manage as many as 400 hosts and
8,000 guests.
You can use VMM to perform the following tasks:
Bare-metal deployment of hosts. You can

automate deployment of Windows Server host machines on physical servers.
Host and cluster creation. You can create Hyper-V hosts and clusters easily by using the VMM
console, which simplifies manual deployment and reduces the possibility of configuration errors.
Host groups. You can group hosts for manage multiple hosts.
Cross-platform management. VMM supports Citrix XenServer host and pool management, and
supports VMware ESX hosts through integration with VMware vSphere.
1-11
Storage configuration. Configure and manage storage.
Network configuration. Allows you to create and manage virtual networks.
Intelligent placement. Intelligent placement helps you select an appropriate host for a virtual machine
based on available resources.
Dynamic optimization. VMM can balance workloads automatically, according to configurable

thresholds for core resources such as CPU, memory, disk, and network utilization.
Power optimization. You can configure VMM to use power thresholds that you specify. This enables
VMM to evaluate the performance requirements of a Hyper-V host cluster, and shut down hosts if
they are not required to provide adequate performance.
Performance and Resource Optimization (PRO). PRO allows you to ensure that virtual machines are
moved automatically when there is resource contention.
Microsoft Server Application Virtualization (Server App-V). Server App-V enables you to virtualize
server-based applications.
Whats New in System Center 2012 - Virtual Machine Manager
http://go.microsoft.com/fwlink/?LinkId=253224
Overview of App Controller

App Controller is a self-service portal that enables
administrators and end users to control, deploy,
and configure applications and virtual machines
across VMM deployments and public clouds. App
Controller provides self-service capabilities that
enable administrators to deploy and administer
resources across multiple VMM servers, and across
Window Azure and service-provider data center
resources.
You can configure App Controller to use up to five

VMM servers and their resources. App Controller
provides web-based access through which you
can control applications, virtual machines, and virtual machine resources, including libraries and shares.
App Controller can control as many as 20 Windows Azure subscriptions. It allows you to upload virtual
hard disks and images to Windows Azure from a library or from network shares, and add virtual machines
to deployed services in Windows Azure. Additionally, you can manipulate and migrate virtual machines to
and from Windows Azure.
Overview of Operations Manager

Operations Manager is a cross-platform
monitoring and alerting solution that provides
application and infrastructure monitoring.
Operations Manager can monitor both physical
and virtual layers, and it introduces a fabric health
dashboard and cloud health dashboard. These
dashboards provide status information such as
host state, storage pool state, network node state,
file share, and logical unit number (LUN) state.
Other benefits of integrating VMM with
Operations Manager, include:
Monitoring the health and availability of the

VMM management server, the VMM database server, and the Virtual Machine Manager library
servers. You can also monitor a VMware-based virtual environment.
Viewing diagram views of your virtualized environment from within the Operations console.
Implementing PRO tips, which collect performance data from host machines, virtual machines, and
applications. PRO tips enable you to automate changes to the VMM and host environment, based
on the performance information that Operations Manager provides. For example, if a physical hard
disk fails, an alert in Operations Manager can trigger the migration of all virtual machines from a
host with a degraded disk subsystem. Another example could be using performance information to
automatically scale out a web farm in response to increased transactions in VMM. The reports are
available in the VMM console, but display data is retrieved from Operations Manager.
Enabling maintenance-mode integration. When you place hosts in maintenance mode, VMM
attempts to put them in maintenance mode in Operations Manager.
Integrating SQL Server Analysis Services (SSAS), which allows you to run forecasting reports that can
predict host activity based on history of disk space, memory, network I/O, disk I/O, and CPU usage.
SSAS also supports using a SAN for usage forecasting.
How to Connect VMM with Operations Manager
Overview of Orchestrator
Orchestrator is the Microsoft runbook automation
platform. You use Orchestrator to automate
virtualization management tasks. Orchestrator
allows you to create automation using the
Orchestrator Runbook Designer. The Runbook
Designer is a simple drag-and-drop interface
that makes it easier to design processes to help
accomplish complex tasks. This allows you to
create quick automation without having to create
and manage complex Windows PowerShell scripts.
Orchestrator has a number of built-in runbook

activities that perform a wide range of functions,
and that you can extend with integration packs. Integrations packs contain Runbook activities and objects
1-13
that allow Orchestrator to extend its capabilities to other Microsoft and non-Microsoft components. The
Virtual Machine Manager integration pack includes tasks related to the management of VMM,
virtualization hosts, and virtual guests.
Overview of Service Manager

Service Manager is a System Center component
that you use to automate business processes
and implement service management as defined in
the Information Technology Infrastructure Library
and the Microsoft Operations Framework. Many
prebuilt products exist for incident and problem
management, and change, release, and life cycle
management.
Virtualization environments are dynamic by
nature. Therefore, you should manage them by
using documented processes and procedures that
are based around the Information Technology
Infrastructure Library or Microsoft Operations Framework. Service Manager can help you govern
virtualization or private cloud computing with the following functionality:
Management of incidents, problems, changes, and releases. For application and infrastructure owners,
administrators, service analysts, and end users, Service Manager offers a single location from which to
govern and manage deployment changes, and administrate a complex virtualization environment.
Service Manager provides a SharePointbased portal that you can customize and configure with a
software or service catalogue that you can link to self-service request offerings. You can configure
request offerings to trigger business approval processes and system processes that deliver the
request. This provides a level of automation that significantly increases efficiency.
Compliance. Service Manager has a downloadable management pack that can assist you with
managing and automating IT governance, risk, and compliance responsibilities, and can help you
connect complex business objectives to Microsoft infrastructure.
Note: Management packs extend System Center 2012 R2 functionality, and enable
integration between System Center components. You can download and install a wide variety of
management packs for most System Center components.
An integrated platform. Service Manager has several available connectors to leverage Service
Managers full integration capabilities. You can use these connectors to import data into the Service
Manager Configuration Management database from AD DS, .csvc files, and other System Center
components.
Overview of DPM
Data Protection Manager (DPM) is a data backup
and recovery solution that works with disk-to-disk
and disk-to-tape backups. You can use DPM to
back up and restore Windows Servers operating
system servers, and application servers such as:
SQL Server
Exchange Server
Hyper-V
File servers
AD DS
SharePoint Server
DPM also includes support for system state and bare-metal recovery, offers protection for Windows
desktop clients, and provides some elements of self-service.
When planning a virtualization environment, you need to implement a backup system that will back up
the following items:
Virtual machines. Sometimes referred to as virtual machine backups, in-guest backups, or traditional
backups, these backups are usually unaware of virtualization and are designed with an application in
mind. For example, Exchange backups should protect Exchange components such as stores and
mailboxes. Additionally, if you want to protect your entire server structure, you should perform a
system-state backup and include data drivers. If you must recover your entire server structure, you
must use a recovery copy that includes a full backup of all components.
Host server backup. Not to be confused with backing up the host itself, a host-level backup is a
Hyper-Vaware backup designed to protect the virtualization files that comprise a virtual machine.
Virtualization files may include virtual machine configuration files, .vhd files, and snapshots. DPM uses
VSS to back up files while they run. You can use this form of backup to recover an entire virtual
machine or one of its disks, in place, to the same virtualization host server, or to an alternate
virtualization host server.
DPM provides the following important data center backup system features:
VSS backups. DPM uses VSS to protect data sources while the data source continues to run.
This means that applications and servers do not have to be taken offline while DPM provides the
protection for them. After an initial full backup is complete, DPM can back up just the block changes,
incrementally, which allows for faster and more efficient backup and recovery.
Hyper-V item-level recovery support. DPM can recover specific files, folders, volumes, and virtual hard
disks from a host-level backup of Hyper-V virtual machines.
Hyper-V host and guest support. DPM supports host-based protection when the agent is installed on
the host computer, and guest-based protection when the agent is installed on the virtual machine.
For guests running Windows Server 2003 and newer Windows Server versions, DPM provides online
backups that ensure that DPM does not impact the performance of the protected virtual machine
when providing protection.
1-15
Integration with Operations Manager. Integrating DPM with Operations Manager provides
monitoring for the DPM environment via the DPM Management Pack. The DPM Central Console,
which is built on Operations Manager, allows you to monitor all DPM servers from a central
computer. You can use the Central Console to open a DPM Administrator Console to manage DPM
remotely.
Integration with other System Center 2012 components. With the integration of DPM and
Orchestrator, you can automate functions such as data protection and recovery. Using Service
Manager and the Self-Service Portal together with DPM and Orchestrator, you can also offer these
functions as services to private cloud users.
Self-service functionality. DPM also has a self-service function that administrators can use to configure
and delegate restore functionality to self-service users. You can grant permission to restore to the
same server, or to restore to an alternate server, including to which alternate servers.
Windows Azure Backup. You can back up DPM data to Windows Azure.
Linux virtual machine backup. DPM provides support for Linux virtual machines.
Note: When building a virtualization solution (or any solution), it is important to test and
validate data by using the restore functionality. Ensure that you can restore each type of backup,
and be sure to implement a plan with periodic testing of backup integrity.
Lesson 3
Evaluating the Current Environment for Virtualization
Prior to implementing virtualization into your organization, you must first determine key evaluation
factors that you can use to assess your organizations virtualization requirements. You will learn about
some of the available resources, including solution accelerators such as the Microsoft Assessment and
Planning Toolkit (MAP). This lesson also describes some of the principal design factors for implementing a
server virtualization solution.
Lesson Objectives
Evaluate your organizations requirements for server virtualization.
Describe the virtualization solution accelerators.
Describe the assessment features of MAP.
Assess the computing environment by using MAP.
Design a solution for server virtualization.
Evaluating Server Virtualization Factors

When you consider the challenges presented
by the traditional computer and application
environments, server virtualization is an effective
way to resolve many of the known issues.
Planning your server virtualization project is a
very important first step, and evaluating factors
that will contribute to a successful virtualization
project is the beginning of this process. Some of
the important evaluation factors are as follows:
Project scope. You should define the

virtualization project scope as early on as
possible. You should determine the business
factors driving the project, the staff that is responsible for determining these factors, and their goals.
You should also determine how you will measure success. For example, if your company is migrating
from Exchange Server 2007 to Exchange Server 2013, your migration project scope may include
server virtualization elements, but the overall success is measured by a transparent upgrade of the
organizations email platform. However if your project scope is to implement or upgrade a server
virtualization strategy, Exchange Server may just be a milestone goal of the overall consolidation or
improvement program. Understanding budgets and documenting the project are also important
factors.
Resource and performance. Assessing the resource and performance of the servers to be virtualized is
another evaluation factor. You can use MAP to provide detailed information on the number of hosts
and the host hardware requirements.
Typically, virtual machines require approximately the same resources as a physical server. For
example, if a physical server is currently utilizing 1-GB RAM, you should expect the virtual machine to
use the same amount of RAM, assuming that it runs the same operating system and applications as
1-17
the physical server. If a single virtual machine consumes more than half of your hosts workload, you
should consider whether virtualization is appropriate or if the hosts sizing is adequate.
Hardware is not the only consideration when implementing a server virtualization solution. You also
should review all aspects of a service or applications requirements before deciding whether you can host
it virtually. Some factors to consider when determining whether to virtualize server workloads are:
Compatibility. You must determine whether the application can run in a virtualization environment.
Business applications range from simple programs to complex, distributed multiple tier applications.
You need to consider requirements for specific components of distributed applications, such as
specific needs for communication with other infrastructure components, or requirements for direct
access to the system hardware. While you can virtualize some servers easily, other components may
need to continue running on dedicated hardware.
Applications and services. Applications and services that have specific hardware or driver
requirements generally are not well suited for virtualization. An application may not be a good
candidate for application virtualization if it contains low-level drivers that require direct access to
the system hardware. This may not be possible through a virtualization interface, or it may affect
performance negatively.
Supportability. You need to evaluate if a virtualized environment will support your operating system
and requisite applications. Verify vendor support policies for operating system and application
deployment using the virtualization technologies.
Licensing. You also need to evaluate whether you can license the application for use in a virtual
environment. Reduced licensing costs for multiple applications or operating systems could add up
and make a strong financial case for using virtualization.
Availability requirements. Most organizations have some applications that must always be available
in a virtual environment for users. Some applications provide built-in options for enabling high
availability, while other applications may be more difficult to make highly available outside of a
virtual machine environment. When considering whether to virtualize a server, evaluate whether the
application has high availability options, whether a virtual machine environment supports those
options, and whether you can use failover clustering to make the virtual machine highly available.
The goal in most organizations is to utilize all servers adequately, whether they are physical or virtual. You
can fully utilize some server roles such as SQL Server or Exchange Server Mailbox servers, by deploying
additional SQL Server instances or moving more mailboxes to the server. In some cases, you can virtualize
server workloads in one scenario, but not in another. For example, in a very large domain with thousands
of users logging on simultaneously, it may not be practical to virtualize a domain controller. However, in a
smaller domain or in a branch office deployment, virtualizing domain controllers may be your best option.
Overview of Virtualization Solution Accelerators

You can use MAP to conduct network-wide
deployment readiness assessments, and to
determine whether you can migrate Microsoft
technologies such as servers, desktops, and
applications, to a virtual environment. Using MAP,
you now can determine which servers you can
upgrade to Windows Server 2012, which servers
you can migrate to virtual machines on Hyper-V
in Windows Server 2008, and which client
computers you can upgrade to Windows 7. MAP
is the primary tool to help you identify which
applications, desktops, and servers would make
ideal candidates for virtualization.
You can use MAP to perform the following key functions:
Hardware inventory. MAP uses a secure process, which does not utilize an agent, to collect and
organize system resources and device information across your network from a single networked
computer. Some of the examples of the information that MAP returns includes operating system
information, system memory details, installed drivers, and installed applications. MAP saves this
information in a local database, and then uses it to provide you with specific reports and
recommendations.
MAP uses technologies that are already available in your IT environment to perform inventory and
assessments. These technologies include Windows Management Instrumentation (WMI), the Remote
Registry service, Simple Network Management Protocol (SNMP), AD DS, and the Computer Browser
service.
You can use MAP to inventory the following operating systems:
o
Windows 8
Windows 7
Windows Vista
Windows XP Professional
Microsoft Office 2010 and previous Office versions
Windows Server 2012
Windows Server 2008 or Windows Server 2008 R2
Windows Server 2003 or Windows Server 2003 R2
Windows 2000 Professional or Windows 2000 Server
Windows Internet Explorer 9 and previous versions
Hyper-V
Microsoft Lync
System Center Configuration Manager
System Center Endpoint Protection
SQL Server
VMware vSphere
VMware vCenter
VMware ESX
VMware ESXi
VMware Server
Select Linux distributions
LAMP application stack discovery
MySQL
Oracle
Sybase
Data analysis. MAP performs a detailed analysis of hardware and device compatibility for
migration to:
Windows 8
Windows 7
Windows Server 2012
Windows Server 2008 R2
SQL Server 2012
SQL Server 2008 R2
Microsoft Office 2010
Office 365
1-19
MAP helps to gather performance metrics, and then generates server consolidation
recommendations. These recommendations identify candidates for server virtualization, including
how you might place the physical servers in a virtualized environment.
Readiness reporting. MAP generates reports containing both summary and detailed assessment
results for each migration scenario. MAP provides these results in Microsoft Excel and Microsoft Word
documents. Readiness reports are available for many technologies including Windows 8 and Windows
Server 2012.
MAP also helps to gather performance metrics and generates server consolidation recommendations.
These recommendations identify the candidates for server virtualization, and makes suggestions for
how you might place the physical servers in a virtualized environment.
The latest version of MAP includes planning for migrating to Office 2013, migrating to the latest Windows
Server and Windows client operating systems, and migrating workloads to Windows Azure.
Infrastructure Planning and Design Guides
The Infrastructure Planning and Design guides are free guides that describe architectural considerations,
and streamline the design processes for planning Microsoft infrastructure technologies. Each guide
addresses a unique infrastructure technology or scenario, including server virtualization, application
virtualization, and Remote Desktop Services implementations.
Windows Server Virtualization Guide

The Windows Server Virtualization Guide focuses on an earlier version of Hyper-V. However, it still
provides guidance on how to plan and implement server virtualization on Hyper-V.
Hyper-V Security Guide
Implementing virtualization can increase the number of security issues that you must consider. This is
because you must secure both the host computer and the virtual machines. The Hyper-V Security guide
provides guidance and recommendations to address key security concerns about server virtualization.
Assessment Features of the MAP Toolkit

Microsoft provides MAP as the primary tool for
server virtualization planning. It is easy to install
and it guides administrators through evaluation
by making use of built-in wizards, configurations,
and reports.
Gathering information over time is one evaluation

factor. You may already have evaluation data
suitable for inclusion. For example, if you use
Operations Manager to monitor your physical
servers and virtual machines, your inventory and
performance data may already be collected. You
could use these Operations Manager reports to
gather useful information. When you want to plan for capacity and growth, you can use DPM to review
data trends by running capacity reports.
The following section summarizes MAP features that you can use for server virtualization assessments.
MAP Discovery
MAP can discover Windows, Linux, Unix, and VMware servers, computers, and virtual machines. It has the
following discovery methods and requirements for creating an inventory:
AD DS. Requires domain credentials. You can use this method to discover all computers in all
domains, or in specified domains, containers, and organization units.
Windows networking protocols, using WIN32 LAN Manager application programming interface (API).
Requires the Computer Browser service to be running on the computer, or the server running MAP.
You can use this method to discover Windows workgroups and Windows NT 4.0 domains.
Configuration Manager. MAP can use either Configuration Manager or Microsoft Systems
Management Server (an older version of Configuration Manager), for discovery. For discovery, you
require the primary site server name and appropriate credentials for Configuration Manager or
Systems Management Server.
IP Address Range. You can scan for computer and servers using one or more IP address ranges, up to
a maximum of 100,000 addresses.
NetBIOS names. You also can discover computers and servers by entering their NetBIOS names
manually, or by importing the names from a text file.
MAP Performance Metrics

After you have an inventory of discovered hardware, you can collect performance metrics for your
assessment. To gather performance metrics, you must run the Performance Metrics Wizard. You can
collect metrics for Windows and Linux-based machines by using WMI or Secure Shell. The minimum
collection period is 30 minutes. You are prompted to schedule an end date and time for when the
collection should stop.
Note: If required, you can use the Performance Metrics Wizard to collect additional metrics.
You must choose either to discard previous metrics or append the new ones to existing data.
While the performance metric data collection is running, you may not be able to perform other
tasks with MAP.
MAP Hardware Configuration
1-21
MAP hardware configuration provides you with details for the proposed hardware that you should use for
your virtualization host servers. When you run the Hardware Library Wizard, you can enter the resources
such as the number and type of processors, amount of RAM, and storage capacity. After configuring these
hardware parameters, you can determine the number of host servers required. If required, you also can
create a configuration for shared storage and network configurations, which will help ensure that you
plan clusters and share components correctly.
MAP Server Consolidation

The MAP Server Virtualization and Consolidation Wizard can help provide planning guidance for the
following versions of Hyper-V:
Window Server 2012 Hyper-V
Window Server 2008 R2 Service Pack 1 (SP1) Hyper-V
Window Server 2008 R2 Hyper-V
Window Server 2008 Hyper-V
To use the wizard, you must first complete an inventory, gather performance metrics, and input the
hardware configuration. When you run the wizard, you can select a utilization ceiling on the proposed
hardware, which allows for periodic spikes in utilization. The utilization settings include processor,
memory, storage capacity, storage I/O operations per second, and network throughput. Upon completing
this wizard, MAP will provide you with the recommended number of hosts.
MAP Private Cloud Fast Track
The MAP Private Cloud Fast Track Wizard provides guidance based upon a program that is a joint effort
between Microsoft and its hardware partners. The goal of the program is to help organizations decrease
the time, complexity, and risk of implementing private clouds.
Demonstration: Assessing the Computing Environment by Using MAP

In this demonstration, you will see how to use MAP for planning server virtualization, including:
Install MAP.
Use MAP to collect inventory data.
Use MAP to collect performance data.
Create a hardware configuration.
Demonstration Steps
Install MAP
1.
Sign in to LON-CL1, and then navigate to and run the file \\lon-dc1\e$\labfiles\mapsetup.exe.
2.
In the Microsoft Assessment and Planning Toolkit Setup Wizard, on the Installation Successful page,
ensure that the Open the Microsoft Assessment and Planning and Toolkit check box is selected,
and then click Finish.
3.
On the Datasource page, in the Create or select a database section in the Name text box, type
Demo, and then click OK.
Use MAP to collect inventory data

1.
In MAP, click Server Virtualization, and then click Collect inventory data.
2.
In the Inventory and Assessment Wizard, on the Inventory Scenarios page, select both Windows
computers and Use Active Directory Domain Services (AD DS).
3.
On the Active Directory Credentials page, use the following credentials:

o
Domain: Adatum
Account name: administrator
Password: Pa$$w0rd
4.
On the Active Directory Options page, ensure that Find all computers in all domains, containers,
and organizational units is selected, and then click Next.
5.
On the All Computer Credentials page, use the following credentials:

o
Domain: Adatum
Account name: administrator
Password: Pa$$w0rd
6.
Complete the wizard.
7.
When the Inventory and Assessment page opens, review the results of the data collection, wait for
the assessment to show as complete, and then close the page.
Use MAP to collect performance data

1.
Run the Performance Metrics Wizard.
2.
In the wizard, select all computers.
3.
On the All Computer Credential page, ensure that the adatum\administrator account is selected.
4.
Review the details on the metrics page, and then close the window.
Create a hardware configuration
Before you can work with MAP features, you must first cancel the running process that was initiated in the
previous step.
1.
At the bottom left of the MAP console screen, in the running task drop-down list box, click Cancel
processing, and then click Yes.
2.
Under the Steps to complete section, click Create hardware configuration.
3.
On the Choose Scenarios page, click General Server Consolidation/Desktop Virtualization, and
then click Next.
4.
On the Hardware Configuration page, click Create New, and in the Create New text box, type
Server-Type1.
5.
Complete the wizard using approximate values based on a server that you might use.
Designing a Solution for Server Virtualization

Many organizations that adopt server
virtualization develop a server implementation
policy to virtualize all new and replaced systems.
These organizations opt for deploying physical
hardware as an alternative to virtualization only
when a valid reason exists, such as when custom
server hardware is incompatible with server
virtualization, or when a server application vendor
does not support their application on virtualized
servers.
1-23
You now can use Windows Server 2012 R2 to

deploy servers with up to 320 logical processors
and 4 terabytes (TB) of system memory. This, in turn, allows new capabilities for virtual workloads and is a
significant improvement over earlier hypervisors.
Implementing a new virtualization solution can often include assessing physical and virtual servers, or
assessing an existing virtualization solution. A new virtualization solution can provide an opportunity to
consolidate physical servers, and in an existing server virtualization solution, it can improve virtual
machine density per host, possibly by virtualizing some more demanding workloads.
As a general guideline, each virtualization project should include the following steps:
1.
Determine the virtualization scope. The first step in planning a virtualization solution is to define the
projects scope. You may have one or more projects, each working to address different parts of an
overall server virtualization strategy. To ensure that a project is successful, you need to define scope,
milestones, and goals.
2.
Determine the workloads. Create a list of potential workloads that you want to virtualize, identify the
workloads that cannot be virtualized, then use MAP to discover and inventory all the remaining
servers. Collect the performance metrics of the required servers for a suitable period of time.
3.
Determine backup and fault-tolerance requirements for each workload. You use these requirements
when designing the virtual server deployment. For example, some server workloads may require
frequent and consistent backup of data located inside the virtual machine, while other server
workloads may require just a virtual machine-level or configuration information backup. You use the
fault-tolerance requirements for the server workload when you deploy clustered virtual machines, or
to provide another method for ensuring high availability for the virtual machine.
4.
Use MAP to aid in the design of the virtualization hosts. Use the hardware configurations and the
MAP Server Virtualization and Consolidation Wizard to assist in the design of the host server
infrastructure. As a best practice, to simplify host server management you should consider creating a
standard design for all virtualization hosts. Decide if you will require a maintenance host. As part of
the host server design, you also need to consider the number of virtual machines that each host
computer will be running.
5.
Map workloads to hosts. After designing the host server hardware, you can start mapping the virtual
machines to the host servers. There are many factors that you need to consider during this design,
including:
o
Host server capacity. How many virtual machines can you place on a host?
Reserve capacity. How much of a resource buffer do you want to implement on each host
computer?
Virtual machine performance characteristics and resource utilization. Can you characterize the
network, CPU, disk, and memory utilization for each of the virtual machines on a host? You may
choose to deploy virtual machines with different resource requirements on the same host.
6.
Design host backup and fault tolerance. Use the information that you collected on the backup and
fault tolerance requirements for the virtual machines to design a backup and high availability solution
for the host computers.
7.
Determine storage requirements. As part of the server workload discovery, you should have
documented the storage requirements for each virtual machine. Before moving the server workloads
to virtual machines, ensure that you have space for both the operating system virtual hard disks and
the data associated with each virtual machine. You also need to include storage availability and
performance requirements. You can use the MAP share infrastructure configuration to assist.
8.
Determine network requirements. As a final step in the virtual machine design process, you also
should plan the network design. When planning your network design, you should consider a number
of factors:
o
What type of network access do the virtual machines require? Most virtual machines likely will
require access to the physical network, but some virtual machines may only need to
communicate with other virtual machines on the same host computer.
How much network bandwidth does each virtual machine require?
What are the network reliability requirements for each virtual machine?
Will Network Virtualization be used?
What non-Microsoft virtual switches will be required?
Note: A successful virtualization project is a well-documented project. Often, when

adopting a new virtualization technology, a proof of concept (POC) can be of great help
in determining the final infrastructure. A POC can also help bring staff up to speed on the
deployment and management technologies that will be used in the final solution.
Lesson 4
Extending Virtualization to the Cloud Environment
1-25
In this lesson, you will review some of the features in Window Azure, the public cloud services offering
from Microsoft. You will also learn about how and why you might want to join an on-premises
infrastructure to a public cloud infrastructure, and how you could make use of a hybrid cloud computing
solution.
Lesson Objectives
After completing this lesson, you should be able to:
Describe the purpose and features of Windows Azure.
Describe Windows Azure services.
Explain how to create and run virtual machines in Windows Azure.
Explain how to extend a data center.
What Is Windows Azure?

Windows Azure is the name for the public cloud
services offering from Microsoft. Window Azure
services are delivered over the Internet from
Microsoft data centers. Microsoft customers can
subscribe to a variety of the Windows Azure
services that are running in these data centers,
and at a fraction of the cost of purchasing and
hosting their own hardware or building their own
services and software. Windows Azure delivers
services such as PaaS, IaaS, and SaaS.
Individuals, customers, and Microsoft partners

can use several methods to access Window Azure
based services. Partners have access to programs such as Windows Azure platform Cloud Essentials for
Partners, and Cloud Accelerate. Both customers and partners can access resources through MSDN and
through the Microsoft BizSpark program, each of which provides a predefined amount of resources and
services to build solutions.
Windows Azure Free Trial
http://www.windowsazure.com/en-us/pricing/free-trial/
Windows Azure Services

Windows Azure services are grouped into four
categories: compute, data services, app services,
and virtual networks.
Compute
Websites. You can use website services to

develop and deploy more secure and scalable
websites, which includes integration with
many source control technologies. Windows
Azure supports many languages including
ASP.NET (sometimes known as classic ASP),
PHP, Node.js, and Python. You can also
deploy a choice of SQL Server databases, or
deploy MySQL. The Web Application Gallery has many open source applications, frameworks, and
templates available, including WordPress, Umbraco, DotNetNuke, Drupal, Django, CakePHP, and
Express.
Virtual machines. You can build virtual machine instances from scratch, from templates, or you can
build them on your own site, and then transfer them to Windows Azure (or the other way around).
Virtual machines can run a variety of workloads including many Microsoft-certified workloads such
SQL Server, SharePoint Server, and BizTalk Server.
Mobile services. You can use these services to build mobile phone apps, including storage,
authentication, and notification services for Windows apps, Android apps, and Apple iOS apps.
Data Services
SQL Database. Windows Azure includes a SQL Database offering, previously known as SQL Azure
Database. SQL Database provides interoperability, enabling customers to build applications using
most development frameworks.
HD Insight. Windows Azure HDInsight is the Hadoop-based solution from Microsoft. Hadoop is used
to process and analyze Big Data.
Backup. You can back up directly to Windows Azure. You can configure the cloud backups from the
backup tools in Windows Server 2012 R2, or from System Center 2012 R2.
App Services
Media Services. You can use media services to create, manage, and distribute media across a large
variety of devices such as Xbox, computers running the Windows operating system, MacOS, iOS, and
Android.
Messaging. The Windows Azure Service Bus provides the messaging channel for connecting cloud
applications to on-premises applications, services, and systems.
Windows Azure Active Directory (Windows Azure AD). This is a modern, Representational State
Transfer-based service that provides identity management and access control capabilities for cloud
applications. It is the identity service used across Windows Azure, Office 365, Microsoft Dynamics
CRM Online, Windows Intune, and other non-Microsoft cloud services. Windows Azure AD also can
integrate with on-premises Active Directory deployments.
Network
1-27
Windows Azure Virtual Network. You can use the Windows Azure Virtual Network (Virtual Network)
to create a logically isolated section in Windows Azure, and then connect it securely either to your
on-premises data center, or to a single client machine, using an IPsec connection. Virtual Network is
discussed more in-depth in the next topic.
Windows Azure Traffic Manager. Windows Azure Traffic Manager (Traffic Manager) is used to loadbalance inbound traffic across multiple Windows Azure services. This ensures the performance,
availability, and resiliency of applications.
Virtual Machines in Windows Azure

With Windows Azure, you can create and run your
own virtual machines in the same way that you
create and run on-premises servers. Windows
Azure virtual machines are highly available and
can be consumed when and as you need them.
Creating Virtual Machines

After you log on to Windows Azure, you use a
simple, intuitive interface that displays a list of
technologies that you can work with and deploy.
You can create a virtual machine by clicking the
Virtual Machines icon, and from there you can
choose to create a new virtual machine from
scratch, or you can use templates to create the virtual machine.
Templates may have the base operating system installed, and in some cases, they may include an
additional application that is ready for you to work with or evaluate. The following list are few of the
available virtual machine templates in the Windows Azure gallery:
Windows Server 2012 Datacenter
Windows Server 2008 R2 SP1
SharePoint Server 2013
SQL Server 2014 Community Technology Preview 1 (CTP1) Evaluation Edition
SQL Server 2012 SP1 Standard Edition
BizTalk Server 2013 Enterprise
BizTalk Server 2013 Evaluation
In addition to the above lists, the Windows Azure gallery includes many Linux installation templates.
Apart from deploying a virtual machine from a template, you can create and capture your own images
using familiar tools such as Sysprep, or you can create virtual machines on-premises, and then import the
virtual machines into Windows Azure.
Creating and Uploading a Virtual Hard Disk that Contains the Windows Server Operating
System
Extending Your Data Center

Virtual Network makes it easier to extend
your data center by using Windows Azure in the
same way that you might connect to a remote
office. You manage the network topology and
configuration in the same way you would for your
on-premises infrastructure.
You might want to connect your own
infrastructure to your private Windows Azure
network to meet the demands of several different
scenarios. For example, you may want to connect
your infrastructure and your private Windows
Azure network if you are:
Building a distributed application that is scalable on Windows Azure-hosted web servers, and are
building a database or data store that resides on your own physical infrastructure.
Creating a client extranet.
Building a test lab or development environment.
Needing to extend you own infrastructure rapidly.

Create a Virtual Network for Site-to-Site Cross-Premises Connectivity
The Windows Azure Pack includes Windows Azure technologies that you can run inside your data center,
and that enable you to offer your customers self-service and multi-tenant services.
Windows Azure Pack integrates with System Center 2012 R2 and Windows Server 2012 R2, and provides
an interface that has the look and feel of the Windows Azure Management Portal. The Windows Azure
Management Portal is customizable and offers a self-service user experience for provisioning, monitoring,
and managing services such as Web Sites, Virtual Machines, and Service Bus. The Windows Azure Pack
also has automation capabilities and additional custom services that include a runbook editor, and an
execution environment.
To find out more about the Windows Azure Pack for Windows Server, you can download and read the
whitepaper from the following link:
Windows Azure Pack for Windows Server

Scenario
1-29
A. Datum Corporation is a medium-sized manufacturing company that has four subsidiaries. Each
subsidiary has several hundred employees and its own data center. All subsidiaries are connected with
high-speed network connections. A. Datum IT infrastructure uses only physical servers.
A. Datum is rapidly expanding. To provide greater flexibility and the capability to respond quickly to
rapidly changing business environments, IT management has decided to virtualize many of the existing
servers, and deploy as many new servers as possible as virtual machines. A. Datum is planning to adopt
Hyper-V on Windows Server 2012 R2 as their virtualization platform.
As a senior server administrator at A. Datum, you are responsible for planning and implementing the
virtualized infrastructure. The first step in deploying the virtual environment is to analyze the current
A. Datum IT infrastructure, and to identify the appropriate virtualization methods for different business
requirements. In addition, you also need to evaluate the existing servers and identify which servers would
be appropriate candidates for virtualization.
Objectives
After completing this lab, you will be able to:
Determine which virtualization method you should use, based on the scenario.
Install MAP, and use it to evaluate the existing environment.
Perform virtualization candidate assessments.
Lab Setup
Estimated Time: 45 minutes
Virtual machines: 20409B-LON-CL1, 20409B-LON-DC1
User name: Adatum\Administrator
Password: Pa$$w0rd
For this lab, you will use the available virtual machine environment. Before you begin, you must complete
the following steps:
1.
On the host computer, start Hyper-V Manager.
2.
In Hyper-V Manager, click 20409B-LON-DC1, and then in the Actions pane, click Start.
3.
Repeat step 2 for 20409B-LON-CL1.
4.
Click 20409B-LON-CL1, and then In the Actions pane, click Connect. Wait until the virtual machine
starts.
5.
Sign in by using the following credentials:

o
User name: Administrator
Password: Pa$$w0rd
Domain: Adatum
Note: Because you will be using the same virtual machines in the next lab, do not revert
the virtual machines at the end of this lab. However, you can shut down all virtual machines after
finishing this lab.
Exercise 1: Selecting the Appropriate Virtualization Method

Scenario
In this paper-based exercise, you will select the appropriate virtualization method for a given scenario.
Several different scenarios will be presented (including application compatibility issues, hardware
consolidation, and application centralization), and you will decide which virtualization method you should
use.
The main tasks for this exercise are as follows:
1.
Design a virtualization solution to resolve a remote worker application scenario.
2.
Design a solution for a Microsoft Office upgrade.
3.
Design a solution for the development team.
4.
Respond to the CEOs green initiative enquiry.
Task 1: Design a virtualization solution to resolve a remote worker application

scenario
A. Datum has just passed a remote worker policy that allows up to an additional 50 people to work
remotely. Until now, only a few designated on-call IT staff were approved to work remotely, and they
all have fixed lines and secure virtual private networks (VPNs).
Remote workers will be required to use their own devices, although they should run the companys
applications, and ideally keep data such as documents, reports, and spreadsheets within the company
network.
1.
Which virtualization technology can assist with the remote worker requirements?
2.
What are three of the components required to deliver the remote worker solution?
3.
Approximately four months after A. Datum has gone live with the remote worker solution, users
begin to complain they cannot access the company systems from home. What could be a likely
problem?
4.
When designing the virtualization solution, you must be able to accommodate a physical server
failure by providing reasonable fast recovery. What are the options to achieve a fast recovery?
Task 2: Design a solution for a Microsoft Office upgrade
A. Datum urgently needs to upgrade from Office 2007 to Office 2010 for all staff. However, the remote
workers, some senior managers and most the IT staff should be piloting Office 2013 at the same time.
Remote workers will need to have access to both Office 2010 and Office 2013.
Providing separate computers is not an option, and application compatibility issues might exist between
different versions of Microsoft Office.
1.
Which virtualization technology could help you with these requirements?
2.
You create packages for the following products:

o
Office 2013
Windows 7 Professional
For which other operating system do you need to create packages?
Task 3: Design a solution for the development team
1-31
A. Datum developers use Microsoft SharePoint and Microsoft SQL Server extensively. They frequently
need hardware, more disk space, and extra memory for their computers that are running client
hypervisors. Developers also frequently contact the helpdesk with requests for restores, or to confirm
that their databases are backed up. You have some additional budget that you could use for hardware
and software to help the development team, and to reduce the administrative and operation task load
that they create.
1.
Which virtualization and management technology could you implement to improve the development
department infrastructure?
2.
What tool can you use to find out how big the Hyper-V hosts must be to accommodate the
developers current systems?
3.
Which System Center 2012 R2 component could help you delegate some virtual machine
administration, and provide some elements of self-service to the developers?
Task 4: Respond to the CEOs green initiative enquiry
The Chief Executive Officer (CEO) of A. Datum has asked you to provide some feedback on how your new
virtualization project will meet the companys green initiatives. Your predecessor had already obtained
quotes for more power and cooling feeds to each of the companys five data centers, to accommodate
high-density blade centers that would provide the core virtualization infrastructure.
List a few suggestions that could form part of a report to the CEO.
Results: After completing this exercise, you should have evaluated a given scenario and selected the
appropriate virtualization method for that scenario.
Exercise 2: Assessing the Environment by Using MAP

Scenario
In this exercise, you will install MAP and assess your environment. As the classroom environment is
limiting, you will use pre-created sample database to generate different reports including a consolidation
report. You also will run the Server Consolidation Wizard.
1.
Install MAP.
2.
Review assessments.
Task 1: Install MAP

1.
On LON-CL1, navigate to and run the file \\lon-dc1\e$\labfiles\mapsetup.exe, and then click OK.
2.
In the Microsoft Assessment and Planning Toolkit Setup Wizard, on the Installation Successful page,
ensure that the Open the Microsoft Assessment and Planning and Toolkit check box is selected,
and then click Finish.
3.
On the Datasource page, in the Create or select a database section, in the Name text box, type
4.
Leave the MAP console open for the next task.
5.
Locate and extract the file MAP_Training_Kit.zip from \\lon-dc1\e$\labfiles to c:\map.
6.
From the Microsoft Assessment and Planning Toolkit, import map_sampleDB.bak, and use the
database name of MAPDEMO.
7.
On the upgrade warning page, click Yes. This process may take a minute or two.
8.
When the sample map database has imported and upgraded successfully, click OK, and then click
Close.
9.
Click File, click Select a Database, click MAPDEMO, and then click OK.
Task 2: Review assessments
1.
On LON-CL1, run the Server Consolidation Wizard.
2.
For virtualization technology, choose Windows Server 2012 Hyper-V, and then click Sample host.
3.
On the Utilization Settings page, type 75 in each field.
4.
On the Computer List page, select all the computers, and then complete the assessment.
5.
On the Summary page, review the settings, and then click Finish.
6.
When the assessment process completes, click Close.
7.
In the MAP console, on the Server Virtualization page, review the server consolidation information,
and then run the Server Virtualization Report.
8.
In File Explorer, locate and open the report.
9.
At the bottom of the Excel workbook, click each tab and review the information in the report.
10. When finished, close Excel, and then close File Explorer.
Results: After completing this exercise, you should have installed MAP and assessed a virtualization
environment.

Review Questions
Question: What are some of the reasons that you would not virtualize a server or server
application?
Question: Which technology can assist you in managing large volumes of virtual machines
and Hyper-V clusters?
Best Practice
1-33
When working with the MAP toolkit, consider backing up your database regularly. If you are running
assessments over a long period of time, the data could become critical to the timeframe of your project.
Common Issues and Troubleshooting Tips

Common Issue
In MAP, when you click on most
operations, you receive a warning that
states, The task processor is currently
busy. You cannot perform this operation
while the task processor is running. Please
wait for the task processor to complete or
cancel the task process before retrying this
operation.
Troubleshooting Tip

2-1
Module 2
Installing and Configuring the Hyper-V Role
Contents:
Module Overview
2-1
Lesson 1: Installing the Hyper-V Role
2-2
Lesson 2: Managing Hyper-V
2-12
Lesson 3: Configuring Hyper-V Settings
2-20
Lesson 4: Hyper-V Host Storage and Networking
2-26
2-33
2-39
Module Overview
In production environments, a majority of the new servers are installed on virtual machines, and not on
physical machines. Windows Server 2012 R2 supports virtualization, and you can run virtual machines
on it as soon as you install the Windows Server Hyper-V role. With virtualization, many virtual machines
are running on the same hardware. Therefore, it is important that Hyper-V is scalable and can utilize all
resources that the physical host can provide. As you will typically manage Hyper-V host remotely, you
should be familiar with how to use Hyper-V Manager, and how to use Windows PowerShell for
day-to-day and repetitive tasks.
This module describes how to install the Hyper-V role on Windows Server 2012 R2 operating system, and
how to perform basic configuration of the Hyper-V role. You will learn that Hyper-V is available as part of
Windows Server 2012 R2, and as part of Microsoft Hyper-V Server 2012 R2, which is freely available on the
Microsoft website. This module also describes Hyper-V scalability, the security model that Hyper-V uses,
and some of the changes that will occur when you install the Hyper-V role. You will also learn how to
manage Hyper-V from a GUI, and by using Windows PowerShell.
Objectives
Install the Microsoft Hyper-V role.
Manage Hyper-V.
Configure Hyper-V settings.
Describe Hyper-V host storage and networking.
Lesson 1
Installing the Hyper-V Role

Before you can use virtualization on Windows Server 2012, you must first install the Hyper-V role. The
Hyper-V role is included in the following Windows products:
Windows Server 2008 (64-bit edition)
Windows Server 2012
Windows 8 and Windows 8.1 Pro
Windows 8 and Windows 8.1 Enterprise
2-2 Installing and Configuring the Hyper-V Role
Client Hyper-V is the Hyper-V feature that comes with the Windows 8 and Windows 8.1 client operating
systems. In addition to having Client Hyper-V available as a role in these products, Microsoft Hyper-V
Server 2012 is available as a free download. You can install the free edition on new hosts as the underlying
operating system.
Hyper-V is a Layer 1 Hypervisor virtualization platform, which can run multiple isolated virtual machines
on the same physical host machine. Because many virtual machines may be running on the same physical
hardware, you must ensure that enough resources are available. When planning for the server hardware,
you should consider the required resources such as disks, storage, networking, and high availability.
This course refers to the Windows Server 2012 R2 server with the Hyper-V role installed as a Hyper-V host.
Hyper-V Server is a separate operating system, which also includes the Hyper-V feature.
Lesson Objectives
Identify server platforms that provide Hyper-V as a feature.
Describe Hyper-V and virtual machine scalability.
Describe Hyper-V architecture.
Describe considerations for disk and storage.
Describe considerations for networking.
Describe considerations for high availability.
Explain changes on the host after installing the Hyper-V role.
Install the Hyper-V role.
Server Platforms That Provide Hyper-V

Hyper-V is the Microsoft hypervisor (virtualization
platform) that you can use to run multiple virtual
machines on the same physical computer.
Microsoft first introduced Hyper-V in Windows
Server 2008, and has included it with the newer
Windows Server operating systems. You can also
obtain Hyper-V as part of the Hyper-V Server
standalone product, and with Windows 8 or newer
Windows client operating systems.
2-3
Hyper-V requires 64-bit architecture, whereas

virtual machines that run in Hyper-V can be either
32-bit or 64-bit. The Hyper-V role is part of both
the Standard and Datacenter editions of Windows Server 2012 R2, and Windows Server 2012 R2 is
available only as a 64-bit operating system. Hyper-V Server 2012 R2 is a 64-bit operating system, and the
Hyper-V feature is available only with the 64-bit version of Windows client operating systems, which are
the Pro and Enterprise editions only.
Comparison of Hyper-V Features on Different Platforms
When you compare Hyper-V features on different platforms, you may notice that the Hyper-V role in
Windows Server 2012 R2 has the same features as in Hyper-V Server 2012 R2. In fact, Hyper-V Server is a
Server Core installation of Windows Server 2012 R2 on which only one role (Hyper-V) is available. You can
manage this iteration of Hyper-V Server locally only from a command line.
In comparison, Windows Server includes additional roles and features (such as Dynamic Host
Configuration Protocol (DHCP) server), and you can manage the Hyper-V role locally from either a GUI
or a command line. Hyper-V Server 2012 R2 is a free product, but it does not include any license for
operating systems in virtual machines. This means that you should consider licensing for your virtual
machines in your planning process.
Standard vs. Datacenter Editions
Windows Server 2012 R2 Standard and Windows Server 2012 R2 Datacenter editions are both licensed
per physical processor, and include licenses either for two virtual machines running the Windows Server
Standard operating system, or for unlimited virtual machines running the Windows Server Datacenter
operating system.
Aside from virtualization rights, the only other difference between the Windows Server 2012 R2 Standard
and Datacenter editions is that the Windows Server 2012 R2 Datacenter edition provides automatic
activation of virtual machines (qualifying Windows Server operating systems), whereas the Windows
Server 2012 R2 Standard edition has no such feature. Currently, the only qualified Windows Server 2012
R2 operating systems that are activated automatically are the Standard, Datacenter, and Essentials
editions. Hyper-V Server 2012 R2 has the same virtualization capabilities as Windows Server 2012 R2,
including high availability and live migration; however, it does not include any GUI interfaces, or any
additional roles, or virtualization rights.
Client Operating Systems
Client Hyper-V in Windows client operating systems does not provide server-level features such as high
availability or live migration. However, Client Hyper-V has the same foundation, and uses the same
technology and file formats, which means that virtual machines that you create on Windows client
operating systems can be used on Windows Server 2012 or Windows Server 2012 R2 and vice versa.
You can use Hyper-V management tools that are included with Windows client operating systems for
managing Hyper-V in Windows Server 2012 or Windows Server 2012 R2for example, on Hyper-V
Server 2012 R2.
Licensing Windows Server 2012 for use with virtualization technologies
Competitive Advantages of Microsoft Hyper-V Server 2012 over the VMware vSphere
Hypervisor
Automatic virtual machine activation
Question: Your company is using Hyper-V in Windows Server 2012 R2 as a virtualization
infrastructure. You are evaluating Virtual Desktop Infrastructure (VDI) for your company,
which would provide Windows 8.1 desktops to 20 employees in the Finance department.
Can you use Windows Server 2012 R2 Datacenter virtualization rights for setting up virtual
desktops for the users in the Finance department?
Hyper-V and Virtual Machine Scalability

When you are using virtualization, typically you
are running multiple virtual machines on the same
physical hardware. It is important that the physical
hardware has enough resources (CPU, random
access memory (RAM), storage, and network
bandwidth) to run multiple loads, and to provide
high availability and redundancy. In addition, the
operating system on the physical server must be
able to utilize all available resources. Previous
releases of Hyper-V had some limitations. For
example, previous Hyper-V versions supported up
to 1 terabyte (TB) of physical RAM and up to 64
CPUs. However, Hyper-V in Windows Server 2012 and Windows Server 2012 R2 support significantly
larger configurations and can fully utilize the most powerful servers.
Hyper-V enables you to create virtual machines with up to 64 virtual CPUs and 1 TB of virtual RAM, which
means that you can virtualize high-performance, scale-up workloads. Virtual hard disks can be up to 64
TB in size, and virtual machines can have virtual Fibre Channel adapters to access Fibre Channel storage
area networks (SANs) directly. Hyper-V in Windows Server 2012 R2 adds Generation 2 virtual machines,
which support Unified Extensible Firmware Interface (UEFI), Secure Boot, and booting from small
computer system interface (SCSI) controllers.
2-5
Because todays physical servers are more powerful and have more resources, it is important that the
virtualization platform can utilize them. The following table lists the maximum resources that Hyper-V can
utilize.
Component
Maximum
Logical processors
320
Running virtual machines per

server
1,024
Virtual processors per server
2,048
Memory
4 TB
Physical network adapters
No limits imposed by
Hyper-V
Note
This is the number of cores that Hyper-V

can utilize.
No virtual processor per logical processor

ratio is imposed by Hyper-V.
Each external virtual switch requires a

separate adapter.
The following table lists the maximum resources that you can configure on each virtual machine.
Component
Maximum
Virtual processors
64
Memory
1 TB
Virtual hard disk capacity
64 TB / 2 TB
Virtual integrated device

electronics (IDE) disks
Virtual SCSI disks
256
Virtual Fibre Channel adapters
Checkpoints
50
Virtual network adapters
12
Note: The .vhdx format supports 64 TB, and the .vhd format supports 2 TB.
With virtualization, multiple virtual machines are running on the same physical host. Therefore, the
virtualization platform should be highly available. To meet this requirement, Hyper-V utilizes the failover
clustering feature. The following table lists the maximum number of components that apply to a Hyper-V
failover clustering environment.
Component
Maximum
Nodes per failover cluster
64
Running virtual machines per

cluster
8,000
Note
Nodes should have enough resources if

failover happens.
Hyper-V Scalability in Windows Server 2012

Question: You plan to virtualize a computer that is running Microsoft SQL Server. The
computer has 8 processors and 96 gigabytes (GB) RAM. Can you virtualize the computer on
Hyper-V in Windows Server 2012 R2 and have the same resources? Can you virtualize it on
Hyper-V on servers running Windows Server operating systems prior to Windows Server
2012?
Hyper-V Architecture
When you install Windows Server 2012 R2, the
operating system accesses the server hardware
directly by using device drivers. Device drivers run
in the kernel mode and have full system access.
Programs such as Microsoft Office are executing
in the user mode and have limited access to the
system.
After you add the Hyper-V role to Windows

Server 2012 R2, a thin hypervisor layer between
the operating system and the server hardware
is added, which is one of the reasons a system
restart is required. The currently installed
operating system moves into the parent partition, from where you can create and manage child partitions.
Child partitions are isolated and often called virtual machines. The virtualization stack runs within the
parent partition, and by using device drivers in the parent partition, has direct access to server hardware.
Child partitions cannot access server hardware directly. Instead, they are presented with virtual devices,
which communicate through the virtual machine bus (VMBus) with virtual service providers in the parent
partition. Device access requests from child partitions are redirected either through the VMBus or through
the hypervisor to the device drivers in the parent partition. The VMBus manages the requests, and it is a
logical and the fastest communication channel between parent and child partitions. The parent partition
hosts virtual Service Providers, and child partitions host Virtual Service Clients, which redirect device
requests to virtual Service Providers in the parent partition through the VMBus.
Hyper-V provides software infrastructure and management tools that you can use to create and manage
child partitions. You can install a 32-bit or 64-bit operating system into child partitions. Newer operating
systems such as Windows Server 2012 R2, Windows 8.1, or certain Linux distributions are aware that they
are running in virtual environment and that they include VMBus support. Older operating systems such as
Windows Server 2008 do not include VMBus support by default, but you can add support by installing
Integration Services. Legacy operating systems that are not supported by Integration Services can still run
in the child partition, but they will not be able to use VMBus, and device emulation will be used for all
virtual devices.
Hyper-V architecture
Question: You install Windows Server 2012 R2 on a virtual machine named VM1. Can you
monitor disk input/output (I/O) for the physical server from VM1?
Considerations for Disk and Storage

Each server role has different disk and storage
requirements, and the same is true for the
Hyper-V role. Hyper-V hosts run multiple virtual
machines, and each virtual machine requires
enough storage and disk access that is also as fast
as possible and high availability. To provide faster
access, Hyper-V hosts will typically have multiple
disks. solid-state drives (SSDs) are not uncommon,
because they provide much higher access and
throughput. Most Hyper-V hosts also use shared
storage, which is recommended for high
availability.
2-7
Although you can configure virtual machines to access disks directly, they typically use virtual hard disks,
which are managed by the Hyper-V host. Hyper-V can use the following different types of physical
storage to store virtual hard disks:
Direct-attached storage (DAS). DAS is storage that is directly attached to the physical host. You
can use different bus types for attaching DAS, such as SCSI, Serial Attached SCSI, Serial ATA (SATA),
external Serial Advanced Technology Attachment, or USB. USB is never recommended for server
environments.
SAN. SAN is storage that the operating system on the host accesses over a dedicated or nondedicated network. SAN provides block-based access, and is presented as local storage by the
host. You can use protocols such as Internet SCSI (iSCSI), Serial Attached SCSI, or Fibre Channel for
attaching SAN storage. You can use SAN for shared storage, and it is often used for this purpose.
Network-attached storage (NAS). NAS is storage that the host operating system accesses over a
network, and it provides file-based access. Windows Server 2012 and newer versions can use file
shares as the storage for storing virtual hard disks over Server Message Block (SMB) 3.0 or newer
protocols. Shared folders are increasingly popular, because they are an inexpensive option for shared
storage, and they provide additional benefits such as SMB Transparent Failover, SMB Multichannel,
and SMB Direct.
Aside from the operating system on the Hyper-V host, each virtual machine requires additional storage
for its data files. Virtual machines can utilize much more storage than is required for the virtual machine
operating system, installed programs, and data files. It is also important to remember that virtual machine
storage requirements can increase through time.
Virtual machines use storage for:
.vhd and .vhdx files. These files include the entire hard disk content, as the virtual machine sees it.
This includes operating system files, applications, and user and data files. Based on the virtual hard
disk type, .vhd or .vhdx files can be single or multiple files, and they can have fixed size or can be
dynamically expanding. Although a single virtual machine typically does not have many virtual hard
disk files, their size is considerable and can be measured in gigabytes.
Configuration. Configuration stores virtual machine settings, and specifies which virtual devices are
for use by the virtual machine. Configuration settings are stored in XML format, and are a few
kilobytes in size.
Checkpoints. Checkpoints are optional, and enable you to revert a virtual machine to an earlier state.
Checkpoint size depends on the virtual machine state (is the virtual machine running or not), and the
RAM that is assigned to the virtual machine. Prior to Windows Server 2012 R2, checkpoints were also
referred to as snapshots.
Saved state. Saved state is created when you save a virtual machine. It includes the virtual machine
memory, which is written to the hard disk. Saved state size is approximately the same size as the
virtual machine RAM.
Note: Later in this module, you will find more extensive and in-depth information on how
the Hyper-V host uses disk and storage.
Question: Which virtual machine component requires the most storage space?
Considerations for Networking

For some workloads, a single network interface
card (NIC) may be sufficient; however, Hyper-V
hosts will often have multiple NICs. Although a
Hyper-V host can be fully functional with a single
NIC, we do not recommend this. A single NIC
does not provide redundancy, and if the NIC fails,
the Hyper-V host and all the virtual machines
that are running on that host will lose network
connectivity. A Hyper-V host may need to have
more NICs for a number of reasons, including
higher bandwidth for multiple virtual servers
sharing the same pipe, better performance,
management, and redundancy.
There is no single best recommendation on how many NICs a Hyper-V host should have, and different
factors such as virtualization load, storage type used, and Hyper-V features used, can all influence that
number. Consider the following recommendations as basic guidance:
A dedicated NIC for host management. Because you may manage the Hyper-V host remotely, you
may want to have a dedicated NIC just for that purpose. We typically do not recommend that you use
the same NIC for virtual machine access and Hyper-V management.
At least one NIC for virtual machine networks. If you want to provide virtual machines with
connectivity to an external network, you should dedicate at least one NIC for that purpose. This
number can increase for more complex virtual network scenarios, or if redundancy (such as NLB) is
required. If some of your virtual machines require higher network bandwidth, then we recommend
creating a network team of NICs within the host operating system, and then attaching the NIC
network to the external network.
At least one (and in some cases multiple) NICs for accessing shared storage (iSCSI or Fibre Channel).
Storage communication should have a dedicated network, and the second NIC provides redundancy
(multipath). This network also is used for accessing Cluster Shared Volumes (CSVs), if you are using
Hyper-V failover clustering.
A dedicated NIC for failover clustering. We recommend that cluster nodes send heartbeat and other
inter-node cluster communication over a dedicated network.
At least one NIC for live migration. Hyper-V can migrate virtual machine components such as virtual
disks, configuration, and checkpoints between Hyper-V hosts. It can also migrate between Hyper-V
hosts entire virtual machines that are running. You should use a dedicated network for live migration.
2-9
Windows Server 2012 R2 includes Network Adapter Teaming (NIC Teaming), which you can use to
consolidate multiple NICs and use them as a single interface. This provides higher network throughput
and redundancy. You can also enable bandwidth management to limit bandwidth available to each
network adapter in the virtual machine.
Note: Module 4 provides a more details on NIC Teaming.
Windows Server 2012 Hyper-V Best Practices
Question: Why would you not use the same network adapter in a Hyper-V host for
performing remote Hyper-V administration, and for providing network access to virtual
machines that are running on the Hyper-V host?
Considerations for Providing High Availability

High availability enables service or virtual
machines to be available even in a case of physical
component failure. Without high availability, if a
server fails, everything on that server is no longer
available. If a server is running a single server load,
outage caused by failure can be considerable.
However, with virtualization, if a single server is
running multiple virtual machines, outages caused
by server failure multiply. Therefore, It is critical
that virtual machines and services are highly
available. When planning Hyper-V deployment,
you should consider how to provide high
availability for your load.
When implementing virtual machines in Hyper-V, you have the following options:
Hyper-V host-based failover clustering. You can implement failover clustering on the Hyper-V host
servers, and then use the Failover Cluster Manager to configure the virtual machines to be highly
available. You must configure Hyper-V hosts as Cluster Nodes, and configure them with properly
configured shared storage. The shared storage must be able to store highly available virtual machines.
If the Hyper-V host fails, the highly available virtual machine will fail over to another Hyper-V host in
the failover cluster, and the cluster will attempt to restart the virtual machine. This will make the
virtual machine available even if the Hyper-V host fails.
Guest failover clustering. This option provides high availability for cluster roles that are running inside
virtual machines. You must configure virtual machines with shared storage, which can be on an iSCSI
target, a Fibre Channel SAN, or a shared virtual hard disk that is stored on an SMB 3.0 share or scaleout file server. If a virtual machine fails, cluster roles that are running on the virtual machine will fail
over to another virtual machine in the failover cluster, and the cluster will attempt to restart the failed
virtual machine. This will make cluster roles available even if the individual virtual machine fails. You
can use this approach with services and applications that are configurable as clustered roles.
Virtual machine-based Network Load Balancing (NLB). You can use NLB inside virtual machines
just as you use NLB with physical servers. NLB provides fault tolerance for stateless applications by
distributing inbound traffic across multiple virtual machines running the same application. If a virtual
machine fails, remaining virtual machines in NLB will pick up the requests. When you implement NLB
in a virtual machine environment, you should configure virtual machines on different Hyper-V hosts
to be NLB members. With such configuration, the application that virtual machines provide is not
disrupted if a Hyper-V host or virtual machine fails.
Application-specific clustering. Some enterprise applications such as SQL Server or Microsoft

Exchange Server have built-in failover capabilities. These applications can utilize failover clustering,
but also include their own features such as database mirroring and continuous replication.
Each of these options provides a high availability solution in a Hyper-V environment. You should select
the most appropriate option for each virtualized workload.
Microsoft High Availability Overview
Question: You need to provide virtual machine-based failover clustering. What can you use
for shared storage?
Host Changes After Installing the Hyper-V Role

Hyper-V in Windows Server it is not installed by
default. Based on your needs and preferences,
you can install it locally or remotely by using
different approaches. If you prefer using a GUI,
you can add the Hyper-V role by using the Add
Roles and Features Wizard from Server Manager.
You can also add the role by using the Windows
PowerShell Install-WindowsFeature cmdlet, or
by using the dism.exe command in a Command
Prompt window. After you add the Hyper-V role,
you must restart the server twice before you can
use Hyper-V.
Installation of the Hyper-V role results in the following important changes to the host:
The previously installed operating system is moved into the parent partition.
A hypervisor is added between the operating system and server hardware, and is configured to start
automatically.
Hyper-V management tools such as the Hyper-V Manager snap-in, the Virtual Machine Connection
tool, and the Hyper-V Windows PowerShell module are added to the parent partition.
Installing the Hyper-V role also adds several services, including Performance Monitor counters,
Applications and Services logs, and Windows Firewall rules, and it creates the Hyper-V Administrators
group in the parent partition.
Question: How can you verify that you have added Hyper-V hypervisor successfully and
configured it to start automatically on the host?
Question: You installed the Hyper-V role in Windows Server 2012 R2. Do you need to create
Windows Firewall rules to enable remote management of Hyper-V?
Demonstration: Installing the Hyper-V Role

In this demonstration, you will see how to install the Hyper-V role.
Demonstration Steps
2-11
1.
On LON-HOST2, in Windows PowerShell, use the Get-WindowsFeature cmdlet to verify that the
Hyper-V role is not installed.
2.
In Windows PowerShell, use the Get-Command Module Hyper-V cmdlet to verify that the Hyper-V
module is not yet installed.
3.
In Windows PowerShell, use bcdedit.exe to verify whether the hypervisor is configured to start
automatically.
4.
On the Start screen, search for and confirm that no program with the word hyper in the name is
installed.
5.
Confirm that only one counter starts with the word Hyper-V in Performance Monitor, Hyper-V
Dynamic Memory Integration Service.
6.
Confirm that no inbound Windows Firewall rules that start with the word Hyper-V display.
7.
Install Hyper-V role on LON-HOST2 by using the Windows PowerShell cmdlet

Install-WindowsFeature with the IncludeManagementTools parameter.
8.
Switch to LON-HOST1.
9.
On LON-HOST1, in Windows PowerShell, use the Get-WindowsFeature cmdlet to verify that

Hyper-V is installed.
10. In Windows PowerShell, use the Get-Command Module Hyper-V cmdlet to verify that the Hyper-V
module is installed.
11. In Windows PowerShell, use bcdedit.exe to verify that hypervisor is configured to start automatically.
12. Confirm that Hyper-V Manager and Hyper-V Virtual Machine Connection programs are installed.
13. Confirm that now there are multiple counters available in Performance Monitor that start with the
word Hyper-V.
14. Confirm that now there are inbound Windows Firewall rules that start with the word Hyper-V.
Lesson 2
Managing Hyper-V
You will usually manage Hyper-V remotely, and not locally on the server where you installed it. Regardless
of from where you manage Hyper-V, you have two options: you can administer it in a GUI by using
Hyper-V Manager, or by using Windows PowerShell. When you manage Hyper-V remotely, you must
install the administrative tools locally on your remote machine. Ensure that you can connect to the server
that is hosting the Hyper-V role, and that you have appropriate permissions that allow you to manage
Hyper-V.
Lesson Objectives
Describe the Hyper-V Manager console.
Explain the addition of the Hyper-V Manager console.
Install and use Hyper-V Manager.
Explain how to use Windows PowerShell to manage Hyper-V.
Explain how to manage Hyper-V in a workgroup environment.
Describe the Hyper-V Best Practices Analyzer.
Describe the Hyper-V security model.
Overview of the Hyper-V Manager Console

You can use the Hyper-V Manager console
to manage the Hyper-V host, and any virtual
machines that you configure on the Hyper-V host.
You can access this console in several ways, such
as from Start screen, in Server Manager, from
Administrative Tools in Control Panel, or by
adding the Hyper-V Manager snap-in to a blank
Microsoft Management Console (MMC). You can
use Hyper-V Manager to administer multiple
Hyper-V hosts, but for larger deployments, you
should use other tools such as the Microsoft
System Center 2012 Virtual Machine Manager.
Note: System Center 2012 R2 is required to manage Windows Server 2012 R2. System
Center 2012 with Service Pack 1 (SP1) (or a newer version) is required to manage Windows Server
2012.
The Hyper-V Manager console has three panes. The navigation pane on the left provides a listing of all
connected Hyper-V hosts. The details pane in the middle provides information about the virtual machines
on the selected Hyper-V host. Detailed information includes their state, CPU usage, and assigned memory.
You can also add or remove additional columns in this pane. The details pane also lists checkpoints
(point-in-time snapshots), summary, memory, networking, and replication details for selected virtual
machine. The Actions pane on the right is divided into two parts: at the top are the actions available for
managing the Hyper-V host; below that is the contextual Actions pane that allows you to manage the
2-13
selected virtual machine. The same actions are available when you right-click the host in the navigation
pane, or right-click the virtual machine in the details pane.
Question: Your virtualization environment has three Hyper-V hosts. In Hyper-V Manager,
can you view Manager the virtual machines on all three Hyper-V hosts simultaneously?
Adding the Hyper-V Manager Console

When you install Hyper-V role by using the
Add Roles and Features Wizard, the Hyper-V
Manager console is added automatically.
However, when you install the role by using the
Install-WindowsFeature cmdlet, you must add the
-IncludeManagementTools parameter. Otherwise,
the Hyper-V Manager will not be installed. In
addition, if you install Hyper-V with dism.exe, the
Hyper-V Manager console is not added
automatically.
The Hyper-V Manager console and the Hyper-V
Module for Windows PowerShell are Windows
roles (and role services), and you can add them to any Windows Server 2012 R2 computers. This is
especially useful if you need to manage Hyper-V from a server that does not have the Hyper-V role.
You can also use Hyper-V Manager to manage Hyper-V Server 2012 R2 remotely from a GUI.
If you want to administer Hyper-V from a Windows 8 or newer Windows client operating system
computer, you need only to turn on the Hyper-V Management Tools feature. This is because Hyper-V
is part of the Windows client operating system. If you need to administer Hyper-V from a Windows 7
computer, you must first download and install Remote Server Administration Tools (RSAT) for Windows 7,
and then you can turn on the Hyper-V Management Tools feature. You should be aware that if you want
to administer Hyper-V from older operating systems such as Window 7 or Windows Server 2008 R2, you
will not be able to configure all Windows Server 2012 R2 Hyper-V features.
You can administer Hyper-V from your device even if Hyper-V Manager is not available for the device,
provided it supports Remote Desktop Protocol (RDP). You can allow remote desktop connections to a
computer where Hyper-V Manager is installed, and then connect to it from your device.
Question: Do you need to install RSAT on a Windows 8.1 workstation if you want to use it
for managing Hyper-V hosts?
Demonstration: Installing and Using Hyper-V Manager

In this demonstration, you will see how to install and use Hyper-V Manager.
Demonstration Steps
1.
Sign in to LON-CL1 with the user name Adatum\Administrator and password Pa$$w0rd.
2.
Confirm that no program that has the word hyper in the name is installed on LON-CL1.
3.
In Windows PowerShell, use the Get-WindowsOptionalFeature cmdlet to confirm that Hyper-V

management tools are not installed.
4.
Use the Windows Features window to enable the Hyper-V Management Tools feature.
5.
In Windows PowerShell, use the Get-Command Module Hyper-V cmdlet to confirm that the
Hyper-V module has been installed.
6.
Confirm that two programs, Hyper-V Manager and Hyper-V Virtual Machine Connection, are
installed on LON-CL1.
7.
Add LON-HOST1 to Hyper-V Manager, and review Hyper-V Settings for LON-HOST1.
Using Windows PowerShell to Manage Hyper-V
You can manage Hyper-V from the GUI by using

the Hyper-V Manager console. However, that is
not always practical, especially when you need
to automate administrative tasks or perform the
same task on multiple Hyper-V hosts or virtual
machines. In such situations, Windows PowerShell
is a solution that also works for administrators
who prefer to use a command-line interface.
Windows PowerShell is part of Windows Server,
and it is designed for users to control and
automate the administration of Windows
operating systems. Everything that you can
configure through a Windows GUI, you can also configure by using Windows PowerShell. This is also true
for managing the Hyper-V role.
In Hyper-V Manager, you can view available options either in the Actions pane, or when you right-click
an object. To list all the Windows PowerShell commands (called cmdlets) that you can use to manage
Hyper-V, from a Windows PowerShell window, simply run the following cmdlet:
Get-Command -Module Hyper-V
You can pipe the result to the Measure alias by using the following command:
Get-Command Module Hyper-V | Measure
When you do this, you will discover that Windows Server 2012 R2 includes 178 cmdlets in the Hyper-V
module. If you need the detailed cmdlet syntax, you can use the following command:
Get-Help
If you remember only part of the cmdlet, you can use the following command, where part of name is the
part of the cmdlet that you can remember:
Get-Command cmdlet (Get-Command *part of name*)
Parts of Cmdlets
Cmdlets have consistent verb-noun names, so in most cases you will know from a cmdlet name what
action it will perform. Some examples are as follows:
Cmdlets starting with Get- will return the object property values, and will not modify objects in any
way.
Cmdlets starting with Set- will set object property values, and you can use these cmdlets for
configuring objects.
Cmdlets starting with Disable- will disable objects.
Cmdlets starting with Enable- will enable objects.
2-15
The second part of a cmdlet name specifies the object type on which the cmdlet will act. Some examples
are as follows:
Get-VMHost lists Hyper-V host information.
Set-VMSwitch configures a virtual switch by setting its properties.
Enable-VMMigration enables migration on one or more virtual machine hosts.
You can specify the server on which you want to run the cmdlet by using the -ServerName parameter.
You also can specify more than one server:
Get-VMHost -ServerName LON-DC1, LON-SVR1
Another Windows PowerShell feature is pipeline ( | ), which you can use to pass results between cmdlets.
For example, if you want to save all virtual machines on LON-HOST1, you can run the following
command:
Get-VM -HostName LON-HOST1 | Save-VM
If you want to start only virtual machines that have DC in their name and are hosted on LON-HOST1, you
can run the following command:
Start-VM -Name *DC* -HostName LON-HOST1
When you run some cmdlets (for example Get-VMHost), you cannot see the entire output because of
formatting. However, you can always format output differently, for example by directing the output to the
Format-Table cmdlet (or to the ft alias):
Get-VMHost -HostName LON-HOST1 | ft
These examples are very basic examples of what you can do with Windows PowerShell. By using these
basic commands, you can start exploring Hyper-V with Windows PowerShell. You can also use Windows
PowerShell Integrated Scripting Environment (ISE), which includes an editor in which you can run cmdlets.
You also can use Windows PowerShell ISE to write, test, and debug scripts in a single GUI with multiline
editing, tab completion, syntax coloring, selective execution, and context-sensitive help.
Question: What must you do to be able to administer Hyper-V by using Windows
PowerShell?
Managing Hyper-V in a Workgroup Environment

A Hyper-V host can be an Active Directory
Domain Services (AD DS) member, or a member
of a workgroup. This has no effect on the virtual
machines that are running on the Hyper-V host.
However, AD DS membership greatly simplifies
Hyper-V host management. AD DS does require
additional infrastructure because domain
controllers and a DNS server are required, but
in most environments, they are already available
and in use.
When you install the Hyper-V role, Windows

Firewall rules for remote management of Hyper-V
are created, and by default, enable remote connections and management. If the Hyper-V host is an AD DS
member, domain Group Policies apply to it. In this case, you can use your domain credentials to manage
Hyper-V remotely if your user account has sufficient permissions, without any additional configuration.
However, if Hyper-V host is not an AD DS member (which can be the case in small, high security, or test
environments), additional configuration is required if you want to manage the Hyper-V host remotely.
You must ensure that Windows Firewall allows remote management. In a server with a GUI, you create
and enable firewall rules by default when you install the Hyper-V role. However, in a Server Core
installation or in Hyper-V Server, you must enable firewall rules manually.
Remote management is enabled by default in Windows Server 2012 R2, but you still need to grant
administrative rights remotely to local users, which you can do by running the command winrm
quickconfig. You must also create a local user with the same username and password as the domain user
that will be managing Hyper-V host, and then grant the local user sufficient permissions by adding him or
her to the Hyper-V Administrators local group. Because Component Object Model (COM) security is set to
allow remote access for Everyone by default, no further configuration on the Hyper-V host is required.
Make sure that Hyper-V management tools are installed on the computer from which you want to
manage the Hyper-V host remotely. Then, when you open the Hyper-V Manager console, you should
be able to connect to the remote Hyper-V host and manage it remotely.
Best Practice: To simplify configuration of a workgroup member Hyper-V host for remote
management, use the Hyper-V Remote Management Configuration Utility (HVRemote).
Hyper-V Remote Management Configuration Utility (HVRemote)
Question: Can you join virtual machines to the domain if they are running on a Hyper-V
host that is a member of a workgroup?
Hyper-V Best Practices Analyzer

Best practices for configuring a server are
guidelines on how you should configure a server
to be as effective and as secure as possible in a
typical environment. For example, a best practice
is to keep open only ports that the server requires
to communicate with other computers, and to
block all other unused ports. However, sometimes
it is not possible to follow all best practices. This
is not necessarily problematic, but it is helpful if
you are aware of the best practices you are not
implementing, and you can explain why you are
configuring your server differently from the
guidelines provided in the best practices.
2-17
The Best Practices Analyzer (BPA) is a rule-driven framework that can scan server roles for compliance with
best practices. The Hyper-V BPA in Windows Server 2012 R2 is installed as part of the Hyper-V role, and
includes over 110 rules, which are grouped in several categories. Some of these categories are Hyper-V
and virtual machine configuration, Networking, Storage, and Backup. Hyper-V BPA rules includes many
best practice recommendations, such as the following:
Hyper-V should be the only enabled role on the server.
The Server Core installation option for Windows Server 2012 is recommended for servers running
Hyper-V.
Domain membership is recommended for servers running Hyper-V.
Virtual machines should be backed up at least once a week.
All networks for live migration traffic should have a link speed of at least 1 gigabits per second
(Gbps).
BPA is available as part of Server Manager or as Windows PowerShell cmdlets, contained in the
BestPractices module. You can use BPA to increase best practices compliance by scanning one or multiple
roles simultaneously, on either local or remote Hyper-V hosts, and regardless of whether you run scans
using the Best Practices Analyzer tile in Server Manager, or use Windows PowerShell cmdlets. You also can
instruct BPA to exclude or ignore scan results that you do not want to view.
BPA measures compliance with each best practice rule. Results can have one of the three following
security levels:
Error. Configuration is not compliant with best practices, and can potentially cause functionality
problems.
Information. Configuration is compliant and in accordance with best practice rules.
Warning. Configuration is not compliant, and the results of noncompliance can cause problems if
changes are not made. The configuration might be compliant as currently operating, but may not be
compliant if changes are not made.
After you perform a BPA scan in Server Manager, you can view compliance results in the BPA section.
When you select a result in this section, a preview pane in the section displays result properties, including
an indication of whether the role is compliant with the best practice. If a result is not compliant, and if you
want to know how to resolve the problem, you click links in the Error and Warning result properties
section.
Run Best Practices Analyzer Scans and Manage Scan Results

Question: Should you always configure your Hyper-V host as best practices rules suggest?
Hyper-V Security Model

You implement security for Hyper-V differently
than for most other Windows components that
control access to objects by using access control
lists (ACLs). Hyper-V uses a role-based access
control (RBAC) role, which means that resources
are owned by the system, and users are granted
access to these resources by being assigned to
predefined roles. The Authorization Manager
framework is used to configure RBAC for Hyper-V.
Authorization Manager is deprecated in Windows
Server 2012, but it is still available in Windows
Server 2012 R2.
Authorization Manager uses an authorization store for storing authorization information, and this store
can either be located in Active Directory, an XML file, or SQL Server. The default Hyper-V authorization
store is located in the C:\ProgramData\Microsoft\Windows\Hyper-V\InitialStore.xml file. Authorization
Manager is not often used, and many Hyper-V Administrators prefer to use either scripting or VMM to
implement security.
Simple Authorization
Two types of users work with Hyper-V authorization: administrators in enterprises who require complex
authorization policy, and administrators in smaller environments. Administrators in enterprises typically
use VMM, which hides Authorization Manager from them. If administrators in smaller environments are
not using VMM, then they must use Authorization Manager, even for a simple authorization policies. By
doing this, administrators can avoid having to make users who need to manage Hyper-V, local
administrators.
Hyper-V in Windows Server 2012 R2 uses a new security model called Simple Authorization. Simple
Authorization provides an alternative to using Authorization Manager to manage simple authorization
policy. It also improves the experience of granting Hyper-V administrator privileges to accounts, without
granting local administrator privileges on the Hyper-V host. As a result, security of the Hyper-V host is
improved.
You implement Simple Authorization on the Hyper-V host by creating a local security group named
Hyper-V Administrators. A group with the same name is also added at the domain level. Both groups
(local and domain) are empty by default. The Hyper-V Administrators group is also included in the
Authorization Manager authorization store. The local group is included in the workgroup Hyper-V host,
but as soon as the server is joined to the domain, the domain group replaces the local group in the
authorization store.
Members of the Hyper-V Administrators group have complete and unrestricted access to all Hyper-V
features. They are granted permissions in:
Authorization Manager
DCOM permissions
Windows Management Instrumentation (WMI) virtualization namespace permissions
Common Information Model version 2 (CIMv2) namespace permissions

Configure Hyper-V for Role-based Access Control
Question: You need to allow a user to manage virtual machines on a Hyper-V host, but this
user must not be able to manage Hyper-V host settings. What should you do?
2-19
Lesson 3
Configuring Hyper-V Settings
Hyper-V settings control the Hyper-V host. For example, Hyper-V settings determine where new virtual
machines will be created by default, whether Hyper-V is configured with RemoteFX adapters, whether
virtual machines and virtual machine storage can be transferred via live migration, and if the host is
configured as a Hyper-V replica. You can configure Hyper-V settings in Hyper-V Manager, or in Windows
PowerShell. You should be familiar with available options (such as non-uniform memory access (NUMA)
spanning or enhanced session mode policy) before configuring them.
Lesson Objectives
Describe Hyper-V settings.
Describe NUMA.
Describe RemoteFX.
Describe enhanced session mode.
Describe resource pools.
Overview of Hyper-V Settings

You can use the Hyper-V Manager console or
Windows PowerShell to manage Hyper-V settings.
If you want to change the Hyper-V settings, you
can right-click Hyper-V host in the navigation
pane of Hyper-V Manager, and then click Hyper-V
Settings, or click Settings in the Actions pane. You
can configure the following settings in the
Settings window:
Virtual Hard Disks. This setting specifies the

default folder location for virtual hard disks
that you create on the Hyper-V host. When
you are running the New Virtual Hard Disk
Wizard, the location that you configure here will be used. By default, virtual hard disks are created in
the Public profile, and you should modify this default location.
When you are determining where to store the .vhdx and .vhd files, you should consider performance,
high availability, and available space. You should consider storing .vhd files on a separate disk, and
then distribute the .vhd files across as many disks as are available. If a SAN is available, you may
consider configuring this setting to point to a SAN logical unit number (LUN). If SMB 3.0 shares are
available, you can configure settings to point to this network location also.
Virtual Machines. This setting specifies the default folder location for storing virtual machine
configuration files. When running the New Virtual Machine Wizard, the location that you configure
here will be used. You should have similar considerations as with virtual hard disks, and if you want
virtual machines to be highly available, this location should point to a shared location on either a SAN
or SMB 3.0 share.
2-21
Physical GPUs. This setting applies to Remote Desktop Virtualization and the VDI implementation. If
you want to enable RemoteFX 3D Video Adapters in virtual machines, you must install the Remote
Desktop Virtualization Host role service, and the Hyper-V host must have a physical graphics
processing unit (GPU) that supports RemoteFX.
NUMA Spanning. This setting allows virtual machines to span across NUMA nodes when CPU or
memory resources are needed. The default setting is to allow spanning, but administrators should
consider whether this is the optimal configuration for the applications and services that are running
in their virtual machines.
Live Migrations. This setting defines whether Hyper-V host can participate in virtual machine live
migrations. This setting is not enabled by default. If you enable this setting, there are additional
configuration options from which to choose, such as authentication protocol, maximum number
of simultaneous live migrations, which networks can be used for live migrations, and performance
options.
Storage Migrations. This setting controls how many storage migrations can occur simultaneously on
the Hyper-V host. The default setting is 2.
Enhanced Session Mode Policy. This setting defines whether redirection of local devices and resources
to virtual machines is allowed. The default Enhanced Session Mode Policy setting is to not allow
redirection. Enhanced session mode requires a supported operating system on the virtual machine
and requires additional virtual machine configuration.
Replication Configuration. This setting determines when Hyper-V host can be used as a Hyper-V
Replica server. The default setting is that Hyper-V is not enabled as a replica server. If you enable it as
a replica server, you can configure additional settings such as authentication, and from which servers
replication is allowed.
You can also configure the following user settings:
Keyboard. This setting controls how Windows key combinations (for example, Alt+Tab) are used
when using the Virtual Machine Connection interface. The default setting is to allow use of key
combinations with the virtual machine.
Mouse Release Key. This setting controls the key combination for releasing the mouse in the Virtual
Machine Connection interface, when the guest operating system does not have Integration Services
installed.
Enhanced Session Mode. This setting controls whether you want to use enhanced session mode
with Virtual Machine Connection, when an enhanced session mode is available in a guest operating
system. This setting is enabled by default. This setting allows the use of full Remote Desktop capability
when connecting to a virtual machine, including shared clipboard and device redirection.
Reset Check Boxes. When you click the Reset button here, all check boxes are cleared that when
checked, hide pages and messages.
Question: You want all virtual machines that you create on Hyper-V host to be stored in the
same folder. Which Hyper-V setting should you configure: Virtual Hard Disks, or Virtual
Machines?
Demonstration: Configuring Hyper-V Settings

In this demonstration, you will see how to configure Hyper-V settings.
Demonstration Steps
1.
On LON-HOST1, in Hyper-V Manager, start the New Virtual Hard Disk Wizard, and confirm default
location for creating new virtual hard disks.
2.
In Hyper-V Manager, confirm that the same location is set as Virtual Hard Disk location Hyper-V
Setting.
3.
Set the Virtual Hard Disk location Hyper-V Setting to C:\Users and confirm that this location is
used as a default location when creating new virtual hard disks.
4.
In Windows PowerShell, use the Set-VMHost cmdlet with the VirtualHardDiskPath parameter to set
virtual hard disk location to \\LON-HOST2\VHDs.
5.
Use Hyper-V Manager to confirm that it was set successfully.
6.
In Windows PowerShell, use the Set-VMHost cmdlet to disable NUMA Spanning, and set the
maximum simultaneous storage migrations to 4.
7.
Use Hyper-V Manager to confirm the changes that you made in Windows PowerShell.
8.
Enable NUMA Spanning.
What Is NUMA?
A computer with a single processor has a single
bus for accessing memory, and that single
processor can access all of a computers memory
with the same latency. However, many modern
computers have multiple processors with multiple
cores. Each physical CPU uses its own bus for
accessing physical memory.
NUMA is a computer architecture that

multiprocessor systems use, in which the time
required for a CPU to access memory depends on
the memorys location relative to the processor.
Some memory regions are located and connected
directly to one or more CPUs. All memory is accessible by all CPUs, but a CPU can access local memory
(memory attached directly to the CPU) faster than it can access remote memory (memory that is local to
another CPU in the system). This is why NUMA architecture divides memory and processors into groups,
called NUMA nodes. For large, multiple CPU systems, using NUMA architecture can result in increased
system performance.
Modern operating systems and high-performance applications include optimizations that can recognize
and consider using system NUMA topology when scheduling threads or allocating memory to increase
system performance. To avoid remote access delays, a NUMAaware application attempts to allocate
storage and schedule threads to access data in the same NUMA node.
When a virtual machine starts, Hyper-V attempts to allocate all the memory for the virtual machine from
a single NUMA node, if enough memory is available. If the single NUMA node does not have enough
memory, Hyper-V also allocates memory from other NUMA nodesthis is known as NUMA spanning. At
the Hyper-V host level, a single check box controls whether to allow NUMA spanning. If this setting is
2-23
enabled (which is the default configuration, and which means that NUMA spanning is allowed), virtual
machines can span NUMA nodes and provide virtual machines with additional memory. However, when a
virtual machine allocates memory from multiple NUMA nodes, there is a performance cost because CPU
access to remote memory takes longer than when CPU accesses local memory in the same NUMA node.
Hyper-V in Windows Server 2012 and Windows Server 2012 R2 projects a virtualized NUMA topology to
virtual machines. By default, this virtual NUMA topology is optimized to match the NUMA topology of the
physical host. Projecting a virtual NUMA topology into a virtual machine enables optimal performance
and workload scalability in large virtual machines by allowing the guest operating system and applications
such as SQL Server to leverage their NUMA performance optimizations.
You can configure virtual NUMA topology at a virtual machine level. You can specify the maximum
amount of memory, maximum number of virtual processors, and the maximum number of virtual NUMA
nodes. By default, these values are set to align with the physical NUMA topology. If you change the
settings, you can restore the default virtual NUMA topology by clicking the Use Hardware Topology
button.
Hyper-V Virtual NUMA Overview
Question: Can you modify your servers NUMA topology?
What Is Enhanced Session Mode?

Hyper-V uses the Virtual Machine Connection tool
to connect to virtual machines by using RDP. Prior
to Windows Server 2012 R2, the Virtual Machine
Connection tool provided only basic redirection
of the virtual machine screen, keyboard, and a
mouse, such as a Keyboard Video Mouse switch
over IP. The tool also provided limited Copy and
Paste functionality, which was limited to text and
did not support any other content such as
graphics or files.
With Windows Server 2012 R2, you still use the

same method to connect to virtual machines, but
Hyper-V also supports enhanced session mode. Enhanced session mode utilizes the Remote Desktop
Services component in virtual machines, and establishes full Remote Desktop sessions over VMBus. This
means that even if the virtual machine has no network connectivity (and there is network connectivity to
the Hyper-V host on which virtual machine is running), you can connect to the virtual machine by using
the Virtual Machine Connection tool using enhanced session mode. This means that you can redirect local
resources (such as smart cards, printers, drives, USB devices or any other supported Plug and Play devices)
to virtual machines. You also can use folder redirection, and use shared Clipboard for copying content
to virtual machines. In addition, you can copy files into virtual machines by dragging and dropping
them onto the virtual machine, even if the virtual machine does not have network connectivity. Enhanced
session mode and full Remote Desktop are available even when virtual machines are running on Hyper-V
on Server Core or Hyper-V Server 2012 R2.
You can configure enhanced session mode at following levels:
Server settings - Enhanced Session Mode Policy. This setting affects all virtual machines that are
running on the Hyper-V host. If this setting is enabled, enhanced session mode connections to virtual
machines on this Hyper-V host will be allowed.
Note: The default setting for the Allow enhanced session mode is set to Disabled on
Hyper-V in Windows Server 2012 R2, and is set to Enabled on Windows 8.1.
User settings - Enhanced Session Mode. This setting determines if the Virtual Machine Connection
tool attempts to use enhanced session mode.
Guest operating system. Enhanced session mode is available only if you connect to virtual machines
that are running Windows Server 2012 R2 or Windows 8.1. Remote Desktop Service must be running
on the virtual machine, and the user account you will be using to sign in to the virtual machine must
be a member of the Remote Desktop Users local group.
Virtual Machine Connection - Enhanced Session Mode Overview
Question: Can you use enhanced session mode to connect to a Windows Server 2012 R2
virtual machine that is running on a Hyper-V host on Windows Server 2012?
What Are Resource Pools?

Resource pools in Windows Server 2012 R2
provide a layer of abstraction between virtual
machines and the underlying physical hardware
on the Hyper-V host. You configure Hyper-V
resource pools by using Windows PowerShell.
You cannot create them in Hyper-V Manager.
Resource pools are especially useful when used
with virtual machine mobilityfor example with
Live Migration, when settings such as the location
for storing virtual machine files and virtual switch
names are different on different servers.
Resource pools provide a way to abstract those

configurations, because the only requirement is that the resource pool configurations are the same
on each Hyper-V host. For example, if you add virtual switches to a network pool named Pool1, virtual
machines will be able to connect to new virtual switches automatically if they are configured to use Pool1.
Resource pools allow administrators to configure the environment for virtual machine mobility. Resource
pools also enable administrators to group virtual machine resources and then collect metrics on the pool
for chargeback purposes. For example, the hosting company could configure resource pools for each
customer, and then collect resource usage data.
2-25
You implement resource pools in Hyper-V by resource type. There are different resource pool types
such as Processor, Memory, Ethernet and virtual hard disk. By default, primordial pools are created
automatically for each resource type when you install the Hyper-V role. Using the Windows PowerShell
cmdlet Get-VMResourcePool, the default primordial pools display. You can also create new resource
pools, for example by running following cmdlet:
New-VMResourcePool -Name "Contoso Network" -ResourcePoolType Ethernet
Once you create the Network (Ethernet) and Storage (virtual hard disk) resource pools, the configuration
settings that are available for the virtual machine display in Hyper-V Manager.
Question: How can you configure a virtual machine to use a virtual hard drive from a
specific resource pool?
Lesson 4
Hyper-V Host Storage and Networking

You must properly configure storage and networking for a Hyper-V host, so that the virtualization
platform and the virtual machines that are running on that platform can use the available resources at
optimal performance. Features such as storage spaces, disk deduplication, and network teaming are
Windows Server features that Hyper-V can utilize when they are available. For example, Hyper-V can
store virtual machines on SMB 3.0 network shares, and disk deduplication in Windows Server 2012 R2
can minimize disk space used by running virtual machine in a VDI scenario.
Lesson Objectives
Describe storage spaces.
Describe disk deduplication.
Describe Offloaded Data Transfer.
Describe SMB 3.0.
Explain how Hyper-V benefits from SMB 3.0.
Describe network teaming.
Overview of Storage Spaces

Storage Spaces is a storage virtualization
subsystem in Windows Server operating systems
and Windows client operating systems. Storage
Spaces is built on top of storage pools, which are
a collection of physical disks. Physical disks can
be of different sizes, and can be connected locally
by using different bus types such as SATA, Serial
Attached SCSI, external SCSI, SCSI, or USB. Remote
storage such as NAS or SANs cannot be part of
storage pools. Storage pools enables you to
aggregate storage, expand capacity flexibly, and
delegate administration.
Storage Spaces is represented as virtual disks built on top of storage pools. Storage Spaces can have
different levels of redundancy, can use all allocated space when created (fixed provisioning) or expand
dynamically (thin provisioning), and can have automatic or controlled allocation on heterogeneous
storage.
You can use Storage Spaces to add physical disks of any type and size to a storage pool, and then create
highly available virtual disks from the storage pool. The primary advantage of Storage Spaces is that you
can manage multiple disks as one unit, instead of managing single disks.
Storage Spaces includes the following features:
Resilient storage. Storage Spaces support two resiliency modes: mirroring, and parity. You can
configure layout and resiliency for each storage pool independently. You can also configure per-pool
support for disks that are reserved for replacing failed disks (or hot spares).
2-27
Continuous availability. Storage Spaces is fully integrated with failover clustering, which provides
continuous availability. You can cluster pools across multiple nodes within a single cluster. Storage
Spaces can be created on individual nodes, and if failure occurs, the storage will fail over to a
different node. Storage Spaces supports integration with CSVs, which enables scale-out access to
data.
Optimal storage use. Storage Spaces supports thin provisioning to allocate space as needed. If data is
deleted inside a virtual machine, Hyper-V supports automatic storage reclamation for deleted files.
Storage Tiering: In Windows Server 2012 R2, you can enable storage tiers on virtual disk, which enable
automatic movement of the most frequently accessed files to faster SSD storage.
Multitenancy. Administration of storage pools is controlled through ACLs, and is delegated on a perpool basis. Each storage pool can be isolated, and access is integrated with AD DS.
Storage Spaces Overview
Question: Can you include an iSCSI disk that is connected to your Hyper-V host, in Storage
Spaces?
Overview of Disk Deduplication
When you store files on a file server, many files

can contain blocks of the same data. This is also
the case for virtual hard disks, especially when
they have the same guest operating system
installed. Data deduplication is a process that runs
in the background after a file is saved. It analyzes
the files, and finds and removes duplicated blocks
without compromising file integrity. The goal of
data deduplication is to store more data in less
space by segmenting files into small variable-sized
chunks (32128 kilobytes (KB)), identifying
duplicate chunks, and maintaining a single copy
of each chunk. Duplicated copies of the chunks are then replaced by a reference to the single copy. The
chunks are compressed, and then organized into special container files in the System Volume Information
folder. Access to deduplicated files is the same as access to files that are not deduplicated.
You can enable data deduplication in Server Manager, or by using Windows PowerShell. You enable
data deduplication only for an entire volume. The volume must be formatted with NTFS file system, and
must not be a system or boot volume. You can use data deduplication on shared storage, and failover
clustering is fully supported. Windows Server 2012 R2 adds support for data deduplication on CSVs.
Data deduplication can be effective for optimizing storage and reducing the disk space used for storing
data. A virtualization library that stores virtual hard disks is a good example of how Data Deduplication
reduces disk space usage. By using data deduplication, you can reduce the virtualization library size by
80 percent or more. Windows Server 2012 can dedupicate only files that are not constantly open, and
because of this, virtual hard disks of running virtual machines cannot be deduplicated.
Windows Server 2012 R2 improves deduplication performance and adds support for deduplication of
open files. As a result, Windows Server 2012 R2 can deduplicate the virtual hard disks of the running
virtual machines that you used for VDI, and that are stored on an SMB 3.0 network share. Deduplication of
running virtual machines that are not part of VDI or that are not stored on a network share may work, but
this scenario is not supported.
Data Deduplication Overview
Question: You plan to enable data deduplication on a file server. How can you enable data
deduplication, and what must you install first?
What Is Offloaded Data Transfer?

When you use a traditional data copy model,
the data for copying must first be read from
the source storage (SAN), transferred over the
network, and then written into the server memory.
Next, the data must be transferred over the
network again to the destination storage (SAN),
and then written to the disk. This approach has
several drawbacks, such as high utilization of
server processor and memory, and transferring
data to a server and then back to storage, even if
data is copied inside the same SAN.
To avoid this inefficiency, Windows Server 2012

and newer versions support Windows Offloaded Data Transfer. Offloaded Data Transfer uses a tokenbased mechanism for reading and writing data within or between intelligent SANs. Instead of reading and
writing the data through the server, a token is copied between the source and destination storage. The
token serves as a point-in-time representation of the data, and the copy manager of the SAN performs
the data movement according to the token. For example, when you copy a file or a virtual hard disk
between storage locations on the same SAN or between the SANs, a token representing the virtual hard
disk file is copied. The server does not need to copy the underlying virtual hard disk, because the storage
(SAN) that supports Offloaded Data Transfer will copy the virtual hard disk file more effectively and
without utilizing the server.
You can use Offloaded Data Transfer to interact with the storage device to move large files or data
through the high-speed storage network. Offloaded Data Transfer reduces client-server network traffic
and CPU usage considerably during large data transfers, because all data movement is performed by the
storage. If you want to use Offloaded Data Transfer, source and destination SANs must:
Support Offloaded Data Transfer, must be connected by using iSCSI, Fibre Channel, Fibre Channel
over Ethernet, or Serial Attached SCSI.
Must be managed by the same storage manager.
Hyper-V supports Offloaded Data Transfer, and when Offloaded Data Transfer also is supported by a
storage array, performance improvements can be considerable. For example, if the creation of a 10-GB
fixed-size virtual hard disk takes almost three minutes, the same operation takes less than a second when
using Offloaded Data Transfer. In addition, when using Offloaded Data Transfer you can perform other
related Hyper-V operations much faster, such as expanding virtual hard disks, merging virtual hard disks,
or live storage migration.
Windows Offloaded Data Transfers Overview

Question: Can you use Offloaded Data Transfer when you copy a 10-GB file between file
shares?
What Is SMB 3.0?

SMB is a network file sharing protocol that
Windows operating systems use on top of the
TCP/IP protocol for accessing files on network
shares. SMB has several backward-compatible
versions, and Windows Server 2012 adds support
for SMB 3.0. SMB 3.0 has several new and useful
features, including the following features:
2-29
SMB Transparent Failover. This feature is

available in a failover cluster with at least two
nodes. It allows clients to access an SMB file
share without interruption even if the SMB file
server node to which the client is connected
fails. A failover cluster preserves information on the server side, and allows the client to reconnect
automatically to the same share on the remaining file server cluster node. This enables administrators
to perform hardware or software maintenance on file server cluster nodes by moving file shares
between nodes without client interruption.
SMB Scale Out. Administrators can use this feature to create file shares in failover clusters on CSVs
that provide simultaneous access to files, with direct I/O, through all nodes in a file server cluster.
This feature helps provide load-balancing of clients and better utilization of network bandwidth.
SMB Multichannel. This feature provides the ability to use multiple network interfaces for aggregation
of network bandwidth and network fault tolerance, if multiple paths exist between the client and the
server. Server applications can utilize aggregated network bandwidth, and are resilient in case of a
network failure.
SMB Direct. This feature provides the ability to use network adapters that have Remote Direct
Memory Access (RDMA) capability. Network adapters that have RDMA can function at full speed with
very low latency by using minimal CPU resources.
SMB Encryption. This feature enables file encryption while files are transferred over the network, and
without using public key infrastructure (PKI). You can configure SMB Encryption per share, or for the
entire server.
VSS for SMB file shares. Volume Shadow Copy Service (VSS) is a framework that enables volume
backups while applications continue to write to the volumes. The VSS provider for SMB file shares
enables VSSaware backup applications to perform application-consistent shadow copies of VSSaware server applications that are storing data on SMB 3.0 file shares. Prior to this feature, VSS only
supported performing shadow copies of data stored on local volumes.
Note: Windows Server Backup in Windows Server 2012 does not support VSS for SMB file
shares.
SMB share management. If you prefer graphical tools, you can use Server Manager to create
and configure file shares by using a simple set of wizards. However, when you need to manage a
significant number of shares or automate the configuration, you should use Windows PowerShell.
Windows PowerShell can also be help you to understand better the inner workings of SMB 3.0. For
example, you can create a new file share by running the following Windows PowerShell cmdlet:
New-SmbShare
You then can add required permissions by running the following Windows PowerShell cmdlet:
Grant-SmbShareAccess
You can view other SMBrelated cmdlets by running the following Windows PowerShell cmdlet:
Get-Command -Module smbshare
Server Message Block overview

Updated links on Windows Server 2012 File Server and SMB 3.0
Question: Is SMB 3.0 used when you access and copy files from a Windows Server 2008 R2
file server to a Windows Server 2012 R2 server?
Hyper-V Over SMB

Prior to Windows Server 2012, Hyper-V could run
virtual machines only if virtual hard disks of the
virtual machine were stored locally or on a SAN.
Hyper-V in Windows Server 2012 provides added
support for storing virtual machine data files
(such as configuration, virtual hard disks, and
checkpoints), on network shares, which must be
accessible over SMB 3.0 protocol or newer. When
virtual machines are stored on an SMB share, the
file server that provides the SMB share must
not be the Hyper-V host that is storing virtual
machine data files on that share. In such a case,
you should configure the Hyper-V host to store virtual machine data files locally.
Because computer accounts are used for configuring file share permissions, the Hyper-V host and the file
server that hosts the SMB share must be members of the same AD DS domain. If data files of the running
virtual machine are stored on the SMB share, you can also configure data deduplication for the volume
that is hosting the SMB share. This requires Windows Server 2012 R2, and is only supported if the virtual
machine is part of a VDI implementation.
Storing virtual machine data files on an SMB 3.0 file share provides a similar level of reliability, availability,
manageability, and performance, as when virtual machine data files are stored on a SAN storage. This
means that you can also use an SMB share as shared storage for high availability scenarios. When
accessing an SMB 3.0 file share, you can use features such as SMB Transparent Failover, SMB Scale Out,
SMB Multichannel, SMB Direct, and SMB Encryption.
Some of the advantages of using file shares to store virtual machine data files include:
2-31
Easier provisioning and management. Instead of managing SANs and LUNs, you can create and
configure file shares, with which all administrators are familiar.
Use existing infrastructure. You can use the existing file servers and networks. You do not have to add
specialized storage hardware such as SANs, or networking such as Fibre Channel.
Use existing knowledge. All administrators are familiar with creating and configuring file shares.
Deploy Hyper-V over SMB
Question: Can you store and run virtual machines on an SMB 3.0 share on a Windows Server
2012 R2 file server that is not a domain member?
Overview of NIC Teaming
You can use Windows Server 2012 R2 to configure

multiple NICs in the same server into a team. This
feature is known as NIC Teaming. NIC Teaming
allows multiple network interfaces to work
together as a team, and prevents connectivity
loss if one of the network interfaces in a team fails.
It also provides bandwidth aggregation for the
network interfaces in a team. NIC Teaming is not
a feature specific to Hyper-V, but Hyper-V can
utilize NIC Teaming to provide faster and more
reliable network connections for both the Hyper-V
host and virtual machines. When you are using
NIC Teaming in Windows Server 2012 R2, you can put network adapters from different vendors and
supporting different network speeds in the same team. NIC Teaming in Windows Server 2012 is supported
by Microsoft.
When you put two or more physical network adapters into a NIC Team, this is then presented to the
operating system as one or more virtual adaptersknown also as team network adapters. Two basic sets
of algorithms that distribute inbound and outbound traffic between the physical network adapters in the
team are:
Switch-independent modes. Algorithms do not require the switch to participate in NIC Teaming.
Because the switch does not have the knowledge that the network adapter is part of a team, you can
connect the team network adapters to different switches. However, this configuration is not required.
These modes do not require any configuration of a switch, and they protect against switch failures.
Switch-dependent modes. Algorithms require the switch to participate in NIC Teaming. These
algorithms require that all network adapters in a team are connected to the same switch, and that the
switch is configured properly.
The NIC Teaming feature also works within a virtual machine. This allows a virtual machine to have virtual
network adapters that are connected to more than one Hyper-V switch, and still have connectivity even if
the network adapter under that switch becomes disconnected.
You manage NIC Teaming in Server Manager using the NIC Teaming interface, or by using
Windows PowerShell cmdlets. You can view the cmdlets for managing NIC Teaming by running
Get-Command -Module NetLbfo.
NIC Teaming Overview

Question: Do you need to configure network switches if you want to use NIC Teaming in
Windows Server 2012 R2?

Scenario
2-33
Based on the analysis of the current server environment, A. Datum Corporation has identified several
servers that can be virtualized on Hyper-V. A. Datum is now ready to begin a pilot project to implement
virtualization in one of their branch offices.
The first step in the implementation project is to deploy the Hyper-V hosts in the branch office.
Technicians at the branch office have installed the hardware in the branch office, and have installed
Windows Server 2012 R2 on the servers. You have already configured LON-HOST1 and you now need to
install and configure Hyper-V on LON-HOST2.
Because all of the servers are located in a remote data center, you will use Windows 8.1 as an
administrative workstation. To become familiar with the different options for managing the Hyper-V
hosts, you will use both Server Manager and Windows PowerShell to manage the Hyper-V role remotely.
Objectives
Install the Hyper-V role.
Access and manage Hyper-V remotely.
Lab Setup
Virtual Machines: 20409B-LON-HOST1, 20409B-LON-HOST2, 20409B-LON-DC1, 20409B-LON-CL1, and

20409B-LON-CL2
Password: Pa$$w0rd
For this lab, you will use the available virtual machine environment. Before you begin the lab, you must
complete the following steps:
1.
Sign in to the LON-HOSTx computer as Adatum\Administrator with the password of Pa$$w0rd.
2.
On LON-HOST1 start Hyper-V Manager.
3.
In Microsoft Hyper-V Manager, click 20409B-LON-DC1, and in the Actions pane, click Start.
4.
In the Actions pane, click Connect. Wait until the virtual machine starts.
5.

o
Password: Pa$$w0rd
the virtual machines at the end of this lab. However, you can shut down all virtual machines after
finishing this lab.
You will be working in pairs. Communicate clearly with your lab partner, and cooperate fully with
each other during this lab.
Exercise 1: Installing the Hyper-V Role

Scenario
In this exercise, you will install the Hyper-V role. You can install Window Server roles in several different
ways, and in this exercise, you will install the Hyper-V role by using Server Manager and Windows
PowerShell. You will also verify changes on the server after you have installed the Hyper-V role.
1.
Write down your LON-HOST number.
2.
Verify that the LON-HOST2 computer does not have the Hyper-V role installed.
3.
Install the Hyper-V role by using Server Manager.
4.
Verify that the Hyper-V role was installed successfully.
Task 1: Write down your LON-HOST number

Note: One of the students in a pair will be working on LON-HOST1, and the other student
will be working on LON-HOST2.
Write down your LON-HOST number on a piece of paper. If your LON-HOST number is 1, your
partners number will be 2, and vice-versa.
Task 2: Verify that the LON-HOST2 computer does not have the Hyper-V role
installed
1.
On LON-HOST2, in Server Manager, confirm that the Hyper-V role is not installed.
2.
In Windows PowerShell, use the Get-WindowsFeature cmdlet to confirm that neither Hyper-V nor
Hyper-V Management Tools are installed.
3.
In Windows PowerShell, use the Get-Command Module Hyper-V cmdlet to verify that the Hyper-V
module is not installed.
4.
In Windows PowerShell, use bcdedit.exe to verify whether hypervisor is configured to start

automatically.
5.
Use Windows Search to confirm that no program that has the word hyper in the name is installed.
6.
Confirm that there is no Applications and Services Logs node that starts with word Hyper-V in
Event Viewer.
7.
In Performance Monitor, confirm that there is only one counter available that starts with the word
Hyper-V, Hyper-V Dynamic Memory Integration Service.
8.
Confirm that there are no inbound Windows Firewall rules that start with the word Hyper-V.
9.
Confirm that six services display that start with the word Hyper-V, but that Hyper-V Virtual
Machine Management service is not present among the services on LON-HOST2.
Task 3: Install the Hyper-V role by using Server Manager

1.
On LON-HOST2, use Server Manager to install the Hyper-V role with default options, and select the
option to restart the server automatically if required.
2.
Wait until LON-HOST2 restarts, and then sign in with the user name Adatum\Administrator and the
password Pa$$w0rd.
Task 4: Verify that the Hyper-V role was installed successfully
2-35
1.
On LON-HOST2, use Server Manager to confirm that the Hyper-V role is installed.
2.
In Windows PowerShell, use the Get-WindowsFeature cmdlet to confirm that both Hyper-V and
Hyper-V Management Tools are installed.
3.
In Windows PowerShell, use the Get-Command Module Hyper-V cmdlet to confirm that the
Hyper-V module has been installed.
4.
In Windows PowerShell, use the bcdedit.exe command to verify that hypervisor is configured to start
automatically.
5.
Confirm that the Hyper-V Manager and Hyper-V Virtual Machine Connection programs are
installed.
6.
In Event Viewer, confirm that multiple Applications and Services Logs nodes that start with the
word Hyper-V display.
7.
In Performance Monitor, confirm that multiple counters that start with the word Hyper-V are
available.
8.
In Performance Monitor, confirm that multiple inbound Windows Firewall rules that start with the
word Hyper-V display.
9.
In Performance Monitor, confirm that multiple services that start with the word Hyper-V display,
including a service named Hyper-V Virtual Machine Management, which has a status of Running.
10. On LON-HOST2, run the following script: C:\Labfiles\Mod02-LON-HOST2.ps1 to prepare the

environment.
Note: This script will import three virtual machines: 20409B-LON-PROD2, 20409B-LONTEST2, and 20409B-LON-CL2.
The script will ask for the drive letter on which the base images were extracted and the drive
letter on which the course images were extracted. Theses drive letters will depend on the physical
server configuration. If you are unsure about what are the drive letters, ask the instructor.
Results: After completing this exercise, you should have installed the Hyper-V role.
Exercise 2: Configuring Hyper-V Settings

Scenario
Before using the virtualization infrastructure, you should be familiar with and configure Hyper-V Settings.
In this exercise, you will use Hyper-V Manager and Windows PowerShell to review and configure some of
the settings, such as a default virtual hard disk location, NUMA spanning, and enhanced session mode
policy.
1.
Create a network share for storing virtual machines.
2.
Configure a virtual hard disk location.
3.
Configure Hyper-V settings by using Windows PowerShell and Hyper-V Manager.
Task 1: Create a network share for storing virtual machines

Note: Complete the following task on both LON-HOST1 and LON-HOST2.
1.
On LON-HOSTx, use Server Manager to create a share by using the SMB Share Applications share
profile.
2.
Create a share on drive C. Name the share VHDs, and grant the Domain Users group Full Control
permissions to the share.
Task 2: Configure a virtual hard disk location

1.
On LON-HOSTx, in Hyper-V Manager, start the New Virtual Hard Disk Wizard, and confirm the
default location for creating new virtual hard disks.
2.
In Hyper-V Manager, confirm that the same location is set as the Virtual Hard Disk location Hyper-V
Setting.
3.
In Hyper-V Manager, set the Virtual Hard Disk location Hyper-V Setting to C:\Users, and confirm
that this location is the default location when creating new virtual hard disks using the New Virtual
Hard Disk Wizard.
4.
In Windows PowerShell, use Set-VMHost cmdlet with the VirtualHardDiskPath parameter to set
virtual hard disk location to \\LON-HOSTy\VHDs, where y is number of your partners host. For
example, if you are using HOST1, then y represents 2, and if you are using HOST2, then y represents 1.
5.
Use Hyper-V Manager to confirm that the Virtual Hard Disk location Hyper-V Setting is successfully
set to \\LON-HOSTy\VHDs.
Task 3: Configure Hyper-V settings by using Windows PowerShell and Hyper-V

Manager
1.
2.
On LON-HOSTx, in Hyper-V Manager, confirm the following Hyper-V Settings:

o
Virtual Machines: C:\ProgramData\Microsoft\Windows\Hyper-V
NUMA Spanning: Enabled
Storage Migration: 2
Enhanced Session Mode Policy: Disabled
In Windows PowerShell, use the Set-VMHost cmdlet with appropriate parameters to configure
following settings:
o
Virtual Machines: \\LON-HOSTy\VHDs (where y is number of your partners host)
NUMA Spanning: Disabled
Storage Migrations: 4
Enhanced Session Mode Policy: Enabled
2-37
3.
In Hyper-V Manager, confirm that all settings that you set by using Windows PowerShell are present.
4.
In Hyper-V Manager, modify the following Hyper-V Settings:

o
Results: After completing this exercise, you should have configured Hyper-V settings.
Exercise 3: Accessing and Managing Hyper-V Remotely

Scenario
Administrators typically administer Hyper-V remotely. In this exercise, you will enable Hyper-V Manager
and Hyper-V Module for Windows PowerShell on a Windows 8.1 workstation, and then manage the
Hyper-V host remotely.
1.
Turn on the Hyper-V Management Tools feature.
2.
Connect to the Hyper-V host and manage it remotely.
Task 1: Turn on the Hyper-V Management Tools feature

1.
On LON-HOSTx, use Hyper-V Manager to start and connect to 20409B-LON-CLx.
2.
Sign in to LON-CLx with the user name Adatum\Administrator and the password Pa$$w0rd.
3.
Use Search to confirm that no program with the word hyper in the name is installed on LON-CLx.
4.
In Windows PowerShell, use the cmdlet Get-Command with the Module parameter to confirm that
the Hyper-V module is not installed.
5.
Use the Turn Windows Features on or off program to turn on the Hyper-V Management Tools
feature.
6.
In Windows PowerShell, use the cmdlet Get-Command with the Module parameter to confirm that
the Hyper-V module is now installed.
7.
Confirm that two programs containing word hyper are now installed: Hyper-V Manager, and
Hyper-V Virtual Machine Connection.
Task 2: Connect to the Hyper-V host and manage it remotely

1.
On LON-CLx, start Hyper-V Manager, and connect it to LON-HOSTx.
2.
Review Hyper-V Settings for LON-HOSTx, and verify that the settings are configured as you
configured them in the previous exercise:
o
Virtual Hard Disks: HOSTy\VHDs
Virtual Machines: HOSTy\VHDs
Storage Migrations: 4
3.
Open Windows PowerShell and review the Hyper-V configuration of LON-HOSTx by using the
Get-VMHost cmdlet.
4.
Use the Get-VMHost cmdlet to set the Storage Migrations setting on LON-HOSTx to 3.
5.
Confirm the setting in Hyper-V Manager.
Note: Do not forget to Refresh the settings to view the updated settings in Hyper-V
Manager.
Results: After completing this exercise, you should have accessed and managed Hyper-V remotely.

Review Questions
Question: You need to manage Hyper-V in Windows Server 2012 from a Windows 7 client
computer. Will you be able to administer all Hyper-V features?
Question: Can you virtualize a file server that is using a Fibre Channel SAN for storing shared
folders?
Question: You have a Windows 8.1 virtual machine that must be highly available. Can you use
virtual machine-based failover clustering to make it highly available?
2-39

3-1
Module 3
Creating and Managing Virtual Hard Disks, Virtual Machines,

and Checkpoints
Contents:
Module Overview
3-1
Lesson 1: Creating and Configuring Virtual Hard Disks
3-3
Lesson 2: Creating and Configuring Virtual Machines
3-14
Lab A: Creating and Managing Virtual Hard Disks and Virtual Machines
3-24
Lesson 3: Installing and Importing Virtual Machines
3-30
Lesson 4: Managing Virtual Machine Checkpoints
3-37
Lesson 5: Monitoring Hyper-V
3-46
Lesson 6: Designing Virtual Machines for Server Roles and Services
3-53
Lab B: Creating and Managing Checkpoints and Monitoring Hyper-V
3-60
3-66
Module Overview
After installing the Hyper-V role and configuring the server properties, you are ready to begin creating
virtual machines and virtual hard disks. In this module, you will learn that Hyper-V in Windows Server
2012 supports two virtual disk file formats (.vhdx and .vhd) and three disk types (fixed-size, dynamically
expanding, and differencing). You will learn about the differences between the various disk formats and
disk types. You will also learn how to create these disks and configure a virtual machine to use disks that
are directly attached.
You are probably familiar with the virtual machines that Windows Server 2012 R2 Hyper-V refers to
as Generation 1 virtual machines. In Windows Server 2012 R2, you can also create Generation 2 virtual
machines, which can have fewer types of virtual hardware, but conversely, provide advanced features such
as Unified Extensible Firmware Interface (UEFI), Secure Boot, and boot from the small computer system
interface (SCSI) device.
Virtual Machine Connection is a Hyper-V management tool. In Windows Server 2012 R2, this tool has
enhanced session mode, which provides a rich Remote Desktop experience when connecting to virtual
machines that support it. You can also use this tool to copy and paste data between virtual machines,
and to redirect devices such as those connected to it, including physical USB ports, to virtual machines.
In Windows Server 2012 R2, snapshotsa popular feature of previous releaseshave been renamed
checkpoints. A major improvement in Windows Server 2012 Hyper-V is that virtual machines can detect
when a checkpoint was applied by using the Generation ID value. You should still use checkpoints
carefully in a production environment unless they are supported explicitly. In this module, you will
also learn about monitoring the Hyper-V environment by using performance monitoring and resource
metering.
Note: For the purpose of this course, all instances of Microsoft System Center 2012 R2 Virtual Machine Manager are referred to as VMM.
Objectives
Create and configure virtual hard disks.
Create and configure virtual machines.
Install and import virtual machines.
Manage virtual machine checkpoints.
Monitor Hyper-V.
Design and manage virtual machines for server roles and services.
3-2 Creating and Managing Virtual Hard Disks, Virtual Machines, and Checkpoints
Lesson 1
Creating and Configuring Virtual Hard Disks
3-3
Just as physical computers store data on physical hard disks, virtual machines store data on virtual
hard disks, which actually are files that reside on physical hard disks. There are different types of virtual
hard disks available, and this lesson explains the differences between them. In the past, fixed-size disks
provided considerably better performance than dynamically expanding disks. In Windows Server 2012, the
performance difference between them is minimal. You also can configure virtual machines to use directly
attached disks, but such disks do not support snapshots and are less suitable for migration because they
are not encapsulated in a single file. Virtual hard disks can be in one of two formats: .vhd (legacy), and
.vhdx (modern). Although virtual hard disks are just that, the modern Windows operating system also can
access their content from physical computers.
Lesson Objectives
Describe storage options for virtual machines.
Describe the Hyper-V virtual hard disk formats.
Explain the difference between fixed-size and dynamically expanding virtual hard disks.
Describe differencing virtual hard disks.
Create a virtual hard disk.
Describe directly attached disks.
Explain virtual hard disk sharing.
Explain Quality of Service (QoS) management.
Describe Hyper-V considerations for virtual hard disk storage.
Manage virtual hard disks.
What Are the Storage Options for Virtual Machines?
Virtual machines have different options for storing

their data. Just as virtual machines are isolated
when running on a Hyper-V host, you can also
isolate their hard disks and encapsulate their
content in a single virtual hard disk file with the
.vhd or .vhdx extension. From inside the virtual
machine, virtual hard disks are seen as physical
disks, and virtual machines use them as if they
were physical disks. You also can configure virtual
machines to connect directly to a physical volume
by configuring a directly attached disk. Directly
attached disks are seen as offline by the Hyper-V
host and are managed directly by the operating system within the virtual machine. Directly attached disks
either can be a physical disk in the host, or a logical unit number (LUN) on a storage area network (SAN)
device over Internet SCSI (iSCSI) or Fibre Channel.
You can connect virtual machines to storage by using two different storage controller typesSCSI,
and integrated device electronics (IDE). A virtual machine can access a disk either as a virtual Advanced
Technology Attachment (ATA) device on a virtual IDE controller or as a virtual SCSI disk device on a virtual
SCSI controller. Virtual storage controllers have the following characteristics:
IDE controllers are available only in Generation 1 virtual machines. Each virtual machine has two IDE
controllers and can have up to two devices (hard drives or DVD drives) attached to each controller.
An IDE controller is first emulated, which means that it is available when the virtual machine starts
and later it is synthetic, which provides better performance.
While the virtual machine is running, you cannot add devices to or remove devices from an IDE
controller.
A Generation 1 virtual machine can start only from an IDE controller.
SCSI controllers are available in all virtual machines. Generation 1 virtual machines can use a SCSI
controller only as a data disk, whereas Generation 2 virtual machines start from the SCSI controller
attached disks or DVD drives.
A SCSI controller is synthetic, and you can add disks to or remove disks from a SCSI controller while
a virtual machine is running. A virtual machine can have up to four SCSI controllers, and each SCSI
controller supports up to 64 devices, which means that each virtual machine can have as many as 256
virtual SCSI disks.
SCSI controllers include support for Windows Offloaded Data Transfers, which is not available for
disks that are attached to an IDE controller.
You can use different hard disk types, such as fixed-size, dynamically expanding, differencing, and
attached physical disks, with both controller types.
A virtual machine uses storage controllers for accessing storage. The type of storage controller that
the virtual machine uses does not have to be the same type that Hyper-V is using. For example, a
Hyper-V host can have only physical SCSI storage, but you can configure virtual machines with IDE
controllers, and use IDE-attached virtual hard disks, which are stored on the SCSI storage of the
Hyper-V host.
Note: Although physical SCSI and IDE hard disk I/O performance can be significantly
different, this is not the case for virtual SCSI and IDE hard disks. They both offer equally fast I/O
performance.
You can store virtual machine virtual hard disks locally on Hyper-V host, on Server Message Block (SMB)
3.0 file shares, or on a SAN LUN. You can configure virtual machines to use directly attached disks over
iSCSI or Fibre Channel protocol. Such directly attached disks are accessed directly and are not contained
in a virtual hard disk file. In addition, you cannot use them for starting virtual machines. However, directly
attached disks are important when configuring guest failover clustering because you can use them as a
shared storage.
The following table describes the various storage configuration options that are available to virtual
machines.
Locally stored IDE
virtual hard disk
Locally stored SCSI

virtual hard disk
Directly attached disk
3-5
Storage type
Direct-attached
storage (DAS)
DAS
DAS local
SAN, Fibre Channel/iSCSI
remote
Exposed to a Hyper-V
host as
Virtual hard disk

on NTFS file
system
Virtual hard disk on

NTFS file system
Physical disk directly

attached to a virtual
machine
Maximum supported disk

size
64 terabytes (TB)
64 TB
No size limit
Virtual hard disk

checkpoints supported
Yes
Yes
No
Dynamically expanding
virtual hard disk
Yes
Yes
No
Differencing virtual hard

disk
Yes
Yes
No
Add or remove storage

while virtual machine is
running
No
Yes
No
Question: Is there any difference between connecting a virtual hard disk to a virtual machine
by using an IDE virtual controller or a SCSI virtual controller?
Overview of the Hyper-V Virtual Hard Disk Formats

Virtual machines can access physical hard disks
directly (directly attached disks), can use virtual
hard disk files, or can use both. A virtual hard disk
can be either a single file or a hierarchy of files.
Both present to the virtual machine as a whole
hard drive. This means that from inside the virtual
machine, you can partition virtual hard disks and
format them with various file systems, such as
NTFS, FAT, or Resilient File System. In addition,
you can copy files or install an entire operating
system on a virtual hard disk. Although a virtual
hard disk is visible as a single file to the Hyper-V
host, it encapsulates the content of an entire virtual machine hard disk.
The virtual hard disk format specification is available publicly. Developers can use the specification to
develop solutions to access virtual hard disk data and content, and they can use it to extend the virtual
hard disk. The virtual hard disk format has evolved over time, and Hyper-V in Windows Server 2012 R2
supports two virtual hard disk formats:
.vhd. This format supports virtual hard disks up to 2,040 gigabytes (GB) in size. This format has been
available since Microsoft Virtual Server 2005 was released, which means that you can use the .vhd
format with older Hyper-V hosts and with legacy Microsoft virtualization products.
.vhdx. This format supports virtual hard disks up to 64 TB in size. This format has been available since
Windows Server 2012, and it is not compatible with older Hyper-V hosts. Experience with the .vhd
format guided the .vhdx format improvements. The .vhdx format provides better data corruption
protection and optimizes structural alignments on large sector physical disks.
When you compare the .vhd and .vhdx formats, the .vhdx format provides the following benefits:
Support for larger virtual hard disk sizes, up to 64 TB.
Protection against data corruption by logging updates to the .vhdx metadata structures, which can be
especially important during power failures.
The ability to store custom metadata about a file, such as which operating system is installed in .vhdx,
or which patches are applied to it.
Improved alignment of the virtual hard disk format to work better with large sector disks.
Larger block sizes for dynamic and differential disks, which improves their performance.
4 kilobytes (KB) logical sector virtual disk, which increases performance when used by applications
that are designed for 4 KB sectors.
Efficiency in data representation, which results in smaller file size so that underlying physical storage
device can reclaim unused space (trim operation).
Note: You can convert .vhd files to the .vhdx format when you upgrade to Windows Server
2012 or Windows Server 2012 R2 because of the improvements of the .vhdx format. The only
reason why you should not convert the files is when you still need to move a virtual disk to an
older version of Hyper-V that does not support the .vhdx format.
When you create a new virtual hard disk on Windows Server 2012 R2, it selects the .vhdx format by
default. Hyper-V also provides the capability to convert .vhd files to .vhdx, and .vhdx files to .vhd, as long
as they are not larger than 2,040 GB. You can create new virtual hard disks from Windows PowerShell by
using the New-VHD cmdlet. You can also convert virtual hard disks between .vhd and .vhdx formats by
using the Convert-VHD cmdlet.
Note: Virtual hard disks are not only usable with virtual machines. You can also access,
mount, and use virtual hard disk content from physical host computers. You can use them even
without Hyper-V virtualization. From Windows Server 2012 R2 or Windows 8.1, you can rightclick the virtual hard disk file, mount it, and then perform operations on it just like any other hard
drive. In older Windows versions, you cannot mount virtual hard disk files by using Windows
Explorer (File Explorer in Windows 8 and Windows 8.1), but you can use Disk Management or
Diskpart tools instead. You can also use native boot from a virtual hard disk, where a physical
computer starts from a .vhd or .vhdx file.
Additional information about virtual hard disk formats

Virtual hard disk architecture
Question: On a Windows 8 computer, how can you view and access the content of a virtual
hard disk that is in .vhdx format?
Fixed-Size and Dynamically Expanding Virtual Hard Disks

You can create three types of virtual hard
disks: fixed-size, dynamically expanding, and
differencing. After you create a virtual hard disk,
you can edit it and change its format. Some of
the features of the fixed-size and dynamically
expanding virtual hard disk formats are as follows:
3-7
Fixed size. When you create a fixed-size

virtual hard disk, Hyper-V allocates space for
the entire virtual hard disk. For example, if
you create a 100-GB fixed-size virtual hard
disk, Hyper-V will create a 100-GB file even
when it does not include any data. Creating
large fixed-size virtual hard disks can take significant time when physical storage does not support
Windows Offloaded Data Transfers because Hyper-V has to create the file to the entire specified
size and fill its content with zero values. Because Hyper-V allocates all of the storage space when
it creates the virtual hard disk, the size of a fixed-size virtual hard disk does not change. This
minimizes fragmentation and space on a fixed-size disk, which is as contiguous as possible when it
is created. You cannot create fixed-size virtual hard disks that require more space than is available
on the physical storageyou cannot overcommit your physical storage. Fixed-size virtual hard disks
are larger than dynamically expanding virtual hard disks, and as such, moving them can be more
time-consuming. Traditionally, fixed-size virtual hard disks offered better performance than
dynamically expanding virtual hard disks (and are almost identical to directly attached disk).
However, since Windows Server 2012, this performance difference is minimal.
Dynamically expanding. When you create a dynamically expanding virtual hard disk, Hyper-V creates
a small file on the Hyper-V host. That file then grows as you write data to the virtual hard disk until it
reaches its fully allocated size. The size of the dynamically expanding disk only grows. It does not
shrink even if you delete data. For example, if you create a 100-GB dynamically expanding virtual
hard disk, Hyper-V will create a file that will be only a few megabytes (MB) in size. When you write
into that virtual hard disk file, it will grow; however, when you delete information from the virtual
hard disk it will not shrink. When you start using the dynamically expanding virtual hard disk, for
example, by formatting partitions and installing an operating system onto it, it will start growing until
it reaches its maximum size of 100 GB. Hyper-V creates the dynamically expanding virtual hard disk
much faster because it does not allocate all the space at once. However, when you add data to the
virtual hard disk, it might fragment in the same way that any file would on your volume. You can
create dynamically expanding virtual hard disks that would require more space on the storage
subsystem than is currently availableyou can overcommit storage. Dynamically expanding virtual
hard disks are smaller than other virtual hard disk types until reaching their maximum size.
Historically, dynamically expanding virtual hard disks had inferior performance as compared with
fixed-size disks. However, in Windows Server 2012, this performance difference is minimal. Companies
typically use dynamically expanding virtual hard disks in test and development environments.
However, with live storage migration, the smaller size of dynamically expanding disks also is
attractive.
When you create a new .vhd virtual hard disk in Windows Server 2012 R2, the New Virtual Hard Disk
Wizard selects fixed-size by default. If you create a .vhdx virtual hard disk, the New Virtual Hard Disk
Wizard selects the dynamically expanding type by default. After Hyper-V creates a dynamically expanding
virtual hard disk, you can convert it to fixed-size, and vice versa.
Note: The fixed-size type virtual disk is a better choice when you are using the .vhd format
because it offers better resiliency and performance compared with the other virtual hard disk
types. When using the .vhdx format, it is beneficial to use the dynamically expanding type. In
addition to space savings, it offers resiliency. The fixed-size type is also a good choice for both
virtual disk formats when the storage on the Hyper-V host is not actively monitored.
Performance Tuning Guidelines for Windows Server 2012
Question: Do you benefit from Windows Offloaded Data Transfers when you are creating a
dynamically expanding virtual hard disk?
Differencing Virtual Hard Disks

A differencing virtual hard disk always links
to another virtual hard disk in a parent/child
relationship. It cannot exist on its own. The parent
virtual hard disk can be fixed-size or dynamically
expanding, but as soon as it becomes a base disk
for a differencing disk, it cannot be written to, so
it will neither grow not contract. The differencing
virtual hard disk is always dynamically expanding.
You can also chain differencing virtual hard disks,
as long as all base disks are not written to. In this
scenario, one differencing virtual hard disk is using
another differencing virtual hard disk as a base
(parent) disk.
The differencing virtual hard disk stores changes for the parent disk and provides a way to isolate changes
without altering the parent disk. When you use a differencing virtual hard disk, you can access all the data
from the parent disk, and changes you make are written only to the differencing virtual hard disk, not to
the parent disk. In other words, reads for modified data are served from the differencing virtual hard disk,
and reads of all other data are served from the parent virtual hard disk. Metadata is used in both cases to
determine from where data should be read, which results in differencing virtual hard disks having slower
performance than fixed-size or dynamically expanding virtual hard disks. Differencing virtual hard disks
must use the same format as the parent diskseither .vhd or .vhdx.
Note: While differencing virtual hard disks do have their place in production environments,
especially with Virtual Desktop Infrastructure (VDI) pooled desktops, they should be used
sparingly and only after careful planning in other scenarios.
3-9
The differencing virtual hard disk expands dynamically because data that is intended for the parent disk is
written to the differencing virtual hard disk. The base/differencing relationship is based on the integrity of
the base disk. Therefore, you should not write to the parent disk because any change made to the parent
disk will invalidate all differencing virtual hard disks that are linked to that parent.
Note: A differencing disk references a parent disk and stores the changes. Therefore, you
should avoid making any changes to a parent disk. As a best practice, you should configure a
parent disk as read-only. Be aware that a Merge operation changes the parent disk and
invalidates any other differencing disks that use that parent disk.
You cannot specify a size for a differencing virtual hard disk. Differencing virtual hard disks can grow as
large as the parents disk size limit. However, unlike dynamically expanding disks, you cannot compact
differencing virtual hard disks directly. You can compact a differencing virtual hard disk only after it
merges with its parent disk.
Differencing virtual hard disks can be beneficial in some scenarios. For example, you could use a virtual
hard disk that has a clean installation of the Windows Server 2012 R2 operating system as a parent, and
then use a new differencing virtual hard disk as the virtual machine hard disk. You could even create
multiple differencing virtual hard disks for multiple virtual machines that would use the same Windows
Server 2012 R2 virtual disk as their parent disk.
Note: Differencing virtual hard disks can be useful in a testing or training environment.
Question: Can Hyper-V allocate more storage space to a differencing virtual hard disk than
to the parent disk to which it links?
Demonstration: Creating a Virtual Hard Disk

In this demonstration, you will see how to create a virtual hard disk.
Demonstration Steps
1.
2.
Use Hyper-V Manager to create a new virtual hard disk with following settings:
o
Format: VHDX
Type: Dynamically expanding
Name: Dynamic.vhdx
Size: 100 GB
Use Hyper-V Manager to create a new virtual hard disk with following settings:
o
Format: VHD
Type: Differencing
Name: Differencing.vhd
Parent: E:\Program Files\Microsoft Learning\base\Base14A-WS12R2.vhd
3.
4.
In Windows PowerShell, use the cmdlet New-VHD to create a new virtual hard disk with the
following settings:
o
Path: C:\Shares\VHDs\Fixed.vhdx
Size: 1 GB
Type: Fixed size
On LON-HOST1, in File Explorer, browse to C:\Shares\VHDx, and then confirm that Fixed.vhdx
allocates 1 GB disk space, while both Dynamic.vhdx and Differencing.vhd are allocated less disk space.
Directly Attached Disks
Virtual machines can use virtual hard disk files

or physical disks that are directly attached to a
virtual machine as their hard drives. Directly
attached physical disks enable virtual machines
to bypass the Hyper-V host and access storage
directly, without first configuring the volume on
the Hyper-V host. The directly attached disk can
be an internal Hyper-V host physical disk. It can
also be a SAN LUN that is mapped to the Hyper-V
host or is mapped directly by the operating
system that is running on the virtual machine. The
virtual machine must have exclusive access to the
directly attached disk, which means that the disk must be set in an offline state. The directly attached disk
is not limited in size, and it can be larger than the virtual hard disk size limit.
Note: LUN is a logical reference to a portion of a SAN.
Features of Directly Attached Disks

Some of the main features of directly attached disks are:
When a virtual machine is using a directly attached disk, there is no associated virtual hard disk
involved because the virtual machine is accessing a physical disk.
Directly attached disks provide superior performance, similar to physical disks, because there is no
overhead involved. On Windows Server 2012 and newer versions, fixed-size virtual hard disks provide
similar performance. Dynamically expanding virtual hard disks have only slightly lower performance.
If a virtual machine will access a directly attached disk on a SAN, you do not need to mount the LUN
on a Hyper-V host by using iSCSI or Fibre Channel.
Accessing directly attached disks requires lower CPU utilization because it does not involve any
overhead on the Hyper-V host.
Directly attached disks have no size limitation, and they can be larger than 64 TB.
You cannot use differencing virtual hard disks with directly attached disks.
Checkpoints are not available on directly attached disks.
The physical disk must be set to offline state on the Hyper-V host before you can configure it as a
directly attached disk for a virtual machine.
3-11
You cannot expand directly attached disks dynamically unless such functionality is provided in
the SAN.
The Hyper-V Volume Shadow Copy Service (VSS) writer cannot back up directly attached disks, and
you cannot use Windows Server Backup in the parent partition to back up such disks. In such a case,
you should use the backup program that is installed on the virtual machine.
Note: You cannot use Live Migration to move virtual machines between Hyper-V hosts that
are not in the same failover cluster if the virtual machines are using directly attached disks.
If you want to configure a virtual machine to use an internal Hyper-V host physical disk or a LUN that
is connected to a Hyper-V host as a directly attached disk, you can access it over a virtual IDE or SCSI
controller. You can do so by modifying the virtual machine hard disk settings to use a physical disk
instead of a virtual hard disk. If you want to use a SAN directly from inside a virtual machine, you should
either configure an iSCSI initiator in the virtual machine or add a virtual Fibre Channel adapter to the
virtual machine, depending on how you will access the SAN.
Virtual Hard Disk Performance
Question: Can you view a directly attached disk that a virtual machine is using from the Disk
Management tool that is running on the Hyper-V host on which the virtual machine is
running?
Virtual Hard Disk Sharing

Prior to Hyper-V in Windows Server 2012 R2,
virtual machines used virtual hard disks
exclusively. This means that while one virtual
machine was using a virtual hard disk, no other
virtual machine could use the same virtual disk.
With Windows Server 2012 R2, you can share
virtual hard disks between multiple virtual
machines. This can be especially useful when
configuring failover clustering in virtual machines.
Prior to Windows Server 2012 R2, you could use
only iSCSI or Fibre Channel SAN for shared
storage. In Hyper-V in Windows Server 2012 R2,
you can use shared virtual hard disks for the same purpose.
You can enable virtual hard disk sharing only for .vhdx files that are connected to a virtual SCSI controller.
You cannot use virtual hard disk sharing for .vhd files that are connected to a virtual IDE controller. You
can store the shared .vhdx file only on a failover cluster. This can be a Cluster Shared Volume (CSV) on
block storage, which includes clustered storage spaces, or a scale-out file server with SMB 3.0 on filebased storage. You cannot enable virtual hard disk sharing if these prerequisites are not met. For example,
if the .vhdx file is connected to a virtual SCSI controller but is stored locally or on a SMB 3.0 share.
Virtual Hard Disk Sharing Overview
Question: When would you use shared virtual hard disks?
Quality of Service Management

In older versions of Hyper-V, it was not possible to
limit I/O operations per second (IOPS) per virtual
machine. If a virtual machine had an application
that was storage-intensive with a large number
of read and write operations to the storage, the
virtual machine could monopolize the Hyper-V
host, and other virtual machines could have
slower access to storage. In Windows Server 2012
R2, Hyper-V includes an option to configure QoS
parameters when virtual machines are accessing
the storage, so that you can provide enough IOPS
to each virtual machine.
You can configure storage QoS for each virtual hard disk. By specifying the maximum IOPS value on the
advanced features of the virtual hard disk, you can balance and throttle the storage I/O between virtual
machines and prevent a virtual machine from consuming excessive storage I/O operations, which could
affect other virtual machines. You can also configure the minimum IOPS value and receive a notification
when the IOPS for that virtual hard disk is below the configured value. In addition, the virtual machine
metrics infrastructure is updated with storage-related parameters so that you can monitor the
performance and chargeback for used resources.
Note: Virtual disk maximum IOPS settings are specified in terms of normalized IOPS. IOPS
are measured in 8 KB increments.
Note: Storage QoS is not available if you are using shared virtual hard disks.
Storage Quality of Service for Hyper-V
Hyper-V Considerations for Virtual Hard Disk Storage

When working with virtual machines, virtual
hard disks require by far the largest amount of
storage space. In addition, virtual hard disks
should have the highest possible access speed
and throughput, and you should store them on
redundant, highly available storage. The main
Hyper-V considerations for virtual hard disks are
as follows:
Virtual hard disks encapsulate the content of

the entire virtual machine hard disk. They can
be very large, and their size increases through
time if they are dynamically expanding or
differencing. You should ensure that there is enough space for the virtual hard disks on the storage
and implement monitoring to increase available space when needed.
3-13
Virtual machines that are running on the same Hyper-V host are in competition for disk I/O. To
improve performance, you should have as many of the fastest physical disks as possible.
Windows Server 2012 includes storage spaces so that you can create redundant storage for virtual
hard disks.
If available, you should use solid-state drives (SSDs) for best possible performance. They do not have
moving parts, and they provide fast access speed and high throughput.
Windows Server 2012 R2 introduces tiered storage, which you can use to combine classical spindle
base disks and SSDs in the same storage. Tiered storage significantly increases access speed and
throughput.
You can store the virtual hard disks of running virtual machines on an SMB 3.0 share. Windows Server
2012 introduced this capability, and it provides a similar level of availability and performance as
storing virtual hard disks on a SAN. When accessing an SMB 3.0 file share, you can use features such
as SMB transparent failover, SMB scale-out, SMB multichannel, and SMB direct.
You can use SAN for storing virtual hard disks. SAN provides several benefits, such as high
performance and high availability, and the possibility to expand LUNs dynamically if you need
additional storage.
Antivirus software should exclude Hyper-V-specific files, including virtual hard disks (.vhd and .vhdx).
Question: For storing virtual machines, what are the benefits of SAN compared to local
storage?
Demonstration: Managing Virtual Hard Disks

In this demonstration, you will see how to manage virtual hard disks.
Demonstration Steps
1.
On LON-HOST1, use the Edit Virtual Hard Disk Wizard to expand Fixed.vhdx to 2 GB.
2.
Use the Edit Virtual Hard Disk Wizard to expand Dynamic.vhdx to 200 GB.
3.
On LON-CL1, use Disk Management to confirm that Disk 1 and Disk 2 have expanded, and now have
2 GB and 200 GB of unallocated space.
Lesson 2
Creating and Configuring Virtual Machines
Hyper-V is the infrastructure that you use for running virtual machines. You can create virtual machines
in several different ways. This lesson explains how you can create virtual machines by using Hyper-V
Manager and Windows PowerShell. This lesson also explores hardware components of the virtual
machine and explains the differences between Generation 1 and Generation 2 virtual machines. You will
also learn about Integration Services, which provides support for synthetic devices, in addition to any
communication required between the parent and the guest operating system, such as heartbeat and time
sync. A SCSI controller and a virtual Fibre Channel adapter are examples of synthetic devices. Virtual
machines use synthetic devices to access storage directly on Fibre Channel SANs.
Lesson Objectives
Describe the components of a Generation 1 virtual machine.
Describe Generation 2 virtual machines.
Create virtual machines.
Describe the configuration of virtual machine settings.
Describe dynamic memory.
Describe smart paging.
Describe Integration Services.
Configure Integration Services.
Describe the use of virtual Fibre Channel adapters.
What Are the Components of a Generation 1 Virtual Machine?

A virtual machine represents a physical computer
in a virtualization environment. Virtual computers
have components that are similar to physical
computers. However, virtual computers can
only use components that are part of Hyper-V
virtualization. A virtual machine cannot use
components that you can attach to the physical
Hyper-V host unless they are properly configured
to do so. Virtual hardware is either emulated,
synthetic, or in rare cases, such as with single-root
I/O virtualization (SR-IOV) network adapters,
directly mapped to virtual machines. Hyper-V can
present devices to a virtual machine in the following two ways:
Hyper-V presents an emulated device to the virtual machine as if it is actual hardware, although such
a physical component does not exist in the Hyper-V host. Emulated devices present standard and
well-known functionalities that are universal to all devices of that type. This means that almost any
operating system supports them. Emulated devices are available when the virtual machine starts, and
3-15
the virtual machine can start from them. These emulated devices include IDE controllers or legacy
network devices. However, because these devices are emulated, they do not perform as well and
present additional overhead for the Hyper-V host.
Hyper-V does not present synthetic components to the virtual machine as actual hardware. It presents
them to the operating system on the virtual machine as a functionality that the device driver can use.
When an operating system has support for that functionality, it can pass the communication with it
through virtual machine bus (VMBus). Operating systems must support VMBus, and device drivers for
that functionality must be loaded for the virtual machine to be able to use synthetic components. This
is why synthetic components are not available during startup, and why you cannot start a Generation
1 virtual machine from a SCSI controller.
Until Windows Server 2012 R2, you could create only one type of virtual machineGeneration 1. A
Generation 1 virtual machine contains the components in the following table.
Component
Description
BIOS
Specifies startup order of the boot devices.
Memory
Configures the amount of memory assigned to the virtual machine, the dynamic
range of memory that can be used, and memory weight. When the virtual
machine is running, that memory allocates exclusively and cannot be used by
other virtual machines or by the Hyper-V host.
Processor
Configures the number of processors that are available to the virtual machine,
the resource control, the processor compatibility settings, and the non-uniform
memory access (NUMA) settings.
IDE controller
Connects IDE virtual disks and DVD to the virtual machine. Generation 1 virtual
machines have two IDE controllers. Devices that connect to IDE controllers can be
used to start the virtual machine.
SCSI controller
Connects SCSI virtual disks to the virtual machine. SCSI controllers are synthetic,
which means that a Generation 1 virtual machine cannot start from a virtual disk
that is connected to it.
Network adapter
Connects a virtual machine with the virtual switch. A network adapter is synthetic,
which means that Generation 1 virtual machines cannot use it for Pre-Boot
Execution Environment (PXE) startup.
Legacy network
adapter
Connects the virtual machine with the virtual switch. A legacy network adapter
is emulated, which means that it is available during startup, and Generation 1
virtual machines can use it for PXE.
Fibre Channel
adapter
Accesses Fibre Channelbased storage directly from the virtual machine. This is a
synthetic device, which means that it is not available during startup.
RemoteFX 3D
video adapter
Enables a rich graphic experience in virtual machines.
COM port
Configures the virtual COM port to communicate with the physical server
through a named pipe.
Diskette drive
Connects virtual floppy disks to the virtual machine.
In addition to virtual hardware components, you can also configure virtual machine management
components such as Integration Services, checkpoint file location, smart paging file location, automatic
start action, and automatic stop action.
Overview of Generation 2 Virtual Machines

Virtual machines work the same way that physical
computers do. Most operating systems and
applications that run in virtual machines will
not be aware that they are virtualized. By using
emulated hardware, operating systems that are
not virtualization-aware can still run in virtual
machines. In machines that are run enlightened
operating systems, Integration Services allow the
virtual machines to access synthetic devices, and
thus, perform better. With the broad adoption of
virtualization, many modern operating systems
now include Integration Services.
Windows Server 2012 R2 changes all of this. It still fully supports the existing type of virtual machines
by naming them Generation 1 virtual machines, but it also provides support for the new type of virtual
machines, called Generation 2 virtual machines. Generation 2 is built on the assumption that operating
systems are virtualization-aware. Generation 2 removes all the legacy and emulated virtual hardware
devices and uses only synthetic devices. BIOS-based firmware is replaced by advanced UEFI firmware,
which supports Secure Boot. Virtual machines start from a SCSI controller or by using PXE from a network
adapter. All the legacy and emulated devices are removed from Generation 2 virtual machines, and the
remaining virtual devices use VMBus to communicate with parent partitions.
Generation 1 and Generation 2 virtual machines have similar performance, except during startup and
when installing operating system. In these instances, Generation 2 is considerably faster. You can run
Generation 1 and Generation 2 virtual machines side-by-side on the same Hyper-V host. You select virtual
machine generation when you create a new virtual machine and you cannot change it later. Generation 1
virtual machines will still be in use for a long time because you can install almost any operating system on
such virtual machines. Generation 2 virtual machines currently support only Windows Server 2012,
Windows 8 (64-bit), and newer 64-bit Windows operating systems.
Generation 2 Virtual Machine Overview
Question: Can you convert a Generation 1 Windows Server 2012 R2 virtual machine to a
Generation 2 virtual machine?
Demonstration: Creating Virtual Machines

In this demonstration, you will see how to create a virtual machine.
Demonstration Steps
1.
On LON-HOST1, use Hyper-V Manager to create a new virtual machine with the following settings:
o
Name: LON-VM2
Generation: Generation 2
Startup Memory: 1024 MB
Use Dynamic Memory: Enabled
2.
3-17
Use the Windows PowerShell cmdlet New-VM to create a new virtual machine with the following
settings:
o
Name: LON-VM1
Startup Memory: 1 GB
Boot Device: IDE
3.
Use the cmdlet Add-VMHardDiskDrive to add the C:\Shares\VHDs\Differencing.vhd disk to the

IDE Controller of LON-VM1.
4.
On LON-HOST1, use Hyper-V Manager to confirm that there are three types of hardware listed in the
Add Hardware section in the details pane for LON-VM2. Confirm also that no BIOS, IDE Controllers,
COM ports or Diskette Drive are listed, but that Firmware is listed.
5.
Use Hyper-V Manager to confirm that you can add five hardware types to LON-VM1. Confirm also
that BIOS, IDE Controllers, COM ports and a Diskette Drive display, but no Firmware displays.
Configuring Virtual Machine Settings
When you create a virtual machine by using the

New Virtual Machine Wizard or the Windows
PowerShell New-VM cmdlet, you can configure
only a limited number of options. For example,
you cannot adjust dynamic memory settings, add
more than one virtual hard disk to the virtual
machine, or configure the virtual machine with a
directly attached or differencing disk. However,
after you create the virtual machine, you have
many more options that you can configure. You
can configure most of the virtual machine settings
and modifications to hardware configuration only
when the virtual machine is turned off (not paused or in saved state). However, you can configure options
such as the virtual switch to which network adapter is connected, or add a virtual hard disk to the SCSI
controller while the virtual machine is running. Configuration options also depend slightly on the virtual
machine generation because some virtual hardware is available only for Generation 1 virtual machines.
You can enable safe boot for Generation 2 virtual machines, whereas Generation 1 does not have such an
option.
You can configure virtual machine settings in Hyper-V Manager or by using Windows PowerShell.
In Hyper-V Manager, you right-click the virtual machine, click Settings, and then modify properties
of the hardware component that you want to configure. In Windows PowerShell, you can use
several different cmdlets to configure a virtual machine, depending on whether you want to
configure virtual machine settings (Set-VM), add virtual hardware components (Add-VMHardDiskDrive,
Add-VMNetworkAdapter) or modify existing hardware component settings (Set-VMHardDiskDrive,
Set-VMNetworkAdapter).
As part of the virtual machine settings, you can also configure management settings. In the Management
section, you can configure the components that are listed in the following table.
Component
Description
Name
Specify the name of the virtual machine and add comments about it.
Integration Services
Enable services that the Hyper-V host will offer to the virtual machine. To
use any of the services, Integration Services must be installed and supported
on the virtual machine operating system.
Checkpoint File
Location
Specify the folder in which checkpoint files for the virtual machine will be
stored. You can modify this location until the first checkpoint is created.
Smart Paging File

Location
Specify the folder in which the Smart Paging file for the virtual machine will
be created, if necessary.
Automatic Start
Action
Specify whether to start the virtual machine automatically after the Hyper-V
host restarts, and how long after Hyper-V is running to start them.
Automatic Stop
Action
Specify the state in which to place the virtual machine once the Hyper-V
host shuts down.
Question: Can you modify virtual machine memory settings while the virtual machine is
running?
What Is Dynamic Memory?
Physical computers have a static amount of

memory, which does not change until you shut
down the computer and add additional physical
RAM. The experience with virtual machines is
the same when you do not configure them to
use dynamic memory. Virtual machines are
assigned the same amount of memory while
they are running. However, with Hyper-V, you
can configure virtual machines to use dynamic
memory, which enables more efficient use of the
available physical memory. If you enable dynamic
memory, the memory is treated as a shared
resource, which can be reallocated automatically between running virtual machines. Dynamic memory
adjusts the amount of memory that is available to a virtual machine based on memory demand, available
memory on the Hyper-V host, and the virtual machine memory configuration. This can make it possible
to run more virtual machines simultaneously on the Hyper-V host. This can be especially beneficial in
environments that have many idle or low-load virtual machines, such as pooled VDI environments.
You can configure virtual machine memory usage on the Memory Settings page for each virtual machine.
On this page, you can configure the following settings:
Startup RAM. Use this setting to configure the amount of memory that will be available to the virtual
machine at startup time. If dynamic memory is not enabled, the virtual machine will use this memory
all the time while it is running (static memory).
3-19
Enable Dynamic Memory. Use this setting to configure the virtual machine to use dynamic memory
by enabling this option. If you enable this setting, the following three options become available:
o
Minimum RAM. Use this option to set the minimum amount of memory that the virtual machine
can use while it is running. The virtual machine cannot use less than this amount. You can
decrease this value while the virtual machine is running.
Maximum RAM. Use this option to set the maximum amount of memory that a virtual machine
can use while it is running. The virtual machine cannot use more than this amount of memory.
You can increase this value while the virtual machine is running.
Memory buffer. Use this option to specify the percentage of memory that Hyper-V should
reserve as a buffer. Hyper-V uses the percentage and the current memory demand to determine
an amount of memory for the buffer.
Memory weight. Use this option to specify how to prioritize the memory availability for the virtual
machine compared to other virtual machines that are running on the same Hyper-V host.
As with most other virtual machine settings, you cannot modify virtual machine memory settings while
the virtual machine is running. If you enable dynamic memory, however, you can decrease virtual machine
minimum RAM settings and increase maximum RAM while the virtual machine is running.
When enabled, dynamic memory results in more efficient use of the physical memory and enables more
virtual machines to run simultaneously. For example, consider a Hyper-V host with 8 GB of available
physical RAM, and four virtual machines created for the Finance, Engineering, Sales, and Services
departments. Each virtual machine has dynamic memory enabled and is configured with 1 GB of startup
RAM, 512 MB of minimal RAM, and 4 GB maximum RAM. In this scenario, when you start three virtual
machines, they will each be allocated 1 GB of RAM, which presents 37.5 percent utilization of the Hyper-V
hosts physical RAM. After a few minutes, the operating systems on all virtual machines will be running. In
the Finance and Engineering departments, running virtual machine applications require more RAM, and
memory utilization will increase to 3 GB and 2 GB, and the Sales virtual machine will still use 1 GB of
memory. All three virtual machines will be using 6 GB of memory total, which is 75 percent of the Hyper-V
hosts physical RAM. After another 15 minutes, the Finance virtual machine load lessens and no longer
needs as much memory. Dynamic memory will automatically decrease the memory that is assigned to
the Finance virtual machine to 2 GB. The Sales virtual machine, which is inactive for a long time, has a
decrease to 512 MB RAM. The Engineering virtual machine, which becomes even more active, has more
dynamic memory assigned to it. It now uses 4 GB of RAM, which is the maximum amount of configured
RAM allowed. Now that you have enough available resources, you can also start the fourth virtual
machine for the Services department. This results in Hyper-V using 7.5 GB of RAM, which is near its limit,
and is 94 percent RAM utilization of the Hyper-V host.
Hyper-V Dynamic Memory Overview
Question: How does dynamic memory enable you to run more virtual machines on the same
amount of physical RAM?
What Is Smart Paging?
When you enable dynamic memory for a virtual

machine, minimum RAM setting can be less than
the startup RAM assigned to a virtual machine.
This is because operating systems typically need
more memory during startup than when they are
running with high idle. Startup and minimum
RAM settings allow the Hyper-V host to reclaim
memory that the virtual machine no longer needs.
However, if the Hyper-V host is low on memory,
it can also result in insufficient available memory
(startup RAM), when the virtual machine is
restarted. In such a case, Hyper-V needs additional
memory to restart the virtual machine. It uses smart paging to bridge the memory gap between minimum
and startup memory.
Smart Paging
Smart paging is a memory management technique. It pages memory to the physical disk as additional,
temporary memory when more memory is required to restart a virtual machine. This approach provides
a reliable way to keep virtual machines running when there is not enough available physical memory.
However, it degrades virtual machine performance because disk access is much slower than memory
access. The default location for the smart paging file is configurable per virtual machine.
To minimize the performance impact of smart paging, Hyper-V uses it only when it is absolutely needed,
and if all of the following three conditions are met:
The virtual machine is restarted.
There is not enough available physical memory on the Hyper-V host.
Memory cannot be reclaimed from other virtual machines on the Hyper-V host.
Smart paging is not used in any other situation, including the following three situations:
The virtual machine is being started from an Off state.
You want to configure the virtual machine with more memory than is physically available.
The virtual machine is moved over or failed over from another Hyper-V cluster node.
Guest Paging
Hyper-V relies on guest paging (operating system paging inside the virtual machine) because it is more
effective than smart paging. With guest paging, the memory manager performs the paging operation
inside virtual machines. The memory manager has more information about memory usage within a virtual
machine than does the Hyper-V host. This means that the memory manager can provide Hyper-V with
better information to use when it is choosing the memory to be paged. Because of this, internal guest
paging incurs less overhead to the system compared with smart paging.
To reduce the impact of smart paging further, Hyper-V removes memory from the virtual machine after
it completes the restart process. It accomplishes this by coordinating with dynamic memory components
inside the virtual machine so that the virtual machine stops using smart paging. This process is also called
ballooning. The use of smart paging is temporary and is not longer than 10 minutes.
3-21
To continue the example from the previous topic, if you assume that the Finance and Engineering virtual
machines use all 8 GB of available physical memory on the Hyper-V host, you can restart the other two
virtual machines only when using smart paging. However, you can only restart them if they are already
running. If they are off already, and if there are not enough resources to start them, you will get an error
when you try to start the virtual machines.
Question: Does Hyper-V use smart paging if a virtual machine is configured with the same
amount of startup and minimum RAM?
Overview of Integration Services

When an operating system is not
virtualization-aware, it behaves the same on a
virtual machine as it does on a physical computer
that does not have proper device drivers for some
hardware. It can still use emulated virtual devices,
but not synthetic virtual devices. It also is unable
to use features that are available only on virtual
machines, such as time synchronization with the
Hyper-V host, or releasing the mouse when the
cursor reaches the edge of the virtual machine
window.
By default, newer operating systems that are

virtualization-aware already include support for synthetic devices, VMBus, and other virtualization-specific
features. If the operating system is supported by Hyper-V but it does not include virtualization support,
then you should install Hyper-V Integration Services on the virtual machine with that operating system.
If the operating system includes Integration Services, but Hyper-V provides newer version of Integration
Services, you should install them into operating system on the virtual machine. Integration Services
provide better interoperability with the Hyper-V environment and support for VMBus, synthetic devices,
and other virtualization-specific features.
Hyper-V Integration Services that are available in virtual machines are:
Hyper-V Guest Shutdown Service. If you want to shut down a virtual machine without interacting
directly with the operating system on the virtual machine, the Hyper-V Guest Shutdown Service
provides a virtual machine shutdown function. Hyper-V initiates the shutdown request by using a
Windows Management Instrumentation call.
Hyper-V Time Synchronization Service. This service synchronizes the time on the virtual machine with
the time on the Hyper-V host.
Hyper-V Data Exchange Service. This service provides a method to set, delete, enumerate, and
exchange specific registry key values between the virtual machine and the Hyper-V host.
Hyper-V Heartbeat Service. The Hyper-V host uses this service to verify if an operating system that is
running on a virtual machine is responding to requests.
Hyper-V Volume Shadow Copy Requestor. When operating systems on virtual machines support
VSS, the Hyper-V Volume Shadow Copy Requestor service allows the Hyper-V host to request the
synchronization and backup of a running virtual machine.
Hyper-V Remote Desktop Virtualization Service. This service enables the Remote Desktop
Virtualization Host to communicate with and manage virtual machines that are part of a VDI
collection.
Hyper-V Guest Service Interface. This is a new integration service in Hyper-V in Windows
Server 2012 R2. It enables enhanced session mode communication with virtual machines, including
device redirection, shared Clipboard, and drag-and-drop functionality between the Hyper-V host and
virtual machines.
In virtual machine settings, on the Integration Services page, you can control which Integration Services
will be offered to a virtual machine. To use Integration Services, you must install it and ensure that the
operating system that is running on the virtual machine supports it. When you have installed Integration
Services on the virtual machine, you can see the services among other services on the virtual machine. By
default, all Integration Services except Hyper-V Guest Service Interface are enabled for the virtual
machines that you create in Hyper-V in Windows Server 2012 R2.
You can find out which version of Integration Services is installed on a virtual machine by running the
following cmdlet:
Get-VM | Get-VMIntegrationService | ft VMName,PrimaryStatusDescription,OperationStatus
Note: Integration Services are available for Windows operating systems and supported
Linux operating systems. The current release of Integration Services for Linux adds support for
dynamic memory and for backing up a Linux virtual machine while it is running, in the same
manner as Windows-based virtual machines.
Question: Do you need to install Integration Services on a virtual machine if the operating
system on the virtual machine already includes it and is aware that it is running in a
virtualized environment?
Demonstration: Configuring Integration Services

In this demonstration, you will see how to configure Integration Services.
Demonstration Steps
1.
On LON-CL1, use a command prompt to make note of the local time, and then reset it to 11:00.
2.
On LON-CL1, verify the local time again, and then confirm that it was set back automatically to its
previous value.
3.
On LON-HOST1, use Hyper-V Manager, to disable Time synchronization Integration Service for
20409B-LON-CL1.
4.
On LON-CL1, use a command prompt to set the local time to 11:00.
5.
Confirm that the local time is now a few second after 11:00, as the time in virtual machine is no
longer synchronizing with the Hyper-V host.
6.
Use Device Manager to confirm that virtual machine is using the Microsoft Hyper-V Video adapter
and several System devices with Hyper-V in their name, including Microsoft Hyper-V Dynamic
Memory. All those of these virtual devices are provided as part of Integration Services.
Using a Virtual Fibre Channel Adapter

The virtual Fibre Channel adapter in Hyper-V
provides an operating system on a virtual machine
with direct access to a Fibre Channel SAN by using
a standard World Wide Name (WWN), which is
associated with each adapter. This enables you to
virtualize servers that require access to the Fibre
Channel SAN, for example, as shared storage in
guest failover cluster scenarios.
3-23
Before using a virtual Fibre Channel adapter, you

must create virtual SANs on the Hyper-V host.
You can connect a Hyper-V host to multiple Fibre
Channel SANs through multiple Fibre Channel
ports. A virtual SAN defines a named group of physical Fibre Channel ports that are connected to the
same physical SAN. For example, a Hyper-V host can connect through two physical Fibre Channel ports to
a production SAN and a test SAN. You could configure two virtual SANs: one named Production SAN with
two physical Fibre Channel ports connected to the production SAN, and one named Test SAN, which has
two physical Fibre Channel ports connected to the test SAN. You can then use the same approach to
name two separate paths to a single storage target.
Virtual machines can have up to four virtual Fibre Channel adapters, and you can associate each with
a different virtual SAN. Each virtual Fibre Channel adapter connects with one or two WWN addresses.
Two WWN addresses are required for highly available virtual machines, and to maintain Fibre Channel
connectivity during live migration. You can set a WWN address automatically or manually.
If you want to use a virtual Fibre Channel adapter, your environment must meet the following
requirements:
The Hyper-V host must have one or more physical Fibre Channel host bus adapters (HBAs), which
support N_Port ID Virtualization.
Virtual machines must have Windows Server 2008 or a newer Windows Server operating system
installed to be able to use a virtual Fibre Channel adapter. Windows client operating systems do not
support the virtual Fibre Channel adapter.
A virtual Fibre Channel adapter is a synthetic adapter. Virtual machines can use a Fibre Channel SAN
for storing data, but storage that is accessed through a virtual Fibre Channel adapter cannot be used
as boot media.
When a virtual machine has virtual Fibre Channel adapters, consider the following limitations:
You cannot create checkpoints of the volumes that are stored on a Fibre Channel SAN.
Backups that are created on the Hyper-V host-by using the Hyper-V VSS provider do not include SAN
data. If you want to create a backup of the data on a Fibre Channel SAN, you should use a backup
program or a backup agent that is on the virtual machine.
Hyper-V cannot perform live migration of data that is stored on a Fibre Channel SAN.
Hyper-V Virtual Fibre Channel Overview
Question: You have a Hyper-V host that has a Fibre Channel host bus adapter (HBA) and
access to a Fibre Channel SAN. Can you add a virtual Fibre Channel adapter to a virtual
machine that has Windows 8.1 installed and is on that Hyper-V host?
Lab A: Creating and Managing Virtual Hard Disks and

Virtual Machines
Scenario
A. Datum Corporation is continuing with its pilot virtualization project. You have deployed the
virtualization hosts by installing Hyper-V on Windows Server 2012 R2 in one of the subsidiaries. The
next step is to deploy virtual machines on these hosts.
Because the virtualization platform is new to A. Datum, you need to spend some time familiarizing
yourself with the Hyper-V features and components. To do this, you decide to deploy and evaluate
different hard disk types and virtual machine configurations.
Objectives
Create and manage virtual hard disks.
Create and manage virtual machines.
Lab Setup
Virtual machines: 20409B-LON-HOSTx, 20409B-LON-CLx, 20409B-LON-DC1, 20409B-LON-SS1
Password: Pa$$w0rd
1.
2.
On LON-HOST1, start Hyper-V Manager.
3.
In Hyper-V Manager, click 20409B-LON-DC1, and in the Actions pane, click Start.
4.
5.

o
Password: Pa$$w0rd
6.
Repeat steps 3 and 4 for 20409B-LON-SS1.
7.
Repeat steps 3 through 5 for 20409B-LON-CLx. The letter x is 1 for the first student in the team,
and 2 for the second student in the team.
the virtual machines. You will be working in pairs. Communicate clearly with your lab partner,
and cooperate fully with each other during this lab.
Exercise 1: Creating and Managing Virtual Hard Disks

Scenario
3-25
In this exercise, you will create different types of virtual hard disks. You will use Hyper-V Manager
and Windows PowerShell to create the virtual hard disks and to explore the differences between them.
You will confirm that differencing virtual hard disks can already have some content when created, while
a fixed-size disk allocates its full size on the storage when created. You will also confirm that the
differencing virtual hard disk expands when you add data to it. You will add virtual disks to the virtual
machine and expand them while the virtual machine is running. You will also see how you can add a
directly attached disk to the virtual machine.
1.
Create virtual hard disks.
2.
Explore different virtual hard disk types.
3.
Manage virtual hard disks.
4.
Add a directly attached disk.
Task 1: Create virtual hard disks

1.
On LON-HOSTx, use the Set-VMHost cmdlet to set the virtual hard disk path to C:\Shares\VHDs,
and to set the virtual machine path to C:\Shares.
2.
Use the New Virtual Hard Disk Wizard in Hyper-V Manager to confirm that the default disk type for
VHD hard disk is Fixed size, and that the maximum size is 2,040 GB.
3.
Use Hyper-V Manager to create a new virtual hard disk with the following settings:
4.
Format: VHDX
Type: Dynamically expanding
Name: Dynamic.vhdx
Size: 100 GB
Use Hyper-V Manager to create a new virtual hard disk with the following settings:
o
Format: VHD
Type: Differencing
Name: Differencing.vhd
Parent: E:\Program Files\Microsoft Learning\base\Base14A-WS12R2.vhd
Note: The actual drive letter on which base images are stored can be different and, it
depends on the physical server configuration. Drive E is used in the instructions, but you should
use the drive on which base images are stored in your environment.
5.
In Windows PowerShell, use the New-VHD cmdlet to create a new virtual hard disk with the
following settings:
o
Path: C:\Shares\VHDs\Fixed.vhdx
Size: 1 GB
Type: Fixed size
Task 2: Explore different virtual hard disk types
1.
On LON-HOSTx, in File Explorer, browse to C:\Shares\VHDx, and then confirm that Fixed.vhdx
allocates 1 GB disk space, while Dynamic.vhdx and Differencing.vhd allocates much less disk space.
2.
Use Hyper-V Manager to add Fixed.vhdx as a SCSI disk to LON-CLx.
3.
Use the Windows PowerShell Add-VMHardDiskDrive cmdlet twice to add both Dynamic.vhdx and
Differencing.vhd as SCSI disks to 20409B-LON-CLx.
4.
On LON-CLx, use Disk Management to confirm the following:

o
The computer now has multiple disks.
The last three disks have 1023 MB (1 GB), 100 GB, and 127 GB.
The last disk has two partitions, which are assigned letters E: and F:.
The first two disks have only unallocated space.
Note: Those are fixed, dynamically expanding, and differencing virtual hard disks that you
added in this task.
5.
Create a Simple Volume with default values on Disk 1.
6.
Create a Simple Volume with default values on Disk 2.
7.
Use File Explorer to confirm that there are multiple folders on volume F:.
8.
Copy folder C:\Windows\Inf to volumes F:, G:, and H:.
9.
On LON-HOSTx, in File Explorer, browse to C:\Shares\VHDx, and then confirm that Fixed.vhdx still
allocates 1 GB of disk space, while the size of Dynamic.vhdx and Differencing.vhd has increased. This
is because you copied content to them, but they are still allocating less space than Fixed.vhdx.
Task 3: Manage virtual hard disks

1.
On LON-HOSTx, use the Edit Virtual Hard Disk Wizard to expand Fixed.vhdx to 2 GB.
2.
Use the Edit Virtual Hard Disk Wizard to expand Dynamic.vhdx to 200 GB.
3.
On LON-CLx, use Disk Management to confirm that Disk 1 and Disk 2 have expanded and now have 1
GB and 100 GB of unallocated space. Note that Hyper-V expanded the virtual hard disks while the
virtual machine was running.
4.
On LON-HOSTx, use the Windows PowerShell cmdlet Remove-VMHardDiskDrive twice to remove

SCSI disks on locations 0 and 1 from 20409B-LON-CLx.
5.
Use the Edit Virtual Hard Disk Wizard to convert Dynamic.vhdx to VHD format, and then save it as
C:\Shares\VHDs\Converted.vhd.
6.
On LON-HOSTx, use File Explorer to confirm that Converted.vhd is created, and that that size of
Fixed.vhdx is now 2 GB.
Task 4: Add a directly attached disk

1.
On LON-HOSTx, use the iSCSI Initiator to connect to the target with Lab3 in the name, on the iSCSI
target with IP address 172.16.0.14.
2.
Use Disk Management to confirm that the disk is added to LON-HOSTx, and that it has a status of
Offline. Make note of its size.
Note: Two disks are added on LON-HOST1. One disk is added on LON-HOST2.
3-27
3.
In the Settings for LON-CLx virtual machine, modify the settings of the SCSI Hard Disk to use
Physical hard disk.
4.
On LON-CLx, use Disk Management to confirm that Disk 1 displays that it has the same size as the
disk that was added to LON-HOSTx, and that it is not initialized. This is directly attached disk that was
added to LON-CLx.
5.
Create Simple Volume with default values on Disk 1.
6.
On LON-HOSTx, use the Windows PowerShell cmdlet Remove-VMHardDiskDrive to remove the

SCSI virtual hard disks from 20409B-LON-CLx.
7.
On LON-CLx, use Disk Management to confirm that Disk 1 no longer displays.
8.
On LON-HOSTx, use the iSCSI Initiator to disconnect the existing iSCSI target.
Results: After completing this exercise, you should have created and managed virtual hard disks.
Exercise 2: Creating and Managing Virtual Machines

Scenario
You were asked to create and demonstrate the differences between Generation 1 and Generation 2 virtual
machines. You first will create the virtual machines by using different administrative tools, and then you
will review this configuration and modify it. You will also explore how to enable dynamic memory and
how virtual machines use it. You will also see how to configure storage for QoS. In the last task, you will
configure Integration Services for virtual machines and explore how the time synchronization service
works.
1.
Create virtual machines.
2.
Manage virtual machines.
3.
Work with dynamic memory.
4.
Work with storage Quality of Service management.
5.
Configure Integration Services.
Task 1: Create virtual machines

1.
On LON-HOSTx, use Hyper-V Manager to create a new virtual machine with the following settings:
o
Name: LON-VM2
Startup Memory: 1024 MB
Use Dynamic Memory: Enabled
2.
3.
Use the Windows PowerShell cmdlet New-VM to create a new virtual machine with the following
settings:
o
Name: LON-VM1
Startup Memory: 1 GB
Boot Device: IDE
Use the Windows PowerShell cmdlet Add-VMHardDiskDrive to add the

C:\Shares\VHDs\Differencing.vhd disk to the IDE Controller of LON-VM1.
Task 2: Manage virtual machines
1.
On LON-HOSTx, use Hyper-V Manager to confirm that three types of hardware display in the Add
Hardware section in the details pane for LON-VM2. Confirm also that no BIOS, IDE Controllers,
COM ports and Diskette Drive display, but Firmware does displays.
2.
Set Hard Drive as the first boot device for LON-VM2.
3.
For LON-VM1, use Hyper-V Manager to confirm that you can add five hardware types to LON-VM1.
Confirm also that BIOS, IDE Controllers, COM ports, and Diskette Drive display, but Firmware
does not display.
4.
Confirm that you can change Startup order, but you cannot set Secure Boot for LON-VM1. Also,
confirm that LON-VM1 is not configured to use Dynamic Memory, and it has a single Network
Adapter.
5.
Use the Windows PowerShell cmdlet Set-VM to enable dynamic memory for LON-VM1.
6.
Use the Windows PowerShell cmdlet Add-VMNetworkAdapter to add a network adapter to

LON-VM1.
7.
Use Hyper-V Manager to confirm that LON-VM1 is using Dynamic Memory, and that LON-VM1 has
two Network Adapters.
Task 3: Work with dynamic memory

1.
Use Hyper-V Manager to confirm that LON-CLx is configured to use Dynamic Memory.
2.
In Hyper-V Manager, make note of the currently Assigned Memory for the LON-CLx virtual machine.
3.
On LON-CLx, run the following two commands:

C:\LabFiles\Mod03
.\TestLimit64.exe d 400 c 1
4.
On LON-HOSTx, use Hyper-V Manager to confirm that LON-CLx is using more memory.
5.
Wait a few minutes, and then verify that the Assigned Memory for LON-CLx has decreased.
Task 4: Work with storage Quality of Service management

1.
On LON-CLx, run the following command:

C:\LabFiles\Mod03\sqlio.exe
2.
After the test completes, make note of the IOs/sec result.
3.
On LON-HOSTx, use Hyper-V Manager to select Enable Quality of Service management, type 100
as Minimum and 200 as Maximum for Hard Drive under IDE Controller 0.
4.
On LON-CLx, run the following command again:

3-29
5.
After the test completes, verify the IOs/sec result, and then confirm that it is close to 200, which is the
limit you set and that it is considerably lower than the first result.
6.
On LON-HOSTx, in Windows PowerShell, use the cmdlet Set-VMHardDiskDrive to disable Quality of

Service management for IDE Hard Disk on 20409B-LON-CLx.
Task 5: Configure Integration Services

1.
On LON-CLx, open the Services console, and then confirm that Hyper-V Time Synchronization Service
is running.
2.
On LON-CLx, verify the local time, and set it to 11:00.
3.
On LON-CLx, verify the local time again, and then confirm that it was set back automatically to its
previous value, as Integration Services automatically synchronizes the time on LON-CLx with the time
on LON-HOSTx.
4.
On LON-HOSTx, use Hyper-V Manager to disable the Time synchronization Integration Service for
LON-CLx.
5.
On LON-CLx, confirm that Hyper-V Time Synchronization Service is not running.
6.
On LON-CLx, set the local time to 11:00. Confirm that the local time is now a few seconds after
11:00, as time on the virtual machine is no longer synchronizing with the Hyper-V host.
7.
Use Device Manager to confirm that the virtual machine is using the Microsoft Hyper-V Video
adapter, and several System devices with Hyper-V in their name, including Microsoft Hyper-V
Dynamic Memory. All of these virtual devices are provided as part of Integration Services.
8.
On LON-HOSTx, use the Windows PowerShell cmdlet Enable-VMIntegrationService to enable time

synchronization for 20409B-LON-CLx.
9.
On LON-CLx, confirm that the time on the virtual machine is synchronized once again with the time
on LON-HOSTx.
Results: After completing this exercise, you should have created and managed virtual machines.
Lesson 3
Installing and Importing Virtual Machines
When you need to install an operating system on a virtual machine, you have more options than when
you install an operating system on a physical computer. In both cases, you can use network installation
or installation media such as a CD, DVD, or .iso image. However, with virtual machines, you also have the
options of importing a virtual machine by using a differencing virtual hard disk and then pointing it to a
virtual hard disk with a preinstalled operating system, or by migrating an existing physical computer.
In this lesson, you will learn about the different methods of installing an operating system on a virtual
machine. You will learn about Virtual Machine Connection and how to customize it. This lesson also
describes enhanced session mode and explains its benefits.
Lesson Objectives
Describe the various methods of installing a virtual machine.
Describe the process of importing virtual machines.
Import a virtual machine.
Describe the process of virtualizing a physical computer.
Describe the Virtual Machine Connection application.
Describe enhanced session mode.
Use enhanced session mode.
Virtual Machine Installation Methods

After you create and configure a virtual machine,
you can install an operating system on it. On a
Generation 1 virtual machine, you can install any
operating system that does not have specific
hardware requirements, including non-Microsoft
operating systems. The operating system might
not be virtualization-aware. However, on a
Generation 2 virtual machine, you can only install
Windows Server 2012, 64-bit Windows 8, and
newer 64-bit Windows operating systems.
Installing an operating system on a virtual

machine is not much different from installing an
operating system on a physical computer. However, you can benefit from some virtualization features
that are not available with physical computers, such as differencing virtual hard disks. When installing an
operating system on a virtual machine, you have the following options:
Install an operating system from a bootable CD or DVD. A virtual machine can start from physical
CD or DVD media that is attached to the Hyper-V host. You should be aware that only one virtual
machine can use the physical drive at a time on the Hyper-V host. To use this option, insert the
installation media in the Hyper-V host drive, and then start the virtual machine. If you have already
3-31
created the virtual machine, you first will need to capture the physical CD/DVD drive. The virtual
machine will start from the physical media, and installation will progress as it would on a physical
computer.
Install an operating system from an .iso file. Installing a virtual machine from an .iso file is very similar
to the previous method, the only difference being that it uses an .iso image instead of physical media.
The benefit of this method is that multiple virtual machines can use the same .iso image
simultaneously.
Install an operating system from a network-based installation server. If you have Windows
Deployment Services (DS) on the network, you can use this option to install the operating system on
the virtual machines. A Generation 1 virtual machine can start from the network by using PXE only if
you configured it with a legacy network adapter, whereas a Generation 2 virtual machine has no such
limitations. When the virtual machine starts from the network adapter, the installation procedure is
the same as on a physical computer, where you typically have to press the F12 key to connect to
Windows DS.
Copy a virtual hard disk file. If you have a virtual machine that already has an operating system, you
can copy its virtual hard disk file, and then use the copied disk file for the new virtual machine. This
process is similar to cloning physical computers, and you should generalize the virtual hard disk
before copying it by running the Sysprep command to avoid duplicate name and security identifier
(SID).
Use differencing virtual hard disks. If you have a virtual hard disk with an installed operating system,
you can use it as a parent for a differencing virtual hard disk, and then configure the virtual machine
to use the differencing virtual hard disk. You should first generalize the parent disk. Keep in mind that
you should not modify a parent virtual hard disk after you have connected child differencing virtual
hard disks to it.
Question: Can you install an operating system on a virtual machine by using a USB flash
drive?
Importing Virtual Machines

Prior to Hyper-V in Windows Server 2012, if
you wanted to move a virtual machine between
Hyper-V hosts, you first had to export the virtual
machine, copy the exported files to the target
Hyper-V host, and then import the virtual
machine. If the Hyper-V hosts were configured
differently, for example, if they were not
configured with the virtual switch with the
same name, then the imported virtual machine
potentially would not start, or it would not have
network connectivity.
In Hyper-V in Windows Server 2012, the same

export and import process still works, but the import process has been enhanced considerably, and the
export process is no longer required. You can simply copy virtual machine data files between Hyper-V
hosts and then run the Import Virtual Machine Wizard at the destination Hyper-V host to import virtual
machines. The Import Virtual Machine Wizard detects and fixes more than 40 types of incompatibilities
between Hyper-V hosts. It prompts you to provide missing information, such as the location of a parent
virtual hard disk or virtual switch to which the virtual machine should be connected, when the appropriate
virtual switch is not available at the destination Hyper-V host. When importing a virtual machine, the
Import Virtual Machine Wizard performs the following steps:
1.
Creates a copy of the virtual machine configuration file as a precaution for an unexpected reboot, for
example, because of a power outage.
2.
Validates hardware and compares the information in the virtual machine configuration file with the
physical hardware on the target Hyper-V host. For example, consider a scenario in which the source
Hyper-V host has 16 processors, and the virtual machine is configured to use all of them. However,
the destination Hyper-V host has only eight processors. The wizard will detect such issues.
3.
Compiles a list of incompatibilities. The list identifies which virtual machine settings you should
reconfigure to import the virtual machine successfully. For example, if a virtual machine is using a
virtual switch that is not available on the target Hyper-V host, you should connect the virtual machine
to a different virtual switch. The incompatibilities determine which pages appear next in the wizard.
4.
Displays the relevant pages, one category at a time. The wizard identifies incompatibilities and asks
you for the new configuration so that virtual machine settings are compatible with the target Hyper-V
host.
5.
Removes the copy of the configuration file. After the wizard finishes running, the virtual machine is
imported, and you can start it.
When you are importing virtual machines from previous Hyper-V versions, you should consider the
following limitations:
You cannot start an imported virtual machine from a saved state if it was created on Hyper-V prior to
Windows Server 2012 or on a different CPU architecture.
You cannot start an imported virtual machine from a checkpoint if it was created while the virtual
machine was running on Hyper-V prior to Windows Server 2012 or on a different CPU architecture.
After the virtual machine import completes, you should update Integration Services on the virtual
machine.
Simplified Import Overview
Question: Can you import a virtual machine that is configured with 16 processors to a
Hyper-V host that has two quad core CPUs?
Demonstration: Importing a Virtual Machine

In this demonstration, you will see how to import a virtual machine.
Demonstration Steps
1.
2.
On LON-HOST1, use Hyper-V Manager to import a virtual machine by using the following settings:
o
Virtual Machine in Folder: C:\VirtualMachines\LON-EXPORT\
Number of virtual processors: 1
Connect to Network: External Network
You will receive an error message because the parent virtual hard disk was not found.
3-33
3.
In Hyper-V Manager, use the Edit Virtual Hard Disk Wizard to link the C:\VirtualMachines
\LON-EXPORT\Virtual Hard Disks\LON-EXPORT.vhd virtual hard disk to the following parent disk:
E:\Program Files\Microsoft Learning\Base\Base14A-WS12R2.vhd. Note that this path might
differ based on the host machine.
4.
Use Hyper-V Manager to import the LON-EXPORT virtual machine again.
Virtualizing a Physical Computer

When you create a new virtual machine in
Hyper-V Manager, it contains an empty virtual
hard disk by default. However, sometimes you
need to create a virtual machine that already has
an installed operating system, or you need to
convert a physical computer to a virtual machine.
To create a new virtual machine with an installed
operating system, you can use one of the
following options:
Create a virtual machine and perform the

operating system installation.
Create a virtual machine that uses an existing

virtual hard disk with a preinstalled operating system.
Create a differencing virtual hard disk that uses a virtual hard disk with a generalized operating
system as its parent, and configure a virtual machine to use that differencing virtual hard disk.
Virtualize the content of the existing physical computer.
Remember that Hyper-V does not include virtual-to-physical functionality. Products such as Microsoft
System Center 2012 - VMM include real physical-to-virtual machine conversion (P2V conversion)
solutions. However, you can still use Hyper-V to move the content of physical disks into the virtual hard
disks.
When you create a new virtual hard disk, you can use Hyper-V to duplicate the contents of a physical disk
into a new virtual hard disk. Before you use the New Virtual Hard Disk Wizard method of migrating data
from a physical disk to a virtual hard disk, you should consider several factors. One of these factors is that
the wizard is limited to copying the entire physical disk only, not a volume or a partition. In addition,
the wizard should be used only with data disks because migrating physical disks that contain operating
systems (boot and system disks) is not supported. Depending on the size of the physical disk, this process
can take a considerable amount of time. Once you create the virtual hard disk, you then can add it to the
virtual machine and access data on it.
Note: You can also create a new virtual hard disk by using the Disk Management or
Diskpart tool, attaching a virtual hard disk as a new disk on a Hyper-V host, and then copying the
content to the disk.
Disk2vhd
When you want to create a virtual hard disk from the content of a physical disk, including system and
boot partitions, you can use the Disk2vhd tool. The Disk2vhd tool is available on the Microsoft website as
a free download. When you run Disk2vhd on a physical computer, it will show you the available volumes
that you can convert. The tool uses VSS, which is part of the Windows operating system, to create
consistent, point-in-time snapshots and write them into virtual hard disks while the physical computer
is running.
Disk2vhd v2.0
After Disk2vhd creates a virtual hard disk, you can attach it to a virtual machine. If a virtual hard disk
contains only data files, you can add it to any virtual storage controller. If you used Disk2vhd to convert
a system partition and you want the virtual machine to be able to start from that virtual hard disk, you
should add it to the virtual IDE controller of a Generation 1 virtual machine or the virtual SCSI controller
of a Generation 2 virtual machine.
When you start the virtual machine that is using the virtual hard disk for the first time, the Windows
operating system will detect different hardware and will install appropriate drivers automatically. You
should not forget to install or update Integration Services on the virtual machine.
Note: Remember that the virtual machine has the same identity as the original system; you
should not connect it to the same network as the physical computer.
Question: Do you need to shut down a physical computer during the P2V conversion
process?
The Virtual Machine Connection Application

Virtual Machine Connection is a Hyper-V feature
that you can use to connect to and manage virtual
machines that run on a local or remote Hyper-V
host. This tool is installed as part of the Hyper-V
role or the Remote Server Administration Tools
(RSAT) feature. There are several ways to connect
to virtual machines by using Virtual Machine
Connection. You can double-click the virtual
machine in Hyper-V Manager, or right-click the
virtual machine and then click Connect, or run
Vmconnect.exe.
Regardless of how you connect, each virtual

machine opens in a separate Virtual Connection Manager window, with the name of the virtual machine
appearing in the title bar along with the Hyper-V host the virtual machine is running. In this way, you can
distinguish between connections.
By default, Virtual Machine Connection connects remotely by using TCP port 2179, which you can modify
in the registry at HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Virtualization. Virtual
Machine Connection uses the Remote Desktop Protocol (RDP) to connect to the Virtual Machine
Management service on the Hyper-V host, which listens for incoming connection requests on TCP port
2179. Although Virtual Machine Connection uses RDP to connect to virtual machines, the operating
system on the virtual machine does not have to support Remote Desktop connections to connect to the
virtual machine. Virtual Machine Connection simply is a shell and uses the same ActiveX control that the
Remote Desktop Connection client uses to connect to virtual machines.
3-35
You can use Virtual Machine Connection to establish only a single connection to the virtual machine. If
a connection is already established and the second user establishes a connection to the same virtual
machine, the first user will disconnect and the second user will take over the session. This can cause
privacy and security issues because the second user will be able to view the first user's desktop,
documents, and applications.
Any user with Console Read or Console Read/Write operations permissions in the authorization policy
can connect to the virtual machine. This includes members of Hyper-V Administrators and Administrators
groups on the Hyper-V host. You can use the Windows PowerShell Grant-VMConnectAccess and
Revoke-VMConnectAccess cmdlets to grant and revoke permissions to a virtual machine. For example,
if you want to grant permissions to a user named User1 in the Contoso domain for connecting to a virtual
machine named VM1, you could run the following cmdlet:
Grant-VMConnectAccess -VMName VM1 -UserName "Contoso\user1"
Question: Do you have to use Virtual Machine Connection if you want to connect to a
virtual machine?
Overview of Enhanced Session Mode

Hyper-V uses the Virtual Machine Connection
application to connect to virtual machines by
using RDP. Until Windows Server 2012 R2,
Virtual Machine Connection provided only
basic redirection of the virtual machine screen,
keyboard, and a mouse, similar to how a KVM
(Keyboard Video Mouse) switch over IP does.
Virtual Machine Connection also historically
provided limited copy and paste functionality,
which only supported text and not any other
content, such as graphics or files. To work around
this, you could configure and use Remote Desktop
on a virtual machine for a richer experience, but this requires the virtual machine to have network
connectivity and uses one of the available Remote Desktop connections on the virtual machine. In
addition, the Windows client operating system supports only one Remote Desktop connection.
Virtual Machine Connection in Windows Server 2012 R2 is improved and includes support for enhanced
session mode. This functionality has specific requirements. For example, the Hyper-V host policy must
allow it, and an enhanced session can be used only with virtual machines that are running supported
operating systems. When using enhanced session mode, you get a considerably better experience and
the same features as Remote Desktop Services (RDS), but without requiring the virtual machine to have
network connectivity or using the Remote Desktop functionality of the guest operating system. With
enhanced session mode, you can redirect local drives, printers, USB, and other devices to the virtual
machine, and you can use a shared Clipboard, redirected folders, rich copy and paste for copying files
or graphics, and redirected sound from virtual machines.
Enhanced session mode depends on RDS in the virtual machine, which is why it is available only when
the virtual machine is running a supported operating system. Currently supported operating systems are
Windows 8.1 and Windows Server 2012 R2.
Enhanced session mode establishes a Remote Desktop session over VMBus, which is available even when
the virtual machine is not connected to the virtual switch, and when connecting to virtual machines that
are running on a local or remote Hyper-V host. When you use enhanced session mode for connecting to
virtual machines, you have access to the entire Remote Desktop experience. This includes configuring
the parameters of a session that you can save for future connections to the same virtual machine. You
can also sign in to the virtual machine. When you use simple mode, you connect to the virtual machine
without having to sign in. You can use enhanced session mode to connect only to virtual machines that
are already running. If the virtual machine is turned off, you can connect to it only by using simple mode.
You configure enhanced session mode at three different levels. On the Hyper-V host level, you configure
Enhanced Session Mode Policy, which controls if the Hyper-V host will allow enhanced session mode
connections to virtual machines that are running on this server. At the user settings level, you configure
enhanced session mode, which controls whether Virtual Machine Connection will attempt to use
enhanced session mode when establishing connections with virtual machines. On the virtual machine
level, you can control whether Guest services Integration Service is enabled (in other words, if the virtual
machine offers enhanced session mode.) In addition, the operating system in a virtual machine must
support enhanced session mode, which means that it must be either Windows 8.1 or Windows Server
2012 R2.
Virtual Machine Connection - Enhanced Session Mode Overview
Question: Can you use enhanced session mode to start a virtual machine from a USB device?
Demonstration: Using Enhanced Session Mode

In this demonstration, you will see how to use enhanced session mode.
Demonstration Steps
1.
On LON-HOST1, confirm that when Virtual Machine Connection with LON-CL1 opens, your previous
session displays.
2.
On LON-HOST1, use Hyper-V Manager to configure Allow enhanced session mode.
3.
Use Hyper-V Manager to connect to 20409B-LON-CL1. Confirm that local drives are redirected.
4.
Confirm that you are not signed in automatically to LON-CL1, and then sign in as
ADATUM\administrator, with Pa$$w0rd as the password.
5.
On LON-HOST1, use File Explorer to browse to C:\Windows, and then copy Write.exe.
6.
On LON-CL1, paste Write.exe on the desktop.
7.
On LON-CL1, use File Explorer to confirm that drives from LON-HOST1 are mapped to a virtual
machine.
8.
On LON-CL1, confirm that Remote Desktop is disabled.
Lesson 4
Managing Virtual Machine Checkpoints
3-37
A Checkpoint is a Hyper-V feature that you can use to create a point-in-time snapshot of a virtual
machine, and then revert to it if needed. In previous versions of Hyper-V, this feature was called a
snapshot, and you can still see references to it. The primary benefit of checkpoints in Hyper-V is that you
can use them to create hierarchies of changes quickly and easily, and then revert to them at any time.
Checkpoints can be quite useful in some scenarios, such as when testing Windows operating system
updates. However, you must use checkpoints carefully to avoid issues, especially when reverting virtual
machines in distributed environments such as Active Directory Domain Services (AD DS). This lesson
describes how to create and work with virtual machine checkpoints.
Lesson Objectives
Describe virtual machine checkpoints.
Explain how Hyper-V implements checkpoints.
Describe checkpoints at file level.
Describe how to export virtual machines and checkpoints.
Work with checkpoints.
Describe issues with checkpoints in distributed environments.
Describe checkpoints and virtual machine Generation ID.
What Are Virtual Machine Checkpoints?
When a virtual machine is running, changes are

written to both its memory and virtual hard disk.
Checkpoints are a Hyper-V feature that you can
use to create a point-in-time snapshot of a virtual
machine, including its configuration, memory,
and disk state. You can create checkpoints when
a virtual machine is running, turned off, or in a
saved state, but not when it is in a paused state.
You can create multiple checkpoints of a virtual
machine and revert it to any of the previous
states for which checkpoints exist by applying a
checkpoint to the virtual machine. Checkpoints do
not affect the running state of a virtual machine, but they can affect virtual machine performance, as they
are implemented by using differencing virtual hard disks.
Note: Do not edit or modify a virtual hard disk file when it is used by a virtual machine that
has checkpoints.
Checkpoints can be useful when you need to revert virtual machines to an earlier state. You can undo
all the changes that took place after the specified state, such as those that occurred during testing,
development, or in a training environment. Conversely, checkpoints in production environments can
cause serious issues, such as losing user data. When running on a virtual machine, Windows Server 2012
works much better at detecting if the virtual machine was reverted, and if so, to avoid issues that this
might cause. Some functionality, such as Hyper-V Replica or pooled desktops in VDI deployments,
depends on the use of checkpoints.
Creating Checkpoints
When you create a checkpoint, the result is always the same, irrespective of the method you choose.
After you create a checkpoint, you should not modify its files directly on the disk because this could cause
problems with the checkpoint or even with the running virtual machine. You can create checkpoints in
one of the following ways:
In Hyper-V Manager, you can highlight a virtual machine, right-click it, and then click Checkpoint, or
in the Action pane, click Checkpoint.
You can use Virtual Machine Connection by clicking Checkpoint in the Action menu, or by using the
Windows PowerShell cmdlet Checkpoint-VM.
Factors to Consider
When you are considering checkpoints, you should be aware of the following factors:
When you create a checkpoint of a virtual machine, the virtual machine is configured with a
differencing virtual hard disk even if it was using a fixed-size virtual hard disk before. Differencing
virtual hard disks might perform slower than normal disks because the two files (base and
differencing) need to be read from.
If a virtual machine is using directly attached disks, you cannot create checkpoints of those disks
because they do not support differencing virtual hard disks.
Checkpoints require additional storage space. If you create a checkpoint of a running virtual machine,
it also contains a virtual machine memory snapshot, and taking multiple checkpoints can use up a
large amount of storage space.
Although you can use checkpoints to revert a virtual machine to an earlier point in time, you should
not consider them backups. Even if you use checkpoints, you should still make regular backups.
If you no longer need a checkpoint, you should delete it immediately. However, this can cause
merging of differencing virtual hard disks. Prior to Windows Server 2012, merging of the differencing
virtual hard disks happened only after you turned off the virtual machine. In Windows Server 2012
and newer, the merging process happens asynchronously in the background while the virtual
machine is running.
A virtual machine is limited to 50 checkpoints. The actual number of checkpoints might be lower,
depending on the available storage.
Hyper-V Virtual Machine Snapshots: FAQ
Question: Which checkpoint requires more space: a checkpoint of a running virtual machine,
or a checkpoint of a virtual machine that is turned off?
Implementing Hyper-V Checkpoints

Checkpoints consist of several files that represent
the complete state of a virtual machine at a
certain moment in the past. Because you cannot
modify a previous state, checkpoints are readonly, and you cannot modify one after you create
it. You can only view a checkpoint, change its
name, or delete it. You use checkpoints to revert
virtual machines back to the state they were in
when you created the checkpoints.
Creating Checkpoints
When you create a checkpoint, Hyper-V performs
the following steps in the background:
3-39
1.
Pauses the virtual machine.
2.
For each virtual hard disk that the virtual machine is using, Hyper-V creates a differencing virtual hard
disk, configures it to use the virtual machine's virtual hard disk as a parent, and then updates virtual
machine settings to use the created differencing virtual hard disk.
3.
Creates a copy of the virtual machine configuration file.
4.
Resumes the running of the virtual machine.
5.
Saves the content of the virtual machine memory to disk.
Because the virtual machine is paused before the checkpoint is created, you cannot create a checkpoint
of a virtual machine that is in a paused state. As the virtual machine resumes, while the memory is saving
to the disk, Hyper-V intercepts memory changes that have not yet been written to the disk, writes the
memory pages to the disk, and then modifies the virtual machine memory. Creating a checkpoint can take
considerable time, depending on virtual machine memory, Hyper-V host utilization, storage speed, and
what is running on the virtual machine. However, the process is transparent, and users who are connected
to the virtual machine do not experience any outage.
Virtual Machine Checkpoint Files

A virtual machine checkpoint can consist of the following files:
Virtual machine configuration file (*.xml)
Virtual machine saved state file (*.vsv)
Virtual machine memory content (*.bin)
Checkpoint differencing virtual hard disks (*.avhd)
Hyper-V creates the virtual machine saved state file and the virtual machine memory content file only if a
checkpoint is created while the virtual machine is running, and not if the virtual machine is turned off.
The location of virtual machine checkpoint files is configured for each virtual machine, and by default, it is
the same location where the virtual machine configuration is stored. When you create the first checkpoint,
Hyper-V creates a Snapshots subfolder and stores checkpoint files there. You can modify the location of
the checkpoint files only until the first checkpoint is created. After this, the checkpoint file location setting
is read-only. You can modify this setting only after deleting all checkpoints or by using live storage
migration in Hyper-V Manager (the Move Virtual Machine Wizard).
Using Checkpoints
When you select a checkpoint, the following options are available in the Actions pane:
Settings. Opens the virtual machine settings that were effective at the moment the checkpoint was
created. All of the settings are read-only because you cannot change the configuration that was used
in the past. The only settings that you can modify are the checkpoint name and the notes that are
associated with the checkpoint.
Apply. Applies a checkpoint to a virtual machine, which means that you want to return the virtual
machine to the exact historical state it was in. When you apply a checkpoint, any change in the virtual
machine since the last checkpoint was made is lost. Before applying a checkpoint, Hyper-V prompts
you to create a new checkpoint to avoid possible data loss.
Export. Exports a virtual machine checkpoint, which will create an exact copy of the virtual machine as
it existed at the moment you created the checkpoint.
Rename. Renames the checkpoint to provide better information about the state of the virtual
machine when you created the checkpoint. The checkpoint name is independent of the checkpoint
content, and by default, it contains the date and time of checkpoint creation.
Delete Checkpoint. Deletes a checkpoint if you no longer want to be able to revert a virtual machine
to the state it was in when you created the checkpoint.
Delete Checkpoint Subtree. Deletes the selected checkpoint and any checkpoints that originate from
it. Checkpoints that originate from it are listed below it in the Checkpoint pane.
When you right-click a virtual machine with at least one checkpoint, you can also click the Revert option.
This returns a virtual machine to the last checkpoint.
Question: Can you modify the configuration of a virtual machine checkpoint if you created
that checkpoint when the virtual machine was turned off?
Overview of Checkpoints at File Level
When you create a checkpoint of a running virtual

machine, Hyper-V creates several files. Some of
these files, such as virtual machine configuration,
are quite small. Others, such as virtual machine
memory content, can be considerably larger, and
their sizes depend on the size of the memory that
the virtual machine is configured to use. However,
the largest in size and the greatest impact on
virtual machine performance are the differencing
virtual hard disks that checkpoints create. A
differencing virtual hard disk is small when you
create it, but its size increases through time
because it stores all the changes that the virtual machine writes to its virtual hard disk. Of all the disk
types that a virtual machine can use, differencing virtual hard disks have the worst performance, and its
performance can become even worse when you use multiple levels of differencing virtual hard disks in a
hierarchy, such as when you create multiple checkpoints for a virtual machine.
Each time you create a checkpoint, a new differencing virtual hard disk is created and configured to use
the previous virtual machine disk as a parent. For example, consider a virtual machine that is configured
with a fixed-size virtual hard disk named Disk1.vhd. When you create a checkpoint, a differencing virtual
hard disk is created, and it is configured to use Disk1.vhd as a parent. The virtual machine settings are
3-41
updated to use the differencing virtual hard disk as its virtual hard disk. The same sequence repeats when
you create a second checkpoint. The only difference is that it uses the previous differencing virtual hard
disk as its parent, and the virtual machine now has three virtual hard disks in a hierarchy. All changes that
the virtual machine makes are written into the last (differencing) virtual hard disk.
If you decide to apply the last checkpoint to the virtual machine, which effectively reverts it to the
moment when the last checkpoint was created, the last differencing virtual hard disk will be deleted.
All changes that were performed in the virtual machine since the last checkpoint will be lost, and a new
differencing virtual hard disk will be created with the same parent as the previous one.
When you no longer need the ability to revert a virtual machine to a first checkpoint, you can delete
it. This will delete the virtual machine configuration and virtual memory content from that checkpoint.
However, you cannot delete the differencing virtual hard disk that was created at that timeyou still need
it because the current disk content depends on it. When you delete the first checkpoint, the differencing
virtual hard disk will merge dynamically with the fixed parent virtual disk while the virtual machine is
running.
Note: Prior to Windows Server 2012, Hyper-V would merge virtual hard disks only after the
virtual machine was turned off.
If you want to apply the first checkpoint and create a branch, Hyper-V will delete the content of the
differencing virtual hard disk that was created during the last checkpoint. You will have the option to
create a new checkpoint prior to this. Hyper-V will create a new differencing virtual hard disk that will
use a fixed-size virtual hard disk as its parent. You can use checkpoint branches to have multiple different
states of the same virtual machine, where each state is independent from the others.
When you no longer need the last checkpoint and decide to delete it, you are effectively telling Hyper-V
that you no longer need to return to that moment in time. Because no other checkpoint depends on it, if
you want to delete the last checkpoint in a hierarchy, Hyper-V can in this case delete all checkpoint files,
including the differencing virtual hard disk.
Question: If a virtual machine is running and you delete a checkpoint, when will the parent
disk merge with the differencing virtual hard disk?
Question: How are multiple branches created in a checkpoint tree?
Exporting Virtual Machines and Checkpoints

In Hyper-V in Windows Server 2012 and newer,
you no longer need to export a virtual machine to
be able to import it later. You can simply copy a
virtual machine and its files to the new Hyper-V
host and then use the Import Virtual Machine
Wizard to specify the location of the virtual
machine and update its settings, if required. This
registers the virtual machine at the target Hyper-V
host and makes it available for use. You can also
transfer the virtual machine to removable media,
and recover virtual machines if the system disk
fails, but the data disk that stores the virtual
machines is still working.
In Windows Server 2012 R2, you can perform a live export of a virtual machine or checkpoint. You can
export them while the virtual machine is running. In Hyper-V on Windows Server 2012, you first have
to save the state or shut down the virtual machine prior to performing the export. When you want to
perform an export, you need to specify a location to export the files. Export creates a subfolder and
consolidates virtual machine files there. If, for example, a virtual machine uses virtual disks from different
locations, after the export, all the virtual disks will be stored in the same folder. If a virtual machine is
using differencing virtual hard disks, Hyper-V exports all the parent disks. If multiple virtual machines are
exported and they all use the same parent disk, the parent disk is exported for each machine. This can
increase the total size of export considerably when you compare it to the size of virtual machines prior
to export. When you export a virtual machine, Hyper-V also exports all the checkpoints of that virtual
machine.
Exporting checkpoint exports only a single point-in-time snapshot of the virtual machine. The exported
virtual machine is the exact copy of the virtual machine at the moment you created the checkpoint. If
there are additional checkpoints in a hierarchy before the one you are exporting, which means that the
virtual machine is using the hierarchy of differencing virtual hard disks, all those differencing virtual hard
disks will be merged for the exported virtual machine.
After you import an exported virtual machine (when you export a checkpoint, the virtual machine is
exported without a checkpoint), you should update Integration Services on the virtual machine, especially
if the target Hyper-V host is running a newer version of Hyper-V. You should also be aware that if the
imported virtual machine contains a saved state or a checkpoint that was created when the virtual
machine was running, you will have to discard its memory content, if the saved state or checkpoint was
created on the Hyper-V host prior to Windows Server 2012, or if the Hyper-V host was running on a
different hardware architecture, such as Intel or AMD.
You can export a virtual machine or a checkpoint in the Hyper-V Manager console by right-clicking
it and then clicking Export. You can also use the Windows PowerShell cmdlets Export-VM and
Export-VMSnapshot to export a virtual machine or a checkpoint.
Question: Can you export a virtual machine checkpoint on a Hyper-V host that is running on
a physical server with Intel processors, and then import it to a Hyper-V host that has AMD
processors?
Demonstration: Working with Checkpoints

In this demonstration, you will see how to work with checkpoints.
Demonstration Steps
1.
Confirm that LON-VM1 is using the Differencing.vhd virtual hard disk.
2.
Create a checkpoint for LON-VM1.
3.
Start LON-VM1.
4.
Complete the setup by clicking Next, and then clicking I accept.
5.
On the Settings page, provide the password Pa$$w0rd.
6.
Sign in as Administrator by using the password Pa$$w0rd.
7.
Confirm that LON-VM1 is now using a virtual hard disk with a GUID in its name.
8.
On LON-VM1, create a folder named Folder1 on the desktop.
9.
Create a checkpoint for LON-VM1, and name it Folder1.
10. On LON-VM1, create a folder named Folder2 on the desktop.
3-43
11. On LON-HOST1, use the Windows PowerShell cmdlet Checkpoint-VM to create a checkpoint for
LON-VM1, and name it Folder2.
12. Use the cmdlet Get-VMSnapshot to view existing checkpoints for LON-VM1.
13. Use Hyper-V Manager to confirm that LON-VM1 has three checkpoints. Apply the Folder1
checkpoint.
14. On LON-VM1, confirm that there is only one folder named Folder1 on the desktop.
15. On LON-VM1, on the desktop, create a folder named Folder1.1.
16. Use Hyper-V Manager to create a checkpoint for LON-VM1, and then rename it Folder1.1.
17. On LON-HOST1, use File Explorer to browse to C:\Shares\Snapshots, and then confirm that there
are four .xml files and four subfolders.
18. Confirm that the size of the oldest folder in the details pane is 0. This is because the first checkpoint
was created when LON-VM1 was turned off.
19. Confirm that each of other folders have larger sizes, as the other checkpoints were created while
LON-VM1 was running.
Issues with Checkpoints in Distributed Environments

Checkpoints are point-in-time snapshots of a
virtual machine. When you apply a checkpoint,
you effectively revert the virtual machine back to
the moment when you created the checkpoint.
Depending on the virtual machines role and
the applications that are installed on it, taking
a virtual machine back to a previous checkpoint
can have disastrous implications and might result
in data corruption. The following two types of
applications can be negatively affected when you
take a virtual machine back in time:
Cryptographic applications. Windows

provides API functions that generate random values with a high level of entropy. The checkpoint
captures the logic for creating these random values when you create a checkpoint, and this can
severely reduce the entropy of the random data. For example, consider the generation of GUIDs.
When the GUID value generates, it should be unique and never repeated. However, if you request a
GUID immediately after applying a checkpoint, there is a high probability that a duplicate GUID value
will generate each time the checkpoint is applied.
Applications that use vector-clock synchronization. Applying a checkpoint to a virtual machine can
corrupt applications that use vector-clock synchronization. Examples of such applications are AD DS,
Distributed File System (DFS) Replication, and Microsoft SQL Server replication. For these applications
to work, each member of a replica set must maintain a monotonically increasing logical clock. When
you apply a checkpoint, it reverts back the logical clock on the virtual machine, causing clock values
to associate to different transactions. As a result, members of the replica set will not converge to the
same state, thereby causing data corruption.
A checkpoint contains an exact snapshot of a virtual machine. Applications that run on a virtual machine
have no knowledge of checkpoints and have no way of detecting when you create or apply a checkpoint
to a virtual machine. When you apply the checkpoint, you also undo all the changes in a virtual machine
that you made after creating the checkpoint. This can result in data loss and reversal of passwords to their
previous values.
Introduction to Active Directory Domain Services (AD DS) Virtualization (Level 100)
Question: Can you prevent checkpoint creation from inside a virtual machine?
Checkpoints and Virtual Machine Generation ID

To address situations in which virtual machines are
reverted back to a previous checkpoint, Hyper-V
in Windows Server 2012 uses the virtual machine
Generation ID feature. Generation ID is a 64-bit
integer value that is associated with an instance
of a virtual machine configuration file. Every
checkpoint has its own configuration file, which
also means that it has a different Generation ID
value.
The Generation ID value is accessible to the
operating system through the virtual machine
BIOS, and it is unique across all virtual machine
configurations. An application in a virtual machine can read the Generation ID value when the virtual
machine starts or resumes and then compare it with the last value of which the application is aware.
If both values are the same, the state of the virtual machine did not change. For example, the virtual
machine was not cloned and a checkpoint was not applied, so the application can continue to run
normally.
If the previous and current Generation ID values are different, this means that the virtual machine identity
is not the same. This can be the result of different actions, such as creating a new virtual machine and
attaching it to a virtual hard disk with an installed operating system, restoring a system backup to a
different virtual machine, or applying the checkpoint to the existing virtual machine. When the application
detects a change in Generation ID, it should consider that it is running in a different virtual machine and
act accordingly. For example, when AD DS detects a change in Generation ID value, it updates its
InvocationID value and effectively modifies the identity of the domain controller.
To use the virtual machine Generation ID from inside a virtual machine, the following prerequisites apply:
The virtual machine must be running on a hypervisor that implements support for virtual machine
Generation ID. Several virtualization platforms meet this requirement, including Windows 8, Windows
Server 2012, and newer Windows operating systems, and VMware vSphere 5.0 update 2 and newer.
The virtual machine must be running an operating system that is aware of and is using Generation ID.
Windows 8, Windows Server 2012, and newer Windows operating systems meet this requirement:
o
If a virtual machine has Integration Services installed from Windows 8 or Windows Server 2012,
applications on other operating systems such as Windows Server 2008 Service Pack 2 or Windows
7 Service Pack 1 can also read the Generation ID value. These older operating systems are not
Generation IDaware, but applications that are running on the virtual machine can still read the
Generation ID value.
Note: The Generation ID value is projected into a virtual machine through an emulated
BIOS device, and Integration Services presents it as a Hyper-V Generation Counter. Because of
this, operating systems on a virtual machine can access the Generation ID value only if it has
Integration Services installed from Windows 8, Windows Server 2012, or newer.
Actions that will cause the Generation ID to change include:
The virtual machine starts from a checkpoint.
The same checkpoint is applied multiple times.
The virtual machine is restored from a backup.
The virtual machine is migrated by using System Center 2012 - VMM (Export and Import).
The virtual machine is imported.
Actions that will not cause the Generation ID to change include:
The virtual machine is live-migrated.
The virtual machine is paused or resumed.
The virtual machine is restarted.
The Hyper-V host is restarted.

Note: Virtualized domain controller cloning takes advantage of the Generation ID feature.
For more information, refer to the Virtual Machine Generation ID paper from the following website:
Microsoft Download Center
Virtual machine generation identifier
Question: Can you use Generation ID in a Windows Server 2008 R2 virtual machine?
3-45
Lesson 5
Monitoring Hyper-V
Monitoring your virtualization environment is important. You are most likely already familiar with the
monitoring tools included with Windows Server 2012 R2, but you should remember that not all of them
are virtualization-aware. Only Performance Monitor can provide you with real performance data, and
when you install the Hyper-V role, many additional performance counters are added to Performance
Monitor. If you are more interested in chargeback data, you should enable and use resource metering,
which is included with Hyper-V in Windows Server 2012 and newer Windows Server operating systems.
Lesson Objectives
After completing this lesson, you should be able to:
Describe performance monitoring.
Explain different aspects of monitoring a Hyper-V host.
Describe virtual machine monitoring.
Use Performance Monitor to monitor Hyper-V.
Describe Hyper-V resource metering.
Overview of Performance Monitoring

Every application that runs on a server, including
the operating system itself, uses system resources.
Performance monitoring is the process of
capturing and analyzing data on how resources,
including memory, processors, disks, and
networks, are used. Regular performance
monitoring ensures that you have up-to-date
information on how your server is operating.
Performance data helps you recognize trends,
detect performance issues, and optimize system
resource usage. When you are troubleshooting
system problems, performance data provides an
insight into the behavior of system resources at the time the problem occurs. It also helps you decide
when to upgrade the server, and then determine whether the upgrade improved the servers
performance.
Windows Server 2012 R2 includes the following tools for monitoring system performance:
Task Manager. Task Manager displays real-time monitoring data for a local server. You can view
information related to running processes, performance data, resource use by connected users, and
detailed information on running processes and Windows Server services. You can customize Task
Manager, for example, to configure update speed or view additional details of running processes.
You can also start new tasks, disconnect users, and end tasks from the Task Manager.
Task Manager is often the first tool to use when performance-related problems occur. For example,
you might examine the running processes in Task Manager to determine if a particular program is
using excessive CPU resources. However, Task Manager only shows real-time utilization for the local
server. You cannot use it to monitor remote servers or to store performance data.
Note: The Performance tab in Task Manager shows overall CPU utilization. If you want to
view individual processor utilization on a multiprocessor server, you must change the graph to
the Logical Processor view.
3-47
Resource Monitor. Resource Monitor provides an in-depth look at real-time performance for a
local server. You can use it to monitor the use and performance of CPU, disk, network, and memory.
By using Resource Monitor, you can identify and resolve resource conflicts and bottlenecks. By
expanding the monitored elements, you can identify which processes are using which resources.
Resource Monitor shows only real-time utilization for a local server.
Event Viewer. You can use Event Viewer to work with Windows events. Events are collected in
event logs and can occur locally, or they can be collected from remote computers. Events include
information, warnings, and errors on Windows components and installed applications. Events also
include performance events, such as a disk is almost full. You can filter events, create custom views,
and attach tasks to the events.
Reliability Monitor. Reliability Monitor provides an historical view of server reliability and problem
history. It assesses server stability on a scale from 1 to 10 and can show you hardware and software
problems that impacted the server during a specific period. If you want Reliability Monitor to start
collecting data, you first must enable the RACTask scheduled task.
Performance Monitor. This is the most robust and complete monitoring tool in Windows operating
systems. You can use it to view real-time performance for local and remote servers and to store
and view historical data, which is gathered by using data collector sets. In Performance Monitor,
you can also create performance counter alerts, which generate alerts and start tasks when the
performance counter is either less than or more than the specified value. You can monitor operating
system performance through performance objects and counters in the objects. When you install an
additional role, for example, Hyper-V, additional performance objects are added in Performance
Monitor.
Each server role uses processor, memory, disks, and networks, but it uses them differently.
Performance counters that are relevant for monitoring servers are different, based on the server roles.
For example, you should monitor different performance counters on a file server than on a Hyper-V
host or a domain controller.
Note: Microsoft System Center 2012 R2 - Operations Manager provides infrastructure
monitoring, alerts, and reporting for an enterprise environment.
For more information, refer to the Performance Tuning Guidelines for Windows Server 2012 paper from
the following website:
Microsoft Download Center
Question: Which of the monitoring tools in Windows Server 2012 R2 must you first enable
to provide you with data after at least a few hours?
Monitoring a Hyper-V Host

Although Windows Server 2012 R2 includes
several tools for monitoring system performance,
not all of them are appropriate for monitoring
Hyper-V host performance. Tools such as
Task Manager and Resource Monitor are not
virtualization-aware. As such, they only display
utilization of the resources that are available
inside the virtual environment in which they run,
either the virtual machine or parent partition. For
example, a Hyper-V host can have the processor
at 60 percent utilization, but the Task Manager in
the parent partition is aware of and displays only
10 percent utilization because virtual machines use most of the processor resources.
You should use Performance Monitor to monitor Hyper-V host performance. You can monitor memory,
disk, and network performance on the Hyper-V host in the same way, and by using the same performance
counters as on any other server. For example, you can monitor:
Disk latency by using the \Logical Disk(*)\Avg. sec/Read and \Logical Disk(*)\Avg. sec/Write
Performance Monitor counters. These performance counters measure the time that read and write
operations take to respond to the operating system. Requests from virtual machines and the parent
partition affect this counter. If one virtual machine accesses the disk heavily, this will increase disk
latency.
Available memory by monitoring the \Memory\Available MBytes Performance Monitor counter

on the Hyper-V host. This counter reports the amount of available physical memory in the parent
partition. When a virtual machine starts, its memory is no longer available for the parent partition
and is subtracted from this counter value. You can use the following two counters to provide you with
better insight into available memory to the Hyper-V host:
\Memory\Available Mbytes. This counter measures the amount of available physical memory to
processes that are running in the parent partition, expressed as a percentage of total physical
memory.
\Memory\Pages/sec. This counter measures the rate at which pages are read and written to
disk to resolve hard page faults. To resolve hard page faults, the Hyper-V host must swap the
contents of memory to disk. A high value for this counter in correlation with low available
physical memory might indicate insufficient physical memory on the Hyper-V host.
Network utilization on the Hyper-V host by using \Network Interface(*)\Bytes Total/sec and \Network
Interface(*)\Output Queue Length Performance Monitor counters.
Processor utilization on a Hyper-V host is measured differently than on a physical server. On a physical
server, you would monitor processor utilization by using the \Processor(*)\% Processor Time Performance
Monitor counter. However, on the Hyper-V host, this counter is not appropriate, because the parent
partition is treated as another virtual machine. Therefore, this counter monitors utilization of available
processor resources for the parent partition, not the entire physical Hyper-V host. To monitor total
processor utilization on the Hyper-V host, which includes parent partition and virtual machines, you
should use the \Hyper-V Hypervisor Logical Processor(_Total)\% Total Run Time Performance Monitor
counter. This counter measures the total percentage of time spent by the processor for running the
Hyper-V host and all the virtual machines on the Hyper-V host.
3-49
You can use the following Performance Monitor counters to monitor processor usage on a Hyper-V host:
Hyper-V Hypervisor\Partitions. Monitors the number of virtual machines.
Hyper-V Hypervisor\Logical Processors. Monitors the number of logical processors.
Hyper-V Hypervisor\Virtual Processors. Monitors the number of virtual processors.
Hyper-V Hypervisor Logical Processor\% Total Run Time. Monitors the total non-idle time of the
logical processors.
Hyper-V Hypervisor Logical Processor\% Hypervisor Run Time. Monitors the non-idle time of the
logical processors for the Hyper-V host only.
Hyper-V Hypervisor Root Virtual Processor. Monitors processor utilization for the host (Hyper-V host)
operating system only.
Question: Can you use Performance Monitor in virtual machines to monitor Hyper-V host
performance?
Monitoring Virtual Machines
If you want to monitor virtual machine

performance, you should be aware that Hyper-V
counters are not available in Performance
Monitor, which is running on the virtual machine.
The monitoring tools on a virtual machine are
not aware that they are running inside of a virtual
environment. Although the virtual machine is
allocated only part of the Hyper-V host resources,
monitoring tools that are running on the virtual
machine see them as complete resources because
they would be running on a physical server. Task
Manager on the virtual machine, otherwise known
as the \Processor(*)\% Processor Time Performance Monitor counter, reports processor utilization relative
to the number of processors allocated to the virtual machine. If you add more processors to the virtual
machine, the value reported for the \Processor (*)\% Processor Time Performance Monitor counter will be
lower, even if processor utilization of the Hyper-V host is an issue. This happens because virtual processors
use the physical processors in a round robin fashion, and each virtual processor is allocated a share of the
overall system processor resources. In a physical four-processor system with virtual machines that utilize
four virtual processors, each virtual processor will be able to use 25 percent of the physical processor
resources. If eight virtual processors are used on the same Hyper-V host, for example, if there are four
virtual machines with two processors each, the combined virtual processors will attempt to use 200
percent of the physical processor capacity. In such an environment, each virtual processor will report low
\Processor(*)\% Processor Time utilization because utilization is low for the level it expects. Excessive
context switching between virtual processors will result in poor performance for each virtual machine.
On a Hyper-V host, you have Hyper-V hypervisor performance counters to monitor the performance of
both logical and virtual processors. A logical processor correlates directly to the number of processors on
the physical server. For example, single quad core processors correlate to four logical processors. Virtual
machines use virtual processors to execute the code. The virtual processors perform all the execution in
the parent partition and the virtual machines.
You can use processor settings for the virtual machine to configure resource control and limit the
processor resources that the virtual machine can use. In the Resource control section, you can configure
the following settings:
Virtual machine reserve (percentage). Use this setting to reserve a certain portion of the Hyper-V host
processor resources for the virtual machine. By configuring this setting, you can ensure that the
virtual machine will always have at least that part of processor resources available to it. By default,
the virtual machine reserve is set to 0, which means that no processor resources are reserved.
Virtual machine limit (percentage). This setting limits processor resources that are available to the
virtual machine and prevents it from consuming an excessive amount of processor resources.
Percent of total system resources. This setting is read-only, and its value is set based on the virtual
machine limit, number of virtual processors, and the number of physical processors in the Hyper-V
host. For example, consider a virtual machine that is allowed to use 100 percent of the processor,
has a single virtual processor, and four physical processors in the Hyper-V host. In this case, the
percentage of total system resources is set to 25, because 100 percent utilization of one processor is
equal to 25 percent utilization of total Hyper-V processor resources.
Relative weight. Virtual machines with higher relative weights receive more processor time, and virtual
machines with lower relative weights receive less processor time. By default, all virtual machines are
assigned a relative weight of 100.
Question: How can you limit processor resources that a virtual machine can use?
Demonstration: Using Performance Monitor to Monitor Hyper-V

In this demonstration, you will see how to use Performance Monitor to monitor Hyper-V.
Demonstration Steps
1.
On LON-HOST1, start Performance Monitor, and then add the following counters:
o
Hyper-V Hypervisor Virtual Processor\% Guest Run Time for LON-CL1 instance
Hyper-V Virtual Storage Device\Read Operations/sec for the instance that refers to
20409B-LON-CLx
LogicalDisk\Disk Reads/sec for the C: instance
2.
Set Scale Selected Counters for Disk Reads/sec and Read Operations/Sec.
3.
On LON-CL1, run C:\LabFiles\Mod03\sqlio.exe in Windows PowerShell.
4.
On LON-HOST1, use Performance Monitor to follow how disk access increased in virtual machine and
on the Hyper-V host while sqlio.exe is running on the virtual machine.
5.
On LON-CL1, run C:\LabFiles\Mod03\Cpustres.exe in Windows PowerShell.
6.
In CPU Stress, set Process Priority Class to High. In the Thread 1 section, set Thread Priority to
Highest and Activity to Busy.
7.
On LON-HOST1, use Performance Monitor to follow how processor utilization in a virtual machine
and on Hyper-V increases.
8.
On LON-HOST1, use Hyper-V Manager to view CPU Usage for the LON-CL1 virtual machine.
9.
Set Virtual machine limit (percentage) for LON-CL1 to 10.
3-51
10. Use Hyper-V Manager to confirm that CPU Usage for the LON-CL1 virtual machine is considerably
lower.
11. On LON-CL1, close CPU Stress and Task Manager.
Resource Metering in Hyper-V
In a virtualized environment, you often need data

on resources that are used by virtual machines in
a given period. For example, you might need
resource data so that you can charge back the
business units that are using them. When you
create a virtual machine, you configure it with
processors, memory, disks, and network adapters.
It would be misleading to provide chargeback
data based only on virtual machine configuration
because resources that are used by virtual
machines change through time. For example,
virtual machine memory utilization is between the
minimum and maximum RAM configured when dynamic memory is used, processor utilization varies
depending on load, and the size of dynamically expanding disks increases until it reaches its configured
maximum size. Performance Monitor can provide real-time information on resources that virtual machines
use, but the tool is not practical for providing chargeback data.
Hyper-V in Windows Server 2012 includes resource metering, a feature that you can use to monitor
resource consumption over time, per virtual machine or resource pool. Resource pools are logical
containers that collect resources of the virtual machines that one business unit uses. When you use
resource pools, you can enable resource metering and query on resource use in the same way as for a
single virtual machine. Resource metering works with all Hyper-V operations. The movement of virtual
machines between Hyper-V hosts, for example, by using live migration, does not affect the data collection
process.
The following cmdlets are used for resource metering:
Enable-VMResourceMetering. Enables resource metering for a virtual machine.
Disable-VMResourceMetering. Disables resource metering for a virtual machine.
Reset-VMResourceMetering. Resets resource metering counters for a virtual machine.
Measure-VM. Displays resource metering data for a virtual machine.
Measure-VMResourcePool. Displays resource metering data for a resource pool.
For example, you can enable resource metering and view all of the resource metering data for the
LON-DC virtual machine by running the following cmdlets:
Get-VM -Name LON-DC | Enable-VMResourceMetering
Get-VM Name LON-DC | Measure-VM
Resource metering in Hyper-V collects and reports on the following resource use data:
Average CPU use. The average CPU, in megahertz (MHz), that a virtual machine uses over a period.
Average memory use. The average physical memory, in MB, that a virtual machine uses over a period.
Minimum memory use. The lowest amount of physical memory, in MB, assigned to a virtual machine
over a period.
Maximum memory use. The highest amount of physical memory, in MB, assigned to a virtual machine
over a period.
Maximum disk allocation. The highest amount of disk space capacity, in MB, allocated to a virtual
machine over a period.
Incoming network traffic. The total incoming network traffic, in MB, for a virtual network adapter over
a period.
Outgoing network traffic. The total outgoing network traffic, in MB, for a virtual network adapter over
a period.
Before you can obtain data on resources that are used by virtual machines, you first must enable
resource metering. You can use Windows PowerShell to enable resource metering and retrieve collected
data. Windows Server 2012 R2 does not include a graphical reporting tool on virtual machine resource
utilization, but you can use one of the non-Microsoft tools, or develop your own tool.
Lesson 6
3-53
Designing Virtual Machines for Server Roles and Services
You can use Hyper-V Manager to manage multiple Hyper-V hosts, but it is not the optimal tool when you
have to manage an enterprise environment. The Hyper-V module for Windows PowerShell is a better tool
when you need to automate operations or perform repetitive tasks on multiple servers. However, not all
administrators like to work with a command shell. For environments with multiple Hyper-V hosts, System
Center 2012 - VMM is the recommended tool, although, you must obtain it separately.
Hyper-V does not support the concept of templates, but copying a virtual hard disk that has an installed
operating system or the use of differencing virtual hard disks can achieve similar results. By using that
approach, companies can create libraries of virtual disks with different operating systems and applications
and then use them as templates. In this lesson, you will learn about recommendations for running domain
controllers, Microsoft SQL Server, and Microsoft Exchange Server on virtual machines.
Lesson Objectives
Plan Hyper-V host management.
Plan virtual machine management.
Design virtual machines for a domain controller.
Design virtual machines for SQL Server.
Design virtual machines for Exchange Server.
Planning Hyper-V Host Management

Hyper-V hosts are the infrastructure for running
virtual machines. It is important that you carefully
plan and deploy a standard server configuration,
configure high availability, implement remote
management, and regularly monitor the
infrastructure. Consider the following best
practices for configuring and administering
Hyper-V hosts:
Simplify and standardize the platform on

which you will deploy server virtualization.
Use a standard configuration for the
operating system and Hyper-V to make it
easier to deploy and manage the environment. Automate the deployment and use the latest version
of Windows Server 2012 because it provides new and improved features.
Use a Server Core installation (or better yet, Microsoft Hyper-V Server 2012 R2) for Hyper-V hosts. A
Server Core installation has fewer components than the full server installation, which means that there
are fewer components to update and less overhead. A Server Core installation also provides the same
virtualization features and remote management as a GUI installation of Windows Server 2012 and
Windows Server 2012 R2.
Servers that you will use for virtualization should have only the Hyper-V role installed to minimize
overhead and the potential attack surface. If you plan to implement a highly available environment,
you should also consider installing failover clustering and multipath I/O features.
Test and apply updates to Hyper-V hosts. This includes hardware updates (for example, firmware
updates), and Microsoft updates. Always test updates before deploying them in a production
environment.
Implement shared storage and high availability. Shared storage is required for high availability,
and you can use SAN or SMB 3.0 file shares for shared storage. A highly available virtualization
infrastructure is critical, for which you should implement Hyper-V failover clusters.
Monitor performance to optimize and manage server utilization. Server workloads change over time,
and you must ensure that the Hyper-V host is not overused.
Automate and standardize administration of the Hyper-V host environment. Large organizations
might have hundreds of Hyper-V hosts, and the only way to manage them efficiently is to standardize
deployment and then automate management tasks. To do so, you can:
o
Standardize the Hyper-V configuration. For example, consider using the same path for storing
virtual machines, and create virtual switches with the same name on all Hyper-V hosts.
Join Hyper-V hosts to the domain unless your security policy states differently. Domain
membership makes it possible to centralize the management of policies for identity, security,
and auditing. Hyper-V hosts must be domain members if you want to create a Hyper-V failover
cluster.
Implement remote management. Administering servers locally is not practical, for example, when
they are running a Server Core installation or Hyper-V Server, or you do not have physical access
to them. You can use remote management to centralize administration and automate
procedures.
Use Windows PowerShell whenever possible. You can use Windows PowerShell cmdlets and
scripts to manage Hyper-V hosts. Windows PowerShell is installed by default, and you can use
it to automate and standardize administration.
Consider implementing VMM, which provides tools for simplifying administrative tasks to
manage a large virtualization environment. For example, a company can use VMM to store
templates and to automate virtual machine deployment.
Windows Server 2012 Hyper-V Best Practices (In Easy Checklist Form)
Question: How can you standardize Hyper-V host management?
Planning Virtual Machine Management

By now, you should be aware that when working
with virtual machines, you can perform complete
administration by using Hyper-V Manager and
Windows PowerShell. However, when you have
more than a few Hyper-V hosts and several
virtual machines to manage, you should try to
standardize and automate administration as much
as possible. This implies that you should use
standard configurations, scripting, and enterprise
management tools such as VMM, if possible.
However, even without standardization, and by
using only tools that are part of Windows Server
2012 R2, it is possible to achieve a level of automation.
Virtual Machine Templates
3-55
Virtual machine templates are beneficial when you want to standardize virtual machine configurations
and make their deployment as fast as possible. Unfortunately, Hyper-V does not understand the concept
of templates. However, you can mimic virtual machine templates by storing virtual hard disks with a
generalized installation of an operating system in a library, which can be a shared folder. You can then
copy the appropriate virtual disk for each new virtual machine that you create. In test environments, you
can even create differencing virtual hard disks and point them to use the same parent disk. By doing so,
you will reduce storage space by many gigabytes, but the downside will be inferior performance.
Windows PowerShell
When you create new virtual machines, you should provide them with appropriate virtual hardware, which
can be based on the recommendations for the physical servers. Multiple virtual machines run on the same
Hyper-V infrastructure, but you should be careful not to oversubscribe processor resources because it can
result in poor performance. Some applications, such as Exchange Server or SQL Server, are only supported
if the P2V conversion processor ratio is 1:2 or lower. To avoid creating virtual machines with the same
configuration manually, and if VMM is not an option, you should use Windows PowerShell for virtual
machine creation and for other administrative tasks.
Operating System
If possible, use the latest Windows Server operating system when building virtual machines because it
provides new and improved features such as Generation ID for detecting when a checkpoint was applied.
Newer Windows operating systems (Windows Server 2008 R2 and newer versions, and Windows 7 and
newer versions) also include Integration Services, and virtual machines should always run the latest version
of integration services.
Monitoring
It is important that your virtualization infrastructure is not overused and that virtual machines have
enough available resources. In smaller environments, you should implement monitoring by using
Performance Monitor. In enterprise environments, you should also use Operations Manager. Remember
that if you are using both products, Operations Manager can integrate with VMM, and System Center
components must be implemented in your environment.
Question: How can you use Hyper-V Manager to create a virtual machine with four
processors, two virtual hard disks, and two network adapters?
Designing Virtual Machines for a Domain Controller

When planning virtual machines for a
domain controller, you should follow the same
recommendations as for other virtual machines.
However, several recommendations and best
practices are specific to virtualized domain
controllers. The following list includes some of
these best practices:
Avoid a single point of failure. You should

always have at least two domain controllers
for a domain, and when virtualized, they
should be running on different physical
servers.
A Hyper-V host should be just as secure as a domain controller. A Hyper-V administrator has full
permissions in a virtualization infrastructure and could potentially perform an elevation-of-privilege
attack. Such an attack could compromise all virtual machines, domains, and forests that Hyper-V is
hosting:
o
If a Hyper-V host is a domain member in a domain for which it hosts virtual domain controllers,
then domain administrators have administrative permissions on the Hyper-V host.
Consider applying different Group Policy Objects to your Hyper-V hosts and to your domain
controllers to secure them both.
The virtual hard disk of a virtualized domain controller is equivalent to the physical hard drive of a
physical domain controller. It stores important identity data, and you should protect it just as you
protect the disks of physical domain controllers.
Avoid using differencing virtual hard disks for a domain controller. They have more overhead than
other disk types, and they provide slower performance.
Avoid using checkpoints for domain controllers. If a domain controller is running an operating system
prior to Windows Server 2012, you should not use checkpoints at all, because they can cause an
update sequence number (USN) rollback. Domain controllers that run Windows Server 2012 or newer
detect that a checkpoint was applied by monitoring the Generation ID and resolve the USN rollback
situation.
Disable time synchronization of a virtual domain controller with a Hyper-V host. Windows Time
Service has its own algorithm for time synchronization within a domain. You should only disable the
time synchronization service, but still use other Integration Services.
Store AD DS files on a different virtual hard disk than the operating system, and connect that virtual
hard disk to the virtual SCSI controller. Virtual hard disks that are attached to a virtual SCSI controller
provide better performance than virtual hard disks that are attached to a virtual IDE controller. They
also support additional functions such as forced unit access. Forced unit access ensures that the
operating system writes and reads data directly from the disk and bypasses all caching mechanisms.
Windows Server 2012 includes virtualization-safe capabilities and enables faster deployment of virtual
domain controllers by using cloning.
Running Domain Controllers in Hyper-V
Introduction to Active Directory Domain Services (AD DS) Virtualization (Level 100)
3-57
Active Directory Virtualization Safeguards and Domain Controller Cloning with Windows
Server 2012
Question: How can you disable virtual domain controller time synchronization in a Hyper-V
virtual machine?
Designing Virtual Machines for SQL Server

Virtual machines for SQL Server should follow
similar best practices as virtual machines for
any other server load. For example, you should
always install the latest version of Integration
Services because it improves I/O throughput and
decreases CPU usage of virtual machines. You
should also avoid using emulated devices because
they can cause significant CPU overhead.
When configuring a virtual machine for
SQL Server, you should also consider the following
recommendations:
SQL Server should have sufficient resources.

Memory and processors are the most critical resources. Allocate SQL Server enough memory so that
it can handle the expected loads. Do not overcommit processors. Minimize background activities and
services, and do not install any additional applications on the SQL Server virtual machine.
Hyper-V on Windows Server 2012 provides considerably better scalability than older versions, and
SQL Server can better take advantage of that scalability.
Use fixed-size virtual hard disks or directly attached disks for SQL Server. Do not use dynamically
expanding or differencing virtual hard disks.
Do not use checkpoints on a SQL Server virtual machine. Checkpoints can cause significant issues,
including slower performance and data loss.
Ensure high availability for SQL Server. You can use different features to ensure high availability for
SQL Server, such as Hyper-V failover clustering, guest clustering, and AlwaysOn Availability Groups.
Attach the SQL Server virtual hard disks to the Virtual SCSI controller for more flexibility.
If you use virtual Fibre Channel, use Multipath I/O (MPIO) inside the virtual machine to ensure
resilient connections from the virtual machine to storage.
Monitor performance of the Hyper-V host on which the SQL Server virtual machine is running, in
addition to the performance of the virtual machine.
Consider using SQL optimization for better performance. The database administrator will most likely
perform this tuning, which includes the following:
o
Configure SQL Server to use large page allocations (/T834 startup flag) to reduce memory
overhead.
Set Max Worker Threads to the number of maximum concurrent user connections.
Consider dynamic memory to reduce I/O overhead.
Grant user rights for Lock pages in memory to the SQL Server service account. This helps
when dynamic memory is trying to reduce the virtual machine memory because it will prevent
Windows Server from paging out a large amount of buffer pool memory.
Set the SQL Server processor affinity mask to isolate system resources for the SQL Server instance
from other SQL Server instances, or other applications that are running on the same virtual
machine.
Set a fixed amount of memory for the SQL Server process to use. About three percent of the
total available memory is used for the system, and another one percent is used for memory
management structures. Use the following equation to calculate the total memory to be used by
SQL Server:
Memory (1%memory * (NUMA_nodes)) 3%memory 1GB
SQL Server 2012 supports cloning by using the System Preparation Tool (Sysprep). You can use Sysprep
to install SQL Server on a virtual machine, generalize the operating system, and use it as a template when
creating new virtual machines. By using this approach, you can create a new virtual machine that has SQL
Server installed, which is considerably faster than if you installed it again.
Best Practices for Virtualizing and Managing SQL Server
Install SQL Server 2012 Using SysPrep
Question: Can you only use virtual hard disks attached to a virtual SCSI controller for a SQL
Server virtual machine?
Designing Virtual Machines for Exchange Server

When designing virtual machines, you should be
aware that with Exchange Server 2013, all of the
Exchange Server roles, including the Unified
Messaging server role, are supported in the virtual
environment. This enables you to virtualize the
entire Exchange Server infrastructure. When
virtualizing Exchange Servers, you should consider
the following guidelines:
The Hyper-V host should not have any other

role and should not run any other application,
such as SQL Server, AD DS, or Exchange
Server. You should install only management
software, such as antivirus software, backup agents, or virtual machine management software on the
Hyper-V host.
Hyper-V in Windows Server 2012 R2 does not enforce a limit on the virtual processor-to-logical
processor ratio. You can have as many virtual processors used by virtual machines as the physical
hardware allows. Exchange supports a physical-to-logical processor ratio no greater than 2:1,
3-59
although the recommended ratio is 1:1. For example, a dual processor system that uses quad core
processors contains 8 logical processors in the host system. On a system with this configuration, do
not allocate more than 16 virtual processors to all the guest virtual machines. Oversubscribing the
processor on the Hyper-V host decreases performance, depending on how much CPU is
oversubscribed.
Exchange 2013 is not NUMA-aware, but it can benefit from NUMA in the same way as any other
application that is not NUMA-aware, by taking advantage of the Windows scheduler algorithms that
keep threads isolated to particular NUMA nodes.
Dynamic memory is not supported for virtual machines that run any of the Exchange Server 2013
roles. Exchange Server 2013 uses in-memory data caching to provide better performance and faster
I/O operations. For this, Exchange Server 2013 needs sufficient memory at all times and full control
over the memory. If Exchange Server 2013 does not have full control of the memory that is allocated
to the virtual machine, system performance is considerably lower. Because of this, dynamic memory is
not supported for Exchange Server 2013.
Differencing and dynamically expanding virtual hard disks are not supported in Exchange Server 2013
virtual machines. Thin provisioned dynamically expanding disks can overcommit the available storage,
and as they are growing, the underlying storage could run out of space if not monitored closely.
When you create fixed-size virtual hard disks, they are allocated their full size on the physical storage,
which ensures that storage will not later run out of space.
Virtual machine checkpoints are not supported. When you create a checkpoint, Hyper-V creates
a new differencing virtual hard disk for the virtual machine. Changes are written only on the
differencing virtual hard disk, and data is read from both disks, which increases overhead and reduces
performance. You can also use checkpoints to revert a virtual machine back to any of the previous
states. Exchange Server 2013 is not checkpoint-aware, and applying checkpoints can have unintended
consequences for applications such as Exchange Server, which maintains state data.
Exchange Server virtual machines, including Exchange Mailbox virtual machines that are part of
database availability group (DAG), might be protected by Hyper-V failover clustering and migration
technology. When failover happens, it must result in a system restart when the virtual machine is
started on a different node.
Hyper-V Replica is not supported for Exchange Server. Replica makes sense for applications that do
not include disaster recovery capability. You should use DAG with Exchange Server 2013.
Exchange 2013 Virtualization
Best Practices for Virtualizing and Managing Exchange 2013
Exchange 2013 Server Role Requirements Calculator
Question: How many virtual processors at most can you assign to Exchange Server virtual
machines that are running on a test Hyper-V host with two double-core CPUs?
Lab B: Creating and Managing Checkpoints and

Monitoring Hyper-V
Scenario
A. Datum is continuing with its pilot virtualization project. You have deployed the virtualization hosts by
installing Windows Server 2012 R2 Hyper-V in one of the subsidiaries. The next step is to deploy virtual
machines on these hosts.
Because the virtualization platform is new to A. Datum, you need to spend some time becoming familiar
with Hyper-V features and components, including checkpoints. As the pilot project continues, you will
need to be able to monitor server performance to ensure that virtual machines are configured properly.
For now, you will familiarize yourself with the monitoring tools that are available in Windows Server 2012
R2 and Hyper-V.
Objectives
Import virtual machines and work with checkpoints.
Monitor Hyper-V.
Lab Setup
Virtual machines: 20409B-LON-HOSTx, 20409B-LON-CLx, 20409B-LON-DC1
Password: Pa$$w0rd
1.
Sign in to LON-HOSTx as Adatum\Administrator with the password of Pa$$w0rd.
2.
On LON-HOST1, start Hyper-V Manager.
3.
4.
5.
6.
Password: Pa$$w0rd
Repeat steps 3 through 5 for 20409B-LON-CLx. The letter x is 1 for the first student in the team,
and 2 for the second student in the team.
the virtual machines. However, you can shut down all virtual machines after finishing this lab.
Exercise 1: Importing Virtual Machines and Working with Checkpoints

Scenario
3-61
Your colleague has heard about the enhanced session mode when connecting to a virtual machine, but
he has never seen it. You want to demonstrate to your colleague how to configure it, use it, and show the
benefits of the enhanced session mode.
You are aware that you should avoid using checkpoints in the production environment, but you want to
test them for use in training and explore how to implement checkpoints at the file level. You would also
like to see how a virtual machine can detect whether a checkpoint was applied.
1.
Import a virtual machine.
2.
Use enhanced session mode.
3.
Create checkpoints.
4.
Manage checkpoints.
5.
Explore Generation ID.
Task 1: Import a virtual machine

1.
On LON-HOSTx, use Hyper-V Manager to import a virtual machine by using the following data:
o
Virtual Machine in Folder: C:\VirtualMachines\LON-EXPORT\
Number of virtual processors: 1
Connect to Network: External Network
2.
You will get an error message because the parent virtual hard disk was not found.
3.
In Hyper-V Manager, use the Edit Disk feature to link the C:\VirtualMachines\LON-EXPORT
\Virtual Hard Disks\LON-EXPORT.vhd virtual hard disk to the parent disk E:\Program Files
\Microsoft Learning\Base\Base14A-WS12R2.vhd. Note that this path might differ on your host
machine.
4.
Use Hyper-V Manager to import the LON-EXPORT virtual machine again from
C:\VirtualMachines\LON-EXPORT\.
5.
Use Hyper-V Manager to confirm that LON-EXPORT is imported, that it is configured with a single
virtual processor, and that it is connected to a virtual switch named External Network.
Task 2: Use enhanced session mode

1.
On LON-HOSTx, copy a few line of text from the C:\Windows\Win.ini file.
2.
On LON-CLx, confirm that the Paste option in Notepad is disabled.
3.
In Virtual Machine Connection to LON-CLx, from the Clipboard menu, click Type clipboard text.
Confirm that the text that you copied from the Win.ini file displays. Close the LON-CLx window.
4.
On LON-HOSTx, use Hyper-V Manager to configure Allow enhanced session mode.
5.
Use Hyper-V Manager to connect to LON-CLx. Configure the option to redirect the local drives.
6.
Confirm that you are not signed in automatically to LON-CLx, and then sign in as
ADATUM\administrator, with Pa$$w0rd as the password.
7.
In Notepad, paste the copied text from Win.ini.
8.
On LON-HOSTx, use File Explorer to copy the C:\Windows\Write.exe file.
9.
On LON-CLx, paste Write.exe to the desktop.
10. On LON-CLx, use File Explorer to confirm that drives from LON-HOSTx are mapped to the virtual
machine.
11. On LON-CLx, confirm that Remote Desktop is disabled.
12. Turn Off 20409B-LON-CLx.
13. On LON-HOSTx, start the LON-CLx virtual machine, and then connect to it.
14. Confirm that after LON-CLx is started and the sign-in screen displays, the Connect to LON-CLx
window opens.
Note: Because Integration Services are not available during system start, enhanced session
mode is available only after the operating system is fully started.
15. On LON-HOSTx, use Hyper-V Manager to disable enhanced session mode.
Task 3: Create checkpoints

1.
On LON-HOSTx, confirm that LON-VM1 is using the Differencing.vhd virtual hard disk.
2.
Create a checkpoint for LON-VM1.
3.
Start LON-VM1.
4.
Confirm that LON-VM1 is now using a virtual hard disk with a GUID in its name.
5.
6.
On the Settings page, provide the password of Pa$$w0rd.
7.
Sign in as Administrator by using the password Pa$$w0rd.
8.
On LON-VM1, on the desktop, create a folder named Folder1.
9.
Create a checkpoint for LON-VM1, and name it Folder1.
10. On LON-VM1, on the desktop, create a folder named Folder2.

11. Create a checkpoint for LON-VM1, and name it Folder2.
12. On LON-VM1, on the desktop, create a folder named Folder3.
13. On LON-HOSTx, use the Windows PowerShell cmdlet Checkpoint-VM to create checkpoint for
LON-VM1, and then name it Folder3.
14. Use the cmdlet Get-VMSnapshot to view existing checkpoints for LON-VM1.
15. Use Hyper-V Manager to confirm that LON-VM1 has four checkpoints.
16. Apply the Folder1 checkpoint.
17. Confirm that on the LON-VM1 desktop, there is only one folder named Folder1.
18. On LON-VM1, on the desktop, create a folder named Folder1.1.
19. Use Hyper-V Manager to create a checkpoint for LON-VM1, and then rename it Folder1.1.
20. On LON-HOSTx, use File Explorer to browse to C:\Shares\Snapshots, and then confirm that there are
five .xml files and five subfolders.
3-63
21. Confirm that Size of the oldest folder in the details pane is 0, as the first checkpoint that you created
was when LON-VM1 was turned off.
22. Confirm that each of other folders has larger sizes, as the other checkpoints were created while
LON-VM1 was running.
Task 4: Manage checkpoints

1.
On LON-HOSTx, use the Windows PowerShell cmdlet Get-VMSnapshot to view checkpoints for
LON-VM1, and then view how they relate to each other.
2.
Use the Windows PowerShell cmdlet Export-VMSnapshot to export the Folder2 checkpoint of
LON-VM1 to the C:\Exported folder.
3.
On LON-HOSTx, use File Explorer to confirm that in C:\Exported\LON-VM1 there is no Snapshots

subfolder. Double-click the Virtual Hard Disks folder, and then confirm that it contains multiple
virtual hard disks, the Differencing.vhd virtual hard disk, and all of its parent disks.
4.
Rename folder LON-VM1 to Folder2.
5.
Use the Windows PowerShell cmdlet Export-VM to export LON-VM1 to the C:\Exported folder.
6.
Use File Explorer to confirm that there is a Snapshots subfolder in C:\Exported\LON-VM1.
7.
Double-click the Virtual Hard Disks folder, and then confirm that it contains the Differencing.vhd
virtual hard disk, its parent disk, and all of the differencing virtual hard disks that the checkpoints
created.
8.
Use the Windows PowerShell cmdlet Restore-VMSnapshot to apply the Folder3 checkpoint to
LON-VM1.
9.
On LON-VM1, confirm that on the desktop, there are three folders named Folder1, Folder2, and
Folder3.
10. Use Hyper-V Manager to confirm that you cannot modify Folder2 checkpoint settings, except for the
Name and Description.
11. Use Hyper-V Manager to delete the Folder1 checkpoint and its subtree.
12. Use Hyper-V Manager to confirm that all checkpoints for LON-VM1 except the first checkpoint are
deleted instantly.
13. On LON-HOSTx, use File Explorer to confirm that there is single .xml file, and one subfolder in the
C:\Shares\Snapshots folder.
Task 5: Explore Generation ID

1.
On LON-HOSTx, on LON-VM1, use Device Manager to confirm that the Microsoft Hyper-V
Generation Counter system device is present. This is how virtual machine presents Generation ID to
the operating system.
2.
Turn off LON-VM1.
Results: After completing this exercise, you should have imported virtual machines and worked with
checkpoints.
Exercise 2: Monitoring Hyper-V

Scenario
One of your colleagues is sure that you can monitor Hyper-V host utilization by using Task Manager. You
want to show your colleague that this is incorrect. You also want to demonstrate the proper way to
monitor the Hyper-V host and virtual machines and how to retrieve chargeback information for the
running virtual machines.
1.
Use Task Manager.
2.
Use Performance Monitor to monitor Hyper-V performance.
3.
Use Resource Metering.
Task 1: Use Task Manager

1.
On LON-HOSTx, open Task Manager, and then click the Performance tab.
2.
On LON-CLx, sign in as Adatum\Administrator with the password Pa$$w0rd. Open Task Manager,
and then click the Performance tab.
3.
On LON-CLx, use Windows PowerShell to run the C:\LabFiles\Mod03\Cpustres.exe command.
4.
Highest, and set Activity to Busy.
5.
Confirm that the LON-CLx Task Manager shows high utilization, while the LON-HOSTx Task Manager
shows low utilization.
Note: As each Task Manager is reporting utilization of its own virtual environment, the
utilization shown is very different.
6.
In CPU Stress, in the Thread 1 section, set Thread Priority to Idle, and set Activity to Low.
7.
On LON-HOSTx, in Task Manager, click Open Resource Monitor. The Resource Monitor opens.
8.
On LON-CLx, run the Windows PowerShell command C:\LabFiles\Mod03\sqlio.exe.
9.
Confirm that on LON-CLx, Task Manager reports almost 100 percent Disk 0 utilization. Resource
Monitor on LON-HOSTx reports only a slight increase in disk activity.
Task 2: Use Performance Monitor to monitor Hyper-V performance

1.
On LON-HOSTx, start Performance Monitor, and then add the following counters:
o
Hyper-V Hypervisor Virtual Processor\% Guest Run Time for the 20409B-LON-CLx instance
Hyper-V Virtual Storage Device\Read Operations/sec for the instance that refers to
20409B-LON-CLx
LogicalDisk\Disk Reads/sec for the C: instance
2.
Set Scale Selected Counters for Disk Reads/sec and Read Operations/Sec.
3.
On LON-CLx, run the Windows PowerShell command C:\LabFiles\Mod03\sqlio.exe.
4.
On LON-HOSTx, use Performance Monitor to follow how disk access increases in the virtual machine
and on the Hyper-V host while sqlio.exe is running on the virtual machine.
5.
On LON-CLx, in CPU Stress, set Process Priority Class to High. In the Thread 1 section, set Thread
Priority to Highest and Activity to Busy.
3-65
6.
On LON-HOSTx, use Performance Monitor to follow how processor utilization on the virtual machine
and on Hyper-V increases.
7.
On LON-HOSTx, use Hyper-V Manager to view CPU Usage for the LON-CLx virtual machine.
8.
Set Virtual machine limit (percentage) for 20409B-LON-CLx to 10.
9.
Use Hyper-V Manager to confirm that CPU Usage for the LON-CLx virtual machine is considerably
lower.
10. On LON-CLx, close both CPU Stress and Task Manager.

11. On LON-HOSTx, close Performance Monitor, Resource Monitor, and Task Manager.
12. In Hyper-V Manager, set Virtual machine limit (percentage) for LON-CLx to 100.
Task 3: Use Resource Metering

1.
On LON-HOSTx, use the Windows PowerShell cmdlet Get-VM to view whether resource metering is
enabled for 20409B-LON-CLx.
2.
Use the Windows PowerShell cmdlet Enable-VMResourceMetering to enable resource metering for
20409B-LON-CLx.
3.
Use the Windows PowerShell cmdlet Measure-VM to view resource metering data for
20409B-LON-CLx.
4.
On LON-CLx, run the Windows PowerShell command C:\LabFiles\Mod03\Cpustres.exe.
5.
Highest, and then set Activity to Busy.
6.
Run the Windows PowerShell command C:\LabFiles\Mod03\TestLimit64.exe d 400 c 5.
7.
On LON-HOSTx, use the Windows PowerShell cmdlet Measure-VM to view resource metering data
for 20409B-LON-CLx. Compare the data with previous results, and then notice the increase in use of
AvgRAM(M) and AvgCPU(MHz).
8.
On LON-CLx, close CPU Stress.
9.
On LON-HOSTx, use the Windows PowerShell cmdlet Disable-VMResourceMetering to disable

resource metering for LON-CLx.
Results: After completing this exercise, you should have monitored Hyper-V.

Review Questions
Question: Are synthetic devices available in all operating systems that you install on a virtual
machine?
Question: Can you use shared virtual hard disks with two virtual machines that have Windows
8.1 installed?
Question: Can you use virtual machine settings to discover whether it is Generation 1 or
Generation 2?
Question: Can you use enhanced session mode to connect to a Windows Server 2012 R2 virtual
machine that is running on Windows Server 2012 Hyper-V host?
Question: Which monitoring tool can you use to monitor multiple servers simultaneously and to
provide you with alerts when the performance of servers is different than normal?

4-1
Module 4
Creating and Configuring Virtual Machine Networks
Contents:
Module Overview
4-1
Lesson 1: Creating and Using Hyper-V Virtual Switches
4-2
4-9
Lesson 2: Advanced Hyper-V Networking Features
4-13
Lab B: Creating and Using Advanced Virtual Switch Features
4-23
Lesson 3: Configuring and Using Hyper-V Network Virtualization
4-26
Lab C: Configuring and Testing Hyper-V Network Virtualization
4-34
4-38
Module Overview
Virtual machines are isolated, even when they are running on the same Hyper-V host and are
communicating only over the network. Hyper-V in Windows Server 2012 and Windows Server 2012 R2
includes an entirely redesigned and extensible virtual switch, which enables basic network packet
forwarding and more advanced features such as support for network virtualization. You can connect a
virtual switch to different networks, and based on this connection, you can create a private, internal, or
external virtual switch. If supported by server hardware, you can also use features such as single root I/O
virtualization (SR-IOV) and Dynamic Virtual Machine Queue, which enable higher network throughput
and lower CPU utilization.
On the Hyper-V host, the host operating system (for example Windows Server 2012 R2) is also running
in the virtual machine (parent partition), which means that its traffic can be controlled by a virtual switch.
One of the new features of the Hyper-V virtual switch is support for network virtualization, which you can
use to create multiple isolated tenant networks on the same physical network.
Objectives
Create and use Hyper-V virtual switches.
Describe advanced Hyper-V networking features.
Configure and use Hyper-V network virtualization.
Lesson 1
Creating and Using Hyper-V Virtual Switches
4-2 Creating and Configuring Virtual Machine Networks
Virtual machines are rarely disconnected from a network. Most users typically will want virtual machines
to communicate with other computers. To provide virtual machines with network connectivity, you must
first connect them to a virtual switch. The virtual switch in Windows Server 2012 and Windows Server
2012 R2 is fully extensible, and provides advanced features such as port access control lists (ACLs),
network traffic monitoring, packet inspection, and network virtualization. The virtual switch also enables
basic features such creating different virtual switch types, and using virtual local area network (VLAN)
tagging. In this module, you will learn about basic Hyper-V virtual switch management, the different types
of virtual switches, and how to configure virtual switches by using Virtual Switch Manager and Windows
PowerShell.
Lesson Objectives
Describe the Hyper-V virtual switch.
Describe the different types of virtual switches.
Describe VLAN tagging.
Use Virtual Switch Manager.
Explain the use of dynamic switch ports.
Configure and use VLANs.
Overview of the Hyper-V Virtual Switch

When you have multiple physical computers
that you want to connect inside the same
network segment, you typically connect them
by using network switches. Switches operate at
Layer 2 (data-link layer) of the Open Systems
Interconnection (OSI) model. Switches act as
network hubs, except with an intelligent layer
added to them. Network switches can inspect
data packets, determine the source and
destination of each data packet, and then forward
the data packets appropriately. By delivering
packets only to the intended connected device,
network switches conserve network bandwidth and offer better performance than network hubs.
The Hyper-V virtual switch offers similar functionalities as hardware network switches. The Hyper-V virtual
switch is a software-implemented Layer 2 network switch that is available as part of the Hyper-V role. You
can use the Hyper-V virtual switch to connect virtual machines to virtual networks and physical networks.
On the Hyper-V host, the host operating system, for example Windows Server 2012 R2, is also running in
the virtual machine (parent partition). This means that the Hyper-V virtual switch can be used when the
parent partition connects to the network.
Prior to Windows Server 2012, Hyper-V included a simple network switch that was not extensible and
provided only basic networking features. The Hyper-V Virtual Switch in Windows Server 2012 and
Windows Server 2012 R2 is fully extensible. It provides advanced features such as policy enforcement,
4-3
tenant isolation, traffic shaping, and protection against malicious virtual machines. You can also extend it
with non-Microsoft extensions.
The Hyper-V virtual switch provides ways to extend the virtual switch without replacing the entire switch;
for example, to add monitoring, filtering, or forwarding functionality. You implement extensions by using
network device interface specification (NDIS) filter drivers and Windows Filtering Platform (WFP) callout
drivers. NDIS and WPF are two public platforms for extending the Windows networking functionality. If
you extend the virtual switch, the virtual switch extensions are listed in the Virtual Switch Manager feature
of Hyper-V Manager.
You can manage Hyper-V virtual switches by using the Virtual Switch Manager, or by using Windows
PowerShell cmdlets. For example, the following cmdlet lists all of the Hyper-V virtual switches on a
Hyper-V host:
Get-VMSwitch
VMNetworkAdapter is the primary noun that you can use to manage various security features, Quality
of Service (QoS), port mirroring, and other features. You can get more information on these features by
running the following cmdlet:
Get-Help Set-VMNetworkAdapter
The host operating system on Hyper-V host is also running inside a virtual machine (parent partition),
which means that you can add and manage virtual network adapters to it in a similar manner as to
other virtual machines. Each virtual network adapter can be connected to a separate Hyper-V virtual
switch, or to the same Hyper-V virtual switch as other adapters. You can create multiple parent virtual
network adapters that you then use for different purposes such as live migration, accessing the storage
area network (SAN), and parent operating system management. You can also limit bandwidth for each
virtual network adapter by assigning the QoS policy to the adapter. If you want to create a virtual network
adapter in the parent partition, run the following Windows PowerShell cmdlets:
Add-VMNetworkAdapter ManagementOS Name Management
Add-VMNetworkAdapter ManagementOS Name Storage
Add-VMNetworkAdapter ManagementOS Name Live Migration
Question: Do you need to create a virtual switch on a Hyper-V host?
Types of Virtual Switches

Hyper-V Manager includes the Virtual Switch
Manager, which you can use to create and
manage virtual switches. If you want virtual
machines to be able to communicate on a
network, you must first create at least one
virtual switch, and then connect virtual machine
network adapter(s) to the virtual switch. The
parent partition is an exception to the rule. It
can communicate on the network even if a
network switch is not created.
Note: The parent partition is a virtual
machine in which you can manage and monitor Hyper-V, and in which device drivers for
accessing Hyper-V physical hardware are installed.
You can connect only one virtual switch to a specific physical network adapter, wireless adapter, or
network interface card (NIC) team. Once you connect a Hyper-V virtual switch to a network adapter, all
other protocols are automatically unbound from that network adapter and reassigned to the virtual
network adapter.
Hyper-V supports three types of virtual switches: external, internal, and private. There is no limit on how
many virtual switches you can create on a Hyper-V host, or how many virtual machines you can connect
to a virtual switch. However, you cannot have more external virtual switches than the number of network
adapters on the Hyper-V host.
Virtual switches can connect to three types of networks:
Private network. A virtual switch that you connect to a private network provides connectivity only
between virtual machines on the same Hyper-V host, and that connect to the same virtual switch.
Virtual machines cannot communicate with virtual machines that are connected on a different virtual
switch, Hyper-V host, or external physical network. You can use a private switch if you need to isolate
virtual machines for security reasons, or if you are using them for testing and you do not want them
to access the company network inadvertently. When you create a private switch, there is no new
network connection added in the parent partition.
Internal network. A virtual switch that you connect to an internal network provides connectivity
between virtual machines on the same Hyper-V host, and with the Hyper-V host itself. Virtual
machines that connect to an internal switch cannot communicate with any physical network, unless
the Hyper-V host provides network address translation (NAT) functionality. You use an internal virtual
switch when virtual machines must have network connectivity to a Hyper-V host, but not to external
resources. When you create an internal virtual switch, an additional virtual network connection is
added in the parent partition, and it is connected to the virtual switch.
External network. A virtual switch is connected to a physical network adapter, wireless adapter, or
NIC team on the Hyper-V host, and it enables virtual machine connectivity to a physical network. You
use an external switch to provide virtual machines with access to external resources, or to the Internet.
When you create a new external virtual switch, Hyper-V creates a virtual network adapter in the
parent partition, unless you clear the option to Allow management operating system to share this
network adapter.
Note: If you create an external virtual switch and clear the Allow management operating
system to share this network adapter option, the physical network adapter will be available only
to virtual machines, and will not be accessible by the Hyper-V host. This is recommended,
because you should separate the production network from the network used to manage Hyper-V
host.
After you create a virtual switch, you can view and manage virtual switch extensions. By default, Hyper-V
includes two virtual switch extensions: Microsoft NDIS Capture, and Microsoft Windows Filtering Platform.
The Microsoft NDIS Capture extension enables the capture of network packets traversing the virtual
switch, which is the same functionality as is included in the Microsoft Network Monitor packet capturing
utility. The Microsoft NDIS Capture extension is not enabled by default. The Microsoft Windows Filtering
Platform processes network traffic as it traverses the virtual switch, and it is enabled by default for each
virtual switch that you create in Hyper-V.
You can create virtual switches by using the New Virtual Switch Wizard, which is part of Hyper-V Manager.
Alternatively, you also can use the new Windows PowerShell cmdlet New-VMSwitch. The cmdlet syntax is
determined by the type of virtual switch that you want to create.
4-5
The external virtual switch type is associated with a physical network adapter that is present in the
Hyper-V host. When you create an external virtual switch, the Hyper-V Extensible Virtual Switch protocol
is bound to a physical adapter. All other bindings are moved to the virtual adapter that is created, and
display in the Network Connections interface. When you create an internal virtual switch, an additional
virtual adapter is created, which allows the host to connect to the virtual machines. If you create a private
virtual switch, no virtual adapter is created on the host.
Question: Can a virtual machine access the Internet if it is connected to an internal virtual
switch?
Question: What will happen in the parent partition when you create a new internal virtual
switch? Will it be the same as when you create a new private virtual switch?
Demonstration: Using Virtual Switch Manager
In this demonstration, you will see how to use Virtual Switch Manager for configuring virtual switches. You
will also see how to connect virtual machines to virtual switches, and how virtual machines do not have
connectivity when they are connected to different virtual switches.
Demonstration Steps
1.
On LON-HOST1, in Hyper-V Manager, confirm that there is one virtual switch present named
External Network.
2.
On LON-HOST1, in Hyper-V Manager, create a private virtual switch named Private Switch.
3.
On LON-HOST1, connect the 20409B-LON-PROD1 and 20409B-LON-TEST1 virtual machines to the

Private Switch virtual switch.
4.
On LON-PROD1, attempt to ping IP address 10.0.0.16.
5.
Confirm that four replies are received, and that LON-TEST1 has an IP address of 10.0.0.16.
6.
On LON-HOSTx, connect the 20409B-LON-PROD1 virtual machine to the External Network virtual
switch.
7.
On LON-PROD1, try to ping IP address 10.0.0.16, and confirm that it does not have connectivity with
LON-TEST1.
8.
On LON-PRODx, in Windows PowerShell, use the cmdlet Set-NetIPInterface to enable dynamic

TCP/IP configuration for Ethernet network connection.
9.
In Windows PowerShell, use ipconfig to confirm that LON-PRODx obtained the IP address from the
Dynamic Host Configuration Protocol (DHCP) server that is running on LON-DC.
What Is VLAN Tagging?

When you want to isolate and partition logical
networks that are using the same networking
infrastructure, you can use VLAN tagging to
separate the networks. By using VLAN tagging,
you can create multiple distinct broadcast
domains that are mutually isolated, and
networking traffic can only pass between them
if a router is used.
VLANs are the method that most organizations

use currently to provide address space reuse and
tenant isolation. VLAN uses explicit tagging in the
Ethernet frames, and it relies on the switches to
enforce isolation and restrict traffic to network adapters that are configured with the same tag. You
can specify VLAN tags for the virtual machine network adapter, and for the internal and external virtual
switches. If you specify the VLAN tag for the internal and external virtual switches, the VLAN tag is applied
to the virtual network adapter in the parent partition.
Note: The word virtual in the VLAN definition has nothing to do with server virtualization,
although server virtualization supports it. VLANs have been in use for more than thirty years.
VLAN cannot span multiple logical subnets. This limits the number of computers within a single VLAN,
and restricts the placement of virtual machines based on physical location. Even though VLANs can be
stretched across physical sites, the stretched VLAN must be all on the same subnet. A VLAN ID is 12 bits
long, which limits the value of VLAN IDs to 4,094. When you need to move a virtual machine that is
configured with a VLAN ID, you must ensure that you have reconfigured the underlying networking
infrastructure properly.
To enable VLAN Identification (VLAN ID) for management operating systems, you must enable the VLAN
ID for an external or internal virtual switch, and specify an ID. You can specify the VLAN ID in Hyper-V
Manager, on the Virtual Switch Manager page, under Switch Properties.
Note: The VLAN ID that you configure for the virtual switch specifies the VLAN that the
management operating system is using for all network communications through this network
adapter. This setting does not affect virtual machine networking.
To enable VLAN ID for a virtual machine, open Virtual Machine Settings, select the virtual network
adapter, select the Enable virtual LAN identification check box and then specify an ID that you want
the virtual machine connection to use. A virtual machine may have multiple network adapters, and the
adapters may use either the same or different VLAN IDs. You must perform this configuration on each
network adapter.
Hyper-V on Windows Server 2012 and Hyper-V on Windows Server 2012 R2 supports enhanced
functionality and simple VLAN tagging, which includes private VLAN and trunk mode to a virtual machine.
Question: Why can you create only a maximum of 4,094 VLAN networks?
Demonstration: Configuring and Using VLANs

In this demonstration, you will see how to configure and use VLANs on the Hyper-V virtualization
platform.
Demonstration Steps
4-7
1.
On LON-HOSTx, connect the 20409B-LON-TESTx virtual machine to the External virtual switch.
2.
On LON-PROD1, try to ping IP address 10.0.0.16 and verify that four replies are received. This
confirms that LON-PROD1 and LON-TEST1 have network connectivity.
3.
On LON-HOST1, in Hyper-V Manager, configure the network adapter for the 20409B-LON-PROD1
virtual machine with a virtual LAN identification value of 2.
4.
On LON-PROD1, try to ping IP address 10.0.0.16. Confirm that destination host is now not reachable.
This is because LON-PROD1 is connected to different VLAN as LON-TEST1.
5.
On LON-HOST1, in Hyper-V Manager, configure the network adapter for the LON-TEST1 virtual
machine with a virtual LAN identification value of 2.
6.
On LON-PROD1, try to ping IP address 10.0.0.16. Confirm that four replies are returned. LON-PROD1
and LON-TEST1 have network connectivity because now they are connected to the same VLAN.
Ethernet Resource Pool

The Hyper-V virtual switch is designed to
provide multiple data streams to and from virtual
machines using the physical network adapters
in the Hyper-V host. You create a virtual switch
and connect the virtual machine network adapter
to the virtual switch to gain network connectivity.
The virtual switch type defines the scope of
network connectivity available to a virtual
machine. For example, access to a company
network over a physical Hyper-V network adapter
requires an external virtual switch.
The virtual switch type and other configurations

such as VLAN settings, bandwidth requirements, and security parameters are not included as part of the
virtual machine configuration, but are stored as part of the virtual switch configuration on the Hyper-V
host. You can move a virtual machine to a different Hyper-V host by using live migration, or by using the
Import Virtual Machine Wizard. When you move the virtual machine, you could encounter a problem if
the destination Hyper-V host does not have a virtual switch with the same name, and is not configured
identically.
When using Ethernet resource pools, virtual machines do not connect to precreated and preconfigured
ports in a virtual switch. The virtual machine is configured to connect to one or more virtual switches in a
pool of virtual switches. By default, every virtual switch is placed in the default primordial pool
automatically until other pools of type Ethernet are created.
You can create resource pools by using the New-VMResourcePool Windows PowerShell cmdlet. You
cannot use Hyper-V Manager to create resource pools. However, if resource pools already exist, you
can use Hyper-V Manager to configure virtual machines to use a virtual switch from the resource pool.
When configured properly, you can move virtual machines between Hyper-V hosts with compatible
pool configurations without having to do any reconfiguration. When you configure a virtual machine to
connect to an Ethernet resource pool, the Hyper-V management layer configures the connections when a
virtual machine is started. Ports of the virtual switches in a pool are reclaimed automatically when they are
no longer in use. The virtual machine switch port configuration becomes an integral part of a virtual
machine overall configuration, and it is migrated automatically in all mobility scenarios.
Note: You can also use resource pools to collect resource pool usage information for
chargeback purposes.
Question: Is there any default Ethernet resource pool in Hyper-V?
Question: Can you configure a virtual network adapter to connect to a virtual switch in the
Ethernet resource pool by using Hyper-V Manager?

Scenario
4-9
A. Datum Corporation has implemented the Hyper-V virtualization platform in one of their subsidiaries.
You have created several test virtual machines and familiarized yourself with many of the configuration
options. The next step is to implement and test network connectivity for the virtual machines. You have
been asked to verify current Hyper-V networking, and explore the differences between various Hyper-V
virtual switch types.
Objectives
Create and use Hyper-V virtual switches.
Lab Setup
Virtual machines: 20409B-LON-HOST1, 20409B-LON-HOST2, 20409B-LON-DC1, 20409B-LON-PROD1,

20409B-LON-PROD2, 20409B-LON-TEST1, and 20409B-LON-TEST2
Password: Pa$$w0rd
1.
2.
3.
4.
5.

o
Password: Pa$$w0rd
6.
Repeat steps 2 and 3 for 20409B-LON-TESTx and 20409B-LON-PRODx. The letter x is 1 for the first
student in the team, and 2 for the second student in the team.
7.
For 20409B-LON-TESTx and 20409B-LON-PRODx, sign in as Administrator. For both accounts, use
the password Pa$$w0rd.
LON-HOST1 and LON-HOST2 are sometimes referenced as LON-HOSTx, which indicates that each
student performs the lab tasks on his or her computer.
Note: You will be working in pairs. Communicate clearly with your lab partner, and
cooperate fully with each other during this lab.
Exercise 1: Creating and Using Windows Server 2012 R2 Hyper-V Virtual

Switches
Scenario
The Hyper-V virtualization platform is now installed, and you need to demonstrate to junior
administrators the different networking options that you can configure in Hyper-V. You will first show
them the current Hyper-V host networking configuration. After that, you will create new virtual network
adapters in a parent partition, and then show them as new network connections. You will also create
different types of Hyper-V virtual switches, and explore with junior administrators the connectivity options
when using each of them.
1.
Verify current Hyper-V network configuration.
2.
Create virtual network adapters in a parent partition.
3.
Create virtual switches.
4.
Use Hyper-V virtual switches.
Task 1: Verify current Hyper-V network configuration

1.
On LON-HOSTx, in Hyper-V Manager, confirm that External Network is the only virtual switch
present.
2.
Confirm that LON-HOSTx has two network connections: Ethernet 2 and vEthernet (External
Network).
3.
View the properties of the Ethernet 2 network connection, and confirm that it is using only the
Hyper-V Extensible Virtual Switch, and that the check boxes for all other items are not selected.
4.
View the properties of the vEthernet (External Network) network connection, and confirm that it is
using most items, but is not using the Hyper-V Extensible Virtual Switch, which is the only item for
which the check box is not selected.
Task 2: Create virtual network adapters in a parent partition

1.
On LON-HOSTx, in Windows PowerShell, use the cmdlet Get-VMNetworkAdapter with the All
parameter to confirm that one network adapter named External Network, is present on the system.
2.
Use the Windows PowerShell cmdlet Add-VMNetworkAdapter with the ManagementOS

parameter to add the following three virtual network adapters to the parent partition:
3.
Management
Storage
Live Migration
Use the Network Connections window to confirm that three network connections have been added
to LON-HOSTx, and that they are named:
o
vEthernet (Management)
vEthernet (Storage)
vEthernet (Live Migration)
4-11
4.
View the properties of the vEthernet (Management) network connection, and confirm that the
network connection is using most items, including Internet Protocol Version 4 (TCP/IPv4), but it is
not using the Hyper-V Extensible Virtual Switch.
5.
In Windows PowerShell, use the cmdlet Get-VMNetworkAdapter with the All parameter to confirm
that the network adapters that you added by using Windows PowerShell are present on the system.
Task 3: Create virtual switches

1.
On LON-HOSTx, in Hyper-V Manager, try to create an external virtual switch.
Note: You should get an error, because the physical network adapter is already bound to
the external switch.
2.
In Hyper-V Manager, create an internal virtual switch and name it Internal Switch.
3.
Use the Network Connections window to confirm that a network connection is added and that it is
named vEthernet (Internal Switch).
4.
View the properties of vEthernet (Internal Switch), and confirm that the network connection is using
most items, including Internet Protocol Version 4 (TCP/IPv4), but that it is not using Hyper-V
Extensible Virtual Switch.
5.
Use the Windows PowerShell cmdlet Get-VMNetworkAdapter with the All parameter to confirm
that there is a network adapter named Internal Switch present on the system.
6.
On LON-HOSTx, in Hyper-V Manager, create a private virtual switch, and name it Private Switch.
7.
Use the Network Connections window to confirm that no network connection was added when you
created the private virtual switch.
8.
In Windows PowerShell, use the Get-VMNetworkAdapter cmdlet with the All parameter to confirm
that no network connection was added when you created the private virtual switch.
9.
Use Hyper-V Manager to confirm that External Network, Internal Switch and Private Switch have
the same two extensions available: Microsoft NDIS Capture, which is not enabled, and Microsoft
Windows Filtering Platform, which is enabled.
Task 4: Use Hyper-V virtual switches

1.
On LON-HOSTx, connect both the LON-PRODx and LON-TESTx virtual machines to the Private
Switch virtual switch.
2.
Confirm that LON-PRODx has an IPv4 address of 10.0.0.x5 (where x is 1 if you are using LON-HOST1,
and x is 2 if you are using LON-HOST2).
3.
Open Windows PowerShell in Administrator mode, and to try to ping IP address 10.0.0.x6.
4.
Confirm that four replies are received

Note: LON-TESTx has an IP address of 10.0.0.x6.
5.
On LON-HOSTx, connect the LON-PRODx virtual machine to an Internal Switch.
6.
On LON-PRODx, try to ping the IP address 10.0.0.x6, and confirm that it does not have connectivity
with LON-TESTx.
7.
On LON-HOSTx, try to ping IP address 10.0.0.x5.
Note: Confirm that the destination host is unreachable. This is because the virtual network
adapter in LON-HOSTx that is connected to the Internal switch does not have IP address from the
same subnet as LON-PRODx.
8.
9.
On LON-HOSTx, configure the vEthernet (Internal Switch) network connection with the following
settings:
o
IP address: 10.0.0.100
Subnet mask: 255.255.255.0
On LON-HOSTx, try to ping IP address 10.0.0.x5. Confirm that four replies are returned, which
confirms that LON-HOSTx and LON-PRODx now have network connectivity.
10. On LON-HOSTx, connect the LON-PRODx virtual machine to the External Network virtual switch.
11. On LON-PRODx, use the Windows PowerShell cmdlet Set-NetIPInterface to enable dynamic TCP/IP
configuration for the Ethernet network connection. To do this, you will need to run Windows
PowerShell in Administrator mode.
12. In Windows PowerShell, use ipconfig to confirm that LON-PRODx obtained the IP address from the
DHCP server. Write down the LON-PRODx IPv4 address.
13. On LON-HOSTx, try to ping the IP address of LON-PRODx, and confirm that four replies are returned.
14. On LON-DC1, try to ping the IP address of LON-PRODx, and confirm that four replies are returned.
Note: Leave the virtual machines running, as you will use them in the next lab.
Results: After completing this exercise, you should have created and used Hyper-V virtual switches.
Lesson 2
Advanced Hyper-V Networking Features
4-13
The Hyper-V virtual switch provides many other features in addition to the basic packed forwarding
functionality It supports the following features, if they are supported by the physical network adapters in
the Hyper-V host hardware:
Virtual local area networks (LANs)
Private VLANs
Port ACLs
Network traffic monitoring
Basic packet inspection
Capabilities such as SR-IOV and Dynamic Virtual Machine Queue
The Hyper-V virtual switch is fully extensible, which means that you can extend or replace existing switch
functionalities. You can configure some of the advanced virtual switch functionalities by using a GUI, and
at virtual switch levels and at virtual network adapter levels. However, by using Windows PowerShell you
can configure many more functionalities.
Lesson Objectives
Explain virtual switch expanded functionality.
Explain virtual switch extensibility.
Describe SR-IOV.
Describe Dynamic Virtual Machine Queue.
Describe the network adapter advanced features.
Describe the Network Adapter Teaming (NIC Teaming) feature in virtual machines.
Configure network adapter advanced features.
Virtual Switch Expanded Functionality

The Hyper-V virtual switch is a
software-implemented Layer 2 networking switch
that provides network connectivity between
virtual machines, the Hyper-V host, and physical
networks. The Hyper-V virtual switch provides
more functionality than simply forwarding data
packets between computers that are connected to
virtual switch ports. It also provides the following
functions:
Inspect network packets.
Limit bandwidth.
Allow connectivity only between certain virtual switch ports.
Block suspicious network activity.
Perform network virtualization.
You can use Hyper-V Manager to configure some of the Hyper-V virtual switch functionality and
expanded features, such as configuring virtual machine networking adapter settings. However, you must
use Windows PowerShell to configure some of the other features. The Hyper-V virtual switch expanded
functionality includes the following features:
ARP/ Neighbor Discovery Poisoning (spoofing) protection. This feature provides protection against
malicious virtual machines that try to use Address Resolution Protocol (ARP) spoofing to associate
their media access control (MAC) addresses with the IP addresses of another virtual machine. By
doing this, they effectively steal IP addresses and intercept network traffic that is being sent to other
virtual machines. This feature also provides protection against attackers who use IPv6 Neighbor
Discovery spoofing.
You can enable this feature in the Advanced Features settings for the virtual machine network
adapter by selecting the Enable router advertisement guard option. You can also enable it by using
the Windows PowerShell cmdlet Set-VMNetworkAdapter. For example, if you want to enable this
feature on a network adapter in a virtual machine named VM1, you would run the following cmdlets:
$vmNIC = Get-VMNetworkAdapter -VMName VM1
Set-VMNetworkAdapter -VMNetworkAdapter $vmNIC -RouterGuard On
DHCP guard protection. This feature protects against a malicious virtual machine that is running a
rogue DHCP server that can be used for man-in-the-middle attacks. If you enable the DHCP guard
protection option, the virtual switch drops DHCP acknowledgement packets that the virtual machine
sends. This effectively prevents other computers from obtaining TCP/IP configuration from the DHCP
server that is running in the malicious virtual machine.
adapter, by selecting the Enable DHCP guard option. You also can enable this feature by using the
Windows PowerShell cmdlet Set-VMNetworkAdapter. For example, if you want to enable this
feature on a network adapter in virtual machine named VM1, you can run the following cmdlets:
Set-VMNetworkAdapter -VMNetworkAdapter $vmNIC -DHCPGuard On
Port ACLs. The virtual switch performs traffic filtering based on MAC or IP addresses and ranges.
With this feature, you can set up virtual network isolation by creating two lists: a list of computers
with which a virtual switch port can communicate (white list), and a list of computers with which a
virtual switch port cannot communicate (black list). A network port ACL has several entries, which
include a network address and an associated permit, deny, or meter action. When a network packet
matches one of the entries, the virtual switch takes the appropriate action.
Port ACLs can be based on MAC address, IPv4 address, or IPv6 address. You can configure this
feature only by using Windows PowerShell, by running the Add-VMNetworkAdapterAcl cmdlet.
For example, if you want to allow network traffic in both directions between a virtual machine named
VM1 and computers on the 10.0.0.0/8 subnet, you can run the following cmdlet:
Add-VMNetworkAdapterAcl -VMName VM1 -RemoteIPAddress 10.0.0.0/8 -Direction Both
-Action Allow
Trunk mode to a VM. A VLAN logically isolates computers that are connected to the same local
network, irrespective of their actual physical location. By using VLANs, you can assign computers
on different switches to the same Layer 2 broadcast domain. This enables network communication
between the computers while they are isolated from the other computers that are either assigned to
4-15
a different broadcast domain or have a different VLAN ID. A VLAN trunk enables traffic from multiple
VLANs to be visible and accessible on the same network adapter, as defined in the IEEE 802.1Q
standard.
Prior to Windows Server 2012 Hyper-V, the virtual switch did not have the ability to set a switch
port to trunk mode, and you could not have multiple VLANs assigned to the same virtual NIC.
Hyper-V in Windows Server 2012 supports the IEEE 802.1Q standard, and can forward traffic from
multiple different VLANs to the same network adapter. You can configure this feature only by using
Windows PowerShell, by running the cmdlet Set-VMNetworkAdapterVlan. For example, if you want
to enable trunk mode to a virtual machine named VM1, you would run the following cmdlets:
Set-VMNetworkAdapterVlan $vmNIC -Trunk -AllowedVlanIdList 1-100 -NativeVlanId 10
Network traffic monitoring. You can use this feature to monitor and review all incoming or outgoing
network traffic that the network switch is forwarding to a specific virtual machine network adapter.
When you configure this feature, network traffic is copied and you can view it inside a virtual machine
by using a packet capture tool such as Network Monitor.
adapter by configuring the port mirroring mode. You can also configure it by using the Windows
PowerShell cmdlet Set-VMNetworkAdapter. For example, if you want to configure network traffic
monitoring for a virtual machine named VM1, you would run the following cmdlets:
Set-VMNetworkAdapter $vmNIC -PortMirroring Source
Isolated VLAN or private VLAN. Private VLANs were introduced to help with VLAN scalability issues.
A private VLAN consists of a primary VLAN, which has secondary VLANs. The secondary VLAN IDs
differentiate the various private VLANs, and all secondary VLANs share the same primary VLAN ID.
Private VLANs are designed to reduce the number of IP subnets and VLANs for some types of
network configurations. The virtual switch supports private VLANs to restrict communication between
computers on the same VLAN or network segment.
Private VLANs support an isolated mode in which virtual machines can share the same VLAN ID, but
can only communicate externally. You can configure this feature only by using Windows PowerShell,
by running the cmdlet Set-VMNetworkAdapterVlan. For example, if you want to configure private
VLAN for a virtual machine named VM1 and configure it with primary VLAN ID 10 and secondary
VLAN ID 200, you would run the following cmdlet:
Set-VMNetworkAdapter $vmNIC -Isolated -PrimaryVlanId 10 -SecondaryVlanId 200
Bandwidth limits and burst support. By setting a minimum bandwidth, you can guarantees at least
that amount of bandwidth for the virtual machine network adapter. The maximum bandwidth setting
specifies the maximum amount of bandwidth that a virtual machine network adapter can consume.
You can enable and configure this feature only for network adapters, and not for legacy network
adapters.
You can enable and configure this feature on the virtual machine network adapter settings, or by
using the Windows PowerShell cmdlet Set-VMNetworkAdapter. For example, for a network adapter
in a virtual machine named M1, if you want to specify a minimum bandwidth of 10 megabytes (MB)
and maximum bandwidth of 1 gigabyte (GB), you can run following cmdlets:
Set-VMNetworkAdapter $vmNIC -MinimumBandwidthAbsolute 10MB -MaximumBandwidth 1GB
Question: Do you need to enable DHCP guard protection on each virtual machine that you
want to protect from obtaining TCP/IP configuration from the rogue DHCP server?
Virtual Switch Extensibility

Prior to Windows Server 2012, Hyper-V included
a simple virtual switch that was built on a closed
architecture. It provided only basic networking
functionality and was not extensible in any way.
Windows Server 2012 Hyper-V uses a completely
redesigned virtual switch, which is built on an
open framework, is extensible, and allows
developers to extend existing features and add
new features into the virtual switch. For example,
other companies can add their own monitoring,
filtering, and forwarding features without having
to replace all of the Hyper-V virtual switch
functionality.
You can also implement extensions by using NDIS filter drivers or Windows Filtering Platform (WFP)
callout drivers, which are two public Windows platforms used for extending the Windows networking
functionality. Both platforms are available in Windows Server 2008 and newer Windows Server platforms,
and you can use them to extend a virtual switch in different ways.
NDIS filter drivers or WFP callout drivers have the following characteristics:
NDIS filter driver. The NDIS filter driver is a filtering service that monitors and modifies network
packets in Windows operating systems. For example, you can use the NDIS filter driver to perform
packet inspection, to modify packets when transiting a virtual switch, or to perform packet forwarding
based on their content. NDIS filters were introduced with the NDIS 6.0 specification, which was first
implemented in Windows Server 2008 and Windows Vista.
WFP callout drivers. Developers can use WFP callout drivers to filter and modify TCP/IP packets,
and to monitor or authorize connections, filter Internet Protocol security (IPsec)protected traffic,
and filter remote procedure calls (RPCs). Filtering and modifying TCP/IP packets provides unlimited
access to the TCP/IP traffic that passes through the virtual switch. WFP callout divers can examine
and modify outgoing and incoming packets before additional processing occurs. By using WFP
callout drivers, developers can create firewalls, antivirus software, diagnostic software, intrusion
detection software, and other types of applications and services. WFP callout drivers were first
implemented in Windows Server 2008 and Windows Vista.
Non-Microsoft Extension Support
Non-Microsoft extensions can extend three aspects of the switching process: inbound (ingress) filtering,
destination look-up and forwarding, and outbound (egress) filtering. Monitoring extensions also can
gather statistical data by monitoring traffic at different layers of the virtual switch. You can add multiple
monitoring and filtering extensions to a virtual switch. However, you can only use one instance of the
forwarding extension per switch instance, and if you use a non-Microsoft forwarding extension, it will
override the default forwarding of the virtual switch.
After you install virtual switch extensions, you can control them on the Extensions settings for the virtual
switch, or by using Windows PowerShell. By default, there are two virtual switch extensions included with
Hyper-V. These virtual switch extensions are the Microsoft NDIS Capture monitoring extension, which is
disabled by default, and the Microsoft Windows Filtering Platform filtering extension, which is enabled by
default.
4-17
The following table lists some of the virtual switch extensions, functionalities they provide, and which
platform you can use to provide such functionality.
Extension
Purpose
Extensibility component
Network packet
inspection
Inspects network packets that are exchanged

between virtual machines and passed through a
virtual switch. Network packets cannot be
modified.
NDIS filter driver
Network packet
filter
Creates, filters, and modifies network packets that

are entering or leaving the virtual switch.
NDIS filter driver
Network
forwarding
Provides network packets with a forwarding logic

extension. This extension replaces the default
forwarding extension, because the virtual switch
can have only one forwarding extension.
NDIS filter driver
Intrusion detection
or firewall
Filters and modifies network packets, monitors or

authorizes connections, and filters traffic based on
different criteria (for example, if the network
packets are protected by IPsec).
WFP callout driver
Getting Started Writing a Hyper-V Extensible Switch Extension

Question: Can you write Hyper-V virtual switch extensions in Windows PowerShell?
What Is SR-IOV?
SR-IOV is a standard that specifies how a
hardware device can make its functionality
available for direct use by virtual machines.
These functionalities are called virtual functions,
and are associated with physical functions.
Physical functions are what the parent partition
uses in Hyper-V.
SR-IOV in Hyper-V uses remapping of interrupts

and direct memory access (DMA), and allows
SR-IOVcapable devices to be assigned directly
to a virtual machine. Hyper-V enables support for
SR-IOVcapable network devices, and allows an
SR-IOV Virtual Function of a physical network adapter to be assigned directly to a virtual machine. By
doing this, the network adapter bypasses the virtual switch, and as a result network throughput increases,
and the network latency and CPU overhead on the Hyper-V host decrease.
If you want to use SR-IOV, both the Hyper-V host hardware and the network device and its device driver
must support it. Because SR-IOV requires compliant hardware, it can be only associated with an external
virtual switch that maps to an SR-IOVcapable network adapter in the Hyper-V host. You can only
configure SR-IOV at the time that you create the virtual switch. You cannot convert an external virtual
switch with SR-IOV enabled, to an internal or private switch. You can enable SR-IOV on virtual machine
network adapters.
In Windows Server 2012 and newer Windows Server operating systems, you can use live migration to
move running virtual machines without noticeable downtime, even when virtual machines are configured
to use SR-IOV. During live migration, Hyper-V can check whether the destination server has SR-IOV
capabilities, and if so, move the virtual machine to that server. You also can configure live migration to
refuse migrations of SR-IOVdependent virtual machines to a Hyper-V host that does not have SR-IOV
capabilities.
You also can use live migration to move virtual machines that are configured to use SR-IOV between
Hyper-V hosts even if Hyper-V hosts have different SR-IOVenabled network adapters. When you move a
virtual machine, you will notice that it is using a different network adapter, but the configuration and
network connectivity will be preserved.
SR-IOV Requirements
When you want to enable and use SR-IOV, the Hyper-V host must meet the following requirements:
Server hardware must support SR-IOV, which includes chipset support for interrupt, and DMA
remapping and firmware support to enable and make the hardware system SR-IOV capabilities
available to the Windows Server operating system.
An SR-IOVcapable network adapter and network adapter device driver must be present on the
Hyper-V host (in the parent partition). The network adapter device driver also must be present in
each virtual machine, where an SR-IOVcapable network adapter (its virtual function) is assigned.
Note: When using SR-IOV, virtual machine traffic bypasses the Hyper-V virtual switch. If
any switch port policies are set, SR-IOV functionality is disabled for that virtual machine.
Everything you wanted to know about SR-IOV in Hyper-V. Part 1
Question: Can you configure a Hyper-V virtual switch to use SR-IOV after you have
created it?
What Is Dynamic Virtual Machine Queue?

The Virtual Machine Queue (VMQ) was first
supported in Hyper-V on Windows Server 2008
R2. VMQ provides support for virtual machines
similar to how Receive Side Scaling provides
support for multicore systems. Receive Side
Scaling enables network adapters to distribute
the network processing load across multiple
processors in multicore computers, which makes
it possible to support higher network bandwidth
than a single CPU core can process.
Hyper-V host supports the multiple unicast

MAC addresses per network adapter feature. If a
network adapter also supports this feature, it can receive network packets with a destination MAC address
that matches any of the unicast MAC addresses that are set on the adapter, without being in promiscuous
mode. Such an adapter can allocate a receive queue for each MAC address, and then route incoming
4-19
traffic to the corresponding queue. For VMQ support, you must have both the multiple unicast MAC
addresses per network adapter feature, and the ability to create queues in the memory address space that
is assigned to the virtual machines.
VMQ uses network adapter queues to:
Classify received packets.
Group received packets.
Apply VLAN filtering.
Provide concurrent processing on the network traffic for multiple virtual machines.
Distribute interrupts to multiple cores for multiple virtual machines.
Avoid copying receive buffers to virtual machine address spaces.
VMQ allows the efficient transfer of the incoming network traffic to a virtual machine. A VMQ-capable
network adapter can use DMA to transfer incoming packets to the appropriate virtual machine. This
reduces CPU overhead when transferring packets to the virtual machines, which can be beneficial when
virtual machines are receiving large amounts of traffic when performing tasks such as file backup,
database replication, or data mirroring.
Hyper-V in Windows Server 2008 R2 associated the VMQ queue with virtual machine statically. In
Windows Server 2012 and newer versions, Hyper-V provides automatic configuration and tuning for VMQ
queues. This is accomplished by allowing VMQ to be associated with a processor dynamically, based on
processor networking and CPU load. The number of processors that network processing uses can increase
or decrease automatically, based on the network load. This allows the Hyper-V host to process more
networking traffic and support higher network bandwidth. The ability to dynamically adjust number of
processor cores that are used for processing VMQ queues is called Dynamic Virtual Machine Queue.
Dynamic Virtual Machine Queue is enabled automatically in the virtual switch whenever an administrator
enables VMQ on the virtual network adapter that is connected to the switch. The only ways to disable the
VMQ feature either is to disable VMQ in the virtual network adapter Hardware Acceleration settings, or to
use the Windows PowerShell cmdlet Set-VMNetworkAdapter.
Note: VMQ requires a physical network adapter that supports this feature. If the VMQ
feature is enabled on a virtual network adapter, but the Hyper-V host does not have a physical
adapter that supports VMQ, this feature cannot be used.
Question: Is VMQ beneficial when a virtual machine has to perform complex calculations
and database searches?
Network Adapter Advanced Features

The Hyper-V virtual switch provides expanded
switch functionality, which developers can also
extend. You also can replace the Hyper-V virtual
switch entirely, with a non-Microsoft virtual switch
implementation. Hyper-V is built on an open and
extensible framework.
You can manage some of the more advanced

Hyper-V virtual switch features, but only by using
Windows PowerShell. However, you can configure
other features by using graphical tools such as
Hyper-V Manager. Some virtual switch settings
such as virtual switch type, VLAN ID, SR-IOV or
virtual switch extension used are configured for virtual switch by using Virtual Switch Manager. You can
configure other settings that also rely on Hyper-V virtual switch functionality, as properties of the virtual
network adapter. You can configure the following network adapter advanced features:
MAC Addresses. By using this setting, you can configure a virtual machine either to use a dynamic
MAC address assignment (which is the default configuration), or to specify a static MAC address that
the virtual machine will use. As with most other settings, you can configure this setting only if the
virtual machine is not running. In this setting, you can also enable MAC Address spoofing, which
allows virtual machines to change the source MAC addresses in outgoing packets to one that is not
assigned to them. This can be beneficial when the virtual machine is a node in the Network Load
Balancing (NLB) cluster, in which nodes should be using the same MAC address for outgoing traffic.
If a virtual machine has NIC Teaming configured, MAC address spoofing must be enabled.
DHCP guard. This is a security feature that can prevent a rogue DHCP server that is running in a
virtual machine from providing TCP/IP settings on the network. This option is disabled by default,
which means that the virtual switch is forwarding DHCP Acknowledge packets from the virtual
machine. If you enable this option, the DHCP server that is running in the virtual machine will not
be able to offer TCP/IP settings over the virtual network adapter that has this feature enabled.
Router guard. This is also a security feature that can prevent virtual machines from sending router
advertisements and redirection messages, and prevent man-in-the-middle type attacks. This option is
disabled by default. If you enable it, the virtual switch will drop router advertisements and redirection
messages, which are sent from the virtual machine over a virtual network adapter that has this feature
enabled.
Protected network. This option is enabled by default, and enables network health detection and
recovery. If a virtual machine is running on a Hyper-V host cluster and a network is disconnected on
a protected virtual network, the failover cluster will use live migration to move the affected virtual
machine to a Hyper-V node on which that external virtual network is available.
Port mirroring. This feature enables monitoring of the incoming and outgoing traffic for a virtual
machine. You can configure port mirroring as either the source or as the destination, and the virtual
switch will copy all traffic from the source virtual network adapter to the destination adapter. In a
virtual machine that has the virtual network adapter configured as a destination, you should typically
be running a network monitoring application.
NIC Teaming. By using this setting, you can add multiple network adapters that are configured in a
virtual machine to a network team. This aggregates their bandwidth and provides redundancy, even if
NIC Teaming is not configured on the Hyper-V host itself.
Note: You can configure the same network adapter advanced features for network
adapters, legacy network adapters, and network adapters that are used in Generation 2 virtual
machines.
Question: How can you monitor network traffic when you enable port mirroring for a
network adapter?
NIC Teaming in Virtual Machines

NIC Teaming is one of the features in Windows
Server 2012 R2 that you can use to consolidate
up to 32 physical network adapters, and then use
them as a single interface. This strategy provides
both higher network throughput and redundancy.
NIC Teaming is not a Hyper-Vspecific feature.
Because of this, all applications that are running at
the system level on Windows Server 2012 R2 can
benefit from it, including Hyper-V.
4-21
NIC Teaming is also available to guest operating

systems that are running inside virtual machines,
regardless of whether NIC Teaming is used at the
system level or not. This enables virtual machines with multiple virtual network adapters to team the
adapters and still have connectivity, even when one of the adapters is disconnected or one of the virtual
switches (physical network adapter that is connected to the virtual switch) fails. This is especially important
when using SR-IOV, because SR-IOV traffic bypasses the virtual switch and cannot benefit from NIC
Teaming at the system level, whereas the Hyper-V virtual switch can use it.
Using NIC Teaming
To benefit from virtual machine NIC Teaming, you should create at least two external virtual switches,
and then connect virtual machine network adapters to them. Physical network adapters that connect
to virtual switches can be configured to use SR-IOV, although this is not mandatory. If virtual machine
network adapters are connected to SR-IOVenabled virtual switches, the virtual machine will install virtual
functions for them and will be able to use them in an NIC team. If one of the physical network adapters
is disconnected or fails, the virtual machine will continue to use the virtual functions of the remaining
SR-IOVenabled network adapters, and will still have network connectivity.
If virtual switches are connected to physical network adapters that are not SR-IOVenabled, the end result
will be the same. However, physical network adapters will not be directly mapped to the virtual machine
by using virtual function, but will map instead by using the Hyper-V virtual network adapter. Another
option is to use a combination of adapters that are SR-IOVenabled, and those which are not in the same
virtual machine NIC team.
You can enable virtual machine NIC Teaming either from the Advanced Properties settings page of the
virtual network adapter, or by using the Windows PowerShell cmdlet Set-VmNetworkAdapter. Virtual
machine NIC Teaming is not enabled by default. If you do not enable it, and if one of the physical
network adapters stops working, the NIC team that is created in the guest operating system in the virtual
machine will lose connectivity.
Note: Because failover between network adapters in a virtual machine results in

traffic being sent with the MAC address of the other network adapter, each virtual network
adapter that is using NIC Teaming must be set to allow MAC address spoofing, or must
have the AllowTeaming=On parameter set by using the Windows PowerShell cmdlet
Set-VmNetworkAdapter.
At the Hyper-V host level, NIC Teaming is not supported when physical network adapters are using SRIOV or Remote Direct Memory Access (RDMA). This is because network traffic is delivered directly to the
adapter, thereby bypassing the network stack, and not allowing path redirection. When you configure NIC
Teaming at the virtual machine level, physical network adapters that are connected to virtual switches can
be using SR-IOV.
Question: Are there any special hardware requirements if you want to use NIC Teaming in
virtual machines?
Demonstration: Configuring Network Adapter Advanced Features

In this demonstration, you will see how to configure advanced Hyper-V virtual switch features, such as
bandwidth management and DHCP guard.
Demonstration Steps
1.
On LON-PROD1, in File Explorer, copy the C:\Windows\Inf folder and paste it to the network share
\\10.0.0.16\share. Be aware of the copy speed and how long the process takes.
2.
After the copy finishes, delete the copied Inf folder.
3.
On LON-HOST1, in Hyper-V Manager, enable bandwidth management for the network adapter in the
LON-PROD1 virtual machine. Type 10 as both the Minimum bandwidth and Maximum bandwidth.
4.
On LON-PROD1, in File Explorer, copy the C:\Windows\Inf folder, and paste it again to the network
share \\10.0.0.16\share. Notice that copy process takes noticeably longer to complete.
5.
On LON-PROD1, in Windows PowerShell, use the ipconfig command to release and renew TCP/IP
settings.
6.
On LON-HOST1, in Hyper-V Manager, enable DHCP guard on the network adapter of the
20409B-LON-DC1 virtual computer.
7.
On LON-PROD1, in Windows PowerShell, use the ipconfig command to release renew TCP/IP
settings. Notice that this time the process takes considerably longer, and LON-PROD1 is not able to
obtain TCP/IP settings.
Lab B: Creating and Using Advanced Virtual Switch

Features
Scenario
IT management has identified several cases of client computers obtaining network settings from
unauthorized DHCP servers. You have been asked to demonstrate how Hyper-V can prevent rogue
DHCP servers from providing network settings. You also need to demonstrate some of the advanced
virtual switch settings, and demonstrate how to limit bandwidth that virtual machines can use.
Objectives
Configure and use advanced virtual switch features.
Lab Setup
4-23

Password: Pa$$w0rd
For this lab, you will use the available virtual machine environment.
Exercise 1: Configuring and Using Advanced Virtual Switch Features

Scenario
One of your managers would like to see how the Hyper-V virtual switch can protect network clients from
rogue DHCP servers. You plan to demonstrate how to configure DHCP guard, and at the same time,
demonstrate how to configure VLANs and bandwidth management.
1.
Configure and use DHCP guard.
2.
Configure and use VLANs.
3.
Configure and use bandwidth management.
Task 1: Configure and use DHCP guard

Note: In this exercise you will see how you can prevent rogue DHCP servers on your
network. Because your partner is also using the same DHCP server, you should synchronize this
task with him or her.
1.
On LON-PRODx, use ipconfig to release and renew TCP/IP settings.
2.
On LON-HOSTx, in Hyper-V Manager, on the network adapter of the 20409B-LON-PRODx virtual

computer, enable DHCP guard.
3.
Note: This step confirms that the DHCP guard setting on the virtual network adapter has
no effect on whether or not the virtual machine can obtain TCP/IP settings over that adapter or
not.
Note: The following lab steps will also affect your lab partner, so let him or her know that
you will perform the change on the LON-DC virtual machine. Your partner should wait until you
finish this change, and then proceed.
4.
On LON-HOST1, in Hyper-V Manager, enable the DHCP guard on the network adapter of the
20409B-LON-DC1 virtual computer.
5.
Note: Notice that this time it takes considerably longer, and that LON-PRODx is not able to
obtain TCP/IP settings.
6.
On LON-HOST1, use the Windows PowerShell Set-VMNetworkAdapter cmdlet to disable DHCP

guard on the LON-DC1 virtual computer.
Note: The DHCP server in LON-DC1 can once again offer TCP/IP settings.
Note: In step 6 you disabled DHCP guard on LON-DC1, so now your partner can now
perform steps 4 through 6.
Task 2: Configure and use VLANs

1.
On LON-HOSTx, connect the virtual machine 20409B-LON-TESTx to the External Network virtual
switch.
2.
On LON-PRODx, configure the Ethernet network connection with the following settings:
o
IP address: 10.0.0.x5
Subnet mask: 255.255.255.0
3.
On LON-PRODx, try to ping IP address 10.0.0.x6, and verify that four replies are received, which
confirms that LON-PRODx and LON-TESTx have network connectivity.
4.
On LON-HOSTx, in Hyper-V Manager, configure the LON-PRODx virtual machine network adapter
with the virtual LAN identification value of 2.
5.
On LON-PRODx, try to ping IP address 10.0.0.x6. Confirm that the destination host is no longer
reachable. This is because LON-PRODx is connected to a VLAN different from LON-TESTx.
6.
On LON-HOSTx, in Hyper-V Manager, disable virtual LAN identification for the network adapter in
the LON-PRODx virtual machine.
Task 3: Configure and use bandwidth management
4-25
1.
On LON-PRODx, in File Explorer, copy the C:\Windows\Inf folder, and then paste it to the
\\10.0.0.x6\share network share. Make note of the copy speed and how long the process takes.
2.
After the copy completes, delete the copied Inf folder.
3.
On LON-HOSTx, in Hyper-V Manager, enable bandwidth management for the network adapter in the
20409B-LON-PRODx virtual machine. For the values of both the Minimum bandwidth and the
Maximum bandwidth, type 10.
4.
On LON-PRODx, in File Explorer, copy the C:\Windows\Inf folder, and paste it to the
\\10.0.0.x6\share network share. Notice that the copy process takes noticeably longer to complete.
5.
On LON-HOSTx, in Hyper-V Manager, disable Bandwidth management for the network adapter in the
20409B-LON-PRODx virtual machine.
Results: After completing this exercise, you should have configured and used advanced virtual switch
features.
Lesson 3
Configuring and Using Hyper-V Network Virtualization
Network virtualization, which was introduced with Hyper-V in Windows Server 2012, provides similar
functionality to network traffic as does server virtualization to the server load. With network virtualization,
network traffic between different computers is isolated, even when it is on the same physical network.
You can isolate network traffic by using different features such as VLANs, private VLANs, and Port ACLs.
However, all of these features have limitations. Therefore, for Hyper-V network virtualization (which is
an implementation of Software Defined Networking, you use Network Virtualization Generic Routing
Encapsulation. You can configure network virtualization by using Windows PowerShell, but this process
is much easier when you use tools such as VMM.
Lesson Objectives
Describe solutions to provide network isolation in a multi-tenant environment.
Describe network virtualization.
Explain the benefits of network virtualization.
Describe Network Virtualization Generic Routing Encapsulation.
Describe network virtualization policies.
Configure network virtualization.
Providing Multitenant Network Isolation
Virtualization provides many benefits, including

consolidation, better hardware utilization, and
virtual machine separation from the physical
server hardware. As a result, many companies
are virtualizing most of their server load. With
virtualization and the ability to host virtual
machines from different departments or even
from multiple companies in the same data
center, it is important to be able to separate and
isolate those virtual machines. One of the basic
requirements is to isolate virtual machines that
are running on the same physical hardware. Until
recently, there was no easy, inexpensive, and scalable solution to separate or isolate the network traffic
generated on the same network infrastructure by different tenants. Tenants are the virtual machines that
belong to different departments or organizations, or for which you need to isolate network traffic for any
other reason. You could always use physical network separation, but this option is neither scalable nor
inexpensive.
The different solutions that you can use to provide network isolation in a multiple tenant environment are:
VLANs. This is the solution that most organizations use today to support address space reuse and
multiple tenant isolation. A VLAN uses an additional header that contains a VLAN ID. It relies on
switches to enforce isolation of network traffic between computers that are connected on the same
network but use different VLAN IDs. One of the drawbacks of VLAN is that it provides limited
scalability. Because VLAN ID only uses 12 bits, you can theoretically have a maximum of 4,094
4-27
different VLANs on the same infrastructure. However, many switches can support much less than
4,094 VLANs. The second drawback is that VLANs cannot span multiple logical subnets. This limits
the number of computers in a single VLAN, and restricts the placement of virtual machines based on
physical location.
Although you can enhance or stretch VLANs across physical locations, a stretched VLAN must be on
the same subnet. You should also be aware that switches and routers should be configured to support
VLANs and you need to reconfigure them whenever virtual machines or isolation boundaries move
in the dynamic data center. This can be automated to a certain extent, but it increases risk of an
inadvertent network outage due to incorrectly performed reconfiguration.
Private VLANs. You can use private VLANs to avoid some of the VLAN scalability limitations. You
implement private VLANs in a similar way as you implement VLANs, but you can use private VLANs
to divide a VLAN into a number of separate and isolated subnetworks, which you can then assign to
tenants. Private VLANs consist of a primary and secondary VLAN pair, and share the IP subnet that is
assigned to the parent VLAN. Although computers that are connected to different private VLANs still
belong to the same IP subnet, they require a router to communicate with each other, and with
resources on any other network.
When you use private VLANs, you can assign a large number of tenants to the same primary VLAN
and have isolated secondary VLAN IDs. For example, if you have 4,000 tenants and you could not use
private VLANs, you would need 4,000 VLANs to provide isolation. However, if you use private VLANs,
you can use only one primary VLAN, and assign each tenant a different secondary VLAN. When using
such a configuration, you would need only a single VLAN ID, instead of 4,000.
Port ACLs. You can use port ACLs to configure network traffic filtering based on MAC or IP addresses
or IP ranges. By using port ACLs, you can configure virtual network isolation by creating two lists:
one list contains addresses of computers with which a virtual switch port can communicate, and the
second list contains addresses of computers with which a virtual switch port cannot communicate or
share data.
When you add a new virtual machine or move an existing virtual machine, you must manage and
update these two lists, which can be challenging and error-prone. Technically, it is possible to provide
multiple tenancy isolation by using only port ACLs. However, you typically do not use the port ACLs
feature for this purpose. Instead, you typically use port ACLs to ensure that virtual machines do not
pretend to have different IP or MAC addresses than what they are assigned.
All three solutionsVLANs, PVLANs and port ACLsare also supported and can be implemented by
using the Hyper-V virtual switch. However, the virtual switch also supports network virtualization, and this
is the best solution for providing multitenant networking.
Question: Can two virtual machines always communicate if they are connected to an
external virtual switch?
What Is Network Virtualization?

Network virtualization provides similar
functionality to network traffic as server
virtualization provides to virtual machines. You
can use server virtualization to run multiple virtual
machines on the same physical server. Each virtual
machine is isolated from other virtual machines.
From each virtual machine, it seems as though
that virtual machine is the only one running on
the physical server, even when multiple virtual
machines are running on the same physical server
simultaneously.
The same is true for network virtualization, which

separates the network configuration from the physical network infrastructure. You can have multiple
virtual networks that are logically isolated, and potentially each virtual network is using overlapping IP
address space on the same physical network infrastructure. From each virtual network, it seems as if only
that virtual network is using the physical network infrastructure, even though multiple virtual networks
could be using the same physical infrastructure at the same time. This enables scenarios in which you
want to isolate multiple networks on the same physical network infrastructure, such as when a company
is using the same physical network for testing and production environments. Network virtualization also
simplifies virtual machine movement, because you do not need to change the virtual machine networking
configuration when you move it to a different data center.
Network virtualization is an implementation of Software Defined Networking. It provides a layer of
abstraction between the physical network and network traffic. To achieve this abstraction, the
virtualization platform has to support it.
The Hyper-V virtual switch in Windows Server 2012 and newer Windows Server versions supports this
virtualization by using two IP addresses for each virtual machine. By using two IP addresses, network
virtualization enables you to keep the logical network topology (which is virtualized), and kept separate
from the actual underlying physical network topology and addresses that are used on the physical
network. This enables you to run virtual machines and provide them with the same network access
without any modification on any Hyper-V host, assuming that the Hyper-V hosts are configured to map
between both IP addresses.
Question: Can you use network virtualization to allow virtual machines that are running on
multiple segments to communicate, while isolating that traffic from other network traffic?
Benefits of Network Virtualization
4-29
Network virtualization provides a layer of

abstraction between a physical network and
network traffic. Virtual machines can run on
physical servers, while being unaware that
they are virtualized. Similarly, networks can be
virtualized and can use their own IP address space,
regardless of the IP address space used on the
physical network. You can implement network
isolation by using different solutions such as
VLANs, private VLANs, and port ACLs. However,
network virtualization avoids their limitations
related to scalability and complex configuration,
and provides a scalable, standard-based, and inexpensive solution for providing multitenant network
isolation.
Network virtualization provides the following benefits:
Flexible virtual machine placement. Network virtualization provides abstraction and separates virtual
machine IP addresses (customer address) from the physical network IP addresses (provider address).
This way, you can place virtual machine on any Hyper-V host in the data center, and placement is no
longer restricted by the IP address assignment or VLAN isolation restrictions of the physical network.
Multitenant network isolation without VLANs. You can define and enforce network traffic isolation
without using VLANs or reconfiguring physical network switches. You are also not limited to 4,094
VLAN IDs. In addition, with network virtualization, when you move existing virtual machines or create
new ones, you do not need to manually reconfigure the physical hardware.
IP address reuse. Virtual machines in different virtual networks can use the same or overlapping IP
address space, even when they are deployed on the same physical network. Virtual networks are
isolated, and they can use the same address space without any conflict or issue.
Live migration across subnets. Previously, virtual machine live migration was limited to the same
IP subnet or VLAN, because when a virtual machine was moved to different subnets, it should have
changed its IP address. With network virtualization, you can use live migration to move a virtual
machine between two Hyper-V hosts in different subnets, without needing to change the virtual
machine IP address. With network virtualization, the virtual machine location change is updated
and synchronized among computers that have ongoing communication with the migrated virtual
machine.
Compatibility with the existing network infrastructure. Network virtualization is compatible with
existing network infrastructure, and you can deploy it in an existing data center.
Transparent moving virtual machines to a shared infrastructure as a service (IaaS) cloud. When
you use network virtualization, IP addresses, IP policies, and virtual machine configurations remain
unchanged, regardless of on which Hyper-V host the virtual machine is running. As a result, you
can move virtual machines between Hyper-V hosts in your data center, between Hyper-V hosts in
different data centers, and between Hyper-V hosts in your data center and shared IaaS cloud.
Configuration by Windows PowerShell. Network virtualization supports Windows PowerShell for

configuring the network virtualization and isolation policies. The Hyper-V module includes cmdlets
that you can use to configure, monitor, and troubleshoot network virtualization. You should use tools
such as VMM to configure and manage network virtualization.
Question: Do you need to modify a network virtualization configuration when you migrate
virtual machines between Hyper-V hosts?
What Is Network Virtualization Generic Routing Encapsulation?

Windows Server 2012 Hyper-V and newer
versions use Network Virtualization Generic
Routing Encapsulation to implement network
virtualization. When using network virtualization,
each virtual network adapter is associated with
two IP addresses:
Customer Address. This is the IP address

that the virtual machine configures and uses.
You configure this address in the properties
of the virtual network adapter, by the guest
operating system that is running on the
virtual machine, irrespective of whether
network virtualization is used. Virtual machines use customer addresses when communicating
with other systems, and if you migrate a virtual machine to a different Hyper-V host, the customer
addresses can remain the same.
Provider Address. This is the IP address that the virtualization platform (Hyper-V) assigns, and
is dependent on the physical network infrastructure where Hyper-V host is connected. When
network virtualization is being used and the virtual machine sends network traffic, the Hyper-V host
encapsulates the packets and includes the provider address as the source address from where packets
were sent. The provider address is visible on the physical network, but not to the virtual machine. If
you migrate a virtual machine to a different Hyper-V host, the provider address changes.
Using Network Virtualization Generic Routing Encapsulation
When a virtual machine has to communicate over a network, Network Virtualization Generic Routing
Encapsulation encapsulates its packets. For example, assume that one virtual machine is configured with
the IP address 10.1.1.11 (customer address 1), and is running on a Hyper-V host that uses IP address
192.168.2.22 (provider address 1). The second virtual machine is configured with IP address 10.1.1.12
(customer address 2) and is running on a Hyper-V host with IP address 192.168.5.55 (provider address 2).
If those two virtual machines need to communicate, they must communicate over the network, as they are
running on two different Hyper-V hosts.
However, if you use network virtualization, the first Hyper-V host will use Network Virtualization Generic
Routing Encapsulation to encapsulate virtual machine packets. These packets contain the source IP
address (customer address 1) and destination IP address (customer address 2), which are encapsulated
into an envelope that uses its own IP address (provider address 1) as a source and IP address of the
Hyper-V host on which second virtual machine is running (provider address 2) as the destination.
Encapsulated packages will be sent on the physical network, and it will appear as network traffic between
two Hyper-V hosts. The destination Hyper-V host (provider address 2) will separate the envelope from the
encapsulated packet, and then pass it on to the destination virtual machine (customer address 2), which is
running on that Hyper-V host.
You can configure several virtual machines with the same IP addresses, but when they are on the different
virtual networks, Network Virtualization Generic Routing Encapsulation can isolate their traffic. In the GRE
envelope header, aside from the new source and destination addresses (provider address 1 and provider
address 2), there is also a file named Key, which represent the virtual subnet ID. The virtual subnet ID is
used to separate and isolate traffic from different virtual networks, and enables the Hyper-V host to pass
the traffic only to virtual machines on the same virtual network. When multiple virtual machines (customer
address) on the same Hyper-V host (provider address) have the same IP address (customer address), the
Hyper-V host can still differentiate between them, based on which virtual network the virtual machine is
connected.
Question: How many customer addresses does a virtual machine have?

Question: Does a virtual machine customer address change when you move the virtual
machine between Hyper-V hosts?
What Are Network Virtualization Policies?

If you configure network virtualization, and if
two virtual machines have to communicate, the
Hyper-V host on which the first virtual machine is
running must be aware on which Hyper-V host
the second virtual machine is running before
it can encapsulate network packets into GRE
envelopes. If both virtual machines are running on
the same Hyper-V host, Hyper-V already has this
knowledge. In reality, virtual machines are usually
running on different Hyper-V hosts, and you must
configure network virtualization.
4-31
You can configure network virtualization by

deploying network virtualization policies. These policies define mappings between the IP address spaces
that the virtual machines use (customer address space), and the IP addresses of Hyper-V hosts on which
those virtual machines are running (provider address space). Before sending traffic on the physical
network, the Hyper-V host consults network virtualization policies, discovers on which Hyper-V host the
target virtual machine is running, and encapsulates the traffic with a GRE envelope. Only after that is the
encapsulated traffic sent on the physical network.
For example, assume that you are hosting two companies, Blue Yonder Airlines and Woodgrove Bank,
with the following configuration:
Blue Yonder Airlines is running Microsoft SQL Server in a virtual machine with the IP address 10.1.1.1,
and a web server in a virtual machine with the IP address 10.1.1.2. The web server is using SQL Server
as a database for storing transactions.
Woodgrove Bank is running SQL Server in a virtual machine with the same IP address 10.1.1.1, and a
web server in a virtual machine with the IP address 10.1.1.2. The web server is using SQL Server as a
database for storing transactions.
SQL servers for both companies are running on Hyper-V Host 1, which has the IP address 192.168.1.10.
Web servers for both companies are running on Hyper-V Host 2, which has the IP address 192.168.1.12.
Therefore, the virtual machines have the following customer addresses:
Company Name
SQL
Web
Blue Yonder Airlines
10.1.1.1
10.1.1.2
Woodgrove Bank
10.1.1.1
10.1.1.2
Based on which Hyper-V host the virtual machines are running on, the virtual machines are also assigned
the following provider addresses:
Company Name
SQL
Web
Blue Yonder Airlines
192.168.1.10
192.168.1.12
Woodgrove Bank
192.168.1.10
192.168.1.12
When you configure virtual networks, Blue Yonder Airlines is assigned virtual subnet ID of 5001, and
Woodgrove Bank is assigned virtual subnet ID of 6001. You also need to create network virtualization
policies for both companies, and then apply policies to Hyper-V Host 1 and Hyper-V Host 2.
When the Blue Yonder Airlines web virtual machine on Hyper-V Host 2 queries its SQL Server at 10.1.1.11,
the following happens:
1.
2.
Hyper-V Host 2, based on its policy settings, translates the addresses in the packet:
a.
From source: 10.1.1.2 (the customer address of Blue Yonder Airlines web)
b.
To destination: 10.1.1.1 (the customer address of Blue Yonder Airlines SQL Server)
Into the encapsulated packet, that contains:

a.
GRE header with virtual subnet ID: 5001
b.
Source: 192.168.2.12 (the provider address for Blue Yonder Airlines web)
c.
Destination: 192.168.1.10 (the provider address for Blue Yonder Airlines SQL Server)
Note: The encapsulated packet also contains the original packet.

When Hyper-V Host 1 receives the packet, based on its policy settings, it unencapsulates the Network
Virtualization Generic Routing Encapsulation packet, sees that it is for the Blue Yonder Airlines virtual
network (virtual subnet ID 5001), and then passes it on to the virtual machine with IP address 10.1.1.1,
as specified in the original (encapsulated) packet.
Note: You can configure network virtualization policies by using Windows PowerShell, but
this can be a daunting and error-prone task. Instead, this configuration is easier to perform with
tools such as VMM.
You can use network virtualization and network virtualization policies to move virtual machines between
Hyper-V hosts while preserving their network configuration. When you move a virtual machine, you only
need to update the network virtualization policies to reflect the new Hyper-V host on which the virtual
machine is running. The virtual machine network configuration stays the same, and it is still connected to
the same virtual network.
If you are using network virtualization between virtual machines, you do not need any additional
infrastructure. However, when you need to provide connectivity between the Hyper-V network
virtualization environment and resources that are not part of the same Hyper-V network virtualization
environment, you will need a network virtualization gateway. Windows Server Gateway is an example of
such a gateway, which is a virtual machine-based router that is built on Windows Server 2012 R2.
Windows Server Gateway
Question: Why do you need network virtualization policies needed using network
virtualization?
Demonstration: Configuring Network Virtualization
4-33
In this demonstration, you will see that network virtualization is not configured at first. Because all
computers (LON-PROD1, LON-PROD2, LON-TEST1, and LON-TEST2) are connected to an external
virtual switch, each computer can ping the other three. Next, you will see how to configure network
virtualization and virtualization policies for LON-PRODx computers by defining on which Hyper-V host
they are running. Finally, you will see that after network virtualization is enabled, the LON-PRODx
computers can ping each other, but they cannot ping LON-TESTx computers, which are not on the
same virtual network.
Demonstration Steps
1.
On LON-PROD1, ping the following IP addresses:

o
LON-TEST1: 10.0.0.16
LON-PROD2: 10.0.0.25
LON-TEST2: 10.0.0.26
2.
Confirm that LON-PROD1 has connectivity with the other three virtual machines.
3.
On LON-HOST1, use the Windows PowerShell cmdlet Get-VMNetworkAdapter to confirm that

LON-PROD1 has a VirtualSubnetId property value of 0, which means that virtual subnets are not
being used.
4.
Use the Get-NetAdapter cmdlet to determine the Ethernet index number for the network adapters
on LON-HOST1 and LON-HOST2. Write these numbers down.
5.
On LON-HOST1, open the file C:\LabFiles\Mod04\ConfigureNWx.ps1 in Windows PowerShell ISE.
6.
Review the Windows PowerShell script to see how network virtualization is being configured. Review
the variables as well, which are defined at the start.
7.
In Windows PowerShell ISE, on the toolbar, click Run Script. (Alternatively, you can also press the F5
key).
8.
When prompted, enter the index numbers of LON-HOST1 network adapter and the-HOST2 network
adapter that you recorded in step 4.
9.
On LON-HOST1, use the cmdlet Get-VMNetworkAdapter to confirm that LON-PROD1 has the
VirtualSubnetId property with a value 5001, which you configured with the Windows PowerShell
script.
10. On LON-PROD1, ping the following IP addresses:

o
LON-TEST1: 10.0.0.16
LON-PROD2: 10.0.0.25
LON-TEST2: 10.0.0.26
11. Verify that four replies are returned, but only from IP address 10.0.0.25.
Note: This confirms that LON-PROD1 has connectivity with LON-PROD2, but it does not
have connectivity with LON-TEST1 or LON-TEST2.
Lab C: Configuring and Testing Hyper-V Network

Virtualization
Scenario
You have been asked to demonstrate how you can use network virtualization to separate test and
preproduction environments that are using the same network infrastructure. IT management would like to
ensure that the servers in both environments can use the same IP addresses, and can communicate with
other servers that are part of the same environment.
Objectives
Configure Hyper-V network virtualization.
Lab Setup
Password: Pa$$w0rd
Exercise 1: Configuring Hyper-V Network Virtualization

Scenario
Your company is using VLANs to isolate network traffic between test and production environments. While
this solution is sufficient, reconfiguring network equipment while removing servers and adding new virtual
machines is challenging. As a result, you have been asked to demonstrate how network virtualization can
achieve the same goal. To do this, you need to set up a proof of concept environment with four virtual
machines. You then will use these virtual machines to demonstrate how to configure Hyper-V network
virtualization.
1.
Verify that network virtualization is not configured on LON-HOST1.
2.
Verify that network virtualization is not configured on LON-HOST2.
3.
Configure Hyper-V network virtualization.
4.
Test Hyper-V network virtualization.
5.
Remove Hyper-V network virtualization.
Task 1: Verify that network virtualization is not configured on LON-HOST1

Note: Only the student who is using LON-HOST1 performs this task.
1.
On LON-PROD1, ping the IP addresses of the following virtual machines:

o
LON-TEST1: 10.0.0.16
LON-PROD2: 10.0.0.25
LON-TEST2: 10.0.0.26
4-35
2.
Confirm that LON-PROD1 has connectivity with all three virtual machines.
3.
On LON-HOST1, in Windows PowerShell, use the Get-VMNetworkAdapter cmdlet to confirm that

20409B-LON-PROD1 has a VirtualSubnetId property value of 0, which means that virtual subnets are
not in use.
4.
On LON-HOST1, use the Get-NetVirtualizationLookupRecord cmdlet to verify that no virtualization

lookup records are defined.
5.
On LON-HOST1, use the Get-NetVirtualizationCustomerRoute cmdlet to verify that no

virtualization customer routes are defined.
6.
In Windows PowerShell, run the Get-NetAdapter cmdlet.
7.
For the physical network adapter, under the ifIndex column, write down the Index number.

1.
On LON-TEST2, ping IP addresses of the following virtual machines:

o
LON-PROD1: 10.0.0.15
LON-TEST1 10.0.0.16
LON-PROD2: 10.0.0.25
2.
Confirm that LON-TEST2 has connectivity with the three virtual machines.
3.
On LON-HOST2, use the Get-VMNetworkAdapter cmdlet to confirm that 20409B-LON-TEST2 has a

VirtualSubnetId property value of 0, which means that virtual subnets are not in use.
4.
On LON-HOST2, use the Get-NetVirtualizationLookupRecord cmdlet to verify that virtualization

lookup records are not yet defined.
5.
On LON-HOST2, use the Get-NetVirtualizationCustomerRoute cmdlet to verify that virtualization

customer routes have yet to be defined.
6.
In Windows PowerShell, run the Get-NetAdapter cmdlet.
7.
For the physical network adapter, under the ifIndex column, write down the Index number.
Task 3: Configure Hyper-V network virtualization
1.
On LON-HOSTx, open the file C:\LabFiles\Mod04\ConfigureNWx.ps1 in Windows PowerShell ISE.
2.
Review the Windows PowerShell script to see how network virtualization is configured. Review also
the variables that are defined at the start.
3.
In Windows PowerShell ISE, on the toolbar, press Run Script, or press F5. If you run the script on
LON-HOST1, enter the index number of your physical server network adapter and the index number
of your partner physical server network adapter that were recorded earlier.
Task 4: Test Hyper-V network virtualization

1.
On LON-HOSTx, in Windows PowerShell ISE, use the Get-NetVirtualizationLookupRecord cmdlet to

confirm that virtualization records are created for the IP addresses of LON-PRODx and LON-TESTx
virtual machines.
2.
Use the Get-NetVirtualizationCustomerRoute cmdlet to confirm that one virtualization route is

defined.
Note: Only the student who is using LON-HOST1 will perform steps 3 and 4.
3.
On LON-HOST1, use the Get-VMNetworkAdapter cmdlet to confirm that 20409B-LON-PROD1 has

a VirtualSubnetId property with the value 5001, which you configured with the Windows PowerShell
script.
4.
On LON-PROD1, ping the following IP addresses:
5.
LON-TEST1: 10.0.0.16
LON-PROD2: 10.0.0.25
LON-TEST2: 10.0.0.26
Verify that four replies are returned, but only from IP 10.0.0.25, which confirms that LON-PROD1 has
connectivity with LON-PROD2, but it does not have connectivity with LON-TEST1 and LON-TEST2.
Note: Only the student who is using LON-HOST2 will perform steps 6 and 7.
6.
On LON-HOST2, use the Get-VMNetworkAdapter cmdlet to confirm that 20409B-LON-TEST2 has a

VirtualSubnetId property with the value 6001, which you configured with the Windows PowerShell
script.
7.
On LON-TEST2, ping the following IP addresses:
8.
LON-TEST1: 10.0.0.16
LON-PROD1: 10.0.0.15
LON-PROD2: 10.0.0.25
Verify that four replies are returned, but only from IP 10.0.0.16, which confirms that LON-TEST2 has
connectivity with LON-TEST1, but it does not have connectivity with LON-PROD1 and LON-PROD2.
Task 5: Remove Hyper-V network virtualization
4-37
1.
On LON-HOSTx, open the file C:\LabFiles\Mod04\RemoveNWx.ps1 in Windows PowerShell ISE.
2.
Review the script to see how network virtualization configuration is removed.
3.
In Windows PowerShell ISE, on the toolbar, press Run Script, or press F5. If you run the script on
of your partners physical server network adapter that you recorded earlier.
4.
After network virtualization is removed, confirm network connectivity by performing the following
steps:
a.
b.
If you are using LON-HOST1, on LON-PROD1, ping the IP addresses of the following virtual
machines:
LON-TEST1: 10.0.0.16
LON-PROD2: 10.0.0.25
LON-TEST2: 10.0.0.26
If you are using LON-HOST2, on LON-TEST2, ping the IP addresses of the following virtual
machines:
LON-PROD1: 10.0.0.15
LON-TEST1: 10.0.0.16
LON-PROD2: 10.0.0.25
Results: After completing this exercise, you should have configured Hyper-V network virtualization.

Review Questions
Question: Where can you configure extended virtual switch functionalities, such as traffic
monitoring and DHCP guard protection?
Question: Is there a limit on how many virtual switches you can create on a Hyper-V host?
Question: Why is it that you can configure VLAN IDs for external and internal virtual switches,
but you cannot configure VLAN ID for a private virtual switch?

5-1
Module 5
Virtual Machine Movement and Hyper-V Replica
Contents:
Module Overview
5-1
Lesson 1: Providing High Availability and Redundancy for Virtualization
5-2
Lesson 2: Implementing Virtual Machine Movement
5-8
Lab A: Moving Virtual Machine and Configuring Constrained Delegation
5-14
Lesson 3: Implementing and Managing Hyper-V Replica
5-18
5-29
5-33
Module Overview
Using virtualization to host server loads provides you with multiple benefits, such as the ability to make
virtual machines highly available, and the ability to move them around within the same failover cluster.
With Windows Server 2012, you can move running virtual machines and their storage between two
Hyper-V hosts, even when they are not part of a failover cluster. This feature is called live migration, and in
this module, you will learn how to implement the Live Migration feature, and how to utilize live migration.
Throughout this module, you will see how to move virtual hard disks while a virtual machine is running,
and you will test this feature in the lab. You will also learn how to use Hyper-V Replica (a feature of
Windows Server 2012 Hyper-V) to protect virtual machines on one site by replicating them to another
site.
Objectives
Explain the importance of providing high availability and redundancy for virtualization.
Implement virtual machine movement.
Implement and manage Hyper-V Replica.
Lesson 1
Providing High Availability and Redundancy for

Virtualization
5-2 Virtual Machine Movement and Hyper-V Replica
When providing redundancy and high availability for virtual machines, you can choose from a variety, or
even a combination of methods. Some of these, such as failover clustering, Network Load Balancing (NLB),
and Network Adapter Teaming (NIC Teaming) are part of the operating system. Other applications, such
as Microsoft Exchange Server 2013 and Microsoft SQL Server 2012, also include their own high availability
features. In this lesson, you will learn about high availability features, their requirements, and the
situations in which you can benefit from high availability.
Lesson Objectives
Describe the importance of high availability.
Explain redundancy in Windows Server 2012 R2 and Hyper-V.
Describe the use of NLB to achieve high availability at the operating-system level.
Describe the use of clustering to achieve high availability at the operating-system level.
Describe high availability at the application level.
Why Is High Availability Important?

In an ideal computer environment, servers would
always be available and free of failure. Bandwidth
and other resources would be infinite, and you
would not need to worry about high availability.
In reality, server downtime is unavoidable, and
you need to consider this when you are planning
to provide uninterrupted services that must be
constantly available. Such uninterruptable services
include virtual machines, because some virtual
machines will host critical systems, such as email,
databases, or file servers.
What Is High Availability?
High availability means that systems and services are up and running, regardless of what happens.
The goal of high availability is to make systems and services as constantly available as possible, and to
eliminate as many potential single points of failure. Availability is often expressed numerically, as the
percentage of time that a service is available. For example, a requirement for 99.9 percent availability
allows 8.75 hours of downtime per year, or approximately 40 minutes of downtime every four weeks.
However, with 99.999 percent up time, the allowed service downtime reduces to only five minutes per
year. If your service or virtual machine is running on a single system, these high availability rates are
virtually unachievable, because a single restart will most likely use up those five minutes. In addition, many
actions such as upgrading hardware or applying updates require system restart. No matter how reliable
the hardware is, components fail from time to time. Although rare, power outages or natural disasters
such as earthquakes or hurricanes are always a possibility as well.
To make a virtual machine highly available, you must first ensure that the hardware on which it is running
is as reliable as possible. You should store virtual machine data files on shared storage, so they are still
5-3
available even if the physical host fails. You should then provide redundancy of all components, including
power and networking, by using redundant power supplies and physical network paths to virtual
machines. There is no benefit if the virtual machine is running, but clients cannot access it because of
network failure.
Question: Can you ensure high availability by simply copying the virtual machine that is
providing a critical service, and making both the original virtual machine and the copy
available on the network?
Redundancy in Windows Server 2012 R2 and Hyper-V

To make a virtual machine highly available, you
must deploy it in an environment that provides
redundancy for all components, and makes it
available even when failure occurs. The most
basic high availability strategy is to ensure
that hardware is as robust as possible, thereby
minimizing failures in the first place. Windows
Server 2012 R2 provides high availability features
such as NIC Teaming, NLB, and failover clustering.
Hyper-V builds on top of the Windows Server
2012 R2 high availability features by introducing
its own virtualization-specific features, such as live
migration, live storage migration, and Hyper-V Replica.
Hyper-V builds on and includes the following features to mitigate failures and provide high availability at
different levels:
Hardware failure. Hyper-V benefits from Windows Server 2012 R2 availability and serviceability,
in addition to Windows Hardware Error Architecture, which provides a common infrastructure for
managing hardware errors on Windows platforms. With Hyper-V, if a memory error is detected at a
memory location that Hyper-V does not use, it will be marked as bad and in the future, the operating
system will not use it. If the memory error is in the physical random access memory (RAM) that the
virtual machine is using, only that virtual machine will be affected. The entire host and all virtual
machines will fail only if the memory error is in the physical RAM that the Hyper-V host kernel is
using.
Physical server failure. Hyper-V uses the failover clustering feature to provide redundancy if the entire
physical server fails. The failover clustering feature is part of all Windows Server 2012 R2 editions,
in addition to Hyper-V Server 2012 R2. If the server is a node in a failover cluster, virtual machines
that were running on it will fail over automatically to other cluster nodes, and will be available after
minimum downtime as a result of the virtual machine reboot. Hyper-V also includes live migration,
which enables you to move virtual machines between Hyper-V hosts without downtime. An example
is if you need to upgrade hardware or install updates to a Hyper-V host, or if you simply want to
rebalance your virtualization workload.
Input/output (I/O) redundancy. Windows Server 2012 R2 includes several features such as server
message block (SMB) 3.0 multichannel, storage Multipath I/O (MPIO), NIC Teaming, and NLB, which
can provide high availability and benefit from network path redundancy. If a network adapter or
other network infrastructure fails, Hyper-V uses these features to preserve network connectivity. If
there are multiple network paths between the source and the destination, and if network equipment
of one of those paths fails, Hyper-V uses these features to maintain connectivity to the virtual
machine.
Application or service failover. If a service or application inside a virtual machine fails or loses network
connectivity, Hyper-V host can detect it and try to recover the application by moving the virtual
machine to another node. You also can configure failover clustering inside virtual machines, either by
using Internet small computer system interface (iSCSI) or Fibre Channel shared storage, an SMB 3.0
file share, or by using virtual hard disk sharing. In the same way that you can benefit from teaming
physical network adapters on a Hyper-V host, you can also use team network adapters in virtual
machines, which can be especially beneficial when using single-root I/O virtualization (SR-IOV).
Disaster Recovery. Windows Server 2012 R2 includes Cluster Shared Volume (CSV) integration with
storage arrays for synchronous replication. This can provide protection against disaster at a single
location, because Hyper-V hosts are also at the alternate location and accessing replicated storage.
However, Hyper-V also includes Hyper-V Replica, a feature that provides asynchronous replication of
the running virtual machines to an alternate location with configurable intervals. Hyper-V Replica
failover requires virtual machine downtime during failover.
Question: Can you configure virtual machine guest clustering only if iSCSI or Fibre Channel
storage area network (SAN) is available as a shared storage?
Using NLB to Provide High Availability at the Operating System Level
NLB is an effective and scalable way to achieve

high availability for stateless services such as a
web server. The term stateless refers to workloads
that respond to each request independently from
previous requests, and without keeping client
state. For example, when a client requests a
webpage, the web server gathers all of the
necessary information from the request, and then
returns the generated webpage to the client.
When the client requests the next webpage, it
may request the webpage from the same web
server, or from any other identically configured
web server in the NLB farm. This is because all the information that the web server needs is in the request.
Using NLB to achieve high availability provides the following benefits:
NLB enhances the availability and scalability of other Internet server applications such as file transfer
protocol (FTP), firewall, proxy, virtual private network (VPN), and other mission-critical servers.
All of the Windows Server 2012 R2 editions include the NLB feature. You can include up to 32 servers
in an NLB farm, and you can add or remove a server dynamically from the NLB farm. For a loadbalanced service, the load is redistributed automatically among the servers that are still operating
when a server fails or goes offline. If the failure is unexpected, only active connections to the failed
server are lost. When you repair the server, it can rejoin the NLB farm transparently and regain its
share of the requests.
Hyper-V can use NLB for load-balancing requests for virtual machines on the same Hyper-V host, or
for virtual machines across multiple Hyper-V hosts. When you use NLB in unicast mode to distribute
load among virtual machines, you must enable MAC Spoofing for the virtual machine network
adapter. This is because the network adapter does not use its own media access control (MAC)
address, but the MAC address of the unicast NLB.
Question: If multiple virtual machines will be part of the same NLB farm, should you
configure them with the same IP address or with different IP addresses?
Using Clustering to Achieve High Availability at the Operating System

Level
Failover clustering is an operating system
feature that is included in all editions of Windows
Server 2012 R2. Failover clustering provides
high availability at the operating system level,
but it does not provide scalability. If you add an
additional server to the failover cluster, you will
not be able to respond to more requests than
before.
5-5
You often use failover clustering to provide

high availability for mission-critical, stateful
applications such as databases, virtualization
infrastructure, or business applications. You can
implement failover clustering at the Hyper-V host level or at the virtual machine guest operating system
level.
A failover cluster can include up to 64 servers (called nodes), and all servers must be running the same
version of the Windows Server operating system. The servers should have access to shared storage that
contains the application configuration and data. If a server hosting a highly available application fails,
the failover cluster detects the failure by using heartbeats. The hosting server immediately moves the
application to another failover cluster node, and then starts it there without administrative intervention.
During the failover, the application (or virtual machine in the case of Hyper-V failover cluster) is restarted,
which causes some downtime.
The clients detect the failover in the same way as they would an application running on a single
server that you turn off and then turn on again. It would take some time for that server to restart,
for the application to initialize and verify its consistency, and for the database to perform rollback
of uncommitted transactions. However, in the end, the application would become available again
automatically.
Because clients connect to the application by using the cluster name and not the name of the node
where the application was running, the clients are reconnected to the node to where the application was
moved. If Hyper-V is running on a failover cluster, Hyper-V can monitor the state of a virtual machine, the
services running inside the virtual machine, and whether the virtual network adapter has connectivity. If
connectivity is lost but the virtual machine is still running, then the virtual machine can be moved to a
different node. The same is true if a monitored service within the virtual machine stops.
Understanding Microsofts High-Availability Solutions
Question: Does a virtual machine operating system have to support the failover feature if
you want to make the virtual machine highly available by using failover clustering?
High Availability at the Application Level

You can provide high availability at varying levels.
Reliable and redundant hardware helps keep
servers and networking infrastructure highly
available. Failover clustering and NLB help provide
high availability at the operating system level, and
applications and services can benefit from them.
However, some applications such as SQL Server or
Exchange Server extend those highly available
features or provide their own. This topic covers
some of those applications and their high
availability features.
SQL Server is one of the critical applications, so it

is mandatory that you make it highly available. SQL Server 2012 extends the failover clustering
functionality that Windows Server 2012 R2 provides. SQL Server 2012 provides multiple high availability
features, which you can use to achieve different goals and make an entire database server or single
databases available even in the case of a failure. High availability features that SQL Server 2012 provides
are:
AlwaysOn failover cluster instances. This feature builds on top of the failover clustering feature
in Windows Server 2012. It provides high availability at the SQL Server instance level through
redundancy, which is called failover cluster instance. Failover cluster instance is an instance of SQL
Server that provides failover between nodes if the current node becomes unavailable. Failover cluster
instance is added to a failover cluster and is visible to clients as a SQL Server instance running on a
single server. Only one failover cluster instance node owns the failover clustering resource group at
any time. If failure happens, resource group ownership moves to another failover clustering node. The
process is transparent to the clients, and this minimizes the downtime that clients experience during a
failure.
AlwaysOn Availability Groups. This is a new feature in SQL Server 2012, and it maximizes the
availability for one or more user databases (called availability databases). The databases in an
availability group are treated as a unit, and all the databases in the same availability group fail over
together. An availability group supports a set of read-write primary databases and up to four sets of
corresponding secondary databases. Each instance of an availability group is called an availability
replica, and secondary databases can be configured for read-only access or used for backup. Failover
clustering provides high availability for listeners. Availability replica is stored locally and SQL Server
provides synchronization between databases in the availability group by either asynchronous-commit
or synchronous-commit mode.
Note: Each availability replica must reside on a different node of a single Windows Server
failover cluster.
Database mirroring. This feature increases SQL Server database availability. SQL Server implements
mirroring at the database level, which works only if the database is using a full recovery model. With
mirroring, two copies of a database are maintained, and each copy is on separate servers that are
running SQL Server, typically in different locations. Clients access one server running SQL Server, and
the other server acts as a hot or warm standby server, depending on configuration. When the servers
that are running SQL Server synchronize, database mirroring provides a hot standby server that
supports rapid failover without a loss of data from committed transactions.
Note: Database mirroring will be removed in a future version of SQL Server. Therefore, you
should not include it in your applications, and you should plan to modify applications that are
using this feature. Instead, you should use AlwaysOn Availability Groups.
5-7
Log shipping. This feature operates at the database level and automatically sends transaction log
backups from a production (or primary) database to one or more standby secondary databases on
a separate server that is running SQL Server. The transaction log backups are applied to each of the
secondary databases individually. You can also configure an optional third server or monitor server,
which records the status of backup and restore operations, and can raise alerts if these operations fail
to occur as scheduled.
With Exchange Server 2013, you can simply install two or more Exchange Server 2013 mailbox servers
as stand-alone servers, and then when needed, configure these servers and mailbox databases for high
availability and site resilience. Exchange Server provides high availability for the mailboxes by configuring
database availability groups (DAGs). A DAG is a collection of up to 16 servers that provides the
infrastructure for replicating and activating database copies. Any server in a DAG can host a copy of a
mailbox database from any other server in the DAG. The DAG uses continuous replication to each of the
passive database copies within the DAG.
DAG requires the Windows Server failover clustering feature, although all installation and configuration
is performed by Exchange Server. Failover clustering does not manage database failover. Instead, Active
Manager performs this task. Active Manager will recover from the failure automatically by failing over to a
database copy on another mailbox server in the DAG. Windows Server failover clustering is also useful for
some failure-detection scenarios, such as a server failure.
If you need to provide high availability for client access in Exchange Server 2013, you can add multiple
Client Access servers to the Exchange deployment and use NLB or round-robin Domain Name System
(DNS) to distribute clients among the Client Access servers in an NLB farm.
High Availability Solutions (SQL Server)
High Availability and Site Resilience
Question: Can you implement application high availability features such as AlwaysOn
Availability Groups in SQL Server 2012 without operating system support?
Lesson 2
Implementing Virtual Machine Movement
One benefit of virtualization is that you can move virtual machines between Hyper-V hosts. In the past,
you could move virtual machines without downtime (referred to as live migration), but only between
nodes in the same failover cluster. In Windows Server 2012, the Live Migration feature is improved, so
that you now can move virtual machines between any two Hyper-V hosts, providing there is network
connectivity between them. You can also move virtual hard disks, checkpoints, and other virtual machine
items while a virtual machine is running.
In this lesson, you will learn how to implement storage migration and live migration, and you will learn
how you can perform these types of migrations using Hyper-V Manager and Windows PowerShell.
Lesson Objectives
Describe virtual machine moving options.
Explain how storage migration works.
Describe the Move Wizard.
Move virtual machine storage.
Describe live migration of non-clustered virtual machines.
Move a running virtual machine.
Virtual Machine Moving Options

A virtual machine is always running on a Hyper-V
host. However, sometimes you need to move a
virtual machine or its components from one
volume to another, or between Hyper-V hosts,
even if they are not cluster nodes. For example,
you might want to move a virtual machine from
local storage to an SMB 3.0 share, between logical
unit numbers (LUNs), or between Hyper-V nodes
in different failover clusters.
Hyper-V in Windows Server 2012 R2 has
several options that you can use to move a
virtual machine and its data files. Based on the
environment and requirements, you can select one of the following methods:
Virtual machine and storage migration. With this method, you can move an entire virtual machine
or only its data files from one location to another or between Hyper-V hosts, while the virtual
machine is running, and without noticeable downtime. Virtual machine and storage migration do
not require failover clustering or any other high availability solution to work. They only require
network connectivity between the source and destination. When you are moving a virtual machine
and storage from Windows Server 2012 Hyper-V, a destination server can be either Windows Server
2012 or Windows Server 2012 R2 (cross-version migration).
5-9
Quick migration. Windows Server 2008 introduced the quick migration method, which you can use
to move virtual machines only between Hyper-V hosts within the same failover cluster. The virtual
machine is unavailable for the short time during the move operation.
Live Migration. Windows Server 2008 R2 introduced the Live Migration feature, which is an
improvement over quick migration functionality. When first introduced, you could use the Live
Migration feature only to move virtual machines between Hyper-V hosts in the same failover
cluster. The benefit of live migration functionality is that there is no noticeable virtual machine
downtime. In Windows Server 2012, live migration functionality is improved. Failover clustering is
no longer a requirement, and you can move multiple virtual machines from the same Hyper-V host
simultaneously. Windows Server 2012 R2 provides further improved live migration performance,
because you can use compression, SMB Direct, and SMB Multichannel during live migration.
Hyper-V Replica. Windows Server 2012 introduced the Hyper-V Replica feature, which you can use to
replicate a virtual machine asynchronously over IP networks, typically to a remote disaster recovery
site. With Hyper-V Replica, the virtual machine is replicating while it is running, and its changes are
synchronized with the replica. In Windows Server 2012 R2, you can configure replication frequency
and extended replication. Extended replication forwards the virtual machine changes to a third
Hyper-V host.
Exporting and importing virtual machines. In Windows Server 2012 R2, you can export a virtual
machine while it is running. You can also copy virtual machine data files, because in Windows Server
2012 and newer versions, you can import a virtual machine and then configure necessary settings
during the import operation even if you did not first export the virtual machine. This can be a very
time-consuming operation however, because you need to copy virtual machine data files between
Hyper-V hosts, and the virtual machine is typically turned off during that time.
Question: What is the main difference between quick migration and live migration?
How Storage Migration Works

Using storage migration, you can move virtual
hard disks and data files that the virtual machine
is using to a different physical storage, while the
virtual machine is running. You can perform
storage migration by using the Move Wizard
in Hyper-V Manager, or by using the MoveVMStorage cmdlet in Windows PowerShell.
Windows Server 2012 introduced the storage

migration feature, which you use to move
virtual machine data files without downtime. For
example, you can use storage migration when you
need to upgrade physical storage, or when you
need to move virtual machine storage from locally attached disks to an SMB 3.0 share or SAN. You
can also use storage migration to move various virtual machine items (such as virtual hard disks,
configuration, checkpoints, and smart paging), to different locations while the virtual machine is running.
For example, after you create the first checkpoint for a virtual machine, you cannot modify the checkpoint
file location setting unless you delete all virtual machine checkpoints or use storage migration.
Storage migration is performed in the following steps:
1.
Before the migration starts, all virtual machine Read and Write operations are performed at the
source virtual hard disk.
2.
When storage migration starts, virtual hard disk content is copied over the network to the destination,
while all the Read and Write operations are still performed on the source virtual hard disk.
3.
After the initial copy is complete, Write operations for the virtual hard disks are mirrored to both the
source and destination virtual hard disks.
4.
After the source and destination virtual hard disks are synchronized, the virtual machine switches over
and starts using the destination virtual hard disk.
5.
The source virtual hard disk is deleted.
Storage migration is only supported for virtual hard disks, current virtual machine configuration,
checkpoints, and smart paging file. If you try to perform storage migration on any other storage type,
such as directly-attached (pass-through) disks or data on a Fibre Channel SAN (not the virtual Fibre
Channel adapter itself), the storage migration attempt will result in an error.
Note: You cannot move virtual machine storage if the virtual machine is using directlyattached physical disks.
When you are migrating virtual machine storage, you can move all the data files to the same location, or
to different locations. During this storage migration process, the virtual machine continues to run on the
same Hyper-V host, and access to it is uninterrupted.
Note: Use the Storage Migration Hyper-V settings to specify how many storage migrations
can be performed simultaneously. By default, two simultaneous storage migrations are
configured, but you can increase this number.
Virtual Machine Storage Migration Overview
Question: Can you use storage migration to move only virtual hard disks?
Overview of the Move Wizard

You can use either the Move Wizard in Hyper-V
Manager, or Windows PowerShell cmdlets to
move an entire virtual machine (or just its data)
while the virtual machine is running. Before you
can start moving a virtual machine, you must first
enable Live Migration in both hosts, because this
feature is disabled by default. If you want to move
virtual machine data only, you do not need to
enable Live Migration. Hyper-V allows for two
simultaneous storage migrations by default.
To access and use the Move Wizard, click the

virtual machine in Hyper-V Manager, and then
click Move. After you become familiar with the Move Wizard, you need to select if you want to move the
entire virtual machine, or just the virtual machine storage.
Alternatively, you can also use Windows PowerShell to move a virtual machine. If you want to move
an entire virtual machine, use the Windows PowerShell cmdlet Move-VM. If you want to move just
the virtual machine data, you use the Windows PowerShell cmdlet Move-VMStorage.
Moving Virtual Machines
5-11
To move a virtual machine, you must specify the target Hyper-V host, which you must also configure to
allow live migrations. You must specify if you want to move only the virtual machine, or if you want to
include its data files in the move process. If you want to include the data files, you must specify where
to put them on the target Hyper-V host, or on the SMB 3.0 share. You typically select to move only the
virtual machine when its data is already on the SMB 3.0 share.
You can then complete the Move Wizard and perform the move. This process can occur quickly if you use
a fast network, if the virtual machine is turned off, and if its storage is small. Conversely, the process can
take considerable time for large virtual machines. However, at the end of the move process, the virtual
machine is running on the target Hyper-V host, and is no longer present at the source Hyper-V host.
Moving Virtual Machine Storage
To move virtual machine storage, you have an option to move all of the virtual machine data to a single
location, to move the virtual machine data to different locations, or to move only the virtual machine
virtual hard disks. If you select to move the virtual machine data to different locations, you can specify
a new location for each of the virtual machine data items, which includes virtual hard disks, current
configuration, checkpoints, and smart paging file. You can move virtual machine storage to other folders
on the same Hyper-V host, or to an SMB 3.0 share. You can then complete the Move Wizard, and perform
the move. For example, you can use the Move Wizard to modify checkpoint file location when the virtual
machine already has checkpoints.
Question: Do you need to be local administrator to use the Move Wizard?
Demonstration: Moving Virtual Machine Storage

In this demonstration, you will see how you use the Move Wizard and the Windows PowerShell
Move-VMStorage cmdlet to move virtual machine storage, while the virtual machine is running.
Demonstration Steps
1.
On LON-HOST1, use Hyper-V Manager to confirm that LON-MOVE1 is running and is configured
with a locally stored VHD.
2.
Use the Move Wizard to move the LON-MOVE1 virtual machine VHD to \\LON-HOST2\VHDs
\LON-MOVE1. Because the VHD is dynamically expanding and is small, notice that the move
completes quickly.
3.
Use Hyper-V Manager to confirm that the LON-MOVE1 virtual machine VHD is now stored on a
network share. Notice that the VHD was moved while virtual machine was running.
4.
On LON-HOST1, use Hyper-V Manager to confirm that LON-MOVE2 is running, is configured with a
locally stored VHD, and that its checkpoints are stored locally.
5.
Use the Windows PowerShell cmdlet Move-VMStorage with the DestinationStoragePath

parameter to move LON-MOVE2 storage to the \\LON-HOSTy\VHDs\LON-MOVE2 folder.
6.
Use the Windows PowerShell cmdlet Get-VM to view the LON-MOVE2 virtual machine Path and
SnapshotFileLocation.
7.
Use Hyper-V Manager to confirm that the LON-MOVE2 VHD and checkpoints are now stored on the
network share, and that they were moved while the virtual machine was running.
Live Migration of Non-Clustered Virtual Machines

With Windows Server 2008 R2, you can perform
live migration only when a virtual machine is
running on a failover cluster node and only if
its data is stored on the shared storage. You can
still perform live migration of clustered virtual
machines in Windows Server 2012, but a failover
cluster is no longer a requirement. You also
can use Windows Server 2012 to perform live
migration in two other ways without a failover
cluster:
When virtual machine storage is on an

SMB 3.0 share.
When virtual machine storage is local, and on a Hyper-V host. This is sometimes referred to as shared
nothing live migration.
Note: If you are managing a Hyper-V host remotely and you want to move a virtual
machine, you must first allow Kerberos protocol delegation for the computer account of the
Hyper-V host. You can review the detailed steps for configuring Kerberos delegation in the
hands-on lab at the end of this module.
When virtual hard disks of a virtual machine are stored on an SMB 3.0 share, only the virtual machine is
moved during live migration, and the virtual machine storage remains on the SMB 3.0 share. If virtual
hard disks are on local Hyper-V storage, then the virtual machine storage is copied to the destination
server over the network by using storage migration. After the source and destination storage are
synchronized, the virtual machine live migration starts. The steps are in the following order:
1.
The virtual machine configuration is copied to the destination Hyper-V host, which is a blank virtual
machine with the same configuration but without any data created. Memory is allocated to the
destination virtual machine.
2.
The virtual machine memory is copied over the network to the destination Hyper-V host. This
memory is called the working set of the migrating virtual machine, and consists of memory pages that
are each 4 kilobytes (KB) in size. The Hyper-V host monitors the memory, and as the source virtual
machine modifies the memory pages, it tracks and marks the pages as modified.
3.
After all the memory pages are copied, Hyper-V also copies the modified pages. Hyper-V iterates
the memory copy process several times, and each iteration requires copying a smaller number of
modified pages.
4.
After all of the modified memory pages are copied to the destination Hyper-V host, the working set
for the virtual machine is in the same exact state as on the source Hyper-V host.
5.
In the final stage of a live migration, a network package is sent to the network switch, which causes
it to obtain a new MAC addresses for the moved virtual machine. This enables network traffic for the
moved virtual machine to use the correct switch port. The final stage of the live migration completes
in less time than the Transmission Control Protocol (TCP) time-out interval.
Live migration speed is affected by the following variables:
The number of modified memory pages in the source virtual machine
The available network bandwidth between the source and destination Hyper-V hosts
The hardware configuration and utilization of the source and destination Hyper-V hosts
5-13
After the live migration completes and the virtual machine is running on the destination Hyper-V host,
virtual machine data is deleted on the source Hyper-V host, but virtual machine storage is not deleted
from the SMB 3.0 share.
Note: In Windows Server 2012 R2, you can configure use of compression or SMB
Multichannel and SMB Direct when performing live migration.
Virtual Machine Live Migration Overview
Question: How does the virtual machine memory size affect live migration time?
Question: Does live migration use compression when migrating virtual machines?
Demonstration: Moving a Running Virtual Machine

In this demonstration, you will see how to move a running virtual machine.
Demonstration Steps
1.
On LON-HOST1, use Hyper-V Manager to confirm that LON-PROD1 is running, is configured with a
locally stored VHD, and that its checkpoints are stored locally.
2.
On LON-PROD1, use the Windows PowerShell ping command with the t parameter to send network
packets to IPv4 address 10.0.0.25. This will ping the LON-PROD2 computer, which is running on your
partners Hyper-V host.
3.
Use the Move Wizard to move the LON-PROD1 virtual machine to LON-HOST2, and to move all
data to the C:\Moved\LON-PROD1 folder on the target host.
4.
Use Hyper-V Manager to monitor the progress of live migration, and to verify that LON-PROD1 is
able to ping LON-PROD2 throughout the live migration.
5.
After live migration completes, confirm that LON-PROD1 is no longer running on LON-HOST1.
6.
In Hyper-V Manager, confirm that the LON-PROD1 VHD is now in the C:\Moved\LON-PRODx
\Virtual Hard Disks folder.
Lab A: Moving Virtual Machine and Configuring

Constrained Delegation
Scenario
Some of the physical servers have been virtualized, and additional virtual machines have been created.
Several key servers have been virtualized, including servers that need to be available at all times.
IT management has approved the purchase of several additional Hyper-V hosts. You now need to balance
the number of virtual machines running on both the existing hosts and the new hosts. You need to ensure
that you can move virtual machines to the new hosts in such a way that the virtual machines are available
during the move operation.
Objectives
Move Hyper-V storage and virtual machines.
Lab Setup
Virtual machines: 20409B-LON-HOSTx, 20409B-LON-DC1, 20409B-LON-TESTx, and 20409B-LON-PRODx

Password: Pa$$w0rd
Exercise 1: Moving Hyper-V Storage and Virtual Machines

Scenario
To balance the number of virtual machines running on both the existing hosts and the new hosts, you
need to move a virtual machine between Hyper-V hosts as it is running, and without downtime. First, you
will configure a destination Hyper-V host to allow live migration. Next, you will move virtual machine
storage, its virtual hard disk, and its checkpoints, to the Hyper-V host of your partner, first by using the
Move Wizard, and then by using Windows PowerShell cmdlets. You will also move the running Windows
8.1 virtual machine LON-PRODx, and confirm that it has network connectivity the entire time during the
move operation. When you initiate the move operation remotely, you must allow the Hyper-V host to act
on your behalf on the destination Hyper-V host, so you will also configure constrained delegation. After
that, you will use the Move-VM cmdlet to move the virtual machine from the Hyper-V host that your
partner is using.
1.
Move virtual machine storage by using the Move Wizard.
2.
Move virtual machine storage by using Windows PowerShell.
3.
Configure Hyper-V host for live migration.
4.
Move a virtual machine by using Live Migration.
5.
Configure constrained delegation.
6.
Run live migration from Windows PowerShell.
Task 1: Move virtual machine storage by using the Move Wizard

Note: Before starting with this lab, run the C:\Labfiles\Mod05\Mod05setup.ps1 script to
prepare environment for the lab.
5-15
1.
On LON-HOSTx, use Hyper-V Manager to confirm that LON-MOVE1 is running and configured with a
locally stored VHD.
2.
Use the Move Wizard to move the LON-MOVE1 virtual machine VHD to \\LON-HOSTy\VHDs
\LON-MOVE1.
Note: Because the VHD is dynamically expanding and is small, it moves quickly.
3.
Use Hyper-V Manager to confirm that the LON-MOVE1 virtual machine VHD is now stored on a
network share.
Note: The VHD was moved while the virtual machine is running.
4.
Confirm that the LON-MOVE1 checkpoints are stored locally, and that you cannot change the
location.
5.
Use the Move Wizard to move the LON-MOVE1 virtual machine checkpoints to \\LON-HOSTy
\VHDs\LON-MOVE1.
6.
Confirm that LON-MOVE1 checkpoints are now stored on the network share, and that they were
moved while the virtual machine was running.
Task 2: Move virtual machine storage by using Windows PowerShell

1.
On LON-HOSTx, use Hyper-V Manager to confirm that LON-MOVE2 is running and is configured
with a locally stored VHD, and that its checkpoints are stored locally.
2.
Use the Windows PowerShell cmdlet Move-VMStorage with the DestinationStoragePath

parameter to move LON-MOVE2 storage to the \\LON-HOSTy\VHDs\LON-MOVE2 folder.
3.
Use the Windows PowerShell cmdlet Get-VM to view the Path and SnapshotFileLocation of the
LON-MOVE2 virtual machine.
4.
Use Hyper-V Manager to confirm that the LON-MOVE2 VHD and checkpoints are stored on the
network share, and that they were moved while the virtual machine was running.
Task 3: Configure Hyper-V host for live migration

1.
Use the Move Wizard on LON-HOSTx to try to move the 20409B-LON-PRODx virtual machine to
LON-HOSTy.
Note: You will get an error, as the computer is not configured for live migration.
2.
Enable live migration on LON-HOSTx. Confirm that incoming live migration can Use any available
network for live migration, that Kerberos is used as Authentication Protocol, and that
Compression is used.
3.
In Hyper-V Manager, add a connection to LON-HOSTy.
Note: Live migration must be enabled on both LON-HOSTx machines before you can
continue with the lab. Make sure that your partner has finished this task before you continue.
Task 4: Move a virtual machine by using Live Migration
1.
On LON-HOSTx, use Hyper-V Manager to confirm that 20409B-LON-PRODx is running, is

configured with a locally stored VHD, and that its checkpoints are stored locally.
2.
On LON-PRODx, open Windows PowerShell, and use the ping command with the t parameter to
send network packets to the IPv4 address 10.0.0.y5. This will ping the LON-PRODy computer, which
is running on your partners Hyper-V host.
3.
Use the Move Wizard to move the 20409B-LON-PRODx virtual machine to LON-HOSTy, and move
all data to the C:\Moved\LON-PRODx folder on the target host.
4.
Monitor the progress of migration, and notice that LON-PRODx is able to ping LON-PRODy
throughout the live migration.
5.
After live migration completes, confirm that LON-PRODx is no longer running on LON-HOSTx.
6.
Use Hyper-V Manager to confirm that the 20409B-LON-PRODx VHD is in the C:\Moved\LONPRODx\Virtual Hard Disks folder, and that the checkpoint files location is C:\Moved\LON-PRODx.
7.
Use the Move Wizard again to move the LON-PRODx virtual machine back to LON-HOSTx, and to
move its data to the C:\Moved\LON-PRODx folder.
8.
Confirm that this time, a Move Wizard error dialog box opens, and reports that there was an error
during the move operation. The error occurs because you are managing a remote Hyper-V host,
which is not allowed to delegate your permissions.
Task 5: Configure constrained delegation

1.
On LON-HOSTx, use the Windows PowerShell cmdlet Install-WindowsFeature to install Active

Directory administrative tools on LON-HOSTx.
2.
Use Active Directory Users and Computers to configure delegation on the Delegation tab of the
LON-HOSTy computer object. Select to use Kerberos only, and add cifs and Microsoft Virtual
System Migration Services service types on LON-HOSTx.
3.
Close Active Directory Users and Computers.
4.
Use winrs command to remotely purge cached Kerberos tickets on LON-HOSTy by running
following command:
Winrs r:LON-HOSTy klist -lh 0 -li 0x3e7 purge
Task 6: Run live migration from Windows PowerShell

1.
5-17
Use the Windows PowerShell cmdlet Move-VM to move the 20409B-LON-PRODx virtual machine
to LON-HOSTx by using following parameters:
o
Name: LON-PRODx
DestinationHost: LON-HOSTx
ComputerName: LON-HOSTy
DestinationStoragePath: C:\Moved\LON-PRODx
2.
View the Status column in Hyper-V Manager to monitor migration progress.
3.
After migration completes, confirm that 20409B-LON-PRODx is no longer running on LON-HOSTy.
4.
Use Hyper-V Manager to confirm that the LON-PRODx VHD is located in the C:\Moved\LONPRODx\ Virtual Hard Disks folder, and that checkpoints are located in the C:\Moved\LON-PRODx
folder.
Note: Leave the virtual machines running for the next lab.
Results: After completing this exercise, you should have moved Hyper-V storage and virtual machines.
Lesson 3
Implementing and Managing Hyper-V Replica
Hyper-V Replica is a disaster recovery feature that is built into Hyper-V. You can use it to replicate a
running virtual machine to a secondary location, and in Windows Server 2012 R2, you can extend the
replication to a third location. While the primary virtual machine is running, Hyper-V Replica is turned
off. Hyper-V Replica is updated regularly, and when needed, you can perform failover from primary
virtual machine to a replica virtual machine. You perform failovers manually, and they can be planned
or unplanned. Planned failovers are without data loss, whereas unplanned failovers can cause loss of last
changes, up to five minutes by default. In this lesson, you will learn how to implement and manage
Hyper-V Replica, and how to perform both a test failover and a planned failover.
Lesson Objectives
Explain the prerequisites for Hyper-V Replica.
Describe Hyper-V Replica.
Explain the process of enabling a virtual machine for replication.
Enable virtual machine replication.
Explain the concept of Hyper-V Replication Health.
Describe test failover, planned failover, and failover.
Describe Hyper-V Replica synchronization.
Perform a planned Hyper-V failover.
Prerequisites for Hyper-V Replica

In situations where you have concerns about
virtual machine availability, you can implement
a Hyper-V failover cluster and make virtual
machines highly available. However, failover
clusters are often limited to a single location,
because multi-site clusters require specialized
hardware, and are expensive to implement. If a
natural disaster such as an earthquake or a flood
affects occurs, all server infrastructure at that
location may be lost.
Windows Server 2012 introduced Hyper-V Replica,

which you can use to implement an affordable
business continuity and disaster recovery solution for the virtual environment. Providing you have
network connectivity, you are not limited to a single site, and you can use Hyper-V Replica to replicate
virtual machines to a Hyper-V host in a secondary location across a wide area network (WAN) link. If you
have a single location, you can still use Hyper-V Replica to replicate virtual machines to your partner
company in another state or hosting provider. This is because Hyper-V hosts that participate in replication
do not have to be in the same Active Directory Domain Services (AD DS) forest, or have the same
configuration. In addition, you can encrypt network traffic between them.
5-19
You also can use Hyper-V Replica to have two instances of a single virtual machine residing on different
Hyper-V hosts. One of the instances will be the primary, running virtual machine, and the other instance
will be a replica, offline copy. Hyper-V synchronizes these instances, and you can perform manual failover
at any time. If a failure occurs at a primary site, you can use Hyper-V Replica to execute a failover of the
virtual machines to replica servers at a secondary location, thereby minimizing downtime.
Before you implement Hyper-V Replica, ensure that the virtualization infrastructure meets the following
prerequisites:
Windows Server 2012 or a newer Windows Server version with the Hyper-V role installed at both
locations. Server hardware should have sufficient capacity to run all of the virtual machinesits local
virtual machines, as well as replicated virtual machines. Replicated virtual machines are in a turned-off
state, and they will be started only if you perform a failover.
Sufficient storage is available on both the primary and replica Hyper-V hosts. This is necessary to store
both local and replicated virtual machine data.
Network connectivity is available between the locations that are hosting the primary and replica
Hyper-V hosts. Connectivity can be through either a WAN or local area network (LAN) link.
Firewall rules to allow replication between the primary and replica sites are in place. When you install
the Hyper-V role, the Hyper-V Replica HTTP Listener (TCP-In) and Hyper-V Replica HTTPS Listener
(TCP-In) rules are added to the Windows Firewall. Before you can use Hyper-V Replica, you need to
enable one or both of these rules on the replica Hyper-V host.
If you want to use certificate-based authentication, ensure that an X.509v3 certificate from the trusted
certification authority (CA) exists to support mutual authentication at both Hyper-V hosts.
If you use Kerberos authentication, both Hyper-V hosts must be joined to the same AD DS forest.
Note: You can configure Hyper-V replica regardless of whether the Hyper-V host is a node
in the failover cluster.
Hyper-V Replica Overview
Question: Can you use Hyper-V Replica to replicate only virtual machines that have
integration services installed?
Overview of Hyper-V Replica

Hyper-V Replica provides a virtual machine-level
replication, which efficiently and securely
replicates virtual machine data and changes over
a LAN or WAN link to a remote location, and does
not require any additional software or hardware.
Hyper-V Replica High-Level Architecture

When you configure a virtual machine for
replication, initial replication is performed, and
a copy of the virtual machine is created on the
recovery host. However, the replicated virtual
machine remains turned off until you initiate the
failover, while primary virtual machine is running. When you enable replication, changes in the primary
virtual machine are written in the log file, which is periodically replicated and applied to the replica.
Hyper-V Replica has several components:
Replication engine. This component manages the replication configuration details and initial
replication, replication of delta changes, and failover and test failover operations. It also tracks virtual
machine and storage mobility events, and takes appropriate actions when necessary. For example, the
replication engine pauses replication when you start moving a virtual machine, and then resumes
replication where it was paused, after the move operation is complete.
Change tracking module. This component tracks changes that occur to the virtual machine on the
source Hyper-V host. The change tracking module tracks the Write operations to the virtual hard
disks, regardless of where the virtual hard disks are storedlocally, on the SAN, on SMB 3.0 share,
or on a CSV.
Network module. This component provides a secure and efficient way to transfer virtual machine data
between Hyper-V hosts in the primary site and replica site. It minimizes the traffic by compressing
data by default. The network module can also encrypt data when https and certification-based
authentication are used.
Hyper-V Replica Broker. This component is used only when a Hyper-V failover cluster is the source
or destination for Hyper-V Replica traffic. This role enables you to use Hyper-V Replica with highly
available virtual machines, which can move between cluster nodes. The Hyper-V Replica Broker role
queries the cluster database, and then redirects all requests to the cluster node where the virtual
machine is currently running.
Management tools. These tools enable you to configure and manage Hyper-V Replica. Aside from
Hyper-V Manager and Windows PowerShell, you can also use Failover Cluster Manager, which you
should use for all virtual machine management and Hyper-V Replica configurations when the source
or replica Hyper-V hosts are part of a Hyper-V failover cluster.
Understand and Troubleshoot Hyper-V Replica in Windows Server "8" Beta
http://go.microsoft.com/fwlink/p/?LinkId=237258
Security Considerations
You can establish Hyper-V Replica with a Hyper-V host regardless of its location and domain membership,
as long as you have network connectivity with it. There is no requirement for Hyper-V hosts to be part of
the same AD DS domain. You can also implement Hyper-V Replica when Hyper-V hosts are members of
untrusted domains or workgroups, because you can configure certificate-based authentication. Hyper-V
Replica implements security at the following different levels:
On each server, Hyper-V creates a local security group called Hyper-V Administrators. Members of
this group, in addition to local administrators, can configure and manage Hyper-V Replica.
You can configure a replica server to allow replication from any authenticated server, or to limit
replication to specific servers. In that case, you need to specify a fully qualified domain name (FQDN)
for the primary server (for example hv1.contoso.com), or use a wildcard with a domain suffix, for
example *.contoso.com. Use of IP addresses is not allowed. If the replica server is in a failover cluster,
replication is allowed at the cluster level.
When you are limiting replication to specific servers, you also need to specify a trust group, which
is used to identify the servers within which a virtual machine can move. For example, if you provide
disaster recovery service to partner companies, the trust group prevents one company from gaining
access to another company's replica machines.
5-21
Replica Hyper-V host can authenticate primary Hyper-V host by using Kerberos authentication and
certificates. Kerberos authentication requires both Hyper-V hosts to be in the same AD DS forest,
whereas you can use certificate authentication in any environment. Kerberos authentication is used
with http traffic and is not encrypted, whereas certificate-based authentication is used with https
traffic and is encrypted.
You can establish Hyper-V Replica only if network connectivity exists between the Hyper-V hosts.
You should configure Windows Firewall to allow either HTTP or HTTPS Hyper-V Replica traffic.
Question: You want to replicate your virtual machines to a hosting provider. How must the
replica Hyper-V host that is running at the hosting provider be configured so that it can
authenticate your primary Hyper-V host?
Question: How can you limit primary Hyper-V hosts to be able to access only virtual
machines that originate from the same company?
Enabling a Virtual Machine for Replication

After you configure a Hyper-V replica server to
allow incoming replication, you then need to
enable replication on the virtual machines on
the primary Hyper-V host. You must configure
replication for each virtual machine individually,
either by using the Enable Replication Wizard
in Hyper-V Manager, or by using the Windows
PowerShell cmdlet Enable-VMReplication. When
you use the Enable Replication Wizard, you can
configure the following replication settings:
Replica Server. Specify the computer name or

the FQDN of the replica server (an IP address
is not allowed). If the Hyper-V host that you specify is not yet configured to allow replication traffic,
you can configure it here. If the replica server is a node in a failover cluster, you should enter the
name or FQDN of the connection point for the Hyper-V Replica Broker.
Connection Parameters. If the replica server is accessible, the Enable Replication Wizard populates
the authentication type and replication port fields automatically with the appropriate values. If the
replica server is inaccessible, you can configure these fields manually. However, you should be aware
that you will not be able to enable replication if you cannot establish a connection to the replica
server. On the Connection Parameters page, you can also configure Hyper-V to compress the
replication data before transmitting it over the network.
Replication virtual hard disks. By default, all virtual hard disks are replicated. If some of the virtual
hard disks are not required at the replica Hyper-V host, you can exclude them from replication. An
example would be a virtual hard disk that is dedicated for storing page files. You should not exclude
virtual hard disks that include operating systems or applications, because this can result in that
particular virtual machine being unusable at the replica server.
Replication Frequency. Prior to Windows Server 2012 R2, replication frequency was always five
minutes, and was not configurable. In Windows Server 2012 R2, you can set replication frequency to
30 seconds, 5 minutes, or 15 minutes, based on the network link to the replica server and acceptable
state delay between primary and replica virtual machines.
Additional recovery points. You can configure the number and types of recovery points to be sent to
the replica server. By default, the option to Maintain only latest point for recovery is selected, which
means that only the parent virtual hard disk is replicated and all the changes are merged into that
virtual hard disk. However, you can select to create additional hourly recovery points, and then set
the number of additional recovery points (up to 24). You can also configure the Volume Shadow
Copy Service (VSS) snapshot frequency, which is used to save application-consistent replicas for the
virtual machine, and not just the changes in the primary virtual machine.
Initial replication method and schedule. The default selection is to send an initial copy immediately
over the network. Because virtual machines can have large virtual disks, initial replication can take a
long time and can cause a large amount of network traffic. If you do not want immediate replication,
you can schedule it to start at a specific time. If you want an initial replication but want to avoid
network traffic, you can select to send the initial copy to external media, or to use an existing virtual
machine on the replica server. You would use the last option if you already restored a copy of the
virtual machine at the replica server, and you want to use it as the initial copy.
After the replication relationship is established, the Status column in Hyper-V Manager shows replication
progress as a percentage of the total replication for the configured virtual machine. Virtual machine
replica is in the turned off state, and you cannot start it until the failover is performed.
When replication is enabled, virtual machine network adapters get additional settings that were previously
unavailable. These new settings pages are Failover TCP/IP and Test Failover. Failover TCP/IP is available
only for network adapters, and not for legacy network adapters. The settings on this page are useful when
a virtual machine has a static IP address assigned, and the replica site is using different IP settings than
the primary site. You can configure TCP/IP settings that a network adapter will use after the failover is
performed. If static IP addresses are used, you should configure failover TCP/IP on the primary and replica
virtual machines. Virtual machines must also have integration services installed to be able to apply failover
TCP/IP settings.
Virtual machines for which you enable replication have an additional management setting called
Replication. You use this setting to review and modify replication parameters.
Note: In Windows Server 2012 R2, you can extend Hyper-V Replica from the replica virtual
machine to a third Hyper-V host (the Extended Replica Server). This enables you to use Hyper-V
Replica to create two virtual machine replicas.
Question: Are failover TCP/IP settings useful if a virtual machine is using Dynamic Host
Configuration Protocol (DHCP) for obtaining an IP address?
Demonstration: Enabling Virtual Machine Replication

In this demonstration, you will see how to enable a virtual machine for replication.
Demonstration Steps
1.
Use Hyper-V Manager to confirm that in the 20409B-LON-TEST1 virtual machine settings, under
Network Adapter, two nodes display: Hardware Acceleration, and Advanced Features.
2.
Confirm that there are six settings in the Management section for the 20409B-LON-TEST1 virtual
machine, and that Replication is not one of them.
3.
Use Hyper-V Manager to enable replication for the 20409B-LON-TEST1 virtual machine, and provide
o
Replica Server: LON-HOST2
Connection Parameters: Kerberos authentication (HTTP)
Replication VHDs: LON-TEST1
Replication Frequency: 30 seconds
Initial Replication Method: Immediately send initial copy over the network
5-23
4.
Use Hyper-V Manager to confirm that 20409B-LON-TEST1 is one of the virtual machines on
LON-HOST2, and that it is in the Off state.
5.
View Replication Health for 20409B-LON-TEST1. As initial replication is probably not yet completed,
Replication Health should be in the Warning state.
6.
Use Hyper-V Manager to confirm that there are two new nodes under Network Adapter for the
20409B-LON-TEST1 virtual machine, which were not present before: Failover TCP/IP, and Test
Failover.
7.
Confirm that there are seven settings in the Management section for 20409B-LON-TEST1, including
Replication, which was not present before.
8.
Use the Windows PowerShell cmdlets Get-VMReplication and Measure-VMReplication to review

replication settings and status for 20409B-LON-TEST1.
9.
In Hyper-V Manager, view Replication Health for 20409B-LON-TEST1. If initial replication has
finished, Replication Health will be Normal.
Hyper-V Replication Health

When you enable replication for a virtual machine,
changes in the primary virtual machine are written
to a log file, which is periodically transferred to
the replica Hyper-V host and then applied to a
virtual hard disk of a replica virtual machine.
Replication Health monitors the replication
process and shows important events, as well as
the replication and synchronization state of the
Hyper-V host. Replication Health includes the
following data:
Replication State. Indicates whether

replication is enabled for the virtual machine.
Replication Type. Indicates whether you are monitoring Replication Health on the primary virtual
machine or on the replica virtual machine.
Primary and Replica server names. Indicates on which Hyper-V host the primary virtual machine is
running, and which Hyper-V host is the replica.
Replication Health. Indicates replication status. Replication Health can have one of three possible
values: Normal, Warning, or Critical.
Replication statistics. Displays replication statistics since virtual machine replication started, or since
you reset the statistics. Statistics include data such as maximum and average size of the replication,
average replication latency, number of errors encountered, and number of successful replication
cycles.
Pending replication. Displays information about the size of data that still needs to be replicated, and
when the replica was last synchronized with the primary virtual machine.
Replication Health can have one of three possible values, based on how well the replication is performing:
Normal
o
Less than 20 percent replication cycles are missed.
Last synchronization point was less than an hour ago.
Average replication latency is less than the configured limit.
Warning
o
More than 20 percent of replication cycles have been missed.
Last replication data was sent more than an hour ago.
Initial Replication has not been completed.
Failover was initiated, but reverse replication has not been configured.
Replication is paused in the primary virtual machine.
Critical
o
Replication is paused on the replica virtual machine.
Primary server is unable to send the replica data.
You can monitor Replication Health in Hyper-V Manager, where you can add a Replication Health column
to the virtual machines pane. You can also right-click the virtual machine that has replication enabled, and
then click View Replication Health. From Windows PowerShell, you can also view Replication Health by
using the cmdlets Get-VMReplication and Measure-VMReplication. You can also monitor Replication
Health by using Performance Monitor and Event Viewer.
For Replication Health to be in Normal state, the Hyper-V Replica replication engine must regularly
replicate changes in the primary virtual machine, and then apply those changes to the virtual hard disk of
the replica based on the replication frequency. If more than 20 percent of the replication cycles have not
been applied, Replication Health automatically changes to the Warning state. The following tables show
the number of replications based on replication frequency, and the number of successful replications
required for Normal Replication Health.
Replication frequency
1 hour
12 hours
24 hours
1 week
30 seconds
120
1,440
2,880
20,160
5 minutes
12
144
288
2,016
15 minutes
48
96
672
Replication cycles
Successful
Failed
% Success
Health state
12
10
80%
Normal
144
116
28
80%
Normal
288
231
57
80%
Normal
2,016
1613
403
80%
Normal
You can save a Replication Health report as a .csv file.
Interpreting Replication Health Part 1

Question: How can you monitor virtual machine replication health from Windows
PowerShell?
Test Failover, Planned Failover, and Failover

You can perform three types of failover actions:
test failover, planned failover, and failover. These
three options offer different benefits, and are
useful in different scenarios.
Test Failover
5-25
After you configure Hyper-V Replica and after the

virtual machines start replicating, you can perform
a test failover. A test failover is a nondisruptive
task that enables you to test a virtual machine
on the replica server while the primary virtual
machine is running, and without interrupting the
replication. You can initiate a test failover on the
replica virtual machine, which will create a new checkpoint and allow you to select a recovery point from
which the new test virtual machine is created. The test virtual machine has the same name as the replica,
but with - Test appended to the end. The test virtual machine is not started, and is disconnected by
default to avoid potential conflicts with the running primary virtual machine.
When you finish testing, you can stop test failover. This option is available only if test failover is running.
When you stop test failover, it stops the test virtual machine and deletes it from the replica Hyper-V host.
If you run a test failover on a failover cluster, you will have to remove the Test-Failover role from the
failover cluster manually.
Planned Failover
You can initiate a planned failover to move the primary virtual machine to a replica site, for example,
before site maintenance or before a disaster. Because this is a planned event, there is no data loss, but the
virtual machine will be unavailable for some time during its startup. A planned failover confirms that the
primary virtual machine is turned off prior to executing the failover. During the failover, it sends all the
data that has not yet been replicated, to the replica server. It then fails over the virtual machine to the
replica server, and starts it there. After the planned failover, the virtual machine is running on the replica
server, and its changes are not replicated. If you want to establish replication again, you should reverse
the replication. You will have to configure similar settings to when you enabled replication, and the
existing virtual machine will be used as an initial copy.
Failover
A failover is an unplanned event that can result in data loss, because changes at the primary virtual
machine might not have replicated before the disaster happened. (Replication frequency setting controls
how often changes are replicated). In the event that an occurrence disrupts the primary site, you can
perform a failover. You initiate a failover at the replica virtual machine only if primary virtual machine
is either unavailable or turned off. Similar to planned failover, during a failover the virtual machine is
running on a replica server. If you need to start failover from a different recovery point and discard all
changes, you can cancel the failover. After you recover the primary site, you can use reverse replication
to reestablish replication. This will also remove the option to cancel failover.
Other Hyper-V replication-related actions include the following:
Pause Replication. This action pauses replication for the selected virtual machine.
Resume Replication. This action resumes replication for the selected virtual machine. It is available
only if replication for the virtual machine is paused.
View Replication Health. This action provides data about the replication events for a virtual machine.
Extend Replication. This action is available on replica virtual machines. It is available only on Windows
Server 2012 R2, and it extends virtual machine replication from the replica server to a third server (the
Extended Replica Server).
Remove Recovery Points. This action is available only during a failover. If you select it, all recovery
points (checkpoints) for a replica virtual machine are deleted, and their differencing virtual hard disks
are merged.
Remove Replication. This action stops replication for the virtual machine.
Note: If you have implemented Microsoft System Center 2012 R2 and you are interested in
using Hyper-V Replica for disaster recovery, you should consider using the Windows Azure
Hyper-V Recovery Manager. The Hyper-V Recovery Manager helps to orchestrate the recovery of
private cloud services across multiple locations in the event of an outage at the primary site.
Question: Which of the three failover actions can you perform while the primary virtual
machine is running: test failover, planned failover, or failover?
Hyper-V Replica Resynchronization

After you configure virtual machine replication
and perform the initial replication, the replica
is regularly updated with the changes from the
primary virtual machine. One of the configuration
steps is configuring the replication frequency
setting. This setting controls the longest time
interval until changes from the primary virtual
machine are applied to the replica.
In a real-world environment, there can be

many reasons why changes from the primary
virtual machine are not applied to the replica
for extended periods of time. This may be, for
example, because network connectivity is lost, or because you paused the replication. This will be reflected
on the Replication Health, but when replication is established again, all changes will be applied to the
replica.
There are also more serious reasons that can affect synchronization, such as:
Issues on the primary server with change tracking. The replication engine tracks changes in the virtual
machine only while the virtual machine is running. If you turn off the virtual machine and then modify
the virtual hard disk, (for example, to perform offline patching), these modifications will not be
replicated to the replica when you start the primary virtual machine.
5-27
Replication issues with tracking logs. Changes in a virtual machine are first written into a tracking log,
and are then transferred to the replica. If network connectivity with the replica is lost, the tracking log
can increase in size and can be larger than 50 percent of the virtual hard disk size.
Problems linking the virtual hard disk with the parent. This problem can occur if a virtual machine is
using a differencing virtual hard disk, and a replica Hyper-V host is not able to link the replicated
differencing virtual hard disk with its parent.
Virtual machine is restored from the backup. If you restore the primary or replica virtual machines
from a backup, their state changes and is no longer synchronized.
Reverse replication after failover. If you perform a planned failover and you reverse replication, the
virtual machine will already exist on the target Hyper-V host, but it will not be up-to-date.
In all the above cases, the primary and replica virtual machine are not synchronized, and there is
no tracking log that could simply be applied to synchronize them. However, in all cases, virtual
machines already exist on both sides, and it would be inefficient to perform full initial replication. The
resynchronization process is optimized for virtual hard disks with size up to 500 GB. It tries to find and
replicate only the differences between virtual machines, not the entire virtual hard disk. The virtual hard
disk of the primary virtual machine and the replica are split into chunks of 2 megabytes (MB). The, CRC64
checksum of each chunk is generated, and then compared to determine which chunks from the primary
virtual machine need to be applied to the replica. The resync process also has logic built into it, which
decides if the process would take longer than six hours. If so, you should perform a full initial replication.
The resynchronization process is processor-intensive, storage-intensive, and network-intensive. You can

trigger the resynchronization process manually, but you also can schedule it to perform resynchronization
automatically when needed. You configure these settings on the Replication settings of the primary virtual
machine.
Resynchronization of virtual machines in Hyper-V Replica
Question: Is resynchronization between primary and replica virtual machines always
required?
Demonstration: Performing a Planned Hyper-V Failover

In this demonstration, you will see how to perform a planned Hyper-V failover.
Demonstration Steps
1.
Connect to the LON-TEST1 computer that is running on the LON-HOST1 Hyper-V host. On the
desktop, create a folder named Current State.
2.
Use Hyper-V Manager to start a planned failover for 20409B-LON-TEST1.
3.
Confirm that the Planned Failover error displays, as the virtual machine is not prepared for a planned
failover.
4.
Shut down LON-TEST1.
5.
Use Hyper-V Manager to perform a planned failover for 20409B-LON-TEST1.
6.
Confirm that 20409B-LON-TEST1 is in a Running state on the LON-HOST2 Hyper-V host.
7.
On LON-TEST1, confirm that a folder named Current State is on the desktop. With planned failover,
all changes from the primary virtual machine are replicated.
8.
Create a folder named Planned Failover on the LON-TEST1 desktop.
9.
Use Hyper-V Manager to start reverse replication for 20409B-LON-TEST1, and accept all default
values.
10. Shut down LON-TEST1 and perform its Planned Failover.

11. Start and connect to LON-TEST1 on LON-HOST2.
12. Confirm that on the LON-TEST1 desktop, the two folders named Current State, and Planned
Failover display.

Scenario
5-29
You have successfully moved the Hyper-V storage and virtual machines. Because many of the virtualized
servers host business-critical applications or data, A. Datum is also planning to provide a disaster recovery
solution for the virtual machines. Virtualization hosts currently are backed up daily, but a much faster
recovery solution is required for some of the virtual machines. To provide this solution, you need to
configure and test the Hyper-V Replica feature.
Objectives
Configure and manage Hyper-V Replica.
Lab Setup
Virtual machines: 20409B-LON-HOSTx, 20409B-LON-DC1, 20409B-LON-TESTx, and 20409B-LON-PRODx

Password: Pa$$w0rd
Exercise 1: Configuring and Managing Hyper-V Replica

Scenario
Your company has set up a disaster recovery location, and you need to configure virtualization
infrastructure to replicate virtual machines to that location. To perform this task, you will use Hyper-V
Replica in this exercise. You will first configure a remote Hyper-V host to allow incoming replication.
Then you will configure replication of the LON-TESTx virtual machine, explore new settings that you can
configure, and test the effect of those settings. You will also perform test failover and planned failover, to
ensure that test failover does not interrupt the replication process, and that during planned failover no
modifications in virtual machine are lost. As one of the steps, you will also monitor Replication Health.
1.
Configure Hyper-V host for incoming replication.
2.
Enable virtual machine replication.
3.
Test Hyper-V Replica failover.
4.
Perform a planned failover.
Task 1: Configure Hyper-V host for incoming replication

1.
2.
Use Hyper-V Manager on LON-HOSTx to enable LON-HOSTy as a replica server with the following
configuration:
o
Authentication: Kerberos (HTTP)
Default location to store Replica files: C:\shares\replicated
Add the Windows Firewall with Advanced Security snap-in to MMC, connect to the LON-HOSTy
computer, and enable the Hyper-V Replica HTTP Listener (TCP In) rule.
Task 2: Enable virtual machine replication

1.
Use Hyper-V Manager to confirm that in the 20409B-LON-TESTx virtual machine settings, under
Network Adapter, two nodes display: Hardware Acceleration, and Advanced Features.
2.
Confirm that for the 20409B-LON-TESTx virtual machine, in the Management section, six settings
display, and Replication is not one of them.
3.
Confirm that the LON-TESTx computer has an IPv4 address of 10.0.0.x6.
4.
Use Hyper-V Manager to enable replication for the 20409B-LON-TESTx virtual machine using the
following settings:
o
Replica Server: LON-HOSTy
Connection Parameters: Kerberos authentication (HTTP)
Replication VHDs: LON-TESTx VHD
Replication Frequency: 30 seconds
Additional Recovery Points: Create 10 additional hourly recovery points
Initial Replication Method: Immediately send initial copy over the network
5.
Use Hyper-V Manager to confirm that 20409B-LON-TESTx is one of the virtual machines on
LON-HOSTy, and that it is in the Off state.
6.
View Replication Health for 20409B-LON-TESTx.
Note: Because initial replication is most likely not yet completed, Replication Health is in a
Warning state.
7.
Use Hyper-V Manager to confirm that two new nodes display under Network Adapter for
20409B-LON-TESTx: Failover TCP/IP, and Test Failover.
8.
Confirm that there are now seven settings in the Management section for 20409B-LON-TESTx,
including Replication, which was not present before.
9.
Use the Windows PowerShell Get-VMReplication and Measure-VMReplication cmdlets to review

replication settings and status for 20409B-LON-TESTx.
10. In Hyper-V Manager, view Replication Health for 20409B-LON-TESTx. If initial replication has finished,
Replication Health will be Normal.
Task 3: Test Hyper-V Replica failover

1.
2.
Use Hyper-V Manager to configure Failover TCP/IP for 20409B-LON-TESTx with the following
settings:
o
IPv4 Address: 192.168.10.15
Subnet Mask: 255.255.255.0
Default gateway: 192.168.10.1
Preferred DNS server: 192.168.10.100
5-31
Use Hyper-V Manager to configure Test Failover for 20409B-LON-TESTx to connect to the Private
Switch.
Note: If initial replication of 20409B-LON-TESTx has not yet finished, wait until it finishes.
3.
Use Hyper-V Manager to start Test Failover for 20409B-LON-TESTx. Confirm that the checkpoint for
20409B-LON-TESTx is created, and a new virtual machine named 20409B-LON-TESTx Test is
created.
4.
Confirm that the 20409B-LON-TESTx Test virtual machine is connected to Private Switch.
5.
Start the 20409B-LON-TESTx virtual machine, and sign in as Administrator with the password
Pa$$w0rd.
6.
Confirm that it has the same IP configuration as you configured in Failover TCP/IP for
20409B-LON-TESTx.
7.
Stop the test failover for 20409B-LON-TESTx. Confirm that the 20409B-LON-TESTx Test virtual
machine has been deleted, in addition to the 20409B-LON-TESTx virtual machine checkpoint.
Task 4: Perform a planned failover

1.
Connect to the 20409B-LON-TESTx computer running on the LON-HOSTx Hyper-V host, and on the
desktop create a folder named Current State.
2.
Use Hyper-V Manager to start Planned Failover for 20409B-LON-TESTx.
3.
Confirm that a Planned Failover error displays.

Note: This is because the virtual machine is not prepared for planned failover.
4.
Shut down LON-TESTx.
5.
Use Hyper-V Manager to perform a Planned Failover for the 20409B-LON-TESTx virtual machine.
6.
Confirm that 20409B-LON-TESTx is in the Running state on the LON-HOSTy Hyper-V host.
7.
On LON-TESTx, confirm that a folder named Current State displays on the desktop.
Note: With planned failover, all changes from the primary virtual machine are replicated.
8.
Create a folder named Planned Failover on the LON-TESTx desktop.
9.
Use Hyper-V Manager to start Reverse Replication for 20409B-LON-TESTx, and accept all default
values.
10. Shut down LON-TESTx, and then perform its Planned Failover.
11. Start and connect to 20409B-LON-TESTx on LON-HOSTx.
12. Confirm that two folders display on the LON-TESTx desktop: Current State, and Planned Failover.
13. On LON-HOSTx, remove replication for 20409B-LON-TESTx.
14. On LON-HOSTy, delete 20409B-LON-TESTx.
Results: After completing this exercise, you should have configured and managed Hyper-V Replica.

Review Questions
Question: What would be the most probable reason that Replication Health is not in the Normal
state after you enable replication for a virtual machine?
Question: Can you use self-signed certificates for authentication with Hyper-V Replica?
Question: Can you perform live migration of a virtual machine from a Windows Server 2012
Hyper-V host to a Windows Server 2012 R2 Hyper-V host?
5-33

6-1
Module 6
Implementing Failover Clustering with Hyper-V
Contents:
Module Overview
6-1
Lesson 1: Overview of Failover Clustering
6-2
Lesson 2: Configuring and Using Shared Storage
6-12
Lesson 3: Implementing and Managing Failover Clustering with Hyper-V
6-22
6-31
6-38
Module Overview
Failover clustering is a Windows Server 2012 feature that provides high availability. Hyper-V in Windows
Server 2012 uses failover clustering to provide highly available virtual machines. It is crucial for critical
virtual machines to be highly available, which means that if the node on which a virtual machine is
running fails, then the failover cluster will start the virtual machine automatically on a different node.
The first lesson in this module provides a general overview of failover clustering. You will learn about the
components of failover clusters, how failover clusters provide high availability, and why shared storage is
important. You will also learn about the different quorum modes, and understand how you can provide
encryption for Cluster Shared Volumes (CSVs).
The second lesson in this module details shared storage. You will see how you can use Server Message
Block (SMB) 3.0 file shares for Hyper-V. You will also learn how to configure Internet small computer
system interface (iSCSI) shared storage by using an iSCSI target server, which is part of Windows Server
2012. If you are considering failover clustering in virtual machines, you will learn more about Windows
Server 2012 R2, in which you can use virtual hard disk sharing to present shared storage to virtual
machines.
The third lesson explains how you can implement failover clustering. You will also learn about the settings
that you can configure for highly available virtual machines, and how you can configure monitoring for
services that run inside a virtual machine.
Objectives
Describe failover clustering.
Configure and use shared storage.
Implement and manage failover clustering with Hyper-V.
Lesson 1
Overview of Failover Clustering
6-2 Implementing Failover Clustering with Hyper-V
Hyper-V uses failover clustering to provide highly available virtual machines. Before you can create highly
available virtual machines, you need to understand the basics of failover clustering. In this lesson, you will
learn about failover clustering components, the importance of shared storage, and how you can provide
network redundancy. By default, failover clustering uses CSVs as the default storage type. This lesson
explains the requirements for CSVs, and their advantages over logical unit numbers (LUNs). You will
also learn about quorums, the different quorum modes that failover clustering supports, and what the
differences are between the quorum modes. Because some highly available data can be sensitive, you will
also learn about how you can use BitLocker Drive Encryption to encrypt CSVs.
Lesson Objectives
Describe a failover cluster.
Describe failover and failback.
Describe the different networks that failover clusters use.
Explain the importance of failover cluster storage.
Describe CSVs.
Describe quorum and different quorum models.
Describe encrypted cluster volumes.
What Is a Failover Cluster?

A failover cluster is a pair or group of Windows
servers that work together to make applications
and services highly available. The servers in a
failover cluster are called nodes. If a node in a
cluster fails or becomes unavailable, another node
in the same failover cluster starts providing the
services that the failed node was offering. This
process is called failover and it results in minimal
(or in certain cases, no) service disruptions for
clients that are accessing the service. Failover
clusters also provide CSV functionality, which
provides a common namespace that you can use
to access shared storage from all nodes.
Failover clustering has several components, including the following:
Nodes. Nodes are Windows Server computers that are members of a failover cluster. These computers
have the failover clustering feature installed, and they run highly available services, applications, and
other resources that are associated with a cluster. A failover cluster in Windows Server 2012 R2 can
have up to 64 nodes, which can run up to 8,000 virtual machines. A single node can run up to 1,024
virtual machines.
6-3
Networks. Networks enable communication between nodes that are still available and responsive, and
also between nodes and client computers. Because clusters use external storage such as iSCSI or Fibre
Channel Storage Area Network (SAN), nodes also use networks for accessing the shared storage.
Clustered role. A clustered role is a highly available role or service that is running on the cluster node
and to which clients connect. If such a service becomes unavailable on one node, the failover cluster
fails it over automatically to another node and redirects client requests for the service to the new
node.
Resources. Resources are physical or logical elements such as a shared folder, disk, or IP address,
which the failover cluster manages. Resources may provide service to clients or may be integral parts
of highly available applications. Resources are the most basic and smallest configurable units. A
resource can run only on a single node at any given time.
Cluster Storage. Each node has local storage (where the Windows operating system is installed), in
addition to server roles and highly available applications. Cluster storage is a shared storage, where
application configuration and data is stored. When a node fails, other nodes can access data on the
cluster storage, and can start applications from that point. For example, the highly available virtual
machine stores configuration data and virtual hard disks of the highly available virtual machine are
stored on the cluster storage.
Clients. These are computers that access highly available services and applications that are running in
the failover cluster. There should be multiple network paths between clients and the cluster. Clients
should also try to reconnect to the service automatically if a cluster node fails.
In a failover cluster, each node in the cluster:
Has full connectivity and communication with other failover cluster nodes.
Is aware of configuration changes to the failover cluster, such as when an additional node joins or
leaves the cluster. Each node is also aware of other node failures, and has the ability to run services
that the failed node hosted. You can configure which services to run on which nodes.
Connects to a network through which client computers can access the node.
Connects to other nodes, and regularly checks their availability and responsiveness.
Connects to shared storage, where configuration and data of highly available applications is stored.
Has awareness of the services and applications that are running locally, and resources that are
running on other failover cluster nodes.
Failover Clustering Overview
Question: Will clients still be able to connect to a cluster role if the failover cluster has only
two nodes and the internode network fails?
What Are Failover and Failback?
Failover is a process in which a highly available

role, together with all its resources (such as IP
address and disk) moves between nodes in a
failover cluster. Failover can happen automatically.
For example, the node on which the highly
available virtual machine was running might fail,
or one of the resources that the highly available
application depends upon may become
unavailable. Other possible reasons are that a
monitored service in a highly available virtual
machine may stop, or the network adapter may
lose network connectivity. Failover can also be
manual. For example, administrators can start a maintenance procedure, during which they move highly
available virtual machines to a different node before updating and restarting the current node.
When failover is initiated, the following steps occur:
1.
The cluster service takes all of the resources of the highly available role offline in an order that is
determined by the instances dependency hierarchy. First, the cluster service takes the clustered role
offline, and then it takes offline the resources on which it the cluster role depends. For example, if a
role depends on a disk resource, the cluster service takes the role offline first, which allows the role to
write uncommitted changes to the disk, before taking the disk offline.
2.
When all resources are offline, the cluster service attempts to move the role to the node that is next
on the list of preferred owners for that role. If the preferred owner is not available, then the cluster
service contacts the next server on the list.
3.
If the cluster service moves the role successfully to a different node, it attempts to bring all role
resources back online. This time, it takes the resources online in reverse order, from the bottom of the
dependency hierarchy. Failover is complete when all of the resources are online on the new node.
In most cases, failover results in some downtime and data loss. If a node on which a highly available role is
running fails, everything that was not saved on the shared storage (such as in-memory state of the open
client connections), are lost. Failover restarts the role based on the configuration and state of the shared
storage. Clients experience this as if you turn off and then turn on a single server on which the role runs.
For some highly available roles such as scale-out file server, failover is transparent and without downtime.
The cluster service can fail back a highly available role that was originally running on the failed node, after
you repair or recover the failed node and it is available once again. When the cluster service fails back the
highly available role, it uses the same steps that it performed during failover. The cluster service takes all
the resources offline, moves the role, and then brings all the resources back online. You can configure in
the properties of the highly available role how many times the cluster service will attempt to fail over and
then fail back the role. You can also configure the list of preferred owners for the role.
Question: Does failback always follow failover when the failed node is back online?
Failover Cluster Networks
6-5
Networks and network adapters are important

parts of each failover cluster implementation.
You cannot configure a failover cluster without
configuring the networks that the cluster will use.
Because you are using a failover cluster to provide
high availability, you should always have multiple
network paths. We recommend that each node
have multiple fast network adapters, so that you
can avoid single network adapter failure and
provide higher throughput. You can add adapters
to the team and create multiple virtual network
adapters for different purposes, such as
management, internode communication, and live migration. You can also use Quality of Service (QoS) to
limit the bandwidth made available to the network adapter.
You can classify networks in failover clustering based on their use. You can configure the following three
settings:
Do not allow cluster network communication on this network. The nodes in the failover cluster cannot
use this network for internode communication or for communication with the clients. You would
typically use such a network for accessing shared storage, for example iSCSI SAN.
Allow cluster network communication on this network. The nodes in the failover cluster can use this
network for intranetwork communication. For example, nodes can use this network for updating the
cluster database, monitoring the health of other nodes, or for live migration data.
Allow clients to connect through this network. Clients can access the failover cluster nodes over this
network, for example, to access a highly available database. (The term client refers not only to client
computers accessing clustered applications, but also to remote computers that you use to administer
the cluster.) You can allow clients to connect through this network only if it can be used for cluster
communication as well.
Technically, it is possible to have a failover cluster node with a single network adapter that is used for all
network traffic, including internode communication, client communication, and access to shared storage.
However, we do not recommend having a single network adapter for all network traffic, and validation
will generate a warning to alert you of a potential single point of failure.
When you install the failover clustering feature, it adds the Failover Cluster Virtual Adapter to the node.
This is a hidden and completely self-configuring network adapter, which provides the failover node with
a fault-tolerant connection across all available network adapters. The Failover Cluster Virtual Adapter is
similar to NIC Teaming for clustering, and it hides all underlying network complexity from the failover
cluster; for example, when other nodes are on remote networks, or when a node obtains an IP address
from a Dynamic Host Configuration Protocol (DHCP) server. You can view the Failover Cluster Virtual
Adapter in Device Manager as a hidden device.
The networking features in failover clustering include the following:
The node transmits and receives a heartbeat, which is used to monitor the health status of network
interfaces, and is sent over all cluster-enabled networks. The heartbeat is sent by using unicast User
Datagram Protocol (UDP) traffic over port 3343.
Failover cluster nodes can be on different segments, providing there is network connectivity between
them.
The Failover Cluster Virtual Adapter hidden network adapter is added to each node. This adapter is
assigned a media access control (MAC) address based on the first physical adapter, and it is used to
build redundant and fault-tolerant routes to other nodes. You can also clone Windows Server
computers when they have the failover clustering role installed.
Failover clusters fully support IPv6 for both internode and client communication.
Cluster nodes can use static or dynamic IP addresses. If some nodes in a failover cluster use static IP
addresses, and if others are configured with dynamic IP settings, validation will report an error.
Failover Cluster Networking Essentials
Question: Do you need to manually put network adapters in a failover clustering node in a
NIC team?
Failover Cluster Storage

Failover cluster deployments require shared
storage to provide consistent data and
configuration for the highly available applications.
When data is stored on a shared storage, this
data is still available, even when the node on
which the cluster role is running fails. This means
that another node can access the same data and
restart the cluster role from where the first node
wrote data on the shared storage.
There are different options for shared storage in
Windows Server:
Serial Attached SCSI. You can use Serial

Attached SCSI storage to connect shared storage to two failover nodes that are located close to
the Serial Attached SCSI storage. If the failover cluster will have multiple nodes, or if distance to the
storage will be more than 10 meters (30 feet), you should consider a different option for shared
storage.
iSCSI. Servers access iSCSI SANs by sending SCSI commands over an IP network. Performance is
acceptable over fast 10 gigabits per second (Gbps) or slower 1 Gbps networks. iSCSI is not limited
by the length or the number of servers that access the storage. The physical medium for data
transmission is Ethernet, and no special hardware is required. You can build an iSCSI SAN by using
the iSCSI target feature, which is part of Windows Server 2012 R2.
Fibre Channel. Fibre Channel SANs require special network infrastructure for accessing the storage.
They often have better performance than iSCSI storage, but they are considerably more expensive to
implement.
Fibre Channel over Ethernet. This network technology encapsulates Fibre Channel traffic over
Ethernet networks. This enables Fibre Channel to use high-speed Ethernet networks, while preserving
the Fibre Channel protocol.
You can also use SMB 3.0 file shares as shared storage for servers that are running Hyper-V, regardless of
whether they are part of failover cluster nodes. Servers can access storage on a SAN as a LUN, or as a CSV.
When you are considering shared storage for the failover cluster, you should consider using it as a CSV.
This is because it provides many benefits, such as simultaneous access from multiple failover cluster nodes,
and more efficient use of the storage space.
When you choose the storage type, you should consider the following storage requirements:
6-7
A failover cluster does not support dynamic disks for a shared storage. You should therefore use basic
disks for the shared storage, and not dynamic.
As a best practice, use NTFS file system on all failover node volumes. If the volume is on shared
storage and you will use it as CSVs, you must format it by using NTFS file system.
If you will use disk witness for your quorum, you can format the volume with either NTFS file system
or Resilient File System (ReFS).
You can use either master boot record (MBR) or GUID partition table (GPT) partition style for the disks
in a failover cluster node.
Storage must support the SCSI-3 standard. Failover clusters require that storage supports persistent
reservations commands so that storage spaces can be properly managed as clustered disks, and those
commands are part of the SCSI-3 standard.
Confirm storage compatibility. You should verify that that the storage, drivers, firmware, and software
used for the storage are compatible with failover clusters in Windows Server 2012.
Isolate storage devices, one cluster per device. You should not allow nodes from different failover
clusters to access the same storage. You can achieve this by using LUN masking or zoning. This
prevents LUNs that you use on one failover cluster from being accessible from another failover
cluster.
Use Multipath I/O (MPIO) and teamed network adapters. This will provide the highest level of
redundancy and availability for accessing the storage.
Consider using storage spaces. Storage spaces virtualize access to the storage and provide resilient
and highly available shared storage.
Failover Clustering Hardware Requirements and Storage Options
Question: Can you use a network-attached storage (NAS) device as a shared storage for a
failover cluster?
What Is CSV?
In a classic failover cluster deployment, only a
single failover cluster node can access and use
LUN on the shared storage at any given time. This
means that other failover cluster nodes cannot
access the same LUN, and that multiple LUNs are
used for different highly available applications on
different nodes. A LUN is also the smallest unit of
failover. If multiple virtual machines are stored on
the same LUN, they all fail over to another node,
and it is not possible to fail over just one of them.
CSV is a technology that enables multiple nodes

to access a single LUN concurrently. CSV provides
a distributed file access solution, which enables multiple nodes to access the same NTFS file system
simultaneously. CSV has multiple files. All failover cluster nodes can access CSV at the same time, but
each node can only access a different file on the CSV. Nodes cannot access the same file at the same time,
even when it is stored on CSV.
In Windows Server 2008 R2, CSV was supported only for storing virtual machine files. This way, you
could have multiple virtual machines on the same storage, with each virtual machine running on a
different node. CSV also enables individual virtual machines to fail over between failover cluster nodes.
This provides better use of storage space, because you no longer have to maintain multiple LUNs, one per
each virtual machine.
CSVs in Windows Server 2012
Windows Server 2012 offers improvements to CSV. It now supports roles other than just Hyper- V, such
as file server, or Microsoft SQL Server 2014. Windows Server 2012 also adds support for CSV cache, which
allows allocation of system memory as a write-through cache. Other improvements in CSVs are:
CSV file system. CSV volumes appear as if they are using a CSV file system. This is not a new file
system, the underlying technology is still NTFS, and CSV volumes are formatted with NTFS. However,
based on the file system, applications can discover that they are running on CSV.
Simplified CSV setup. CSV is integrated into the Failover Cluster Manager Storage view, and you do
not need to enable it explicitly. Instead, you can simply right-click a disk, and then add it to CSV.
Support for BitLocker. You can use BitLocker to encrypt a shared CSV volume, and protect data. Each
node performs decryption by using the computer account for the cluster server.
Integration with SMB Multichannel and SMB Direct. This enables CSV traffic to stream across multiple
networks in the cluster, and to utilize network adapters that support Remote Direct Memory Access
(RDMA).
Integration with the Storage Spaces feature in Windows Server 2012. This enables failover cluster to
use virtualized storage on clusters of inexpensive disks.
Ability to scan and repair volumes. CSVs can scan and repair volumes without moving storage offline.
Understanding Cluster Shared Volumes in a Failover Cluster
Question: Can you format a CSV by using a CSV file system?
What Is a Quorum?
A failover cluster can have up to 64 failover cluster
nodes. A quorum is the consensus that enough
nodes are online and that the cluster can continue
running. Each node has one vote. If there is an
even number of nodes, then votes from the
witness element, which can be either a file
share witness or a disk witness, is also counted.
Quorum mode defines who will have a vote, and
until Windows Server 2012, that configuration was
static. Each voting element contains a copy of the
cluster configuration, and the cluster service keeps
all copies synchronized at all times.
A failover cluster stops providing failover protection if the quorum does not have more than half of the
votes. This means that most of the nodes have failed, or they are not able to vote because of some other
6-9
problem such as a network connectivity issue. Without a quorum, each set of nodes could continue to
operate as a failover cluster, even if it would have half of the nodes or less, which could result in creation
of two cluster instances from a single failover cluster. A quorum prevents such a splitting of a failover
cluster into two parts, where each part would continue to operate as a failover cluster concurrently.
If the available nodes do not achieve majority, then the vote of the witness becomes crucial. Quorum
mode, which is configured at the failover cluster level, defines which elements can vote. If the number of
votes drops below the majority, the cluster stops running and does not provide failover protection if there
is a node failure. Nodes continue to listen for the presence of other nodes, in case another node appears
again on the network. However, nodes will not function until a majority consensus or quorum is achieved.
Note: Failover cluster functionality depends not only on a quorum, but also on the
resources available to cluster nodes and their ability to run cluster services that fail over to
that node. For example, a cluster with five nodes will still have a quorum even if two nodes
fail. However, each remaining cluster node will continue serving clients only if it has enough
resources to run cluster roles that failed over to the remaining three nodes. These resources
include storage space, processing power, network bandwidth, and memory. You can configure
priority, preferred hosts, and anti-affinity to decide the nodes on which the cluster role can run.
Quorum Modes in Windows Server 2012

Windows Server 2012 R2 supports the following quorum modes:
Node Majority. Each failover cluster node that is online and has network connectivity can vote. Only
failover cluster nodes have a vote, and the cluster provides its services only when the quorum has
majority, with more than half the votes. This is the default quorum mode when the cluster has an odd
number of nodes and a witness is not necessary, such as when all nodes are located in the same site.
Node and Disk, or Node and File Share Majority. Each failover cluster node and a witness, which is
either a disk or file share, can vote when they are online and have network connectivity. The cluster
provides its services only when quorum has majority of the votes. This quorum model is appropriate
when the failover cluster has an even number of nodes.
No Majority: Disk Only. The cluster has a quorum if at least one node is available and it has
connectivity with a specific disk in the failover cluster storage. Only nodes that can communicate
with that disk can join the cluster.
Note: If the disk in the No Majority: Disk Only quorum model is not available, the cluster
will stop functioning, even if all nodes are still available. In this mode, a quorum-shared disk is a
single point of failure. Therefore, use of this mode is not recommended.
Except for the No Majority: Disk Only quorum mode, all quorum modes are based on a simple majority
vote model. As long as a quorum has majority of the votes, the cluster continues to accept client requests.
For example, if there are five votes in the cluster, the cluster continues to accept requests as long as the
quorum has at least three votes, and the source of the votes is not relevant. A quorum can get a vote
from a failover cluster node, a disk witness, or a file-share witness. The failover cluster stops answering
requests if the quorum does not receive the majority of the votes. In the No Majority: Disk Only mode, the
quorum-shared disk can veto all other possible votes. In this mode, the cluster will continue to function as
long as the quorum-shared disk and at least one node are available.
Cluster Node Weights and Dynamic Quorum
Failover clustering in Windows Server 2012 introduces two new concepts regarding quorum: cluster node
weights, and dynamic quorum. The concept of cluster node weight is used primarily in environments
where failover nodes are located in multiple physical locations. In such environments, you might want the
failover cluster running at the primary location even if the failover cluster nodes at the recovery location
are not available. To accomplish this, you can assign node weights of 0 for the failover cluster nodes at the
recovery location, which effectively revokes their default ability to participate in the quorum voting. For
example, if you have a four-node failover cluster and you assign node numbers 3 and 4 a weight of 0,
they would not participate in the calculation of a quorum, and only nodes 1 and 2 would participate. If
both nodes 3 and 4 were to fail, the failover cluster would continue to work, even if only nodes 1 and 2
are available.
Dynamic quorum provides higher availability within a failover cluster by continuously monitoring and
adjusting the quorum model based on the available cluster nodes. Cluster quorum calculation is adjusted
each time the number of nodes changes, so that even if a failover cluster has less than 50 percent of the
original number of nodes, the failover cluster continues to work and cluster roles are still available. With
dynamic quorum enabled, a failover cluster can survive with only one node up and running. The only
limiting factor is the availability of enough resources such as memory and processor to support the
workload. The dynamic quorum model is enabled by default.
Windows Server 2012 R2 includes several quorum enhancements, including:
Dynamic witness. If a failover cluster is configured to use dynamic quorum, which is the default
configuration, the witness vote is also dynamically adjusted based on the number of voting nodes in
the failover cluster. If the failover cluster has an odd number of votes, the quorum witness does not
have a vote. If the failover cluster has an even number of votes, the quorum witness has a vote. The
quorum witness vote is also dynamically adjusted based on the state of the witness resource. If the
witness resource is offline or has failed, then the witness does not have a vote.
Tie breaker for 50 percent node split. Failover cluster can dynamically adjust a node's vote to keep the
total number of votes at an odd number. To maintain an odd number of votes, the failover cluster will
first adjust the quorum witness vote through dynamic witness. If a quorum witness is not available,
then the failover cluster can adjust a node's vote. There is also a new failover cluster property that you
can use to determine which site survives if there is a 50 percent node split and neither site has
quorum.
Quorum user interface improvements. Failover Cluster Manager shows the assigned quorum vote and
the current quorum vote for each failover cluster node.
Configure and Manage the Quorum in a Windows Server 2012 Failover Cluster
Question: Can a failover cluster that originally had six nodes still run cluster roles if three
nodes fail and only three nodes remain online?
What Is Encrypted Cluster Volume?

Failover clusters can store sensitive data on
shared storage. With Windows Server 2012,
you can protect the data on shared storage by
using BitLocker-encrypted volumes. BitLocker
encryption adds an additional layer of protection
for sensitive, highly available data, and you can
use it to encrypt both physical disks and CSVs.
You can protect data volumes by using BitLocker
prior to adding them to the failover cluster, or
after they are already in use in the failover cluster.
Using BitLocker encryption helps to provides
physical security for deployments outside secure
data centers, and meets compliance requirements for volume-level encryption.
6-11
You can use BitLocker encryption with physical disk resources such as a LUN on a SAN, NAS, or with a
CSV. You can turn on BitLocker prior to adding the disk to the storage pool within a cluster. Otherwise,
you will need to put the resource into maintenance mode before you can perform BitLocker encryption.
When you use BitLocker on a stand-alone server, the BitLocker protector is stored locally. However,
when you use BitLocker encryption in a failover cluster, multiple cluster nodes must be able to access the
encrypted volume, and because of this, an Active Directory-based protector is used. You must add the
failover cluster Active Directory Domain Services (AD DS) identity as a BitLocker protector to the target
disk volumes.
You can manage BitLocker on a failover cluster by either using Windows PowerShell, or by using the
Manage-bde.exe command. BitLocker encryption introduces minimal (less than one percent) performance
overhead.
Before you can use BitLocker in a failover cluster, the following prerequisites must be met:
Windows Server 2012 or a newer Windows Server operating system with the Failover Clustering
feature must be installed and configured on each failover cluster node.
Domain controller running Windows Server 2012 or a newer Windows Server operating system must
be reachable from all failover cluster nodes.
BitLocker must be installed on all failover cluster nodes.
Manage-BDE.exe or the BitLocker module for Windows PowerShell must be available to configure
BitLocker-encrypted volumes in failover cluster.
How to Configure BitLocker Encrypted Clustered Disks in Windows Server 2012
Question: Can you protect data on shared storage by using an encrypted cluster volume if
the failover cluster is a member of an AD DS domain with a Windows Server 2008 R2
domain-functional level?
Lesson 2
Configuring and Using Shared Storage
Each node in a failover cluster has local storage on which the operating system and applications are
installed. Each node should have access to shared storage, where it can store application configuration
information and data. Shared storage is useful in enabling a failover cluster node to continue the cluster
service from the point at which it was before the originating node failed.
In this lesson, you will learn how you can use an SMB 3.0 file share as a shared storage for virtual
machines, and how you can install and configure an iSCSI target for use by a failover cluster. You will also
learn about virtual hard disk sharing, which enables virtual machines to use a virtual hard disk on a highly
available location as a shared storage.
Lesson Objectives
Describe the requirements and process of storing virtual machines on an SMB 3.0 file share.
Explain the benefits and use of scale-out file servers.
Describe iSCSI.
Describe the iSCSI target server.
Use an iSCSI target server.
Describe the considerations for implementing iSCSI storage.
Explain how to use virtual hard disk sharing as shared storage.
Storing a Virtual Machine on an SMB 3.0 Shared Folder

In the past, if you wanted to run a virtual
machine, its data files should have been stored
either locally, or on the block storage on the SAN.
However, in Windows Server 2012 and newer
versions, you can use also SMB 3.0 file shares
for storing data files of running virtual machines,
which include configuration data, virtual hard
disks, checkpoints, and smart paging. Using of
SMB 3.0 has many advantages, because you can
use the existing knowledge, networking, and
server infrastructure, in addition to benefitting
from SMB 3.0 features such as SMB transparent
failover, SMB scale-out, and SMB multichannel.
Considerations for Use of SMB 3.0
SMB 3.0 file shares can have similar performance and reliability as SANs. Before using them, you should be
aware of the following considerations:
AD DS forest infrastructure is required if you want to use SMB 3.0 file shares. You need to grant
permissions for the SMB 3.0 file share to the Hyper-V host computer account, which is created only in
a domain environment.
6-13
The file server must support SMB 3.0 protocol, which means that it must have Windows Server 2012
or a newer Windows Server operating system installed. You can use also non-Microsoft file servers, if
they support the SMB 3.0 protocol. Hyper-V does not block older versions of SMB, but Hyper-V Best
Practice Analyzer raises an alert when it detects an older version of SMB.
Loopback configurations are not supported. These are configurations in which the Hyper-V host is
used as the file server, and is configured to use local SMB 3.0 file shares for storing virtual machines.
When Hyper-V is running in a failover cluster, it must not store virtual machines on the file server in
the same failover cluster. Instead, it must use a file server in another failover cluster or stand-alone file
server. This is because when a failover node fails, it could potentially result in the Hyper-V and file
server roles running on the same failover cluster node.
We recommend that the Hyper-V host stores virtual machines on a continuously available file share
on a file server in the failover cluster, and not on a stand-alone file server.
Configuration Steps
The two most important steps when configuring an SMB 3.0 file share for storing virtual machines are:
Select the SMB Share - Applications profile for the shared folder. You can configure this profile when
creating the shared folder by using Server Manager. You will notice that you cannot enable accessbased enumeration or allow caching, because those features are not supported with this share profile.
Configure the appropriate NTFS file system and share permissions. The necessary permissions include
allowing Full Control for the Hyper-V host and Hyper-V Administrators. If Hyper-V is running in a
failover cluster, the computer account for the failover cluster must also have Full Control permissions
on the SMB 3.0 file share.
You can also create a shared folder and grant the permissions by using Windows PowerShell. You can
create a shared folder for C:\VMs, and grant Full Permissions for the LON-HOST1 account and local
Hyper-V Administrators group by running the following Windows PowerShell cmdlets:
New-SmbShare -Name VMs -Path C:\VMs -FullAccess Adatum\LON-HOST1$, "Hyper-V
administrators"
(Get-SmbShare VMs).PresetPathAcl | Set-Acl
Deploy Hyper-V over SMB

Question: Can you store a virtual machine on a shared folder on a Windows Server 2008 R2
file server?
Using a Scale-Out File Server

Scale-out file server is one of the failover cluster
server roles. Unlike other roles whose behavior in
the cluster is the same as on stand-alone server,
a scale-out file server features several important
improvements. When you add a file server as a
cluster role, you can configure it as a file server
for general use, or as a scale-out file server for
application data. A file server for general use
enables you to configure highly available shared
folders, which are accessible on one cluster node
at the time. If that node fails, another node takes
ownership and clients can access the shared folder
through that node. Although shared folders are highly available, clients always access them through a
single node.
Benefits of Scale-Out File Servers
A scale-out file server has a different approach. Multiple failover nodes can host this role simultaneously,
and they all provide access to the data on the same CSV. One node coordinates write operations, and
any node on the failover cluster can read the data files on the CSV. This means that if you add a node to
a scale-out file server, you increase the total bandwidth that is available for accessing the shared folders.
This cluster role is sometimes referred to as an active-active file server, because shared folders can be
accessed through multiple nodes.
A scale-out file server provides the following benefits:
Ability to scale capacity dynamically. Because clients can access shared folders through multiple
nodes, if the number of clients increases, you can add an additional node to the scale-out file server.
You can build a scale-out file server with only two nodes, and you can expand it with additional
nodes as needed.
Higher Utilization. All failover cluster nodes can accept and serve client requests for all scale-out
shared folders. When you combine their bandwidth and processor power, you can achieve higher
utilization rates than with any single node. A single failover cluster node is no longer a potential
bottleneck, because a scale-out file server can support as many clients as the shared storage can
manage.
Non-disruptive maintenance and updates. When you need to check the disk, perform maintenance,
update, or restart a failover cluster node, the scale-out file server is available without an interruption.
This is also true for file server for general use.
CSV cache. You can use this feature to allocate system memory as a write-through cache. The CSV
cache provides caching of read-only data, which can improve performance for applications such as
Hyper-V, when accessing virtual hard disks. CSV cache performs caching at the block level, and not at
the file level.
Automatic rebalancing of the clients. SMB client connections are tracked per shared folder, instead of
per server as it was before Windows Server 2012 R2. Clients are redirected to the failover cluster node
with the best access to the volume used by the shared folder. This improves efficiency by reducing
redirection traffic between file server nodes.
Support for multiple SMB instances. A default SMB instance manages incoming SMB client traffic,
while an additional SMB instance is created on each failover cluster node to manage only internode
CSV traffic. This feature improves scalability and reliability of traffic between CSV nodes.
6-15
Simpler management. You can view and manage file server, storage, and networking by using Server
Manager. You can also manage the scale-out file server by using Windows PowerShell.
Note: Clients must support the SMB 3.0 protocol to utilize all the benefits of the scale-out
file server. Older clients such as the Windows 7 operating system or Windows Server 2008 R2,
which support SMB 2.x, are able to connect to scale-out shared folders. However, they cannot
benefit from the SMB transparent failover functionality.
Scale-Out File Server for Application Data Overview
Storage and Availability Improvements in Windows Server 2012 R2
Question: Does a file server cluster for general use support more clients than a stand-alone
file server?
What Is iSCSI?
iSCSI is a client-server protocol that enables
access to remote, small computer system interface
(SCSI)based devices over a TCP/IP network. You
can use iSCSI for encapsulating and sending
standard SCSI commands over IP networks to any
target device that supports SCSI commands. You
can use iSCSI to transmit data over local area
networks (LANs), wide area networks (WANs), or
even over the Internet. The Windows operating
system has implemented iSCSI only for accessing
block storage devices, and uses the iSCSI initiator
to access storage on iSCSI SANs, but not other
remote SCSI devices.
iSCSI relies on standard Ethernet networking and does not require any special hardware. It uses the TCP/IP
protocol and TCP port 3260 by default to send SCSI commands and transfer data. This means that iSCSI
enables two hosts that are communicating over the network to negotiate the session and connection
parameters, and then exchange SCSI commands and data as they would were they locally connected.
iSCSI emulates a local storage subsystem over LANs and WANs, and provides access to the SAN as if it
were a locally attached disk. Unlike Fibre Channel, iSCSI does not require a separate network, and you can
run it over the existing IP network infrastructure. Although not required, as a best practice you should use
a dedicated and highly available network for iSCSI traffic.
An iSCSI deployment includes the following:
TCP/IP network. You can use standard network infrastructure for connecting servers to iSCSI storage
devices. To provide expected performance, the network should be fast, at least 1 Gbps. Understand
that with iSCSI, all storage access, read, and write operations happen over the network and not
locally. You should also consider having multiple paths between the server and iSCSI storage for
redundancy.
iSCSI target. iSCSI targets present and advertise local storage as a network block device, as an
iSCSI SAN. Many storage vendors implement hardware-level iSCSI targets as part of their storage
appliances. Windows Server 2012 includes iSCSI target server as a role service. Because it is critical for
storage to be available constantly, you should implement an iSCSI target server as a failover cluster
role to make it highly available. To provide network redundancy, you should also configure the MPIO
feature to use multiple paths between the server and iSCSI target.
iSCSI initiator. The iSCSI initiator is an iSCSI client that connects to the remote iSCSI target and
presents it as a locally attached disk. Windows client and Windows Server operating systems include
iSCSI initiator, and can connect to iSCSI targets. To use an iSCSI initiator, the iSCSI service must be
running. Because this service is not running by default, you should start it before you start using an
iSCSI initiator.
iSCSI qualified name. iSCSI qualified names are globally unique identifiers that address initiators and
targets on an iSCSI network. When you configure an iSCSI target, you must configure it with an iSCSI
qualified name.
Understanding Microsoft iSCSI Initiator Features and Components
Question: What must you enable and configure in Windows Server 2012 R2 to be able to
use storage on an iSCSI SAN?
What Is an iSCSI Target Server?

When you install and configure the iSCSI target
server role service, Windows Server 2012 R2 can
present locally attached storage as an iSCSI block
storage device to the clients. By using an iSCSI
target server, you can create virtual disks that are
similar to LUNs on physical SANs, and expose
them as SCSI Logical Units (LUs) to iSCSI initiators.
Virtual disks created by using an iSCSI target
server have similar names as the virtual hard
disks used by Hyper-V, because they use the
same .vhdx format, and they share the same
characteristics and 64 terabyte (TB) size limits as
virtual hard disks. They also can be of the same types as virtual hard disks: fixed size, dynamically
expanding, or differencing.
When you create a fixed-size virtual disk, you can clear it on allocation. This means that its entire content
is filled with zero values, which removes any fragments of data that might remain on the underlying
storage.
After you create a virtual disk, you can assign it to the iSCSI target to make it available to the iSCSI
initiators over the network. You can identify the initiators that can access the logical unit by providing
their iSCSI qualified name, Domain Name System (DNS) name, IP address or MAC address, or by querying
the initiator computer for ID, which is supported only for Windows Server 2012, or for Windows 8 or
newer computers that are members of the same AD DS forest. You can also enable the Challenge
Handshake Authentication Protocol (CHAP) to authenticate initial connection and iSCSI target.
After the client iSCSI initiator connects to the logical unit, it can start using it as a locally attached disk,
which means initializing the disk, creating volumes, formatting them, and storing data. If the client is
6-17
running out of space on the logical unit, you can provide it with additional space by extending the virtual
disk. Conversely, if the logical unit has too much space for client needs, you can shrink the virtual disk.
You can perform both operations online, while the client is connected to the iSCSI target.
The iSCSI target server also enables backup applications that are connected to an iSCSI target and are
using Volume Shadow Copy Service (VSS) to complete the application-consistent snapshot, while the
application is accessing the logical unit. The iSCSI target VSS hardware provider communicates with the
iSCSI target server during the VSS snapshot process, and ensures that the snapshot is
application-consistent.
The iSCSI target server includes a Storage Management Initiative Specification provider, which is an
industry standard for discovery and management of heterogeneous storage systems. For example, VMM
can use functionality to perform the following actions on iSCSI target server:
Discover and list iSCSI targets and their properties.
Discover and list iSCSI logical units and their properties.
Create new and delete existing iSCSI logical units.
Add storage capacity to a Hyper-V failover cluster.
List, create, and delete logical unit snapshots.
Mask and unmask logical units on an iSCSI target.
You can manage the iSCSI target server by using Server Manager, or by using Windows PowerShell
cmdlets. For example, you can create a new virtual disk by running the following Windows PowerShell
cmdlet:
New-IscsiVirtualDisk
You can create a new iSCSI target by running the following cmdlet:
New-IscsiServerTarget
You can add a virtual disk to an iSCSI target by running the following cmdlet:
Add-IscsiVirtualDiskTargetMapping
Introduction of iSCSI Target in Windows Server 2012

iSCSI Target Server in Windows Server 2012 R2
Question: Can you use an iSCSI target server on Windows Server 2012 R2 to provide storage
to a server that is running a non-Microsoft operating system?
Demonstration: Using an iSCSI Target Server

In this demonstration, you will see how to use an iSCSI target server.
Demonstration Steps
1.
On LON-HOST1, add LON-SS1 to All Servers.
2.
Use Server Manager to add an iSCSI Virtual disk with following data:
3.
4.
5.
Location: E:\
iSCSI virtual disk name: Disk11
iSCSI virtual disk size: 15 GB
iSCSI virtual disk type: Dynamically expanding
Connect the iSCSI virtual disk to the New iSCSI target with following data:
o
Target name: Lab6-Host1
Access servers: LON-HOST1 and LON-HOST2
Use the Windows PowerShell New-IscsiVirtualDisk cmdlet to create new virtual disk with following
parameters:
o
Path: C:\iSCSIVirtualDisks\Disk12.vhdx
Size: 15 GB
ComputerName: LON-SS1
Use the Windows PowerShell Add-IscsiVirtualDiskTargetMapping cmdlet to add a virtual disk to an

iSCSI target with the following parameters:
o
TargetName: Lab6-Host1
Path: C:\iSCSIVirtualDisks\Disk12.vhdx
6.
Refresh Server Manager, and confirm that virtual disk Disk12.vhdx now displays and it is mapped to
the Lab6-Host1 target.
7.
On LON-HOST1, open iSCSI Initiator and connect to the Lab6-Host1 target on the LON-SS1 iSCSI
target server. Disconnect any previously connected targets.
8.
Use Disk Management to confirm that two disks are now added, that they have a size of 15 GB, and
they are all Offline. Note that these are the virtual disks that you just added on the iSCSI target.
Considerations for Implementing iSCSI Storage

iSCSI storage is presented as a locally attached
disk, although all communication with the storage
is over the network. Therefore, it is critical that
storage is accessible at all times. When you are
planning the iSCSI implementation, you should be
aware of the following best practices:
6-19
Use a fast network for iSCSI communication.

This network will be used for sending SCSI
commands and transferring data to and from
storage, similar to a local bus for the locally
attached storage. You should use at least a 1
Gbps dedicated network for iSCSI. If you use a
shared physical network, then you should use QoS policies to ensure that iSCSI is allocated adequate
bandwidth. In addition, configure network cards to use jumbo frames on the iSCSI network.
Data for the mission-critical workload will be stored on the shared iSCSI storage. Therefore,
redundancy is very important. iSCSI SAN appliances have redundancy built into them, but when you
use iSCSI target software, you should add the iSCSI target as a cluster role in a failover cluster. You
should also ensure that multiple network paths exist between the servers and the storage, and you
should install and configure the MPIO feature in Windows Server 2012. Be sure to also consider
network equipment such as switches and routers, and ensure that they have redundancy as well.
In enterprise environments, you should consider implementing a Microsoft Internet Storage Name
Service (iSNS) server, which is used for discovering storage devices on an Ethernet network. iSNS
provides automated discovery, management, and configuration of iSCSI devices on a TCP/IP network.
Implement security for iSCSI devices. This includes configuring iSCSI targets to allow only connections
from approved initiators, configuring authentication for iSCSI traffic, and encrypting iSCSI traffic if
required. Be aware that encryption requires additional overhead, and you should offload it to network
equipment.
Read the vendor-specific best practices for implementing iSCSI storage, and for using it with your
applications, such as Hyper-V.
Question: How can you control which iSCSI initiators can connect and use an iSCSI target?
Using Virtual Hard Disk Sharing as Shared Storage

You can implement failover clustering either
at the Hyper-V host level or at the virtual
machine level, or you can combine them.
Failover clustering at the host level provides
high availability for virtual machines. If a virtual
machine stops responding or loses network
connectivity, it fails over automatically to a
different node. Failover clustering at the virtual
machine level ensures that cluster roles inside
a virtual machine (such as scale-out file server,
DHCP server, or generic application), are
highly available. If the cluster role is no longer
responsive, it fails over automatically to a different virtual machine that is configured as a failover
clustering node. This virtual machine must be running either on the same Hyper-V host, or on a different
one. When you use failover clustering at both levels, you realize many benefits. However, you also realize
the downside of increased complexity. Virtual machines and the cluster roles are highly available.
To provide failover clustering functionality, you need shared storage for the quorum, for cluster roles
configuration, and for data storage. You can use iSCSI or Fibre Channel SAN as a shared storage with
Hyper-V failover clustering, in addition to an SMB 3.0 file share. You can also use both SAN types with
virtual machine clustering.
Windows Server 2012 R2 introduces a third optionyou can use virtual hard disk sharing and use that
disk as shared storage. Virtual hard disk sharing presents a disk as a Serial Attached SCSI disk, and failover
clustering can then use it as a shared storage.
The following table shows a comparison between iSCSI, Fibre Channel, and virtual hard disk sharing when
used for virtual machine shared storage:
Capability
Shared .vhdx
Virtual Fibre
Channel
ISCSI in a virtual
machine
Supported storage
Storage Spaces, Serial

Attached SCSI, Fibre
Channel, iSCSI, SMB
Fibre Channel
SAN
iSCSI SAN
How is storage presented in

virtual machine
Virtual Serial Attached

SCSI
Virtual Fibre
Channel LUN
iSCSI LUN
Data flows through the HyperV switch
No
No
Yes
Storage is configured at the

Hyper-V host level
Yes
Yes
No
Provides low latency and low

CPU use
Yes (RDMA or Fibre

Channel)
Yes (Fibre
Channel)
No
Requires specific hardware
No
Yes
No
Switch must be reconfigured

when virtual machine is
migrated
No
Yes
No
Exposes storage architecture
No
Yes
Yes
Before you can use a shared virtual hard disk as a shared storage, you must first meet the following
requirements:
The virtual hard disk must use .vhdx format. You can enable virtual hard disk sharing only on .vhdx
disks, and not on virtual hard disks that use the .vhd format.
The virtual hard disk must be connected to a SCSI virtual controller. You cannot enable virtual hard
disk sharing for disks that are connected to a virtual IDE adapter.
A shared virtual hard disk can only store data, and you cannot start a virtual machine from it. This is
also true for Generation 2 virtual machines, which can start from the virtual SCSI controller.
A shared virtual hard disk must be stored on a highly available location, either on scale-out file server
share, or on CSV. If a virtual hard disk is stored locally or on the SMB 3.0 file share, you cannot enable
virtual hard disk sharing.
6-21
You can enable virtual hard disk sharing only if the virtual machine is turned off. Although you can
add or remove virtual hard disks to a virtual SCSI adapter while the virtual machine is running, you
can enable or disable virtual hard disk sharing only when the virtual machine is turned off.
To be able to use virtual hard disk sharing, the virtual machine must be running a supported
Windows Server operating system, and it must have the latest version of integration services installed.
Supported operating systems are currently Windows Server 2012 and Windows Server 2012 R2. You
cannot use shared virtual hard disks from client operating systems or older Windows Server operating
systems.
You can enable virtual hard disk sharing from the advanced settings of the virtual hard disk in Hyper-V
Manager, or by using the Windows PowerShell Add-VMHardDiskDrive cmdlet with the ShareVirtualDisk
parameter. For example, if you want to add shared virtual hard disk named disk1.vhd, which is located on
the highly available share \\LON-HOST1\files, to a virtual machine named VM1, you would run the
following cmdlet:
Add-VMHardDiskDrive -VMName VM1 -Path \\LON-HOST1\files\Disk1.vhdx -ShareVirtualDisk
Deploy a Guest Cluster Using a Shared Virtual Hard Disk

Question: Do you need to install anything into the virtual machine to enable virtual hard
disk sharing?
Lesson 3
Implementing and Managing Failover Clustering with

Hyper-V
Failover clustering provides high availability for virtual machines. Making virtual machines highly available
is similar to making any other role highly available. You should first install servers, configure the shared
storage, install the Hyper-V role on all the servers that will run virtualization load, validate and create
cluster, and then create highly available virtual machines. You should ensure that all virtual machine data
files are on shared storage, otherwise the virtual machine will not be highly available.
When configuring the virtual machine cluster role, you will notice that many configuration settings such
as priority, failover, and failback, are the same as for the other cluster roles. However, some other settings
such as monitoring virtual machine heartbeat and applications, or network connectivity are specific to
virtual machines. For running virtual machines in a failover cluster, you do not need any additional cluster
roles, but when you want to replicate a virtual machine to a failover cluster node, you should first add the
Hyper-V Replica Broker cluster role to a failover cluster.
Lesson Objectives
Describe the steps for failover cluster implementation.
Describe Hyper-V validation tests.
Create a failover cluster.
Describe the configuration of highly available virtual machines.
Describe virtual machine monitoring.
Create and manage a virtual machine clustered role.
Describe the Hyper-V Replica Broker role.
Describe cluster-aware updating.
Implementing a Failover Cluster

Before you can implement a failover cluster, you
must have all required infrastructure available,
such as AD DS domain and server hardware. To
implement a failover cluster, you must complete
the following high-level steps:
1.
Install and configure servers that will become

failover cluster nodes. You should verify that
servers use the same hardware, including
processors and network adapters. You should
also ensure that you install the same Windows
Server operating system version on all servers.
Ensure also that you install the Failover
Cluster feature on all servers.
2.
Configure shared storage. This includes configuring the storage, for example creating LUNs or iSCSI
targets, configuring MPIO, connecting servers to the storage, and creating volumes.
6-23
3.
Install roles on the servers that you want to make highly available. For example, you can install
Hyper-V if you plan to create highly available virtual machines, and install file and storage services if
you plan to create a scale-out file server. You need to install roles only on servers that will host the
cluster role. For example, if you plan to have an eight-node failover cluster, but virtual machines will
run on only five nodes, you should install the Hyper-V role on only five servers.
4.
Validate the configuration and create a failover cluster. The failover cluster includes the Validate
a Configuration Wizard, which validates all of the prerequisites for creating a failover cluster and
provides warnings or errors if any component does not meet the requirements. Before you create a
failover cluster, you should resolve any issues that the wizard reports. You can create a failover cluster
by using the Failover Cluster Manager, or by using Windows PowerShell.
5.
Create cluster roles. These are the highly available roles that run in a failover cluster. The High
Availability Wizard has several often-used cluster roles, such as file server or virtual machine. After you
create the cluster role, you can test the failover by moving the role between failover cluster nodes.
Deploy a Hyper-V Cluster
Question: Can you implement a failover cluster by using the Windows Server 2012 R2
Standard operating system?
Hyper-V Validation Tests

The failover clustering feature includes a
collection of tests, which you should perform
on the failover cluster. You can run the validation
process at any time before, during, or after
creating a failover cluster. You should run the
initial validation before creating the failover
cluster, and prior to making any change to the
failover cluster configuration.
To obtain Microsoft support for the failover

cluster (if needed), you must have successfully
validated the failover cluster. The validation
process includes a series of tests to validate
configuration of the nodes, including connectivity between the nodes, and connectivity and functionality
of the shared storage. You require at least two nodes to run all the tests. This is because if you run the
validation with a single node, several important storage tests will not be performed. You can validate a
cluster as part of the cluster creating process, or you can run it later from the Failover Cluster Manager or
by using the Windows PowerShell cmdlet Test-Cluster.
Note: Some validation tests do not run until you create a cluster or install server roles.
For example, the Cluster Configuration tests will not run until after you create the cluster, and
Hyper-V tests will not run if you have not yet installed the Hyper-V role on the cluster nodes.
You can also use the cluster validation process as a troubleshooting tool on a configured cluster. When
running the validation process, you can select a subset of the validation tests to help you troubleshoot.
The validation process will warn you if storage tests are selected, but they will not run on a failover cluster
that already has allocated storage online.
Validation is not mandatory, but we strongly recommend it as a best practice. Furthermore, validation is
required if you want to have a supported failover clustering configuration. You should perform validation
after each change in configuration, including the following:
Run validation tests on the failover cluster. To have a supported configuration and to rule out
configuration problems, you are required to run validation tests on the failover cluster successfully.
The report shows any errors and warnings for your configuration, and what you should do to avoid
them. For example, the report will warn you if there is no network redundancy or if servers are not
running the same edition of the Windows Server or Windows client operating systems.
Before adding a node to a failover cluster. You should run a validation test to confirm that the server
is configured properly and that it has connectivity to shared storage.
When adding new shared storage. When you add new shared storage to the cluster, you should run
validation to confirm that new storage will function correctly (for example, that it supports SCSI-3
persistent reservation). To minimize the impact on availability, you should run the validation after you
attach the storage, but before you begin using the new LUNs.
When updating firmware and drivers. You should run validation to confirm that the new combination
of hardware, firmware, drivers, and software supports your failover cluster functionality.
After restoring a node from backup. Run the validation to confirm that the restored node can
function properly as part of the failover cluster.
As part of the cluster role validation, the following tests are performed if the Hyper-V role is installed on
failover cluster nodes:
List Hyper-V Virtual Machine Information. This test lists virtual machine information for each virtual
machine in the failover cluster. Test information includes the virtual machine name, the node that is
hosting the virtual machine, heartbeat connectivity to the virtual machine, and the version of the
installed integration services.
List Information About Servers Running Hyper-V. This test lists Hyper-V host-related information on
each specified node, for example, if they are Virtual Machine Queue (VMQ)capable and single root
I/O virtualization (SR-IOV)capable.
Validate Compatibility of virtual Fibre Channel SANs for Hyper-V. This test validates that each node in
the failover cluster is configured with the same set of virtual Fibre Channel SANs.
Validate Hyper-V Integration Services Version. This test validates that all virtual machines are running
the up-to-date version of the Hyper-V integration services.
Validate Hyper-V Memory Resource Pool Capability. This test validates that memory resource pools
with the same names are present on all specified nodes.
Validate Hyper-V Network Resource Pool and Virtual Switch Compatibility. This test validates that all
nodes in the failover cluster have the same set of network resource pools and virtual switches with the
same names.
Validate Hyper-V Processor Resource Pool Compatibility. This test validates that all nodes in the
failover cluster have the same set of processor resource pools.
Validate Hyper-V Role Installed. This test validates that all nodes in the failover cluster have the
Hyper-V role installed.
Validate Hyper-V Storage Resource Pool Compatibility. This test validates that all nodes in the failover
cluster have storage resource pools that share the same name.
Validate Hyper-V Virtual Machine Network Configuration. This test validates that all virtual machines
on the failover cluster nodes are configured with cluster-compatible network settings; for example,
virtual machines are configured with correct network resource pool.
6-25
Validate Hyper-V Virtual Machine Storage Configuration. This test validates that all virtual machines
are configured with cluster-compatible storage settings; for example, virtual machine data files are on
cluster storage. If virtual Fibre Channel adapters are used, it verifies if the virtual machine is
configured with at least two virtual Fibre Channel adapters.
Validate Machine Processor Manufacturers. This test validates that all failover cluster nodes use
processors from the same manufacturer.
Validate Hardware for a Failover Cluster
Question: Why is it important that all failover cluster nodes have processors from the same
manufacturer?
Demonstration: Creating a Failover Cluster

In this demonstration, you will see how to create a failover cluster.
Demonstration Steps
Note: This task should be performed only on LON-HOST1.
1.
On LON-HOST1, use the Failover Cluster Manager to create a new cluster with the following data
(accept default values on all other wizard pages):
o
Servers in cluster: LON-HOST1, and LON-HOST2
Cluster Name: LON-CLUST.
Address: 172.16.10.105
2.
Use Active Directory Users and Computers to confirm that in the Computers container, there are
computer accounts for LON-HOST1, LON-HOST2, and LON-CLUST (which was added when you
created the failover cluster).
3.
On LON-HOST1, use File Explorer to confirm that the C:\ClusterStorage folder is empty.
4.
Use the Failover Cluster Manager to add Cluster Disk 2 to Cluster Shared Volumes.
5.
Use File Explorer to confirm that the C:\ClusterStorage folder now contains a mounted volume for
Volume1.
Configuring Highly Available Virtual Machines

A single Windows Server 2012 failover cluster
can run up to 8,000 virtual machines, and each
failover cluster node can run up to 1,024 virtual
machines, providing it has enough resources. A
highly available virtual machine must store all of
its data on shared storage, which can be either a
continuously available SMB 3.0 file share on scaleout file server, or a CSV.
You can create highly available virtual machines as

a cluster role, either by using Windows PowerShell
or by using the Failover Cluster Manager. You
can also configure an existing virtual machine as
highly available by using the High Availability Wizard. If the virtual machine data files are not stored on
shared storage, you will receive a warning, and the virtual machine will not be highly available until you
move its data to shared storage.
You can configure basic properties for the highly available virtual machine on the role Properties page,
The Priority setting is one of these properties, and it controls which virtual machines (or cluster roles in
general) have priority over others. This is important when a failover cluster starts and when virtual
machines fail over to a different node.
For example, when failover cluster starts, resources are allocated first to virtual machines with high
priority, and as a result, they are started first. Only after that will virtual machines with medium priority
be started. The failover cluster will continue to start virtual machines until they are all started or there are
no more nodes in the failover cluster with resources available. The Priority setting is set to Medium by
default, and you can change it to Low, High, and No Auto Start.
When a failover cluster is placing virtual machines on the failover nodes, it uses the following rules:
Start a virtual machine on the same node it was running on previously.
Move a virtual machine to a node that is on the virtual machines Preferred Owners list.
If the node on which a virtual machine was running previously is not available, the failover cluster will
place the virtual machine on another node, based on available resources (primarily memory).
If a virtual machine cannot be started, the failover cluster continues to contact all the nodes every five
minutes to find out if any node has enough resources available. When enough resources become
available, the virtual machine is started.
You can configure the virtual machines Preferred Owners list on the role Properties page. The failover
cluster will try to start the virtual machine on the Hyper-V host that is highest on the virtual machines
Preferred Owners list. If it is not able to start the virtual machine on any of the preferred owners, it will try
to start it on one of the possible owners, which you can configure on the Advanced Policies tab for the
virtual machines resource properties. If the virtual machine cannot be started on any possible owners,
then the failover cluster will move it to any other failover cluster node, but will not start it there.
On the Failover tab of the role properties page, you can also configure failover and failback settings. You
can specify the number of times that the failover cluster will attempt to restart or fail over the cluster role
in the specified period, and whether the cluster role will fail back automatically to the most preferred
owner when it is available again.
6-27
On the Settings tab of the virtual machines resource properties page, you can configure two settings
regarding virtual machine health monitoring, both of which are enabled by default:
Enable heartbeat monitoring for the virtual machine. This setting enables the failover cluster to
periodically check the Heartbeat integration service in the virtual machine. If the heartbeat stops,
it can restart and fail over the virtual machine.
Enable automatic recovery for application health monitoring. This setting enables you to configure
application health monitoring for applications and services that are running inside the virtual
machine.
When you want to prevent virtual machines from running on the same Hyper-V host, you can use
anti-affinity. Some examples include when virtual machines use a significant amount of resources, or
because a company policy requires that they never run on the same physical host. The failover cluster
will move virtual machines that have the same AntiAffinityClassNames property to different failover
cluster nodes. You can configure this property by using Windows PowerShell, or by using VMM, in which
AntiAffinityClassNames is called availability sets. You cannot configure it by using Failover Cluster
Manager.
Clustered Role and Resource Properties
AntiAffinityClassNames
Question: Will a virtual machine ever fail over to a node that is not on either its preferred
owners list or its possible owners list?
Virtual Machine Monitoring

Failover clusters provide high availability for the
roles that are configured in that cluster. Failover
clusters also monitor the roles, and take action
when there is an issue with role availability. A
virtual machine is one of the cluster roles and
when a virtual machine does not respond to a
heartbeat, the failover cluster can restart or fail
over the virtual machine to a different cluster
node.
Prior to Windows Server 2012, a failover cluster

was not able to monitor applications that were
running inside a virtual machine. For example, if
you used a virtual machine as a print server, the failover cluster was not able to detect if the Print Spooler
service in the virtual machine had stopped. As a result, the failover cluster would not take any action, even
though the print server did not work, because the virtual machine was still responding to a heartbeat.
Failover clustering in Windows Server 2012 has the ability to monitor and detect application health
for applications and services that run inside a virtual machine. If a service in a virtual machine stops
responding, or if an event is added to the System, Application, or Security logs, the failover cluster can
take actions such as restarting the virtual machine or failing it over to a different node to restore the
service. The only requirement is that the failover cluster node and virtual machine must be running
Windows Server 2012 or newer Windows Server operating system, and have integration services installed.
You can configure virtual machine monitoring by using either the Failover Cluster Manager or Windows
PowerShell. By default, a failover cluster is configured to monitor virtual machine health, in addition to
applications and services within that virtual machine. Heartbeat monitoring requires that integration
services is installed on the virtual machine, and that you can verify the monitoring configuration on the
Settings tab of the virtual machine resource Properties dialog box.
To add monitoring of the specific services that are running in the virtual machine, right-click the virtual
machine cluster role, click More actions, and then click Configure Monitoring. From there you can select
services to monitor inside the virtual machine. The failover cluster will take action only if a service stops
responding, and in the Services Control Manager if the service is configured with Take No Actions
recovery setting.
Windows Server 2012 R2 can also monitor failure of virtual machine storage and loss of network
connectivity. Storage failure detection can detect the failure of a virtual machine boot disk or any other
virtual hard disk that the virtual machine is using. If failure happens, the failover cluster moves the virtual
machine and then restarts it on a different node. You can also configure a virtual network adapter to
connect to a protected network. If network connectivity to such network is lost because of reasons such as
physical switch failure or disconnected network cable, the failover cluster will move the virtual machine to
a different node to restore network connectivity.
Guest Clustering and VM Monitoring in Windows Server 2012
Question: How can you monitor an application that is installed in a Windows Server 2012 R2
virtual machine, but is not running as a service?
Question: How should you configure a service in a highly available virtual machine by using
Service Control Manager, if you plan to monitor it by failover cluster?
Demonstration: Creating and Managing the Virtual Machine Clustered

Role
In this demonstration, you will see how to create and manage a virtual machine clustered role.
Demonstration Steps
1.
On LON-HOST1, use the Failover Cluster Manager to create a new virtual machine with following
data:
o
Host to create virtual machine on: LON-HOST1
Name: LON-HA1
Location: C:\ClusterStorage\Volume1\
Memory: Use Dynamic Memory
2.
On LON-HOST1, use the Failover Cluster Manager to set LON-HA1 startup priority to Low.
3.
Use the Failover Cluster Manager to configure LON-HOST1 as the preferred owner for the
LON-HA1 role.
4.
5.
Configure LON-HA1 with the following values:

o
Maximum failures in the specified period: 2
Period in which this can happen: 3
Configure the Virtual Machine LON-HA1 resource with the following value:
o
Period for restart (mm:ss): 10:00 minutes
6-29
6.
Confirm that LON-HOST1 and LON-HOST2 are set as Possible Owners.
7.
On LON-HOST1, use the Windows PowerShell Add-ClusterVirtualMachineRole cmdlet to add the

20409B-LON-PROD1 virtual machine as a clustered role.
8.
On LON-HOST1, use the Failover Cluster Manager to confirm that in the 20409B-LON-PROD1
clustered role, no services are monitored currently.
9.
Use Failover Clustering Manager to configure monitoring for LON-PROD1, and then click Print
Spooler as service to be monitored.
10. Use Failover Cluster Manager to confirm that Print Spooler is listed under Monitored Services.
What Is the Hyper-V Replica Broker Role?

Hyper-V Replica is a feature that provides a
business continuity solution for virtual machines.
It allows virtual machines that are running on a
Hyper-V host or a Hyper-V failover cluster at a
primary site to be replicated to a replica Hyper-V
host at a secondary site, (usually across a WAN
link). Primary and replica Hyper-V hosts can be
part of a failover cluster, and virtual machines that
are configured for replication can move between
cluster nodes. For replication to continue without
interruption, it is important to know at all times
on which failover cluster node the virtual machine
is running.
The Hyper-V Replica Broker cluster role provides the virtual machine to the replica Hyper-V cluster node
mapping. It also redirects incoming replication traffic for a virtual machine to the appropriate node in
the failover cluster on which the virtual machine is running. When the replica virtual machine is moved,
it sends a notification packet to the primary server with the new Hyper-V node to which the replica has
been moved. The primary Hyper-V host then connects to the replica Hyper-V host, which is a node in the
failover cluster, and then continues the replication.
For example, consider a primary virtual machine that is running on ServerA in Failover cluster 1, and a
replica virtual machine that is running on Server1 in Failover cluster 2. If Server1 fails, the replica fails over
to Server2 in the same failover cluster. The Hyper-V Replica Broker sends a notification message to the
primary Hyper-V host, which then establishes a replication connection with Server2 as a replica. If ServerA
fails, the primary virtual machine fails over to ServerC in Failover cluster 1. ServerC queries the Hyper-V
Replica Broker, and then establishes a replication connection with Server2.
Question: When do you need a Hyper-V Replica Broker?
What Is Cluster-Aware Updating?

Installing operating system updates is often a
manual and time-consuming process, especially
with a failover cluster that has many nodes.
Cluster-Aware Updating (CAU) is a feature that
updates failover cluster nodes automatically,
without user interaction and with minimal or no
downtime. For many cluster roles, CAU triggers a
planned failover, which can cause a short service
interruption for connected clients. For roles such
as scale-out file server and Hyper-V, which have
continuous availability and live migration, CAU
updates the failover cluster without interrupting
service availability.
CAU orchestrates and automates the update process by performing the following actions:
1.
Puts a failover cluster node into maintenance mode.
2.
Moves the cluster roles to a different failover cluster node.
3.
Installs the updates and any dependent updates.
4.
Restarts the failover cluster node, if necessary.
5.
Brings the node out of maintenance mode.
6.
Fails back cluster roles that were moved from this node.
7.
Continues the update on the next failover cluster node.
CAU can coordinate the complete cluster updating operation in two modes:
Remote-updating mode. In this mode, updating is coordinated by a computer, which is not the
failover cluster node. This computer is called the orchestrator, and it must have failover clustering
administrative tools installed. You can trigger on-demand updating from the orchestrator by using a
default or custom Updating Run profile. Remote-updating mode is useful for monitoring real-time
progress during the Updating Run, or for updating failover cluster nodes that do not have a GUI.
Self-updating mode. In this mode, CAU is configured as a cluster role in the failover cluster, and an
associated update schedule is defined. In this mode, CAU does not have a dedicated orchestrator
computer, but the cluster updates itself at scheduled times by using a default or custom Updating
Run profile. During the Updating Run, the CAU orchestrator process starts on the failover cluster node
that currently owns the CAU cluster role, and the process updates cluster nodes one after another. In
the self-updating mode, CAU can update the failover cluster by using a fully automated updating
process. You can also trigger updates on demand if so desired. You can view information about an
Updating Run by running the Windows PowerShell cmdlets Get-CauRun and Get-CauReport.
Cluster-Aware Updating Overview
Update Management in Windows Server 2012: Revealing Cluster-Aware Updating and the
New Generation of WSUS
Question: Is there any downtime when you update nodes in a failover cluster by using CAU?

Scenario
6-31
Most of the host servers in the subsidiary have been converted to Hyper-V hosts, including several servers
that run critical business applications. These critical applications need to be available at all times, and the
availability should not be affected by the failure of a single host machine. A. Datum has identified failover
clustering as the best option for implementing this level of availability.
You need to implement a high availability solution for these virtual machines by deploying failover
clustering for the virtual machines. You also need to configure highly available virtual machines and
virtual machine monitoring.
Objectives
Create a Hyper-V failover cluster.
Manage a Hyper-V failover cluster.
Lab Setup
Virtual machines: 20409B-LON-HOSTx, 20409B-LON-CLx, 20409B-LON-DC1, and 20409B-LON-SS1
Password: Pa$$w0rd
1.
2.
3.
4.
5.
6.
Password: Pa$$w0rd
Repeat steps 3-5 for 20409B-LON-SS1 and 20409B-LON-CLx.
LON-HOST1 and LON-HOST2 are sometimes referenced as LON-HOSTx, which indicates that each
student can perform the lab tasks on his or her computer.
Exercise 1: Creating a Hyper-V Failover Cluster

Scenario
A. Datum has decided that they will use iSCSI shared storage for failover clusters. For this purpose, you
need to create a proof-of-concept deployment, where you can also demonstrate how to extend iSCSI
logical units online. To perform this task, you decide to use one of the existing file servers and configure
the iSCSI target server on it. You also need to add the shared storage to the servers, verify that it is
configured properly, and create a failover cluster.
1.
Create an Internet small computer system interface (iSCSI) target.
2.
Connect to an iSCSI target and create volumes.
3.
Extend iSCSI logical units online.
4.
Install the Failover Clustering feature.
5.
Create a failover cluster.
6.
Add a Cluster Shared Volume (CSV).
Task 1: Create an Internet small computer system interface (iSCSI) target

1.
On LON-HOSTx, add LON-SS1 to All Servers.
2.
Use Server Manager to add an iSCSI Virtual disk with the following settings:
3.
4.
5.
6.
Location: E:\
Name: Diskx1
iSCSI virtual disk size: 10 GB
iSCSI virtual disk type: Dynamically expanding
Connect the iSCSI virtual disk to the New iSCSI target with following data:
o
Target name: Lab6-Hostx
Access servers: LON-HOST1 and LON-HOST2
Use the Windows PowerShell New-IscsiVirtualDisk cmdlet to create a new virtual disk with following
parameters:
o
Path: E:\iSCSIVirtualDisks\Diskx2.vhdx
Size: 10GB
Use the Windows PowerShell New-IscsiVirtualDisk cmdlet to create a new virtual disk with the
following parameters:
o
Size: 15GB
Use the Windows PowerShell Add-IscsiVirtualDiskTargetMapping cmdlet to add the virtual disk to
the iSCSI target with the following parameters:
o
TargetName: Lab6-Hostx
7.
8.
6-33
Use the Windows PowerShell Add-IscsiVirtualDiskTargetMapping cmdlet to add a virtual disk to

the iSCSI target with the following parameters:
o
TargetName: Lab6-Hostx
Refresh Server Manager, and confirm that virtual disks Diskx2.vhdx and Diskx3.vhdx now display,
and that they are mapped to target Lab6-Hostx.
Note: Although both students created an iSCSI target, only the Lab6-Host1 iSCSI target
will be used for creating the failover cluster.
Task 2: Connect to an iSCSI target and create volumes

1.
On LON-HOSTx, use iSCSI Initiator to connect to the target with Lab6-Host1 in the name, on the
iSCSI target server named LON-SS1. Disconnect any pre-existing targets.
2.
Use Disk Management to confirm that three disks are added, that they have size of 10GB, 10GB, and
15GB, and that they are all Offline. These are the virtual disks that you just added on the iSCSI target.
3.
On LON-HOST1, use Computer Management to bring Disk 3, Disk 4, and Disk 5 online, and to
initialize all three disks.
4.
Create and format simple volumes on Disk 3, Disk 4, and Disk 5 with default values.
Note: Perform step 5 only on LON-HOST2.
5.
Use Computer Management to bring the three new disks online.
Task 3: Extend iSCSI logical units online

1.
On LON-HOST1, use Server Manager to extend the E:\iSCSIVirtualDisks\Diskx1.vhdx virtual disk to

15 GB.
2.
Refresh Disk Management, and confirm that disk in the details pane is extended with 5 GB of
unallocated space.
3.
Use the Extend Volume Wizard to extend the volume on the disk to allocate all available disk space.
4.
Confirm that the partition is now expanded to 15 GB. You expanded it while it was online, while it was
in use.
Task 4: Install the Failover Clustering feature
On LON-HOSTx, use Server Manager to install the Failover Clustering feature.

Note: Both students should finish with this task before you continue.
Task 5: Create a failover cluster

Note: Perform this task only on LON-HOST1.
1.
2.
On LON-HOST1, use the Failover Cluster Manager to create a new cluster with following data (accept
default values on all other wizard pages):
o
Servers in cluster: LON-HOST1 and LON-HOST2
Cluster Name: LON-CLUST
Use Active Directory Users and Computers to confirm that in the Computers container there are
computer accounts for LON-HOST1, LON-HOST2, and LON-CLUST (which was added when you
created the failover cluster).
Task 6: Add a Cluster Shared Volume (CSV)

1.
On LON-HOSTx, use File Explorer to confirm that the C:\ClusterStorage folder is empty.
2.
Use the Failover Cluster Manager to add the first Cluster Disk with Available Storage status to
Cluster Shared Volumes if you are on LON-HOST1, or the second Cluster Disk with Available
Storage status to Cluster Shared Volumes if you are on LON-HOST2.
3.
Use File Explorer to confirm that the C:\ClusterStorage folder contains mounted volumes for
Volume1 and Volume2, which were added when you and your partner added disks to the CSV.
4.
Create a new text document with your name in the C:\ClusterStorage\Volumex folder.
5.
Confirm that the C:\ClusterStorage\Volumey folder contains a file with your partners name. Notice
that now, all cluster nodes have access to the CSV.
Note: If file with your partners name is not in the C:\ClusterStorage\Volumey folder, wait
until your partner creates a file.
Results: After completing this exercise, you should have created a Hyper-V failover cluster.
Exercise 2: Managing a Hyper-V Failover Cluster

Scenario
As part of the proof-on concept deployment, you need to configure virtual hard disk sharing, which you
will use later as shared storage for virtual machine clustering. You also need to create highly available
virtual machines and configure their settings. Because several virtual machines will be used as print
servers, you need to configure monitoring that will notify you if the print spooler service in those virtual
machines stops.
1.
Configure virtual hard disk sharing.
2.
Create a highly available virtual machine.
3.
Configure a highly available virtual machine.
4.
Configure virtual machine monitoring.
5.
Move a virtual machine between failover cluster nodes.
6.
Destroy a failover cluster.
Task 1: Configure virtual hard disk sharing

1.
2.
6-35
On LON-HOSTx, use the Windows PowerShell New-VHD cmdlet to create virtual hard disks on local
storage by using following parameters:
o
Path: C:\Shares\HDD1x.vhdx
SizeBytes: 10 GB
Type: Dynamically Expanding
Use the Windows PowerShell New-VHD cmdlet to create virtual hard disks on CSV by using following
parameters:
o
Path: C:\ClusterStorage\Volumex\HDD2x.vhdx
SizeBytes: 10 GB
Type: Dynamically Expanding
3.
Use the Windows PowerShell Add-VMHardDiskDrive cmdlet to add both of the virtual hard disks
that you created to the SCSI virtual adapter of the 20409B-LON-PRODx virtual machine.
4.
If the 20409B-LON-PRODx virtual machine is running, then turn it off.
Note: You cannot modify a virtual hard disks sharing setting while the virtual machine is
running.
5.
Use Hyper-V Manager to confirm that 20409B-LON-PRODx has two hard disks listed under SCSI
Controller: HDD1x.vhdx, and HDD2x.vhdx.
6.
Try to Enable virtual hard disk sharing for the HDD1x.vhdx virtual hard disk.
Note: The Error applying Hard Disk Drive changes message displays, because local
storage where HDD1x.vhdx is located does not support virtual hard disk sharing.
7.
Try to Enable virtual hard disk sharing for HDD2x.vhdx.

Note: This time you do not get any error, because the virtual hard disk is stored on a CSV.
8.
Verify that that 20409B-LON-TESTx is turned off.
9.
Use the Windows PowerShell Add-VMHardDiskDrive cmdlet to add the C:\ClusterStorage

\Volumex\HDD2x.vhdx virtual hard disk to the SCSI virtual controller of the LON-TESTx virtual
machine.
10. Start the 20409B-LON-PRODx virtual machine.

11. Start the 20409B-LON-TESTx virtual machine.
Note: Notice that an error message displays, because HDD2x.vhdx is already in use by a
virtual machine.
12. Use Hyper-V Manager to Enable virtual hard disk sharing for the HDD2x.vhdx virtual hard disk of the
20409B-LON-TESTx virtual machine.
13. Start the 20409B-LON-TESTx virtual machine.

Note: Notice that this time LON-TESTx starts without an error, as it is now configured with
14. Sign in to both the LON-TESTx and LON-PRODx computers.
15. Open Disk Management, and confirm that the shared virtual hard disk is available as shared storage
to both computers.
16. Remove HDD1x.vhdx and HDD2x.vhdx virtual hard disks from 20409B-LON-PRODx.
17. Remove HDD2x.vhdx virtual hard disk from 20409B-LON-TESTx.
Task 2: Create a highly available virtual machine

1.
2.
On LON-HOSTx, use the Failover Cluster Manager to create a new virtual machine with the following
settings:
o
Host to create virtual machine on: LON-HOSTx
Name: LON-HAx
Location: C:\ClusterStorage\Volumex\
Memory: Use Dynamic Memory
On LON-HOSTx, use the Windows PowerShell Add-ClusterVirtualMachineRole cmdlet to add a

highly available virtual machine with following parameters:
o
3.
VMName: 20409B-LON-CLx
Use the Failover Cluster Manager to confirm that LON-HAx and 20409B-LON-CLx are listed as
clustered Roles.
Task 3: Configure a highly available virtual machine

1.
On LON-HOSTx, use the Failover Cluster Manager to set LON-HAx startup priority to Low.
2.
Use Failover Cluster Manager to configure LON-HOSTx as the preferred owner for the LON-HAx role.
3.
Use Failover Cluster Manager to configure LON-HAx with the following settings:
o
Maximum failures in the specified period: 2
Period: 3
4.
Use the Failover Cluster Manager to configure Virtual Machine LON-HAx on the Resources tab with
Period for restarts (mm:ss) set to 10:00 minutes.
5.
Confirm that both LON-HOST1 and LON-HOST2 are set as Possible Owners, and that heartbeat
monitoring is enabled for LON-HAx.
Task 4: Configure virtual machine monitoring

1.
On LON-HOSTx, use the Windows PowerShell Add-ClusterVirtualMachineRole cmdlet to add the

20409B-LON-PRODx virtual machine as a clustered role.
2.
On LON-PRODx, configure the Print Spooler service with Take No Action if Second failure occurs.
3.
On LON-HOSTx, use the Summary tab in the Failover Cluster Manager to confirm that currently no
services are monitored in the LON-PRODx clustered role.
6-37
4.
In the Failover Cluster Manager, in details pane, right-click 20409B-LON-PRODx, click More
Actions, and then configure monitoring for the Print Spooler service that is running on LON-PRODx.
5.
Use the Summary tab in the Failover Cluster Manager to confirm that Print Spooler is now listed
under Monitored Services.
6.
Use the Failover Cluster Manager to review Settings for 20409B-LON-PRODx clustered virtual
machine, and confirm that Protected Network is enabled for Network Adapter.
Task 5: Move a virtual machine between failover cluster nodes

1.
On LON-HOSTx, use the Failover Cluster Manager to confirm that the LON-HAx virtual machine is
running on the LON-HOSTx node.
2.
Use the Failover Cluster Manager to start live migration of LON-HAx to the LON-HOSTy node.
3.
Use the Failover Cluster Manager to confirm that Live Migration is moving LON-HAx, and that after
the move, the virtual machine is running on the LON-HOSTy node.
4.
On LON-HOSTx, use the Windows PowerShell Move-ClusterVirtualMachineRole cmdlet to move

the LON-HAx clustered role back to the LON-HOSTx node by using live migration.
Task 6: Destroy a failover cluster

1.
On LON-HOST1, remove all clustered roles for the CLUST.Adatum.com failover cluster.
2.
Use the Failover Cluster Manager and click Destroy Cluster to remove the LON-CLUST.Adatum.com
failover cluster.
3.
On LON-HOST1 and LON-HOST2, delete the LON-HAx virtual machine.
Results: After completing this exercise, you should have managed a Hyper-V failover cluster.

Review Questions
Question: What must you do if you want support from Microsoft for a Windows Server 2012 R2
failover cluster?
Question: How can you configure anti-affinity for virtual machines that are running in a failover
cluster?

7-1
Module 7
Installing and Configuring Microsoft System Center 2012 R2

Contents:
Module Overview
7-1
Lesson 1: Integrating System Center and Server Virtualization
7-2
Lesson 2: Overview of VMM
7-13
Lesson 3: Installing VMM
7-19
Lesson 4: Adding Hosts and Managing Host Groups
7-28
Lab: Installing and Configuring System Center 2012 R2 Virtual

Machine Manager
7-41
7-47
Module Overview
Microsoft provides several built-in tools, such as Hyper-V Manager, that you can use for virtual platform
management. Alternatively, you can use specialized software such as Microsoft System Center 2012 R2
Virtual Machine Manager. Using Virtual Machine Manager (VMM) provides many benefits over built-in
utilities, particularly in enterprise environments with many virtual host servers.
This module explains how to integrate VMM into an existing virtual environment, and how to manage
that virtual environment. System Center 2012 R2 VMM is the successor to System Center 2012 Virtual
Machine Manager, which is a management solution for virtual data centers. By using VMM, you can
consolidate physical servers, provision new virtual machines rapidly, and perform unified management
of virtual infrastructure through one console.
Note: For the purpose of this course, we are referring to all instances of Microsoft System
Center 2012 R2 Virtual Machine Manager as VMM.
Objectives
Explain how to use different System Center 2012 components for managing a virtual environment.
Describe the key features of VMM.
Explain how to install VMM.
Add virtualization hosts to VMM, and manage virtualization hosts and host groups.
Lesson 1
Integrating System Center and Server Virtualization
7-2 Installing and Configuring Microsoft System Center 2012 R2 Virtual Machine Manager
In addition to integrating Hyper-V with Windows Server 2012, Microsoft provides hypervisor integration
into several System Center 2012 products, specifically with VMM. Understanding how the System Center
2012 products integrate is an important part of running a highly virtualized data center. In this lesson, you
will learn how VMM and other System Center products work together with the hypervisor.
Lesson Objectives
Provision server virtualization with VMM.
Manage server virtualization by using System Center 2012 R2 App Controller.
Monitor server virtualization by using System Center 2012 R2 Operations Manager.
Integrate System Center 2012 R2 Service Manager.
Automate tasks with System Center 2012 R2 Orchestrator.
Use System Center 2012 R2 Data Protection Manager to help protect a virtualized server deployment.
Use the Windows Azure Pack to provide self-servicing.
Provisioning Server Virtualization with VMM

VMM is a management solution for creating and
managing a virtualized data center. It enables you
to configure and manage your virtualization host,
networking, and storage resources to create and
deploy virtual machines and services to private
clouds.
VMM provides the following features:
Multihost and multivendor virtual machine

management support. You can host your
virtual machines on several hypervisors, such
as Hyper-V on Windows Server 2012, Citrix
XenServer, and VMware ESX servers. All
hardware that these hypervisors support is also supported for VMM virtual machine placement.
Intelligent placement. You can use VMM resources to determine the best available host for a new
virtual machine.
Dynamic optimization. Dynamic optimization enables you to react to alerts sent by Operations
Manager so that you can move virtual machines to other hosts to maintain performance continuity.
Physical-to-virtual machine (P2V) conversion. You can use VMM to convert a physical machine to a
virtual machine.
Microsoft Application Virtualization (App-V) support. You can use this feature to virtualize server
applications.
Live migration. In VMM, you can move virtual machines to different host machines without affecting
users or workloads.
7-3
Delegated administration. You can delegate administrative tasks to users, and allow them to create
and manage virtual machines on their own.
Cloud, infrastructure, and services management. You can manage your cloud environment and
services from a single console.
Power optimization. VMM can optimize hosts by moving virtual machines from underused hosts, and
then powering off the host machine.
Microsoft has introduced several new enhancements to VMM in the System Center 2012 R2 release. The
following are available enhanced categories and improvements:
Networking features include:

o
Site-to-site network connections using private IP addresses
Cisco Network Virtualization using Generic Routing Encapsulation
IP Address Management (IPAM) integration, top-of-rack switch integration
Forwarding extensions for HyperV extensible switch work with HyperV network virtualization
Virtual machines and cloud features include:

o
Differencing disks
Live cloning of virtual machines
Online .vhdx resizing
Enhanced support for Windows Server 2012 dynamic memory features
Grant permissions to users for individual clouds
Support for file-based virtual machine customization processes
Leverage of the new HyperV file transfer application programming interface (API) in Windows
Server 2012 R2 to transfer files to guest operating systems
Ability to create Windows-based and Linux-based virtual machines and multiple virtual machine
services, from a template gallery
Faster live migration and support for migration of Windows Server 2012 R2 operating systems
Storage features include:

o
Virtual Fibre Channel support
Management of zones
Support for Windows Offloaded Data Transfers (ODX)
Shared .vhdx support
Provision scale-out file server clusters from bare-metal deployments
Integration of storage with differencing disks optimization and storage spaces files
Services features include:

o
Services on Citrix XenServers
Allowing the script that runs on the first deployed virtual machine to differ from the script that
runs on the other virtual machines in the tier
Infrastructure features include:
Ability for automatic tasks to resume after virtual machine failover
Expanded computer scope for VMM update management
Management packs updated with new metrics for chargeback purposes based on allocation and
utilization
Additional enhancements include:

o
Support for Windows Server 2012 R2 and Windows 8.1 operating systems
Enhancements to replication and recovery
Addition of direct links to missing prerequisites in setup

Note: By design, P2V conversion is no longer available in System Center 2012 R2 VMM.
Managing Server Virtualization by Using App Controller

You can use App Controller to manage private
clouds that you create with VMM, and public
clouds that are running on the Windows Azure
platform.
App Controller provides role-based views that

administrators can customize for an application
owner. This allows the application owner to
manage services that are deployed into the
private and public clouds. A service is an
instance of an application along with its
associated configuration and virtual infrastructure
that is deployed to the cloud. For example, the
application owner can deploy a service to the private cloud, and can scale the service in or out, depending
on the owners requirements. Additionally, the owner can connect directly to virtual machines in the
private cloud from the App Controller portal.
Benefits of App Controller

System Center 2012 App Controller provides application owners with a self-service experience across
VMM, and gives them a unified view that lets them manage applications and services across private
clouds and Windows Azure. App Controller provides users with the ability to manage application
components in the context of a holistic service.
App Controller provides the self-service component of a solution by enabling application owners to:
Configure, deploy, and manage services through a service-centric interface, while using a library of
standard templates.
Provide self-service application management, visibility, and control across both the Microsoft cloud
services and the various public cloud services (such as Windows Azure).
Create, manage, and move services using a web-based interface that presents a customized view of
resources based on the application owners role in the organization, and enables them to manage
services rather than servers.
7-5
View virtual machines, and both private and public cloud services. Control components at each layer,
track jobs, and maintain a detailed history of changes.
App Controller also enables data center administrators to delegate authority to application owners.
Predefined templates ensure compliance with company IT standards and policies. Using App Controller,
data center administrators can create a customized, role-based view of private and public cloud services,
and a consumed and available resources view for application owners. In addition, application owners can
customize all service components, including virtual machines, network resources, and load balancing.
You can also use App Controller to move applications and components within public and private cloud
environments. You can copy Windows Azure configuration, package files, and .vhd files among Windows
Azure subscriptions, and you can copy service templates and resources from one VMM server to another.
Managing Private Clouds
After you connect the App Controller portal to the VMM environment, the business unit clouds, virtual
machines, and libraries become available through the App Controller portal. Private cloud administrators
can create services and service templates from within VMM, and then deploy them to the private cloud.
Business unit IT administrators can then manage and deploy these services and service templates through
the App Controller portal.
App Controller also helps users manage the individual virtual machines that are running within a service.
All of the typical VMM management capabilitiessuch as stopping, starting, mounting an ISO image, and
opening a remote desktop connectionare available to the user. Because the App Controller functionality
is delivered under the context of the service, the user only has access to the resources within it.
Managing Public Clouds
When connecting App Controller to a Windows Azure subscription, you can delegate subscription access
to users through their Active Directory Domain Services (AD DS) credentials. This provides a common
access model across the management of private and public clouds, including the services that are running
in them.
For example, you can manage the development of a service that is running in the Windows Azure
environment while managing a production implementation of a service that is running in your private
cloud environment.
You can also use App Controller to move applications between private and public clouds, and copy
resources such as service templates between VMM servers.
You install App Controller as a separate component. You can choose to host this service on a separate
server, or you can host it together with an existing service such as VMM. In both cases, you should first
ensure that your server meets the system requirements for App Controller. For better performance, you
should install the App Controller server on a separate computer from the VMM management server.
The following table displays some limits for App Controller. You should be aware of these limits when you
plan App Controller deployment.
App Controller Limits

Measure
Value
Maximum number of objects in a Windows Azure storage directory
900
Maximum number of VMM management servers
Maximum number of Windows Azure subscriptions per user
20
Maximum number of concurrent users
75
Maximum number of jobs that can be run in a 24-hour interval
10,000
Note: App Controller can connect only to System Center 2012 R2 VMM.
The new enhancements introduced with App Controller in System Center 2012 R2 are:
Support for System Center 2012 R2 VMM.
Service Provider Foundation in System Center 2012 R2.
Monitoring Server Virtualization by Using System Center Operations

Manager
You can use Operations Manager to monitor
services, devices, and operations for many
computers from a single console. Administrators
can use Operations Manager to gain immediate
insight into the state of the IT environment and
the IT services that are running across different
systems and workloads. Numerous views show
state, health, performance information, and alerts
generated for availability, performance,
configuration, and security situations.
IT departments today are responsible for ensuring

the performance and availability of critical services
and applications. Therefore, IT departments need to know when there is a problem, identify where the
problem is, and determine what is causing the problem. Ideally, IT does all this before the users of the
applications encounter problems. The more computers and devices in the business, the more challenging
this task becomes. You can use Operations Manager to monitor applications in both the private cloud and
the public cloud. Additionally, you can simultaneously monitor Microsoft platforms and non-Microsoft
platforms such as UNIX, Linux, and VMware.
Operations Manager displays monitored objects that are not healthy. Operations Manager also sends
alerts (such as a short text message or an email) when problems are identified, and provides information
to help you identify the cause of a problem and possible solutions. You can also use Operations Manager
to create reports or dashboards from collected data.
7-7
The components for Operations Manager are organized into a management group. Most organizations
have a single management group, although you can have multiple management groups. If you have
multiple management groups, the alerts from one management group can roll up to another
management group. This enables you to centralize monitoring for multiple management groups.
Operations Manager Agents
The most common way to monitor Windows computers or UNIX and Linux computers is by installing
the Operations Manager agent. You install the Operations Manager agent on a computer to facilitate
communication with the management server. After installation, the Operations Manager agent obtains
its configuration from the management server. Only data that is defined by the configuration from the
management server is forwarded to the management server.
Agentless Monitoring
You also can monitor Windows-based computers without installing an agent. This is referred to as
agentless monitoring. The information that you collect by using agentless monitoring may be limited
because some management packs do not work with agentless monitoring. Agentless monitoring also
creates a high load on the management server and is not very scalable. For these reasons, agentless
monitoring is generally not recommended.
Queries for agentless monitoring perform with remote procedure calls (RPCs) that are difficult to
perform through firewalls. When no firewall exists between the management server and the monitored
system, a management server can query the monitored system directly. If there is a firewall between the
management server and the monitored system, then you must configure an agent-managed computer
as a proxy agent. The proxy agent queries the monitored system, and then transfers the data to the
management server.
Microsoft has introduced several new enhancements to Operations Manager in the System Center 2012
R2 release. These enhancements include:
Fabric monitoring. Fabric monitoring is the System Center cloud hybrid monitoring of physical
and virtual layers for hybrid cloud environments. Other enhancements include the Fabric Health
Dashboard, which generates a detailed overview of your private clouds and the fabric that services
those clouds. In each cloud, the Fabric Health Dashboard displays the following information:
o
Host state
Storage pools state, file share, and logical unit number (LUN) state
Network node state
Active alerts
Number of virtual machines
Fabric monitoring also includes the Fabric Monitoring Diagram view, which displays the health states
of the cloud environment and the on-premises environments.
The Microsoft Monitoring Agent. This tool now includes full functionality for the IntelliTrace Collector
tool in Microsoft Visual Studio. You can also use it as a stand-alone tool for collecting application
traces locally.
Integrating Operations Manager with the development processes. There are new alert fields in Team
Foundation Server (TFS) work item IDs, and TFS work item owners.
Conversion of application performance monitoring (APM) for performance events to the

IntelliTrace format. You can open the APM for performance events from the Visual Studio integrated
development environment (IDE), if the performance event was captured during an IntelliTrace
Collector historical debugging session. APM is also integrated tightly with the TFS work item
synchronization management.
Support for IPv6. You can now accept IPv6 addresses as input for network discovery in the Operations
console.
Java application performance monitoring. You can monitor Java application performance and
exception events using the Operations Manager Application Advisor console.
System Center Advisor. You can use this online service to analyze installations of Windows Server
software.
Integrating Service Manager

Service Manager is a comprehensive IT service
management solution that you can use to add
process-driven automation and self-service
infrastructure provisioning to your private cloud
infrastructure.
To help organizations manage help desks,
Service Manager automates help desk functions
such as ticketing and change request processes.
Service Manager integrates with AD DS, and
with products such as System Center 2012
Configuration Manager, Operations Manager,
and VMM to build a single, reconciled inventory
of an organizations assets.
Service Manager provides several key benefits to organizations, including increased productivity,
reduced costs, swifter problem resolution, and built-in compliance management. Built-in processes in
Service Manager are based on industry best practices such as those found in Information Technology
Infrastructure Library (ITIL) and the Microsoft Operation Framework.
Service Manager comes enabled with process management packs for incident and problem resolution,
service request provisioning, change and release control, and configuration and knowledge management.
Through its integration with other System Center components and key infrastructure services such as
AD DS, Service Manager provides accurate configuration management database population and private
cloud process integration.
By using Service Manager, you can:
Reduce the mean time to resolve issues through user self-service.
Improve private cloud efficiency through centralized management of incident, problem, and change
processes.
Provide self-service deployment of private cloud resources through integration with other System
Center 2012 components.
Implement compliance controls for the management of private cloud infrastructure components.
In Service Manager, you define various types of templates and workflows so that you can automate many
administrative processes. As part of your initial Service Manager configuration, you must configure
settings and workflows for change and activity management.
Change requests are generated typically when the IT infrastructure requires a configuration change to
achieve a desired result. Change requests are also generated to support new technologies, processes, or
applications. Service Manager allows you to collect and process change requests automatically by defining
7-9
workflows and activities that you should perform during the change management process. End users and
administrators can create change requests.
In Service Manager, you use workflows to close completed change requests automatically, and to send
notifications to users when activities require approval. To maintain change requests, you create change
request templates. You can use a workflow to apply these templates automatically. You generally use
change request templates when users submit new change requests. The templates are particularly useful
when you create a change request for a recurring type of issue.
Change request templates allow you to:
Set an issue category, then define a standard priority, effect, and risk level for it in the template.
Create additional templates for other types of recurring change requests.
Include a number of activities in one template. However, any activities that you want to include in a
change request template you must have created previously as activity templates.
Additionally, by using change request templates, users spend less time submitting new change requests.
This is because the request templates store commonly used settings, and then the templates apply these
settings to new change requests. For example, you can create a change request template to modify the
Microsoft Exchange Server infrastructure. You also can create change templates that include an activity
that automatically changes a standard change priority request to Low.
Note: When you create a change request template, do not create links to configuration
items or work items, and do not enter any user information. If you create a template with these
objects, you cannot remove them and you will have to re-create the template.
Manual activity templates help ensure that all manual activities are assigned to the person who is
designated as the activity implementer. After you create the manual activity template, you need to create
a workflow that applies to the template.
Service Manager 2012 R2 fully supports the Windows Server 2012 R2 and Windows 8.1 operating systems.
Automating Tasks with Orchestrator

Orchestrator (formally known as Opalis), is an IT
process automation solution for the private cloud.
You use Orchestrator to automate the creation,
monitoring, and deployment of key resources in
your private cloud environment.
Private cloud administrators perform many critical

daily tasks to ensure that their infrastructure is
highly available and reliable. They also require
the ability to reduce the time it takes to provision
new infrastructure, while providing self-service
capabilities to end users. Additionally, the
administrators must maintain quality standards
and system efficiency. Orchestrator can combine disparate tasks and procedures together by using the
Runbook Designer (formerly known as Opalis Client) to create reliable, flexible, and efficient end-to-end
solutions in the private cloud environment.
By using Orchestrator, you can:
Automate processes in your private cloud, regardless of hardware or platform.
Automate your private cloud operations, and standardize best practices to improve operational
efficiency.
Connect different systems from different vendors without using scripting and programming
languages.
As part of the enhancements in System Center 2012 R2 Orchestrator, you can now install the Service
Management Automation Web service with up to three runbook workers from the Orchestrator setup
program. You can then use these runbooks as part of the Windows Azure Pack for Windows Server, or
you can use the runbooks and conduct other automation tasks using Windows PowerShell cmdlets.
There are also new and updated integration packs available for System Center 2012 R2 Orchestrator.
System Center Integration Pack for Microsoft SharePoint Server is the new integration pack, while the
updated packs are Windows Azure Integration Pack for Orchestrator, and System Center Integration Pack
for System Center 2012 Virtual Machine Manager.
Using Data Protection Manager to Protect a Server Virtualization

Deployment
Data Protection Manager (DPM) provides diskbased and tape-based data protection and
recovery for servers such as Microsoft SQL Server,
Microsoft Exchange Server, Microsoft SharePoint
Server, virtual servers, file servers, and support for
Windows client operating systems. DPM can also
centrally manage system state and bare-metal
recovery.
By using DPM, you can:
Recover bare-metal servers and desktops

running Windows operating systems. This
allows you to recover servers and desktops
quickly without first installing the operating system.
Back up and recover from disk or tape. Depending on the backup storage type that is available, you
can decide whether you want to store it on disk or in a tape library.
Centrally manage the DPM servers with the DPM Administrator Console. In larger environments,
managing all DPM servers from a central console is particularly beneficial.
Use role-based access permissions to distribute backup and restore management. You can assign
permissions to users that allow them to restore the systems for which they are responsible. The
benefit is that you do not grant them full permissions, so they will not be able to access data that
they do not own.
Perform quick item-level recovery for virtual machines. To recover a specific item (such as a file), you
do not need to recover the entire virtual machine. Instead, you can just recover the particular file.
The following new features and enhancements are available in System Center 2012 R2 DPM:
7-11
Windows Azure Backup. You can use this Windows Azure service to back up DPM data in System
Center 2012 R2 to Windows Azure Backup.
SQL Server cluster support. You can use clustered SQL Server nodes in DPM. In System Center 2012
R2, DPM no longer has the limitation that existed in System Center 2012 - DPM and System Center
2012 SP1 DPM. This provides greater reliability, scalability, and consistency. You can also install the
DPM server on the same stand-alone or clustered SQL Server that hosts the DPM database.
Virtualized deployment. With System Center 2012 R2, you can now deploy DPM on a virtual machine,
and you can configure storage using .vhd storage pool disks that are shared in the Virtual Machine
Manager library.
Linux virtual machine backup. DPM now allows for greater protection of Linux virtual machines
beyond previous versions support. DPM also provides for backup of the Linux virtual machines.
However, only file-consistent snapshots are supported for Linux backups. Windows Azure Backup
does not support protection of Linux virtual machines.
Using the Windows Azure Pack for Self-Service Capabilities
Windows Azure customers can now download

and run the Windows Azure Pack for Windows
Server. The Windows Azure Pack is free for
Windows Azure customers. The Windows Azure
Pack increases your private cloud and data
center capabilities with enhanced selfservice,
multitenant features that integrate with the public
Windows Azure cloud. This means that you can
use resources provided by Windows Azure (such
as applications, virtual machines, and SQL Server
databases), along with your private cloud
resources and data centers. For example, you can
replicate SQL Server databases between your data center and Windows Azure backup. This capability can
add to the reliability and survivability of your data. The Windows Azure Pack lets you more easily manage
this type of integration with data centers and private cloud resources.
Windows Azure Pack includes the following capabilities:
Windows Azure Management Portal. The Management Portal is a selfservice portal that lets you
provision, monitor, and manage services. You can customize the portal for tenants.
Service management application programming interface (API). This API uses a Representational state
transfer (REST API that helps a range of integration scenarios from custom portals through billing
systems.
Websites. Windows Azure Pack helps provide high density, scalable, shared web hosting platforms for
Microsoft ASP.NET, PHP: Hypertext Preprocessor (PHP), and Node.js web applications. The Windows
Azure Pack also has a customizable web application gallery of open source web applications, and
integration for source control systems for custom developed applications and for websites.
Virtual machines. The Windows Azure Pack includes a virtual machine service that provides
Infrastructure-as-a-Service (IaaS) capabilities for virtual machines running both Windows operating
systems and Linux operating systems. This service contains a virtual machine template gallery, scaling
options, and virtual networking capabilities.
Service Bus. The Service Bus service delivers reliable messaging services between distributed
applications. This includes queued and topic-based publishing and subscription resources.
Automation and extensibility. The Windows Azure Pack allows you to automate and integrate
additional custom services into the services framework. Custom services include a runbook editor,
and an execution environment.
You can install the Express option or use a distributed deployment of Windows Azure Pack. Several
components make up the Windows Azure Pack for Windows Server. If you are using the Express version,
all the components can go on one computer. Otherwise, you can distribute the components to up to
seven separate machines. Windows Azure Pack includes the following components:
Management portals and the service management API. The available portals include the portal for
administrators and the portal for tenants.
Website roles:
o
Web Sites Controller
Web Sites REST API
Web Workers
Front End
Publisher
File Server
SQL/MySQL. These are the database services that are included in the Windows Azure Pack.
Virtual machines. Two components are available for tenants to control their virtual machines: VMM,
and the Service Provider Foundation.
Lesson 2
Overview of VMM
7-13
Before you begin a VMM installation, you should carefully plan the integration and deployment in an
existing virtual and physical infrastructure. VMM provides several benefits for business environments and
enhancements for built-in management tools. VMM consists of several components that provide various
features and functionalities, and you need to plan the deployment and integration of each of these
features with the current environment.
Lesson Objectives
Describe the features and functionalities of VMM.
Describe the purpose of fabric management.
Describe the features and benefits of using cloud services.
Describe the service life cycle management.
Describe the VMM architecture.
Introducing VMM
VMM includes several enhancements to the
previous VMM iterations, including enterprise
class performance enhancements. The latest
version of VMM includes simplified provisioning
and migration abilities, support for cloud services
and cloud infrastructure, and enhanced ability
for business units to manage their resources
individually with multitenant cloud infrastructure
improvements. Additionally, System Center 2012
R2 has been extended to allow further
provisioning of on-premises virtual machines
and resources into the Windows Azure cloud
infrastructure.
Enterprise-Class Performance
System Center 2012 R2 supports enterprise-class scale and performance for Windows Server-based
environments. The System Center 2012 R2 version of VMM is key to enabling the virtualization and
management scale. In this version of VMM, a VMM server can support up to 1,000 hosts and 25,000
virtual machines.
Another important VMM enhancement is the Dynamic VHDX resize feature, which enables you to grow a
SCSI virtual disk without any downtime. VMM support for an automated Hyper-V cluster upgrades virtual
machines without downtime, and reduces the time, effort, cost, and downtime required to upgrade from
Windows Server 2012 to Windows Server 2012 R2. You can upgrade Hyper-V clusters automatically using
the Live Migration feature with VMM.
VMM also has many new and enhanced private cloud management capabilities. VMM enables
dynamically allocated memory changes in addition to snapshots of running virtual machines without
downtime. Additionally, VMM includes enhanced support for deploying VMM services to Citrix XenServer
and VMware ESX hosts. This allows for consistent management of Hyper-V, Citrix XenServer, and ESXbased virtual machines through the VMM console. You can treat ESX and XenServer hosts the same as any
other VMM host.
Simplified Provisioning and Migration
Windows Server 2012 includes improved File and Storage Services, including Storage Spaces. This means
that you can use industry-standard storage that you can manage entirely with server software. You can
also use industry-standard servers as opposed to specialty hardware technologies for your more expensive
infrastructure, for storage, and for disaster recovery. Industry-standard server technologies have advanced
to the same level as specialty hardware technologies, and offers similar performance and capabilities at
a reduced price. Using System Center 2012 R2 VMM, you can support large, company-wide storage
technology infrastructure such as a bare-metal provisioning of scaled out Windows file server clusters,
physical disk discovery, and virtualized storage pools creation.
Another new VMM feature is simplification of cross-data center disaster recovery for virtual machinebased infrastructure services. This is achieved by providing the private cloud abstraction layer in the
source and destination data centers.
Multitenant Cloud Infrastructure
Many organizations want to enhance their data center infrastructure to include increased efficiency, and
have the ability to scale resources quickly. Additionally, organizations want the ability to provide multitenancy with increased IP flexibility, chargeback, and infrastructure standardization. VMM provides greater
support for multitenant environments through support for virtual networks.
Using VMM, you also now have the ability to combine multiple instances of VMM infrastructures with
the sender policy framework (SPF) API. Additionally, the latest VMM version strengthens Microsoft
software-defined network solutions by allowing you to add multitenant edge gateways to bridge your
organizations physical and virtual data centers. This enables you to combine private cloud elements with
certain elements in the public cloud, resulting in better hybrid cloud integration while enhancing mobility
and delivering flexible workloads. VMM also provides for multitenant enhanced chargeback with greater
granular infrastructure metering, and the ability to analyze various business and operational metrics.
Provisioning Windows Azure Infrastructure
VMM is well integrated into the other System Center 2012 R2 products. Combined with those products,
VMM offers a unified set of tools to help you provision and manage virtual machines both on-premises
and in Windows Azure environments. This includes workload portability without requiring format
conversion. By using App Controller, you can migrate on-premises VMM virtual machines into Windows
Azure virtual machines, and then manage those virtual machines from within the App Controller console.
Fabric Management
In VMM 2012 R2, fabric is the infrastructure and
services that you use to manage and deploy hosts,
and that you use to create and deploy virtual
machines and services to both the data center
and the private cloud. This includes:
Host groups
Networking
Storage elements
Pre-Boot Execution Environment (PXE)
Windows Server Update Services (WSUS)

servers
Virtual Machine Manager libraries
VMware ESX and Citrix XenServer servers
The main benefits of using the fabric are:
7-15
Aggregate private cloud resources. The goal of the fabric is to aggregate private cloud resources
in meaningful ways that enable you to deploy these resources more easily and comprehensively.
The fabric is a logical manifestation of the networks, storage, and services that will be available as
resources in your cloud environment.
Abstract your networking resources. The fabric combines logical networks with Hyper V virtual
networks to define IP address assignments and route traffic, and set up static addresses for host
servers. The VMM fabric can supply IP addresses by using combinations of IP ranges, media access
control (MAC) address pools, and virtual IP templates. The VMM fabric also provides IP load balancer
support.
Storage. VMM uses the Microsoft Storage Management Service extensively to create this storage
aspect of the fabric. You can automate storage assignments across your public or private cloud,
providing the storage device is supported through the Storage Management Initiative Specification
(SMI-S). Additionally, if you are using Windows Server 2012 R2 with the File Server role and the
Internet small computer system interface (iSCSI) Target Server role enabled, you can attach storage,
create storage pools, create discs and volumes, and create iSCSI disks and targets, which you can then
add into your fabric storage.
Management. The VMM console has a workspace devoted to the fabric that lets you manage the
overall fabric that makes up all of these resources mentioned in this list. In System Center 2012 R2
VMM, the fabric workspace has an additional element entitled Infrastructure. Your VMM
management servers, PXE servers, VMware servers, and library servers are now located in this
Infrastructure.
What Is Cloud Computing?

Cloud computing is the latest technological
evolution in virtual computing technology. Cloud
computing extends virtualization concepts to
make them even more elastic. Cloud computing
increases the accessibility of public and private
clouds to business unit IT teams, and increases
their accountability through features such as the
cost center-based chargeback model for billing.
The National Institute of Standards and

Technology (NIST) defines cloud computing as a
model for enabling highly available, convenient,
on-demand network access to a shared pool of
configurable computing resources. Using cloud computing, you can rapidly provision and release
computing resources, with minimal management effort or service provider interaction. Cloud computing
resources can include networks, servers, storage, applications, and services.
Cloud computing makes maximum use of the resources that are available in a data center. For example,
an application owner can deploy a developed application to the private cloud infrastructure and the
infrastructure will dynamically adjust resources for the application, scale the application, and enable the
application to migrate across servers based on best resource match.
The benefits of cloud computing include:
Virtualized data center. Cloud computing provides methods to access computing services that are
independent of both your physical location, and the hardware that you use to access it. With cloud
computing, you no longer need to store data or applications on your local computer. The data center
remains a key element when adopting cloud computing; however, cloud computing emphasizes
virtualization technologies that focus on delivering applications rather than supporting the data
center infrastructure.
Reduced operational costs. Cloud computing helps mitigate issues such as low system use,
inconsistent availability, and high operational costs by providing pooled resources, elasticity, and
virtualization technology.
Server consolidation. Cloud computing allows you to host multiple virtual machines on a
virtualization host, which enables you to consolidate servers across a data center.
Improved resilience and agility. With products such as System Center 2012, cloud computing can
reduce costs and improve efficiency.
There are two main types of clouds: the public cloud, and the private cloud:
Public cloud. A public cloud is cloud services infrastructure that is made available to the public or a
large industry group, and is owned by an organization (or service provider) that sells cloud services.
The company that purchases the space on the public cloud, known as the tenant, shares cloud
resources with other organizations. The public cloud exists only off-premises.
Private cloud. A private cloud infrastructure is dedicated to one organization only. The cloud
infrastructure that an organization uses can exist either on-premises or off-premises. A private
cloud may be managed by the organization itself, or by an outside company.
7-17
The key difference between a public cloud and a private cloud is the workloads that are running on the
infrastructure:
With public cloud services, the tenant organization has less management overhead than
organizations that use private clouds. This also means, however, that control of the infrastructure and
services is reduced greatly, because the service provider manages the infrastructure and services for
the tenant organization. In addition, the public cloud hosts the infrastructure and services for multiple
organizations (multitenant), which introduces security implications that you need to review.
Private clouds are owned by their respective organizations. The cloud infrastructure is managed and
maintained in the organizations data center. One of the key benefits of this is that the organization
has complete control over the cloud infrastructure and services that it provides. However, the
organization also has the management overhead and costs that are associated with this model.
A hybrid cloud is a cloud infrastructure that combines certain elements from both a public cloud and a
private cloud. For example, you could use Windows Azure virtual machines in your private cloud.
Service Life-Cycle Management

When planning your private cloud infrastructure,
you must know which services are suitable for
cloud computing, and how you will manage
them. For example, some of your business-critical
applications might not be suitable for the private
cloud because of security or budget constraints.
A service can be an application, process, function,
or it can be data. When you implement service
management process automation for your
organization, you should have a standardized and
well-defined process for requesting and managing
private cloud services. Many elements make up a
successful private cloud service, including:
Groups of machines that work together
Machine definitions as well as applications
Supported application types such as:

o
Web Apps (MSDeploy)
Virtual apps (App-V)
Database Apps (SQL DAC)
Implementing and integrating the various private cloud service elements is a complicated process. System
Center 2012 provides you with the necessary tools and services to help you with this process.
To implement your custom-designed service management processes, you can automate the specific
System Center 2012 components to interact with each other. For example, you can configure Service
Manager so that it initiates a workflow that starts an Orchestrator runbook that interacts with VMM
automatically.
You can combine your services into VMM service templates. This allows you to add virtual machine
templates, network configurations, applications, and storage into a single element. For example, suppose
you want to deploy a new virtual machine based on characteristics of an existing virtual machine. While
could clone the existing virtual machine, the cloning process can take several minutes before you can
deploy it, and a sysprep process typically takes up more time. Instead, you can create a service template
that has that type of virtual machine with its various resources already assigned, and then deploy the
service template to create quickly a virtual machine based on the template.
Typically, providing for service management is a recurring cycle, which is known as service life cycle
management. You can begin service life cycle management by creating the appropriate service template.
You can then use the template to customize a particular virtual machine or application deployment,
and then deploy that service template. If you need to update that service, you can create a new service
template that incorporates those updates. When you create a new service template with the updates, you
will have completed one full life cycle for the initial template. After this point, you would then customize
the deployment, and then deploy the service.
VMM Architecture
VMM is a System Center 2012 component that
offers a management solution for a virtualized
data center. You can use VMM to create and
deploy virtual machines and services to private
clouds by configuring and managing your
virtualization host, networking, and storage
resources. By using VMM, you can discover,
capture, and aggregate information about the
virtualization infrastructure and enable automatic
management of policies and processes. In the
private cloud infrastructure, VMM helps transition
enterprise IT from an infrastructure-focused
deployment model into a service-oriented, user-centric environment.
VMM architecture consists of several different, interrelated components, including:
VMM management server. The VMM management server is the computer on which the VMM service
runs. The VMM management server processes commands and controls communications with the
database, the library server, and the virtual machine hosts. The VMM management server is the hub
of a VMM deployment through which all other VMM components interact and communicate. The
VMM management server also connects to a SQL Server database that stores all VMM configuration
information.
Database. VMM uses a SQL Server database to store the information that you view in the VMM
management console. This information includes managed virtual machines, virtual machine hosts,
virtual machine libraries, jobs, and other virtual machine-related data.
Management console. The management console is a program that you use to connect to a VMM
management server. Through the management console, you can view and manage physical and
virtual resources, including virtual machine hosts, virtual machines, services, and library resources.
Library. A library is a catalog of resources such as virtual hard disks, templates, and profiles, which are
used to deploy virtual machines and services. A library server also hosts shared folders that store filebased resources. The VMM management server is always the default library server, but you can add
additional library servers later.
Command shell. Windows PowerShell is the command-line interface in which you use cmdlets to
perform all available VMM functions. The VMM console is built by using Windows PowerShell. You
can use VMMspecific cmdlets to manage all the actions in a VMM environment.
Lesson 3
Installing VMM
Installing the VMM server and VMM console is a key process in establishing the VMM infrastructure.
You should perform installation procedures for these components based on prior planning.
7-19
Before starting to install the VMM server and VMM console, consider the potential issues and
requirements. After completing installation, you will need to perform several post-installation tasks,
such as adding physical hosts, creating and deploying host groups, and ensuring that the configuration
is set appropriately for your organizations goals.
Lesson Objectives
Determine the required topology for a VMM deployment.
Identify the system requirements for installing VMM.
Describe the considerations for implementing a highly available VMM management server.
Describe the requirements for installing VMM.
Explain how to install a VMM management server and a VMM console.
Determining Topology for a VMM Deployment

VMM deployment topology varies according
to each customers needs. Major design factors
include defining administrative boundaries, and
placing the components in a network segment,
site, or geographical zone with sufficient
bandwidth.
When you plan a VMM deployment, you should
consider the following factors:
Number of hosts
Number of branch sites with hosts
Security, administrative groups, and selfservice options that you require
Availability and recovery time that each of the components require
The number of hosts determines the physical or virtual resources that each component server in the
VMM deployment requires. In System Center 2012 SP1 VMM, the scale of a VMM management server
has the capacity to manage 1,000 hosts and 25,000 virtual machines. However, the demand on a single
management server would suggest that you should use multiple VMM instances. You can use App
Controller with five VMM instances. Therefore, in theory, you could manage resources of over 125,000
virtual machines. If your deployment has thousands of hosts, you should consider contacting your
regional Microsoft office for guidance on a personalized deployment to fit your environment.
The number of branch sites with hosts and the wide area network (WAN) links capabilities between the
branches and the VMM management server determines if you should have a single VMM deployment
with multiple Virtual Machine Manager library servers or individual VMM deployments at each branch.
VMM offers delegated administration and self-service. You can use App Controller, Service Manager,
or your own customized portals to provide self-service to your users. When you determine what type of
VMM deployment is appropriate for your environment, you can then plan a self-service deployment that
is appropriate for the design. For example, App Controller can span five VMM deployments. However,
your security requirements may require you to have an App Controller deployment for each VMM
deployment.
The availability and recovery time for VMM components is also important when determining the
topology for your VMM deployment. VMM is a cluster-aware application that you can configure to be
highly available. SQL Server is cluster-aware, and you can install the Virtual Machine Manager library
server on a Microsoft file server cluster, but not on the same cluster that hosts a clustered VMM instance.
DPM can back up your VMM components and if required, you can locate DPM at a remote site and use it
to restore one or more offsite components.
For the latest information on deployment scenarios, and for the individual component hardware and
software prerequisites for the most current service pack, review the information provided on the Microsoft
TechNet website.
If you are deploying VMM, you should consider that:
The VMM database no longer supports SQL Express. Therefore, you must move your database to a
supported version of SQL Server.
A Windows Deployment Services (Windows DS) server is required for bare-metal deployment of
Hyper-V hosts. A bare-metal deployment refers to deploying a host on a computer that does not have
an operating system.
At least one library server is necessary, but you should consider at least one library for each site that
you will separate with a low-speed WAN link.
You should use WSUS or Configuration Manager for update management.
App Controller has replaced the self-service portal. There is no longer an upgrade path from existing
self-service portals to App Controller.
Operations Manager is required to use VMM reporting, and to leverage Performance and Resource
Optimization (PRO) tips.
Managing VMware ESX and VMware ESXi hosts requires that you integrate VMware vSphere. If you
need more than the maximum number of hosts for business or network reasons, you must have
multiple VMM servers. You can use App Controller to view resources for up to five VMM servers.
Consider which VMM services you will use in your topology and review the associated ports that VMM
uses to communicate between its components. Ensure that firewalls are not blocking ports, and determine
whether the component coexists with another application that these ports review. If you need to amend a
default port, make sure that you update the associated firewall rules.
The following table lists some default ports that you can change during the VMM installation.
Port
Description
7-21
8100
Provides communication with the VMM console
5985
Provides communication with agents on hosts and on library servers
443
Enables file transfers to agents on hosts and on library servers
8102
Provides communication with Windows DS
8101
Provides communication with Windows Preinstallation Environment (Windows PE) agents
8103
Provides communication with the Windows PE agent for time synchronization
VMM System Requirements

Before you can deploy a System Center 2012
VMM solution, you need to ensure that your
system meets a number of prerequisites. Although
Microsoft provides both the minimum and
recommended requirements for VMM, the
requirements that work best for you might vary
depending on your organizations operations,
budget, schedule, time requirements, and other
factors. In addition, remember that System Center
2012 R2 VMM has additional requirements, which
will be covered in a later topic.
System Requirements for a VMM Management Server

The following table describes the hardware requirements for managing up to 150 hosts on a VMM
Management server.
Hardware component
Minimum
Recommended
Processor
Pentium 4, 2 gigahertz
(GHz) (x64)
Dual-processor, 2.8 GHz (x64)

or greater
Random access memory (RAM)
2 gigabyte (GB)
4 GB
Hard disk space (without a local VMM

database)
2 GB
40 GB
Hard disk space (with a local, full version

of SQL Server)
80 GB
150 GB
The following table describes hardware requirements for managing more than 150 hosts.
Hardware component
Minimum
Recommended
Processor
Pentium 4, 2 GHz (x64)
Dual-processor, 3.6 GHz (x64) or greater
RAM
4 GB
8 GB
Hard disk space
10 GB
50 GB
If you are managing more than 150 hosts, you can enhance performance by separating the VMM
components. For example, rather than using the default library share on the same server as the VMM
server, you can deploy a separate library server. Conversely, you can use a VMM database on a dedicated
computer that is running SQL Server.
The following table describes the software requirements for installing the VMM management server.
Software requirement
Notes
A supported
operating system
Windows Server 2012 Standard or Windows Server 2012 Datacenter

operating system (full installation)
Windows Remote
Management service
Windows Remote Management is included in Windows Server 2012. By

default, Windows Remote Management (formerly known as WSManagement) is set to start automatically.
If the Windows Remote Management is not yet started, setup will display an
error during the prerequisites check. You must start the service before setup
can continue.
Microsoft .NET
Framework 4 or newer
System Center 2012 SP1 requires .NET Framework 4 or newer, which

Windows Server 2012 includes.
Windows Assessment
and Deployment Kit
(Windows ADK) for
Windows 8
Windows ADK is available from the Microsoft Download Center.
Windows Assessment and Deployment Kit (ADK) for Windows 8

When you install the Windows ADK, select the Deployment Tools and the
Windows Preinstallation Environment features.
System Requirements for VMM Consoles

The following table describes the hardware requirements for managing up to 150 hosts.
Hardware component
Minimum
Recommended
Processor
Pentium 4, 550 megahertz (MHz)
Pentium 4, 1 GHz or greater
RAM
512 megabytes (MB)
1 GB
Hard disk space
512 MB
2 GB
The following table describes the hardware requirements for managing more than 150 hosts.
Hardware component
Minimum
Recommended
Processor
Pentium 4, 1 GHz
Pentium 4, 2 GHz or greater
RAM
1 GB
2 GB
Hard disk space
512 MB
4 GB
The following table describes the software requirements for installing the VMM console.
Software requirement
Notes
7-23
A supported operating
system
See the approved operating systems in the next table
Windows PowerShell 2.0 or

Windows PowerShell 3.0
Windows PowerShell 2.0 is included in Windows Server 2008 R2 and

Windows 7. Windows PowerShell 3.0 is included in Windows Server
2012.
At least .NET Framework 4
On a computer that is running Windows 7, .NET Framework 3.5 with

SP1 is installed by default.
On a computer that is running Windows Server 2008 R2, .NET
Framework 3.5 with SP1 is not installed by default. However, you can
use the VMM Setup Wizard to install the feature.
On a computer that is running Windows 8 or Windows Server 2012,
.NET Framework 4 is included.
.NET Framework 4.5 is available at the Microsoft Visual Studio 2012
download page at http://go.microsoft.com/fwlink/p/?linkId=285269.
The following table lists the supported operating systems on which you can install the Virtual Machine
Manager console.
Operating system
Edition
System architecture
Windows Server 2008 R2 SP1 (full

installation)
Standard, Enterprise, and

Datacenter
x64
Windows 7 SP1
Professional, Enterprise, and

Ultimate
x86 and x64
Windows Server 2012 and Windows

Server 2012 R2
Standard and Datacenter
x64
Windows 8 and 8.1 Client
Standard, Pro, and Enterprise
x86 and x64
You can deploy the VMM console on the same server as the VMM management server, or on another
server or workstation that is running a supported operating system.
To enable integration with App Controller and Operations Manager, you must first install the VMM
console on the other servers that are running System Center 2012. You can integrate VMM with
Orchestrator, and you optionally can install the console on the same server as the Runbook Designer.
Virtual Machine Manager Self-Service Portal

System Center 2012 SP1 and System Center 2012 R2 do not include the optional Virtual Machine
Manager Self-Service Portal. App Controller is now the web component for self-service. (In Module 12,
you will learn more about App Controller planning and deployment.)
Note: It is not possible to upgrade the Virtual Machine Manager Self-Service Portal to App
Controller.
VMM and SQL Server Database
Prior to System Center 2012 VMM, the SQL Server Express edition was an option during the installation.
However, currently only full versions of SQL Server are supported with VMM.
Note: If you are upgrading from an earlier version of VMM and you use an unsupported
version of SQL Server, first you will need to move the database. To move the VMM database, you
must back up the VMM database, copy it to the computer that is running a supported version of
SQL Server, and then restore the database.
When you are planning the design and placement of your VMM database, you should consider
availability. If you need to install the VMM server as a highly available clustered application, you also
should plan availability for the SQL Server that is hosting the database.
The VMM database can reside on a SQL Server along with other application databases. For example, in
smaller deployments, you could consider hosting the App Controller database and the VMM database on
the same SQL Server. When planning to host multiple application databases, review the prerequisites for
each application.
The VMM database either must be in the same domain as the VMM server, or a two-way trust must be in
place. The SQL Server database server name may not be longer than 15 characters, and must not be case
sensitive.
VMM Database Requirements

The following table lists the SQL Server versions that are supported for use with VMM 2012 SP1.
SQL Server edition
Service pack
Editions
SQL Server 2008 R2 (64-bit)
SP1 or Service Pack 2 (SP2)
Standard, Enterprise, and

Datacenter
SQL Server 2012 Enterprise,

SQL Server 2012 Standard (64-bit)
SP1
All
Considerations for a Highly Available VMM Management Server

The VMM management server runs the VMM
service, which processes all commands and
manages all communication between the VMM
database, the library servers, and the virtual
machine hosts. The VMM server is cluster-aware,
and you can deploy it as highly available if your
virtualization environment is large.
7-25
When you are deploying a highly available

VMM management server, ensure that you have
created a domain account for the VMM service.
This account has to have local administrator rights
on every computer where you install the VMM
management server, console, or agent. For security purposes, it is important to use only the VMM
service account for its specifically designated purpose. For example, if you remove the VMM service
accounts from the VMM management server, the VMM service account is also removed from the local
administrators group. You should also be aware that after you install the VMM management server you
cannot change the identity of the VMM service account or move it from a local system account to a
domain account. To move it or change its identity, you would have to uninstall VMM, and then reinstall it.
You can however, retain the VMM database and reattach it upon the reinstallation.
When communicating to multiple VMM components in a highly available environment, you must use
distributed key management to store encryption keys in AD DS so that you do not encounter encryption
errors. Encrypted data is stored locally in the VMM database using the Windows Data Protection API by
default. If you need to move your VMM management server, this encrypted data will not be copied over.
However, if you use distributed key management and store the keys in AD DS, this encryption data will be
accessible even if you move the VMM management server.
Note that before you install VMM, you must prepare AD DS to store encryption keys. You must create
a container in AD DS with a Lightweight Directory Access Protocol (LDAP) distinguished name. The user
account installing VMM must have Full Control access to this container, to the This object container, and
all descended objects of the container.
Whenever possible, try to use a highly available installation of SQL Server that is installed on a separate
failover cluster from the failover cluster on which you are installing the VMM management server.
When you are planning a VMM deployment, keep in mind that App Controller can connect to multiple
VMM management servers. This can be useful when you deploy multiple management servers, as it
enables you to reduce traffic between branch office hosts and a centralized management server.
Note: If you deploy a highly available (clustered) management server, keep in mind that
you cannot install the Virtual Machine Manager library share as a clustered share on the same
server on which the management servers reside.
Note: When you are naming the VMM management server, the computer name cannot
contain the character string SCVMM. For example, you cannot name the server ADATUMSCVMM-01, but you can name it ADATUMSCVMMM01.
Requirements for Installing System Center 2012 R2 VMM

The additional requirements for installing System
Center 2012 R2 VMM focus on the operating
systems on which the various server components
can run, and what SQL Server version can store
the database. The following table lists the
operating system requirements for VMM.
System Center
2012 R2 serverside component
Windows
Server 2008
R2
Windows
Server 2008
R2 with SP1
VMM
management
server
Windows
Server 2012
Standard,
Windows
Server 2012
Datacenter
Windows Server 2012

Datacenter, Windows Server
2012 R2 Preview, and
Standard
VMM PXE server
VMM update
server
Virtual Machine
Manager library
VMM virtual
machine hosts
The following table lists the SQL Server requirements for VMM.
System Center
2012 R2
component
VMM database
server
SQL Server
2008 R2 SP1
Standard, SQL
Server 2008
Datacenter
SQL Server 2008

R2 SP2 Standard,
Datacenter
SQL Server 2012

Enterprise,
Standard (64-bit)
SQL Server 2012 SP1

Enterprise, Standard
(64-bit)
Some System Center 2012 R2 components such as the DPM management server, the Operations Manager
management server, the Service Manager management server, and the Service Manager data warehouse
management server do not work correctly if they are combined on the same server. Other components
including App Controller, Orchestrator, and VMM can run together on the same computer without issues.
Keep this in mind when deploying VMM and other System Center 2012 R2 components.
Demonstration: Installing the VMM Management Server and VMM

Console
7-27
In this demonstration, you will see how to install the VMM management server and the VMM console.
Demonstration Steps
1.
Sign in to LON-VMM1 as Adatum\administrator with a password of Pa$$w0rd.
2.
Check the VMM management server prerequisites by examining the Local Server page in Server
Manager on LON-VMM1. Review the locations to get this information.
3.
Sign in to the SQL Server Management Studio and review where to find SQL Server version
information.
4.
Navigate to the CD ROM drive, and then run the setup.exe file, which will open the Microsoft System
Center 2012 R2 Installation splash screen.
5.
In the Microsoft System Center 2012 Virtual Machine Setup Wizard, install VMM, and configure the
options as follows:
o
Select features to install:
VMM management server
VMM console
Product registration information page:
Name: Administrator
Organization: A. Datum, Inc.
Product key: Leave blank
On the Customer Experience Improvement Program (CEIP) page, click No, I am not willing
to participate.
On the Microsoft Update page, click Off.
On the Installation location page, accept the default settings.
On the Database configuration page, use the following settings:
Server name: accept default
Instance name: MSSQLSERVER
Database name: VirtualManagerDB
On the Configure service account and distributed key management page, use the following
settings:
User name and domain: ADATUM\SCService
Password: Pa$$w0rd
On the Port configuration page, accept the default settings.
On the Library configuration page, set the shared folder location to C:\ProgramData
\Virtual Machine Manager Library Files, and set the Share name to MSSCVMMLibrary.
6.
After the installation finishes, close the splash screen and launch the VMM console.
7.
On the Connect to page, accept the default settings.
8.
Close the VMM console, and sign out of LON-VMM1.
Lesson 4
Adding Hosts and Managing Host Groups
Using a Hyper-V server to manage multiple virtual machines offers several advantages. The Hyper-V
Manager console becomes the single, central location to conduct all virtual machine configuration and
management. You can then add the Hyper-V host to VMM along with other hosts, and create host groups
to further centralize your administrative and management oversight. You can then add selected hosts to
these groups. When you need to manage several hosts (but not all) in a particular manner, you can set
distinct properties for host groups, which simultaneously configures all the hosts belonging to that host
group.
Lesson Objectives
Describe the VMM console.
Describe the considerations for adding Hyper-V virtualization resources.
Explain how to add Citrix XenServer and VMware vSphere virtualization resources.
Explain how to add a Hyper-V virtualization host to VMM.
Describe the purpose and functionality of host groups.
Explain how to manage host groups.
Deploy Hyper-V hosts to bare-metal computers.
Demonstration: Using the VMM Console

In this demonstration, you will see how to use the VMM console.
Demonstration Steps
1.
Sign in to LON-VMM1 as adatum\administrator with a password of Pa$$w0rd.
2.
On the desktop, open the Connect to Server page, and review the parameters on the page. Note the
example of testing out User Role assignments.
3.
On the desktop, connect to the Virtual Machine Manager console.
4.
The Virtual Machine Manager console opens. Note that the Virtual Machine Manager console always
comes up at node it was in when you last closed it. The main areas of the console are as follows:
5.
Lower left, Workspace. There are five main workspaces: VMs and Services, Fabric, Library, Jobs,
and Settings. Review each main workspace.
Named workspace Console tree: Review the various named console trees,
Details panes: Review the details panes, and what is included in them, depending on the
workspace item selected.
Ribbon. Note that System Center 2012 products all have a ribbon at the top of their respective
consoles. Note how the tabs and items on the ribbon change depending on what workspace item
has been selected.
In the Library workspace, on the ribbon, click the Create Service Template item on the ribbon.
This lets you create a new service template. Note the View Script button, and see how it brings up
Notepad with Windows PowerShell cmdlets that can be used to create the same item that the user
7-29
interface can create. These cmdlets can be saved as a Windows PowerShell script and is a very useful
tool. Notice that the Create items in the Virtual Machine Manager console will have a View Script
button.
6.
In the Settings workspace, select the Run As Accounts item.
7.
Close the Virtual Machine Manager console, and sign of off LON-VMM1.
Considerations for Adding Hyper-V Virtualization Resources

For VMM to manage a Hyper-V virtualization
host, you must deploy the VMM software to
the host by using the Add hosts function in the
VMM console. In the case of a host in a perimeter
network, you deploy the agent software manually,
and then add the host in the VMM console.
To deploy a Hyper-V host in a trusted domain:
1.
Open the Virtual Machine Manager console,

click the VMs and Services workspace, from
the ribbon click Add Resources, and then
click Hyper-V Hosts and Clusters.
2.
On the Resource location page, click Windows Server computers in a trusted Active Directory
domain, and then click Next.
3.
On the Credentials page, choose to either use a Run As account (an account already configured with
domain privileges) or manually enter credentials of an account with privileges to install the agent on
the host server, and then click Next.
4.
On the Discovery Scope page, you can either specify computer names by entering them on separate
lines in the Computer name text box, or you can click Specify an Active Directory query to search
for Windows Server computers, type a query, and then click Next.
5.
On the Target resources page, you can click each host or click Select all, and then click Next. A
dialog box will prompt you that you are about to enable the Hyper-V role on any servers as part of
the process. If you choose to enable the role, the servers will reboot during the process. You can click
OK to close the dialog box.
6.
On the Host settings page, you can assign the host or hosts to a Host group. A later section of
this module details host groups. Additionally, if you have multiple VMM servers, and another VMM
environment currently is managing your host, you can reassociate the host with this environment by
clicking Reassociate. You also can assign default placement paths, which is the location in which the
Windows operating system will store new or migrated Hyper-V virtual machine files. Additionally, you
can assign these paths after you add the host, and then click Next.
7.
On the Summary page, confirm the settings, and then click OK.
8.
In the Jobs window, you can review the progress of the agent deployments.
When you add a host in a perimeter network, you install the agent from the VMM installation media,
which will prompt you to generate an encryption key file and assign a password. You must remember
the password, and as a best practice, you should copy the generated file to somewhere secure on the
VMM server so that you can access it. When adding a host, on the Target resources page, you enter the
password in the Encryption key text box, and then provide the location of the encryption key file.
Note: By default, the VMM management server uses port 5986 for agent communication
with hosts in a perimeter network, and port 443 for file transfers.
The DHCPv4 Server Switch Extension is a new feature in System Center 2012 R2 VMM. You can use this
extension to assign custom addresses through Dynamic Host Configuration Protocol (DHCP) or you can
continue to use static IP addresses as was previously required. When you create IP address pools for a
virtual machine subnet, the pool is enabled automatically to provide IP addresses by either mechanism.
For DHCP to work correctly, the new DHCPv4 server switch extension is required on all Windows Server
2012 Hyper-V hosts.
For Hyper-V hosts running Windows 2012 or Windows Server 2012 R2, VMM offers support for online
resizing of .vhdx disks while the disks are in use. This supports the Hyper-V online resizing feature.
Adding Citrix XenServer and VMware vSphere Virtualization Resources

You also can use VMM to manage VMware ESX
and VMware ESXi hosts, and to manage Citrix
XenServer hosts. The steps for adding other
vendor hosts are similar to the steps for Hyper-V
hosts provided your environment meets the
prerequisites for adding each type. Before you
can add a VMware host to VMM, you must have
a VMware vCenter server, and configure VMM
to connect to it. Before you can add a Citrix
XenServer host, you need to add the Citrix
XenServer - Microsoft System Center Integration
Pack to the host.
When VMM manages Citrix XenServer hosts, the features in the following table are supported.
Feature
Details
Adding Citrix XenServer

hosts and pools
You can add stand-alone Citrix XenServer hosts and clusters or pools
to the VMM management server. You must install and configure Citrix
XenServer before you add the hosts. You must create and configure
the Citrix XenServer pools in Citrix XenCenter.
Conversion
Use the P2V conversion process to convert a Citrix XenServerbased

virtual machine to a Hyper-V virtual machine. The Citrix Tools for
Virtual Machines can remain on the virtual machine. However, VMM
2012 only supports Citrix XenServer virtual machines that are running
Windows guest operating systems.
Dynamic optimization and

power optimization
The Dynamic Optimization feature is available for Citrix XenServer

hosts in VMM. You can use the Live Migration feature to load-balance
virtual machines on Citrix XenServer host clusters. You can turn Citrix
XenServer hosts on and off with the Power Optimization feature.
Library
You can use VMM to organize and store Citrix XenServer virtual
machines, templates, and virtual hard disk files in the Virtual Machine
Manager library. When storing Citrix XenServer .vhd and .vhdx files in
the Virtual Machine Manager library, open the files properties, and on
the General page, change the Virtualization platform to Citrix
XenServer server.
Feature
Details
7-31
Maintenance mode
You can move Citrix XenServer hosts in and out of maintenance mode from
the Virtual Machine Manager console.
Migration
VMM 2012 supports the following VMware transfer types:

o Live migration between hosts in a managed pool using Citrix
XenMotion.
o
LAN Migration between a Citrix XenServer host in the library using

Background Intelligent Transfer Service (BITS).
Use TransferVM for each virtual hard disk.

Networking
The new VMM network management features are supported on Citrix

XenServer hosts. Use Citrix XenServer XenCenter to create external virtual
networks. VMM will recognize and use any existing external networks from
Citrix XenServer. You should be aware that: a single virtual switch represents
all Citrix XenServer switches with different virtual local area network (VLAN)
IDs bound to a single physical network adapter.
PRO
You can monitor and provide alerts for Citrix XenServer hosts by integrating
Operations Manager with PRO.
Placement
When you create Citrix XenServer virtual machines, VMM uses virtual machine
placement on host ratings in the same manner as it does for Hyper-V virtual
machines.
Private clouds
Citrix XenServer host resources can be used by private clouds simply by

creating a private cloud from host groups wherever Citrix XenServer hosts
reside. You can configure quotas, and apply self-service user roles to these
clouds without distinction between the different host types.
Services
You can deploy VMM services to Citrix XenServer hosts.
Storage
VMM 2012 supports several Citrix XenServer storage repositories, as follows:

o Software iSCSI, network file system (NFS) virtual hard disks, hardwarebased host bus adapters, and Citrix StorageLink technology
o
ISO repositories on an NFS where Windows File Sharing/Common

Internet File System (CIFS) share with these conditions:
ISO images deployed from the Virtual Machine Manager library to

the Citrix XenServer host must have their permissions set on the
ISO repository to Read /Write.
ISO images can only be attached from the Virtual Machine
Manager library.
o
Shared and local storage
Note: New VMM storage automation features are not supported for
Citrix XenServer hosts.
Feature
Virtual machine
management
Details
Paravirtual and hardware-assisted virtualization virtual machines are
supported in VMM with the following conditions:
o Hardware-assisted virtualization virtual machines can only run
Windows-based operating systems.
Creating new virtual machines with the VMM console only creates
hardware-assisted virtualization virtual machines.
To create virtual machines with paravirtual properties, you first must

clone a virtual machine with paravirtual properties to the library, and
then you can deploy the virtual machine. You cannot create virtual
machines with paravirtual properties by using the New Virtual
Machine Wizard from any existing hard disk.
Similar to any other virtual machine, you can start, stop, save state, pause,
and shut down Citrix XenServer host-based virtual machines from the VMM
console.
VMM templates
You can create Citrix XenServer templates with the following restrictions:
o Generalization and customization can occur on Windows-based
virtual machines only.
o
You must install Citrix Tools for Virtual Machines manually.
VMM virtual machine templates created from Citrix XenServer virtual

machines cannot have any associated disk images modified. You can
modify all other properties.
XenServer templates
VMM does not use Citrix XenServer templates. However, you can, use Citrix
XenCenter to create a virtual machine, and then make a VMM template
from that virtual machine.
VMM command shell
The VMM command shell features work across all hypervisors.
The following features are supported when VMM manages VMware ESX hosts through vCenter Server.
Feature
Details
Conversion
This describes the virtualto-virtual (V2V) machine conversion process to

convert a VMware-based virtual machine to a Hyper-V virtual machine. You
cannot perform a V2V conversion if the virtual hard disk is on an IDE bus.
Dynamic
Optimization &
Power Optimization
The Dynamic Optimization feature is available for VMware ESX hosts in VMM
2012. You can use the Live Migration feature to load-balance virtual machines
on VMware ESX host clusters. You can turn VMware ESX hosts on and off with
Power Optimization.
Library
You can use VMM to organize and store VMware virtual machines, VMware
templates, and .vmdk hard disk files in the Virtual Machine Manager library.
You should be aware that VMM does not support older .vmdk file types. The
only types that are supported are those .vmdk files that are stored as VMwares
Virtual Machine File System, and monolithicFlat.
Maintenance mode
VMware ESX hosts can be put in and out of maintenance mode from the VMM
console.
Feature
Migration
Details
VMM 2012 supports the following VMware transfer types:
o Live migration between hosts in a cluster using VMware vSphere
vMotion
o
Live Storage Migration using Storage VMware vSphere vMotion
Supported VMM transfer types:

o Network migration to and from the library
o
Networking
Network migration between hosts
7-33
VMM supports VMware standard vSwitches, VMware distributed vSwitches,

and port groups. You must make all vSwitches and port group configurations
through the VMware vCenter server. In addition, VMware ESX hosts support
the new VMM network management features.
Note: Port groups are not created automatically. Use VMware vCenter
server to configure port groups with the necessary VLANs that correspond to
VMM logical network sites.
PRO
You can monitor and provide alerts for VMware ESX hosts by integrating
Operations Manager with PRO.
Placement
When you create VMware virtual machines, VMM uses virtual machine
placement on host ratings in the same manner as it does for Hyper-V virtual
machines.
Private clouds
VMware ESX host resources can be used by private clouds simply by creating a
private cloud from host groups wherever VMware ESX hosts reside, or by using
a VMware resource pool. You can configure quotas and apply self-service user
roles to these clouds without distinction between the different host types.
However, you should be aware that VMM does not integrate with VMware
vCloud.
Services
You can deploy VMM 2012 services to VMware ESX hosts. However, you
cannot use VMM to deploy VMware vApps.
Storage
VMM 2012 supports the following VMware storage technologies:

o VMware Paravirtual SCSI storage adapters
o
VMware thin-provision virtual hard disks using the dynamic disk type
with the following conditions:
Creating and deploying virtual machines with a dynamic disk to
VMware ESX hosts actually creates the disk as a thin-provisioned
disk.
A virtual machine with a thin provisioned disk created out of band

has that disk displayed as a dynamic disk in the VMM console.
Thin-provisioned disks that are saved to the Virtual Machine
Manager library are converted to a fixed-thick disk.
o
Hot add and hot removal of VMware virtual machines virtual hard disks
VMM storage automation features are not supported for ESX hosts.
Feature
Details
Templates
You can create templates using .vmdk files that are stored in the library, and
you can import templates stored on VMware ESX hosts. Importing templates
from the VMware vCenter server only imports template metadata, and not the
.vmdk file itself.
VMM command
shell
The VMM command shell works across all hypervisors.
Consider security requirements before you add other vendor hosts to your network. For example, you
must decide how to implement certificates for virtualization hosts, and you may want to determine how
to use a Run As account.
System Requirements: VMware ESX Hosts
http://go.microsoft.com/fwlink/p/?linkId=285337
System Requirements: Citrix XenServer Hosts
http://go.microsoft.com/fwlink/p/?linkId=285261
Demonstration: Adding a Hyper-V Virtualization Host to VMM

In this demonstration, you will see how to add a Hyper-V host to a VMM installation.
Demonstration Steps
1.
Sign in to LON-DC1 as adatum\administrator with a password of Pa$$w0rd.
2.
In the Group Policy Management Editor, open the Default Domain Policy. Apply the following
settings to the domain policy located at: Computer Configuration, Administrative Templates
\Network\Network Connections\Windows Firewall\Domain Profile.
a.
In the Windows Firewall: Allow inbound file and printer sharing exception dialog box, click
Enabled, in the Options text box, type an asterisk (*), which indicates all IP addresses.
b.
In the Windows Firewall: Allow ICMP exceptions dialog box, click Enabled, and then in the
Options area, select the Allow inbound echo request check box.
c.
In the Windows Firewall: Define inbound port exceptions dialog box, click Enabled, in the
Options section, click Show, and under Value, type 5985.
3.
In the Group Policy Management Editor, navigate to Administrative Templates\Windows

Components\Windows Remote Management (WinRM)\WinRM Service.
4.
In the Allow remote server management through WinRM section, click Enabled. In Options, in
both the IPv4 and IPv6 text boxes, type an asterisk (*).
5.
Close the Group Policy Management Editor.
6.
On both the LON-HOST1 and LON-HOST2 physical machines, update group policy with the
gpupdate.exe /force cmdlets.
7.
8.
Open the Virtual Machine Manager console, and add LON-HOST1 as a Hyper-V server to the All
Hosts node in VMs and Services, using the following parameters:
a.
Resource Location page: Windows Server computers in a trusted Active Directory
b.
c.
Credentials page: Manually enter the credentials.
User name: ADATUM\Administrator
Password Pa$$w0rd
Discovery Scope page: Specify Windows Server computers by names.
9.
Computer names: lon-host1.adatum.com
7-35
d.
Target resources page: Discovered computers: check lon-host1.adatum.com
e.
Host Settings page: All Hosts
f.
Summary page: View Script, save script in the documents library as AddHost.ps1 (ensure the
All Files (*.*) type is selected).
Observe that LON-HOST1 now displays in the VMs and Services console tree. Select it and review the
details pane showing all the virtual machines from the host that now display. Review all the different
management tasks that you can run on the virtual machines.
10. In Windows PowerShell, navigate to the documents folder and then use Notepad to open
AddHost.ps1.
11. In Notepad, examine the script by reviewing all of the different cmdlets and text. Note the two
variables that are created and the cmdlets they are based on. Note the Add-SCVMHost cmdlets and
the various parameters that it calls. Check if there is anything on this line that needs to be changed.
The answer should be just the -ComputerName parameter to identify lon-host2 rather than
lon-host1 as is written. Go ahead and make this change, and save the file.
12. Close Notepad.
13. Run the Windows PowerShell script that you just saved, by typing ./addhost.ps1. Use the
ADATUM\administrator credentials.
14. Wait for Windows PowerShell to display parameters and values in columnar form.
15. Close Windows PowerShell.
16. In the Virtual Machine Manager console, in the VMs and Services console tree, under All Hosts,
notice that LON-HOST2 now displays. Click Lon-host2, and note that no virtual machines have been
assigned to this host. This verifies that the Windows PowerShell script worked. Remember that the
Virtual Machine Manager console is built on Windows PowerShell, and therefore things you do in the
console are run in Windows PowerShell at the lower level.
17. With LON-HOST2 still selected, on the ribbon, click the Folder tab, and then click Properties.
18. Take a few moments to review each of the pages in the lon-host2.adatum.com Properties dialog
box.
19. Close the Properties dialog box, close all open windows, and sign off of LON-VMM1.
What Are Host Groups?

You can use host groups to organize and
manage your servers, which makes it easier to
apply management settings at a group level. All
servers reside in the default host group called All
Hosts, unless you specify another location.
Host groups may be nested. Therefore, unless you
clear the inherited parent host group settings, the
parent groups settings will apply to the hosted
group. You can make this change in the Properties
page of the selected child object.
You can create host groups by clicking the VMs

and Services workspace, then right-clicking in the
Navigation pane, and then clicking Create Host Group. The default host group is called All Hosts. To edit
host group properties, right-click a host group, and then click Properties. From the Host group Properties,
General page, you can edit the following settings:
Name of the group
Location of (move) the group
Provide a group description
Allow unencrypted files transfers to the group
Placement Rules
By default, a host group uses the placement setting from the parent host group. If you opt to configure
custom placement rules at the individual group level, you can block inheritance by modifying the parent
host-group setting.
On the Placement Rules page of the host group properties, you can assign custom placement rules. For
example, you can assign custom values to hosts and virtual machines that will determine placement based
upon criteria, including one of the following criteria:
The virtual machine must match the host
The virtual machine should match the host
The virtual machine must not match the host
The virtual machine should not match the host
Host Reserves
Host reserves are placement settings that enable the host system to retain resources for its own use. This
is useful when a Hyper-V host has additional services running, such as in a branch office where you have
configured a Virtual Machine Manager library.
7-37
The following table details how you can set or override the following host reserves at the individual host
level.
Resource
Notes
CPU
You can set CPU as a percentage. The default percentage value is 10. However, 10
percent of one dual-core processor that is running at 2 GHz is not the same as 10
percent of four six-core processors that are running at 2.8 GHz.
Memory
The default is memory value is 256 MB, but you can change this or set this as a
percentage.
Disk I/O
The default value is 0, but you can set this as a percentage. You may wish to ensure
a minimal amount of disk I/O is reserved if you are using a host as a Virtual
Machine Manager library.
Disk space
You can set disk space as a numeric value or percentage.
Network I/O
The default value is 0, but you can set this as a percentage. You may wish to ensure
a minimal amount of network I/O is reserved if you are using a host as a Virtual
Dynamic Optimization
Dynamic Optimization enables VMM to balance the virtual machine loads automatically within a host
cluster. By defining minimum resource thresholds for hosts, VMM migrates the virtual machine to
alternative hosts if available resources fall below those assigned thresholds.
The following table lists the thresholds that you can set.
Resource
Notes
CPU
Default is 30 percent
Memory
Default is 512 MB
Disk I/O
Default is 0
Disk space
Set as a numeric value or percentage
Network I/O
Default is 0
Note that these settings will impact all hosts within the host group.
In addition to workload balancing, VMM also can invoke power optimization. You can enable power
optimization by selecting Settings under the Power Optimization section of the Dynamic Optimization
page.
Power Optimization Prerequisites
To enable power management, you must have a baseboard management controller that support one of
the following out-of-band management protocols:
Intelligent Platform Management Interface versions 1.5 or 2.0
Data Center Manageability Interface version 1.0
Systems Management Architecture for Server Hardware version 1.0 over Web Services for
Management (WS-Management)
Network
The network page defaults to inheriting network logical resources from the parent host group. You
can clear these settings and assign different resource types including IP pools, load balancers, logical
networks, and MAC pools.
Storage
Storage capacity for the host group includes storage allocated to the parent host groups. Here you can
allocate storage pools and logical units, if they exist.
Custom Properties
You can assign and manage custom properties here. The Manage Custom Properties button lets you
select various object types, and the Create button allows you to create custom properties.
Demonstration: Managing Host Groups

In this demonstration, you will see how to manage host groups.
Demonstration Steps
1.
2.
In the Virtual Machine Manager console, in the VMs and Services console tree, create a new host
group, and name it LocalGroup.
3.
Using the ribbon, move LON-HOST1 into the group.
4.
Using the context menu, move LON-HOST2 into the group.
5.
Review the LocalGroup Properties dialog box, and note all the various options on each page. Click
Cancel when done.
6.
Close the Virtual Machine Manager console, and sign off from LON-VMM1.
Deploying Hyper-V Hosts to Bare-Metal Computers

When an organization acquires a new physical
server, typically you perform a series of tasks to
configure and prepare the server prior to using it.
For example, you would install a server operating
system, configure that servers storage and
networking, configure roles and features, and
provide security hardening. You would then test
everything to make sure it all worked correctly,
and if it did, only then would you start using it.
Usually, administrators must complete these tasks

manually. However, you can now avoid this by
deploying a Hyper-V host with virtual machines,
and by using the various VMM technologies to configure bare-metal computers. (For this course, a baremetal computer refers to a server, usually new, with no operating system installed.) Therefore, instead of
having to perform manually all the steps described earlier, you can now deploy the Windows Server 2012
R2 operating system with the Hyper-V role installed, and add it automatically as a physical host to VMM.
To do this, your infrastructure must meet a number of prerequisites:
7-39
The physical computers must be configured correctly and be able to run the Hyper-V role (such as
64-bit processors, and virtualization technologies). In addition, a PXE server must exist and you must
add it to VMM management. You can do this by deploying the Windows DS role on any supported
operating system, which is most any Windows Server 2008 R2 or newer domain member server. Your
Windows DS server can continue to deploy various operating systems as always, because VMM will
only respond to requests from computers that you designate as new virtual machine hosts in VMM.
You must set the bare-metal computers BIOS or Extensible Firmware Interface (EFI) boot order to
boot first from a PXE-enabled network adapter.
Baseboard management controllers (BMCs) must have logon credentials and an IP address assigned,
either statically or through DHCP, and the BMC's network segment must be accessible to the VMM
management server. This will allow the outofband management to discover the physical
computers.
You must create a host profile, and any needed driver files must be in the Virtual Machine Manager
library.
If you are assigning static IP addresses to the hosts, then you must obtain the network adapter MAC
address of those hosts that you will use for management. This adapter will be used to communicate
with the VMM management server. If the hosts have multiple network adapters and locally attached
storage, you should collect this information, such as the MAC addresses of the adapters and the sizes
of the disks, before you begin the deployment. However, if you are running System Center 2012 SP1
VMM or System Center 2012 R2 VMM, you can use the process for discovering physical computers to
create as physical hosts known as deep discovery to view this information during the deployment.
If you wish to use a Run As account to launch the deployment process, the account must have
permissions to access the BMCs.
If you have multiple Domain Name System (DNS) servers that take time to replicate information, you
can create DNS host records for the computer names that will be assigned to the hosts, and allow this
information to replicate to all the DNS servers.
You start the process to deploy the Hyper-V host to bare-metal computers in the Fabric workspace on the
Virtual Machine Manager console, using the following procedures:
1.
In the Fabric console tree, click Servers.
2.
On the home tab of the ribbon, click the Add Resources drop-down list box, and then click Hyper-V
Hosts and Clusters.
3.
In the Add Resource Wizard, on the Resource location page, select the radio button for Physical
computers to be provisioned as virtual machine hosts.
Note: This step will fail if you do not have any host profiles.
4.
On the Credentials and protocol page, if you have created a Run As account, you can click the
Browse button, and find it here. There is also the option to Create Run As Account. In the Protocol
area, you can select the out-of-band management protocol: you can use either the Intelligent
Platform Management interface (which includes the Data Center Management interface), or you
can use the Systems Management Architecture for Server Hardware (SMASH).
5.
On the Discovery scope page, type the IP address scope that includes the BMCs IP addresses.
You can also specify a single IP address. If you use the subnet or range of IP addresses, the Target
resources page will display all the discovered computers for those addresses. Each computer has a
check box next to it; select the check boxes of the computers that you wish to convert to a Hyper-V
host.
6.
On the Provisioning options page, you can select the host group to which to assign the Hyper-V
host, regardless of whether the Hyper-V hosts will use DHCP or static addresses. You do this by using
the appropriate host profile. If you are running System Center 2012 SP1 VMM or System Center 2012
R2 VMM, when you select the check box next to a computer name, the system runs deep discovery.
You must allow time for this process to occur.
7.
On the Deployment customization page, the options will vary based on the host profile you
previously selected.
8.
On the Summary page, click Finish to deploy the bare metal computers as Hyper-V hosts. This will
also place them as physical hosts that are controlled by the VMM management server.
Lab: Installing and Configuring System Center 2012 R2

Scenario
7-41
The first phase of the virtualization project was very successful, and A. Datum Corporation is starting
to implement a Hyper-V virtualization platform in the remaining three subsidiaries and in the main
data center. As part of the second phase of the project, A. Datum also wants to implement a better
management solution that will enable administrators to manage the entire virtualization environment
from a single management interface. Administrators in the main office require a management tool to
manage the entire infrastructure, whereas administrators in each of the subsidiaries only need to manage
the servers and other components located within their data center.
A. Datum has decided to implement System Center 2012 R2 VMM to manage their virtualization
infrastructure. You need to deploy the VMM server components and add the existing Hyper-V hosts
to the environment. You also need to ensure that you configure the environment in such a way that
administrators in each subsidiary can manage the virtualization hosts at their location.
Objectives
Install and configure VMM, including managing VMM from a remote host.
Configure and manage hosts and host groups in System Center VMM.
Lab Setup
Estimated Time: 45 Minutes
Virtual machines: 20409B-LON-HOST1, 20409B-LON-HOST2, 20409B-LON-DC1, 20409B-LON-VMM1, and

20409B-LON-CL1
Password: Pa$$w0rd
1.
Start both 20409B-LON-HOST1 and 20409B-LON-HOST2.
2.
Sign in to the LON-HOST1 and LON-HOST2 computers as Adatum\Administrator with the password
of Pa$$w0rd.
3.
On LON-HOST1 and LON-HOST2, start Hyper-V Manager.
4.
5.
6.

o
Password: Pa$$w0rd
7.
Repeat steps 4-6 for 20409B-LON-VMM1 and 20409B-LON-CL1.
8.
In the 20409B-LON-VMM1 on LON-HOST1 Virtual Machine Connection, click the Media dropdown list box, click DVD Drive, and then click Insert Disk.
9.
In the Open pop-up window, navigate to D:\Program Files\Microsoft Learning\20409\Drives,

select the SC2012R2.iso file, and then click Open. Note that the drive letter for the Microsoft
Learning folder may differ based on the initial setup of the course files.
In addition, for the rest of the labs, the tasks need be done only once in each lab partnership. There will
not be some steps done by the LON-HOST1 student and others by the LON-HOST2 student. The lab
partners can decide and even switch between themselves as to who does what for each task. This applies
to this lab through the lab in Module 13.
Note: Because you will be using the same virtual machines in the next lab, at the
conclusion of this lab do not revert the virtual machines. However, you can shut down all virtual
machines after finishing this lab.
Exercise 1: Installing and Configuring System Center 2012 R2 VMM

Scenario
In this exercise, you will install System Center 2012 R2 VMM and its prerequisites into a Windows Server
2012 R2 virtual machine. They will also install a VMM console in a client virtual machine that will be used
for managing VMM.
1.
Review the email from Ed Meadows, CIO, A. Datum, Inc.
2.
Check for VMM prerequisites, and install VMM.
3.
Install the VMM management server and Virtual Machine Manager console on LON-VMM1.
4.
Install the Virtual Machine Manager console on LON-CL1.
Task 1: Review the email from Ed Meadows, CIO, A. Datum, Inc.
Email
From: Ed Meadows, CIO, A. Datum Corp.
To: IT department
Subject: Ready to add System Center 2012 R2 Virtual Machine Manager!
I really appreciate the way you have set up our Hyper-V environment! Everything looks great. Now
that we have our virtualization infrastructure in place, I would like you create a test implementation of
System Center 2012 R2 Virtual Machine Manager. To do this, we need to:
1.
Load the software on one of our servers in the London Site. We need at least two physical hosts,
but have plenty of virtual machines on them. Do you recommend putting this on a virtual
machine or physical computer? Please let me know what computers youll be using. Remember
that the test data that you gather will be used to further deploy a much more robust solution
that we will use to build our private clouds.
2.
Make sure that all the prerequisites Microsoft has recommended are met. If there are any
shortfalls, let me know as soon as possible. Create a list of the prerequisites that you will need to
verify.
3.
After you have created the VMM management server and installed a Virtual Machine Manager
console on a desktop client in the Developer department, finish testing the console and ensure
everything works.
4.
Finally, create the local host group and assign at least two physical hosts.
Ed
To create the test implementation, answer the following questions:

1.
How many VMM servers do you need to deploy in the Adatum environment?
2.
What are the VMM prerequisites that need to be met?
3.
Will you deploy VMM on a single server, or will you separate components onto dedicated
servers?
4.
Will you install the VMM server inside a virtual machine or on a physical machine?
5.
What computers will you use, and what will be their roles?
Task 2: Check for VMM prerequisites, and install VMM
7-43
1.
On LON-VMM1, verify the VMM management server prerequisites by examining the Local Server
page in Server Manager on LON-VMM1.
2.
Verify that LON-VMM1 is in the Adatum.com domain.
3.
Verify that the Operating system version is either the Standard or Datacenter version of Windows
Server 2012 R2.
4.
Confirm that the operating system has at least a 2 GHz Pentium processor, 4 GB of RAM, and 80 GB
of disk space available.
5.
From the Start screen, open and then sign in to SQL Server Management Studio.
6.
Verify that the version of SQL Server supports System Center 2012 R2 VMM.
7.
Open the Registry Editor. In the Registry Editor window, click the HKEY_LOCAL_MACHINE subkey.
Navigate to SOFTWARE\Microsoft\Net Framework Setup\NDP\v4\Client\.
8.
In the Version item, note the value in the Data column. It should be 4.5.51641 or higher.
9.
Close the Registry Editor window.
10. Open the Services console, and verify that the Windows Remote Management (WSManagement)
service is running and is set to Automatic.
11. On the taskbar, click the File Explorer icon.
12. In the This PC window, double-click the DVD Drive icon.
13. In the VMM folder, verify that installation files are visible.
Task 3: Install the VMM management server and Virtual Machine Manager console
on LON-VMM1
1.
In File Explorer, in the VMM window, double-click the setup.exe file, which will open the Microsoft
System Center 2012 R2 Installation splash screen.
2.
Use the Microsoft System Center 2012 Virtual Machine Setup Wizard to install VMM, and set the
options on each page, as follows:
a.
Select features to install page: VMM management server and VMM console.
b.
Product registration information page:
c.
Name: Administrator
Organization: A. Datum, Inc.
Product key: blank
Customer Experience Improvement Program (CEIP) page: No, I am not willing to

participate
d.
Microsoft Update page: Off
e.
Installation location page: Accept default
f.
Database configuration page:
g.
Server name: accept default
Instance name: MSSQLSERVER
Database name: VirtualManagerDB
Configure service account and distributed key management page:
User name and domain: ADATUM\SCService
Password: Pa$$w0rd
h.
Port configuration page: Accept defaults
i.
Library configuration page:
Shared folder location: C:\ProgramData\Virtual Machine Manager Library Files
Share name: MSSCVMMLibrary
3.
After the installation finishes, clear the Check for the latest Virtual Machine Manager updates
check box, and then click Close.
4.
On the Connect to Server page, click Connect.
5.
Close both the Virtual Machine Manager console and the Microsoft System Center 2012 R2 splash
screen.
Task 4: Install the Virtual Machine Manager console on LON-CL1

Note: Perform these steps from LON-HOST2. In Hyper-V Manager on LON-HOST2, rightclick Hyper-V Manager in the console tree and select Connect to server, select Another
computer, and type LON-HOST1 and then click OK. Select and connect to LON-CL1.
1.
On LON-CL1, click to the desktop.
2.
Open File Explorer, and then navigate to \\lon-vmm1.adatum.com\c$\Program Files

\Microsoft System Center 2012 R2\Virtual Machine Manager\setup\msi\Client.
3.
Run the AdminConsole.msi file. The MSI file will open a pop-up window stating that it is installing
and displaying a progress bar. If it does not encounter an error, then after installing the Virtual
Machine Manager console successfully, the window will close itself.
4.
Open the Apps by name start screen, and then pin the Virtual Machine Manager Console NEW
tile to the desktop taskbar.
5.
Launch the Virtual Machine Manager Console NEW program from the taskbar.
6.
On the Connect to Server page, change the Server name to LON-VMM1.adatum.com:8100.
7.
Navigate around the console, and observe that is the same Virtual Machine Manager console as is
installed on LON-VMM1.
8.
Close the Virtual Machine Manager console, and sign off of LON-CL1.
Results: After completing this exercise, you should have installed System Center 2012 R2 VMM.
Exercise 2: Managing Hosts and Host Groups

Scenario
7-45
In this exercise, you will create host groups, add physical servers and configure host group properties.
1.
Set the default domain group policy to allow domain members to become hosts.
2.
Add LON-HOST1 and LON-HOST2 to VMM.
3.
Create a LocalGroup host group, and then add LON-HOST1 and LON-HOST2 to the LocalGroup host
group.
4.
Configure LocalGroup properties.
Task 1: Set the default domain group policy to allow domain members to become
hosts
1.
On LON-DC1, in Server Manager, open the Group Policy Management Editor, and then edit the
Default Domain Policy.
2.
Navigate to Computer Configuration\Profiles\Administrative Templates\Network

\Network Connections\Windows Firewall\Domain Profile, and then apply the following settings:
a.
In Windows Firewall: Allow inbound file and printer sharing exception, click Enabled, in
Options, type an asterisk (*) (which indicates all IP addresses).
b.
In Windows Firewall: Allow ICMP exceptions, click Enabled, in Options, click Allow inbound
echo request.
c.
In Windows Firewall: Define inbound port exceptions, select Enabled, in Options: Define
port exceptions, click Show, and under Value, type 5985.
3.
In the Group Policy Management Editor, navigate to Computer Configuration\Profiles

\Administrative Templates\Windows Components\Windows Remote Management (WinRM)
\WinRM Service.
4.
In the Allow remote server management through WinRM window, select Enabled, in Options, for
both IPv4 and IPv6, type an asterisk (*).
5.
Close the Group Policy Management Editor.
6.
On both LON-HOST1 and LON-HOST2 physical machines, use Windows PowerShell to update the
group policy with gpupdate.exe /force.
Task 2: Add LON-HOST1 and LON-HOST2 to VMM

1.
On LON-VMM1, open the VMM console, and add LON-HOST1 as a Hyper-V server to the All Hosts
node in VMs and Services, using the following parameters:
a.
Resource Location page:
b.
c.
Windows Server computers in a trusted Active Directory
Credentials page: Manually enter the credentials.
User name: ADATUM\Administrator
Password: Pa$$w0rd
Discovery Scope page: Specify Windows Server computers by names.
Computer names: lon-host1.adatum.com
d.
Target resources page:
Discovered computers: lon-host1.adatum.com
e.
Host Settings page: All Hosts.
f.
Summary page: View Script, save script in the documents library as AddHost.ps1 (ensure the
All Files (*.*) type is selected).
2.
Observe that LON-HOST1 now displays in the VMs and Services console tree.
3.
Open Windows PowerShell, navigate to the documents folder, and then use Notepad to open
AddHost.ps1.
4.
In Notepad, in Add-SCVMHost, change the -ComputerName parameter to identify LON-HOST2

rather than LON-HOST1.
5.
Save the file, and close Notepad.
6.
Run the Windows PowerShell script that you just saved by typing ./addhost.ps1.
7.
When prompted, use the ADATUM\administrator credentials.
8.
When Windows PowerShell displays a number of parameters and values in columnar form, review this
data.
9.
Close Windows PowerShell.
10. In the Virtual Machine Manager console, in the VMs and Services console tree, under All Hosts, verify
that LON-HOST2 now displays.
Task 3: Create a LocalGroup host group, and then add LON-HOST1 and LON-HOST2
to the LocalGroup host group
1.
On LON-VMM1, if the Virtual Machine Manager console is not already open, then open it.
2.
In the Virtual Machine Manager console, in the VMs and Services console tree, create a new host
group named LocalGroup.
3.
Use the tools on the ribbon to move LON-HOST1 into the group.
4.
Use the context menu to move LON-HOST2 into the group.
Task 4: Configure LocalGroup properties

1.
Right-click LocalGroup and then click Properties.
2.
In the LocalGroup Properties dialog box, in the Properties pages, configure the following:
a.
On the General page, add the description, The local group of virtualization hosts the
A. Datum IT department is using.
b.
On the Host Reserves page, clear the Use the host reserves settings from the parent host
group check box. In the Disk space, amount text box, change the values from 1% to 2%.
3.
On the LocalGroup Properties page, click OK.
1.
Close the VMM Console, and sign out of LON-VMM1.
Results: After completing this exercise, you should have created and configured hosts and host groups.

Review Questions
Question: In which scenarios will it be beneficial to deploy System Center 2012 R2 App
Controller?
Question: In which scenarios is it beneficial for you to use Windows PowerShell rather than a
GUI such as the VMM console?

Common Issue
Troubleshooting Tip
You cannot add the physical computer as

a host.
You cannot perform a V2V conversion of a

VMware ESXhosted virtual machine.
Tools
Tool
Use for
Where to find it
7-47
SQL Server
Management Studio
Manage all aspects of a SQL Server

installation.
SQL Server installation DVD
Disk2vhd
Tool that creates virtual hard disks of

physical disks for use on Hyper-V hosts as
virtual machines. You can convert the
operating system disk and the data disks
on a physical computer.
Windows Sysinternals download

page:
http://go.microsoft.com/fwlink
/?LinkID=386697
Windows ADK
A collection of tools that you can use to

customize, assess, and deploy Windows
operating systems to new computers.
Microsoft Download Center:

http://go.microsoft.com/fwlink
/?LinkID=386730

8-1
Module 8
Managing the Network and Storage Infrastructure in

Microsoft System Center 2012 R2 Virtual Machine Manager
Contents:
Module Overview
8-1
Lesson 1: Managing Networking Infrastructure
8-2
8-18
Lesson 2: Managing Storage Infrastructure
8-22
8-32
Lesson 3: Managing Infrastructure Updates
8-36
8-42
8-45
Module Overview
Microsoft System Center 2012 R2 includes components that you can deploy and manage through the
System Center 2012 R2 Virtual Machine Manager (VMM) console. The Fabric workspace in the VMM
console simplifies working with a variety of storage and network technologies. Using these components,
you can build and connect your virtualization network and storage infrastructure, thereby creating the
underlying framework for deploying virtual machines, services, and clouds.
Objectives
Manage the networking infrastructure in VMM.
Manage the storage infrastructure in VMM.
Manage infrastructure updates by creating update baselines, and by scanning and remediating noncompliant servers.
Lesson 1
Managing Networking Infrastructure

Managing physical network infrastructure in dynamic and complex data center environments can
be challenging. You might require multiple applications, consoles, and command-line interfaces to
administer the infrastructure. VMM provides a single console from which you can perform most of
the administrative tasks, and thus simplifies working with logical and virtual networking components.
8-2 Managing the Network and Storage Infrastructure in Microsoft System Center 2012 R2 Virtual Machine Manager
This lesson introduces you to the VMM networking fundamentals and provides high-level overviews of
advanced concepts. This lesson also explains the VMM networking components and integration options
with other vendor networking tools. Finally, this lesson describes how to design and implement the
various virtualization options.
Lesson Objectives
Describe VMM logical networks.
Describe the components and features of the networking infrastructure.
Describe the configuration options for virtual networks.
Explain how to configure logical networking in VMM.
Explain how to configure ports and logical switches in VMM.
Configure virtual network components in VMM.
Describe how to use virtual machine networks to isolate networking.
Explain how to manage network virtualization in VMM.
Describe Windows Server Gateway
VMM Logical Networks

A VMM logical network is a collection of VMM
network sites, IP subnet information, and virtual
local area network (VLAN) information. You can
associate IP address pools with IP subnets that are
part of a logical network.
You can use logical networks in VMM to
describe networks with different purposes and
then associate those networks with adapters. For
example, you can create one logical network for
traffic isolation (such as a network used for cluster
node communication), and then associate the
network adapters reserved for this communication
with this VMM logical network.
At least one logical network must exist before you can deploy virtual machines and services. By default,
when you add a Hyper-V host to VMM, if a physical network adapter on the host does not have an
associated logical network, VMM automatically creates and associates a logical network that matches
the first Domain Name System (DNS) suffix label of the connection-specific DNS suffix.
For example, if the DNS suffix for the host network adapter is adatum1.adatum.com, VMM creates a
logical network with the name adatum1.
8-3
When you create a logical network, you can create one or more associated network sites. A network site is
a collection of one or more subnets, VLANs, and subnet-VLAN pairs. You can control which host groups
connect to a network site. For example, if you have a Seattle host group and a New York host group, and
if you want to make the BACKEND logical network available to each, you can create two network sites for
the BACKEND logical network. You then can scope one network site to the Seattle host group (and any
desired child host groups), and the other network site to the New York host group (and any desired child
host groups).
When you associate one or more IP subnets with a network site, you can create an IP address pool. An IP
address pool is a range of IP addresses within an IP subnet. For example, the range 10.0.0.2 to 10.0.0.150
would be an address pool within the 10.0.0.0/24 subnet. A static IP address pool enables VMM to
assign static IP addresses to hosts and allows you to manage IP addresses for the virtual environment.
Configuring static IP address pools is optional and you can assign addresses automatically through
Dynamic Host Configuration Protocol (DHCP), if it is available on the network.
For more information on Logical Networks, consult the following TechNet article:
Configuring VM Networks in VMM Illustrated Overview
What Is the VMM Networking Infrastructure?

In VMM, the networking infrastructure is a group
of configurable network resources that you can
use to create, model, organize, and manage
your virtualized server network connectivity.
The following sections describe the configurable
components and their subcomponents.
Logical Networks
Logical networks are a set of logical network

objects that you can use to model your network
environment. You can create multiple logical
networks, and then associate them with one or
more host groups. For example, you can create a
perimeter logical network, a development logical network, and a production logical network. When
administrators or application administrators deploy virtual machines and services, they will be able to
select a logical network without the need to understand the underlying networking infrastructure.
Network Sites
You can create network sites to associate subnets and VLANs with a location or department. You associate
sites with the logical network, and then assign the host group that can use the network site.
MAC Address Pools
VMM can assign static media access control (MAC) addresses automatically to new virtual network devices
on Windows-based virtual machines that are running on any managed Windows Server 2012 Hyper-V,
VMware ESX, or Citrix XenServer host. VMM has two default static MAC address pools: the default MAC
address pool for Hyper-V and Citrix XenServer, and the default VMware MAC address pool for VMware
ESX hosts. You should use the default static MAC address pools only if you set the MAC address type for a
virtual machine to Static. If you set the virtual machine setting to Dynamic, the hypervisor will assign the
MAC address. You can use the default MAC address pools, or you can configure custom MAC address
pools that you scope to specific host groups.
Virtual IP Templates
A virtual IP template contains a load balancer and related configuration settings for a specific type of
network traffic. For example, you could create a template that specifies the load balancing behavior for
HTTPS traffic on a specific load balancer manufacturer and model. These templates represent the best
practices from a load balancer configuration standpoint. After you create a virtual IP template, users
(including self-service users), can specify the virtual IP template to use when they create a service. When
users model a service, they can choose an available template that best matches the needs of their load
balancers and type of application.
Load Balancer Integration
By adding a load balancer to VMM, you can load balance requests to the service tiers virtual machines.
You can use Network Load Balancing (NLB), or you can add supported hardware load balancers through
the VMM console. VMM includes NLB as an available load balancer, and it uses the round-robin method
for load balancing. To add supported hardware load balancers, you must install a configuration provider
that is available from the load balancer manufacturer. The configuration provider is a plug-in to VMM
that translates Windows PowerShell commands to application programming interface (API) calls, which
are specific to a load balancer manufacturer and model. Supported hardware load balancer devices are F5
BIG-IP, Brocade ServerIron, and Citrix Netscaler. You must obtain the load-balancer provider from the
load-balancer vendor, and then install it on the VMM management server.
Logical Switches
You can use logical switches to apply a single configuration to multiple hosts. You configure logical-toHyper-V port profiles and uplink profiles, port classification, and virtual-switch extensions. By using logical
switches, you can enforce compliance among the host servers and reduce the time required to deploy and
administer hosts.
Port Profiles
You can create and use two Hyper-V port profiles in VMM:
Virtual network adapter port profiles. You create this type of profile for use by virtual machines and
hosts. These profiles have configurable offload, security, and bandwidth settings.
Uplink port profiles. You configure this type of profile to use with uplink ports. You can configure the
load-balancing algorithm and teaming mode.
Port Classifications
You can create port classifications, and then use them across multiple logical switches to help identify and
group sets of features.
Network Service
A network service in VMM includes components such as gateways, virtual switch extensions, top-of-rack
switches, and network managers. To add a network service, you must first install the associated provider,
and then restart the System Center Virtual Machine Manager service. You can configure each of the
following components by using the Add Network Service Wizard:
Gateway. In VMM, you can configure a gateway to allow network traffic in and out of a virtual
machine network that is using network virtualization. You can configure this for local network
routing which routes traffic between the virtual machine network and the physical network.
Alternatively, you can configure it for remote network routing, which first creates a virtual private
network (VPN) connection with another endpoint of a site-to-site VPN, and then routes in and out
of the virtual machine network through the VPN tunnel.
8-5
Virtual switch extensions. Virtual switch extensions provide non-Microsoft vendors the ability to add
monitoring, filtering, and forwarding extensions. For example, Cisco has created the Cisco Nexus
1000V for Hyper-V. This forwarding extension allows Cisco administrators to configure networking in
VMM by using familiar Cisco commands. An example of a monitoring extension is Host sFlow, which
exports performance metrics using the sFlow protocol.
Network managers. Network managers enable you to use a non-Microsoft network management
console to configure forwarding extensions. With network managers, you can manage settings such
as logical networks, sites, and virtual machine networks.
TOR switches. By using VMM to manage TOR switches, you can control physical switch ports. For
example, you can create the corresponding VLAN and apply it to the physical port, thus keeping both
physical and virtual switch settings synchronized.
Configuration Options for Virtual Networks

You can create Hyper-V virtual switches in the
VMM console just as you can create them in
the Virtual Switch Manager in the Hyper-V
console. In the VMM console, you can apply the
same options as in the Virtual Switch Manager,
although you cannot control switch extensions
within this area.
You can create three types of virtual switches on
your Hyper-V host servers:
External. You can create a virtual network

switch that you bind to a physical network
adapter in the host server. After you have
created this virtual switch, you can then connect one or more virtual machine network adapters,
thereby permitting virtual machines access to a physical network. You can create only one external
virtual switch for each physical network adapter. However, you can optionally allow the host to share
the network adapter with the virtual switch.
Internal. Creating an internal switch enables virtual machines to communicate with each other and
with the Hyper-V host. However, internal switches do not allow any communication with the physical
network.
Private. The private virtual switch allows virtual machines to communicate with each other. You can
create multiple private virtual switches on a single Hyper-V host to isolate different groups of virtual
machines.
You can use VLAN settings and external virtual switches to share the network adapter with the virtual
guest machines. If you do this, you can then set VLAN IDs for the host server. However, this does not
control virtual machine VLAN configuration.
You can add a virtual switch in the VMM console by performing the following steps:
1.
In the VMM console, click the Fabric icon.
2.
In the Fabric workspace, click Servers, or if required, navigate to the host group containing the server
to which you wish to add the virtual switch.
3.
In the central workspace, right-click the server you want to add the switch to, and then click
Properties.
4.
In the Properties dialog box, on the left side, click Virtual Switches, click New Virtual Switch, and
then click New Standard Switch.
Note: You also have the option of creating a new logical switch. However, you can only
create a new logical switch after creating at least one logical switch elsewhere in VMM. You will
learn more about logical switches later in this module.
5.
Provide a name and optional description for the switch, and then click the required switch type
(External, Internal, or Private). Define whether the host should share the adapter using VLAN 0 or
anther VLAN, and then click OK.
6.
When a warning that the host may temporarily lose network connectivity displays, click OK.
You can monitor the progress in the Jobs workspace.
Configuring Logical Networking in VMM

The first step in building logical networks is to
define and determine your network requirements.
Considering the answers to the following
questions:
How many logical networks do you require?
How many network sites do you require?
Is isolation required?
Will you need to route isolated traffic

between hosts or sites?
What IP subnets will you use?
What VLAN ID will you use?
When creating the logical network, you will be able to choose a single, routable network that includes the
option to allow virtualized virtual machine networks, to use VLAN-based independent networks, or to use
Private VLAN (PVLAN) networks.
To create the logical network, use the following steps:
1.
Launch the VMM console, click the Fabric workspace, on the ribbon, click Create, and then click
Logical Network.
2.
On the Name page, in the Name text box, type the required network name such as INTRANET,
and in the Description text box, type a description. Click the required network option, VLAN, PVLAN,
or leave the default option selected (One connected network). If required, click Allow new VM
networks created on this logical network to use network virtualization, and then click Next.
3.
On the Network Site page, click Add, and then in the Host groups that can use this network site
section, select the host groups that will use this network site, for example, All Hosts.
4.
In the Associated VLANs and IP subnets area, click Insert row, and then in the VLAN text box, type
a VLAN number, for example, 2.
5.
In the IP subnet text box, type an IP subnet, for example 172.20.0.0/16.
6.
Click Next, and then click Finish.
Configuring Ports and Logical Switches in VMM

Logical Switches
You can use logical switches to apply a single
configuration to multiple hosts, and you configure
them to use uplink profiles, port classification, and
virtual-switch extensions. The supported switch
extensions types are:
8-7
Monitoring. Use monitoring extensions

to monitor and report network traffic, but
you cannot use them to modify packets.
Capturing. Use capturing extensions to

inspect and sample traffic but you cannot use them to change packets.
Filtering. Use filtering extensions to block, modify, or defragment packets, and to block ports.
Forwarding. Use forwarding extensions to direct traffic by defining destinations, and to capture and
filter traffic. To avoid conflicts online, only one forwarding extension can be active on a logical switch.
Virtual switch extension manager. Use virtual switch extension manager to allow use of a vendor
network-management console and VMM together. To do this, you need to install the vendors
provider software on the VMM server.
Uplink Profiles
You can use native uplink profiles to configure uplink adapters. Uplink adapters must be available on
the physical network adapters to which a switch connects. You can assign uplink profiles to host groups,
and then enable them to support network virtualization in Windows operating systems. You also can use
uplink profiles to configure virtual adapters for enabling offload settings, such as Virtual Machine Queue
(VMQ), Internet Protocol security (IPsec) task offloading, and single-root I/O virtualization (SR-IOV).
Virtual network adapter port profiles allow you to reuse the same settings across multiple switches, which
simplify your virtual environment deployments.
Additionally, you can specify minimum and maximum bandwidth settings and relative bandwidth weights.
These settings define how much bandwidth a virtual network adapter can use in relation to other virtual
network adapters that connect to the same switch. The following default uplink profiles have already been
created in VMM:
SR-IOV profile
Network load balancer (NLB) network interface card (NIC) profile
Low, medium, and high bandwidth adapters
Host management
Live migration
Cluster
Guest dynamic IP
Internet small computer system interface (iSCSI)
Default
Each of these profiles comes already configured with varying offload, security, and bandwidth settings.
Port Classifications
You can create port classifications, and then use them across multiple logical switches to help identify and
group sets of features. The following default port classifications have already been created in VMM:
SR-IOV
Network load balancing (NLB)
Live migration workload
Host cluster workload
Low, medium and high bandwidth
Guest dynamic IP
iSCSI workload
Demonstration: Configuring Virtual Network Components in VMM
In this demonstration, you will see how you can use VMM to create and configure the following network
components:
Logical networks
IP pools
Logical switches
Native port profiles
Port classifications
You also will see how to assign logical switches to Hyper-V hosts.
Demonstration Steps
1.
On LON-VMM1, launch the Virtual Machine Manager console.
2.
Create a logical network named Adatum UK that permits the use of network virtualization.
3.
Create two network Sites that use the All Hosts host group using the following details:
a.
Network site name: Docklands
b.
VLAN: 0
c.
IP Subnet: 192.168.1.0/24
d.
Network site name: Gatwick
e.
VLAN: 0
f.
IP Subnet: 192.168.2.0/24
4.
When setup is complete, close the Jobs window.
5.
From the Fabric workspace, create a new IP Pool named Adatum UK IP Pool. Use the Adatum UK
logical network.
6.
Using the Docklands network site and the 192.168.3.0/24 IP subnet, complete the wizard accepting
the defaults, and then close the Jobs window.
7.
Create another IP pool named Gatwick IP Pool. Use the Adatum UK logical network, and the Gatwick
network site.
8-9
8.
From the Fabric workspace, create a Hyper-V Port Profile named Adatum UK Uplink. Use the
Hyper-V port load balancing algorithm.
9.
On the Network configuration page, select the Docklands and Gatwick network sites, and enable
Hyper-V Network-Virtualization.
10. When setup is complete, close the Jobs window.

11. From the Fabric workspace, create a Logical Switch named Adatum UK. Enter the description
Adatum production hosts logical switch. Use the default extensions, and use the Adatum UK
uplink.
12. Add a Virtual Port using the Medium Bandwidth port classification and the Medium Bandwidth
virtual network adapter port profile.
14. From the Fabric workspace, open the properties page for lon-host1.adatum.com, click Hardware,
then click the logical network associated with your network card, (this will be connected to External
Network).
15. Click the Adatum UK logical network, read the warning about VLANs, click OK, and then click OK
again.
16. In the Fabric workspace, click LON-HOST1, click Properties, click Virtual Switches, click New
Virtual Switch, and then click New Logical Switch.
17. Notice the error message that displays stating that VMM cannot create a virtual switch without any
physical network adapters. At this point, if you have another network card, you can assign the logical
switch to a physical adapter. In the error message pop-up window that displays, click OK.
18. In the Properties dialog box, click Hardware, and then scroll down and expand Network adapters.
Click your physical network adapter, and note that you can select or clear the adapter for virtual
machine placement and management use. Click the Logical network, and on the right under Logical
network connectivity, note that you can assign the logical networks and IP subnets.
19. Click Cancel, and then click Yes to close the warning.
Using Virtual Machine Networks for Isolating Networking

You can use virtual machine networks to create
isolation, which separates network traffic for
different customers. The network isolation types
are described in the following sections.
Network Virtualization
You can use network virtualization to isolate
virtual machines from different organizations,
even if they share the same Hyper-V host. When
you configure network-virtualization, each guest
virtual machine has two IP addresses, which
include:
Customer IP address. The customer assigns this IP address to the virtual machine. You can configure
this IP address so that communication with the customer's internal network can occur even if the
virtual machine is hosted on a Hyper-V server that connects to a separate public IP network. Using
the ipconfig command on the virtual machine will return the customer IP address.
Provider IP address. The hosting provider assigns this IP address, which is visible to the hosting
provider and to other hosts on the physical network. This IP address is not visible from within the
virtual machine.
Note: You can create virtual machine networks after you create a logical network, because
they are associated with a logical network. You can have many isolated virtual machine networks
using one logical network, but for each logical network you can only have one virtual machine
network that does not use isolation.
VLAN Isolation
VLANs are layer 2 broadcast domains that are created by tagging packets. These tags tell the switches
and routers where the packets can travel. VLANs are widely used due to their reliability. However, they do
have some limitations that can make running a larger virtualization environment more difficult and costly,
and can result in high management overheads.
PVLAN Isolation
PVLANs enable you to separate a VLAN into multiple isolated sub-networks, which are then allocated to
different tenants. The PVLAN will share the IP subnet it that the parent VLAN allocates to it. The PVLAN
requires a router to communicate with hosts on other PVLANs and with other networks.
Which Isolation for Logical Networks Is Best?

The following table is a guide to when you may want to use the different logical network types.
Logical network type
When to use
Infrastructure network
VLAN or no isolation
Load balancer, back-end and Internet-facing
PVLAN
Tenant networks
Network virtualization
The table above is a rough guide, because each company differs. In networking, having many options
helps to facilitate the best design for a given scenario, application, or customer. For example, you may
have a network team who will be configuring most of the virtual networks using their preferred network
tools and switch extensions.
Note: For an example that requires both network virtualization and VLANs, review the
scenario following the end of this topic.
To create logical networks with VLAN or PVLAN:
1.
Launch the VMM console, click the Fabric workspace, on the ribbon, click Create, and then click
Logical Network.
2.
On the Name page, in the Name text box, type the required network name (such as INTRANET). In
the Description text box, type a description, click the required network optionVLAN, PVLAN, or
leave the default option (One connected network) selected. Then, if required, click Allow new VM
networks created on this logical network to use network virtualization, and then click Next.
3.
section, select the host groups that will use this network site, for example All Hosts.
8-11
4.
In the Associated VLANs and IP subnets area, click Insert row, and then in the VLAN text box, type
a VLAN number, for example 2.
5.
In the IP subnet field, type an IP subnet, for example 172.20.0.0/16, click Next, and then click
Finish.
A routable logical network in the VMM console is called One connected network. These logical networks
and any network sites can be routed to one another.
Configuring VM Networks in VMM Illustrated Overview
Networking in VMM 2012 SP1 Logical Networks (Part I)
Real-world Issues and Scenarios
A. Datum Corporation (UK) is based in London and has 10 physical sites that mostly consume resources
from two small data centers. The infrastructure has been assembled over many years and by many
different providers. The chief executive officer and chief information officer have given authorization to
set up the two data centers to run Hyper-V with System Center 2012 R2.
As part of their long-term vision, the organization wants one or more highly available private clouds
that have the ability to run from either data center. Extensive changes and building new sites are not
an option. A multi-year virtualization projected has started, and all new systems are required to be
virtualized. Those built using Windows 2008 R2 and newer are being virtualized using physical-to-virtual
(P2V) migrations. Many servers have the same IP addresses, and to ensure that the customized
applications on those can be accessed, Hyper-V network virtualization will be used.
A. Datum uses multiple backup technologies, and the System Center 2012 R2 Operations Manager has a
backup VLAN that isolates backup traffic. You discussed virtualizing some file servers, and will want to
make sure that these, and possible other servers can access the VLAN to be backed up.
Managing Network Virtualization in VMM

In larger VMM environments, you will need to
administer a higher number of logical networks,
virtual machine networks, and virtual network
components. If you have multiple administrators,
the potential for error or complexity also
increases.
Best Practice:
In most sections of the VMM console, you can
filter the view by entering text in the search field.
Keep this feature in mind and apply a good
naming convention to all your virtual network
components. This will help you and other administrators when you are working with and or
troubleshooting virtual networking. This also applies to everything you can label in VMM.
There are a few considerations that you should be aware of before you start working with virtual
machine networks in VMM. As a first step, you should plan your network and document the proposed
configurations. You will need to determine if you should implement isolation. You then need to create the
underlying logical network components.
After you have created your prerequisite logical network, perform the following steps to create a virtual
machine network in the VMM console:
1.
Open the VMM console, click the VMs and Services workspace, and then on the ribbon, click Create
VM Network.
2.
On the Name page, type the name and description for your VM network, click the drop-down list
box, select the logical network, and then click Next.
3.
On the Isolation page, select either Isolate using Hyper-V network-virtualization or No isolation,
choose between IPv4 and IPv6 for your VM network and logical network, and then click Next.
4.
On the VM Subnets page, click Add, and in the Name text box, type the name for your VM subnet.
In the Subnet text box, type the IP address and mask for your subnet. If necessary, add and remove
further subnets, and then click Next.
5.
On the Connectivity page, choose the setting for connecting directly to an additional logical
network, and specify whether that connection will use network address translation (NAT). If you
have not added a gateway, no option will be available. Review the message, and then click Next.
6.
On the Summary page, review the summary, and then click Finish.
7.
Close the Jobs window.
In a large host or environment, you may want to quickly discover which virtual machines connect to which
networks. Rather than investigate each virtual machine individually, you can investigate using the built-in
VMM network diagrams.
You can review hosts and virtual machine network topology by performing the following steps:
1.
Open the VMM console, and then click the Fabric workspace.
2.
In the Fabric navigation pane, click to expand the host group containing your hosts. In the main
section of the console, right-click the host that you want review, and then click View Networking.
3.
On the left, you can select the hosts, host groups, and clouds that you want to include in the diagram.
On the ribbon, you can choose to view the following diagrams:
o
VM Networks
Host Networks
Host/VM Networks
Network Topology
To delegate access to virtual machine networks, you assign an owner for a virtual machine network, and
delegate access to other administrators and self-service users. You can configure access by performing the
following steps:
1.
Open the VMM console, click the VMs and Services workspace, and then on the ribbon, click
Properties.
2.
On the left, click Access. You can now select an owner and delegate access to the virtual machine
network.
If you want to delete a virtual machine network, you must first confirm that there are no dependent
resources. You can review dependent resources using these steps:
8-13
1.
Open the VMM console, and then click the VMs and Services workspace.
2.
In the VMs and Services navigation pane, click VM Networks on the right, click to highlight a virtual
machine network, and then on the ribbon, click View Dependent Resources.
3.
Review the Names and Type of resources. Make a note of them, and then click OK.
4.
To delete other VMM resources that may have dependent resources, you can right-click them. If they
have dependent resources, the dependent resource option will display, and clicking on it will display
those dependencies.
Adding a Gateway
When you deploy network virtualization, you most likely will want virtual machines to communicate with
other virtual machines on other Hyper-V hosts, or with physical machines outside of the virtualization
environment. To facilitate this, you must provision a network gateway, which in VMM is configured in the
Network Service section of the Fabric workspace. The gateway connects to remote networks using a VPN
tunnel.
To add a gateway, you must first install its provider software. You can review the list of installed providers
by using the following procedure:
1.
Open the VMM console.
2.
Click the Settings workspace, and then in the Settings pane, click Configuration Providers. The lists
of providers displays along with information such as Type, Version, Publisher, Manufacturer and
Model.
The default providers in VMM are:
o
Microsoft IP Address Management Provider
Microsoft Network Load Balancing (NLB)
Microsoft Standards-Based Network Switch Provider
Microsoft Windows Server Gateway Provider
The default installation directory for providers is C:\Programs Files\Microsoft System Center 2012 R2
\Virtual Machine Manager\Bin\Configuration Providers.
3.
Confirm that the necessary provider software for the gateway device has been installed and is listed.
For more information about gateway prerequisites and to review the setup steps, refer to:
Configuring VM Networks and Gateways in VMM
How to Add a Gateway in VMM in System Center 2012 R2
Demonstration: Configuring Network Virtualization
In this demonstration, you will see how to configure network virtualization in Windows Server 2012 R2 by
using VMM.
Demonstration Steps
1.
In the Virtual Machine Manager console, from the VMs and Services workspace, create a virtual
machine network named Adatum North.
2.
Ensure that Adatum UK is selected as the Logical network, and enable Hyper-V network
virtualization.
3.
Add the following VM Subnets:

o
Subnet name: Adatum Finance
Subnet address: 192.168.4.0/24
Subnet name: Adatum Engineering
4.
5.
machine network named Adatum South. Ensure that Adatum UK is selected as the Logical network,
and enable Hyper-V network virtualization.
6.

o
Subnet name: Adatum Warehouse
Subnet name: Adatum Logistics
7.
8.
From the VMs and Services workspace, create a virtual machine network IP pool for the Adatum
Finance VM Network. Name this pool Adatum Finance VM Network IP Pool.
9.
Ensure the VM subnet is set to Adatum Finance (192.168.4.0/24), and accept the default settings.

11. From the VMs and Services workspace, create a virtual machine network IP pool for the Adatum
Finance VM Network. Name this pool Adatum Logistics VM Network IP Pool.
12. Ensure the VM subnet is set to Adatum Logistics (192.168.5.0/24), and accept the default settings.

When you use the Hyper-V virtual switch to
implement network virtualization, the switch
operates as a router between different Hyper-V
hosts in the same infrastructure. Network
virtualization policies define how packets are
routed from one host to another.
8-15
However, when you use network virtualization a

virtual switch cannot route to networks outside
the Hyper-V server infrastructure. If you do not
use network virtualization, you connect the virtual
machine to an external switch, and the virtual
machine connects to the same networks as the
host machine. In a network virtualization scenario, you may have multiple virtual machines running on
a Hyper-V host that share the same IP addresses. You also want to be able to move the virtual machine
to any host in the network without disrupting network connectivity. You need to be able to connect the
virtualized networks to the Internet by using a mechanism that is multitenant-aware so that traffic to
external networks is routed correctly to the internal addresses used by the virtual machines.
Windows Server 2012 R2 provides Windows Server Gateway to address this scenario. Windows Server
Gateway is a virtual machine-based software router that allows you to route network traffic between the
virtual networks on the Hyper-V hosts and the physical networks. This enables the virtual machines to
connect to other resources on the internal network and also to connect to external networks such as the
Internet.
You can implement Windows Server Gateway in three different configurations:
Multitenant-aware VPN gateway. In this configuration, Windows Server Gateway is configured as a

VPN gateway that is aware of the virtual networks that are deployed on the Hyper-V hosts. Deploying
the Windows Server Gateway with this configuration means that you can connect to the Windows
Server Gateway by using a site-to-site VPN from a remote location, or by configuring individual users
with VPN access to the Windows Server Gateway.
The Windows Server Gateway operates like any other VPN gateway, whereby it allows the remote
users to connect directly to the virtual networks on the Hyper-V servers. The main difference is that
the Windows Server Gateway is multitenant-aware, so you can have multiple virtual networks that
are located on the same virtual infrastructure, and that have overlapping address spaces. This
configuration is useful for organizations that have multiple locations, or multiple business groups
that share the same address spaces and must to be able to route traffic to virtual networks. Hosting
providers also can use this configuration to provide remote clients direct network access between
their on-premises network and the hosted networks.
Multi-tenant aware NAT gateway for Internet access. In this configuration, Windows Server Gateway
provides access to the Internet for virtual machines on virtual networks. The Windows Server Gateway
is configured as a NAT device, translating addresses that can connect to the Internet to addresses
used on the virtual networks. In this configuration, Windows Server Gateway is also multitenantaware, so all virtual networks behind the Windows Server Gateway can connect to the Internet, even
if they use overlapping address spaces.
Forwarding gateway for internal physical network access. In this configuration, Windows Server
Gateway provides access to internal network resources that are located on physical networks. For
example, an organization may have some servers that are still deployed on physical hosts. When
configured as a forwarding gateway, Windows Server Gateway enables computers on the virtual
networks to connect to those physical hosts.
Windows Server Gateway is Microsofts implementation of a multitenant-aware gateway. Other vendors

have also developed similar gateways. For more details about Windows Server Gateway, go to the
following link:
You can configure Windows Server Gateway by deploying appropriate Windows Server 2012 R2 roles, and
by configuring the network settings by using Windows PowerShell. The high-level steps for implementing
Windows Server Gateway are as follows:
1.
Verify that your Hyper-V deployment meets the requirements for the Windows Server Gateway
deployment. Although you can deploy a Windows Server Gateway on a host with single network
adapter, we recommend that you configure multiple network adapters on the host. You must
configure multiple virtual network adapters on the Windows Server Gateway virtual machine. As
a best practice, configure the physical and virtual network adapter names to match the intended
use for each network.
2.
Install the Remote Access role on the Windows Server Gateway virtual machine, including the Direct
Access and VPN (RAS) and Routing role service. Install the required management tools.
3.
On the Hyper-V host running the Windows Server Gateway virtual machine, do the following:
a.
Enable the multitenancy mode on the virtual machine network adapter by using the
Set-VMNetworkAdapterIsolation cmdlet with the IsolationMode parameter.
b.
Map the tenants routing domains and virtual subnets by using the
Add-VmNetworkAdapterRoutingDomainMapping parameter.
c.
Configure the network virtualization settings by using the

New-NetVirtualizationProviderAddress, New-NetVirtualizationLookupRecord, and
NewNetVirtualizationCustomerRoute cmdlets.
4.
On Windows Server Gateway, configure the IP addresses and network routes for each tenant network.
5.
On the Hyper-V hosts running the tenant virtual machines, configure the network
virtualization settings by using the New-NetVirtualizationProviderAddress,
New-NetVirtualizationLookupRecord, and New-NetVirtualizationCustomerRoute cmdlets.
When deploying a gateway in VMM, configure a gateway in the Network Service section of the Fabric
workspace. The gateway connects to remote networks using a VPN tunnel. To add a gateway, you must
first install its provider software. You can review the list of installed providers by using the following
procedure:
1.
Open the VMM console.
2.
Click the Settings workspace, and then in the Settings pane, click Configuration Providers. The lists
of providers displays along with information such as Type, Version, Publisher, Manufacturer and
Model.
The default providers in VMM are:
o
Microsoft IP Address Management Provider
Microsoft Network Load Balancing (NLB)
Microsoft Standards-Based Network Switch Provider
Microsoft Windows Server Gateway Provider
8-17
The default installation directory for providers is C:\Programs Files\Microsoft System Center 2012 R2
\Virtual Machine Manager\Bin\Configuration Providers.
3.
Confirm that the necessary provider software for the gateway device has been installed and is listed.
For more information about gateway prerequisites and to review the setup steps, refer to:
Configuring VM Networks and Gateways in VMM
How to Add a Gateway in VMM in System Center 2012 R2

Scenario
One of the reasons that A. Datum Corporation decided to use VMM as its virtualization management
solution was that administrators also could use VMM to manage many of the other components that a
virtualized environment requires. To manage the virtual environment efficiently, administrators need the
ability to manage from within VMM, components such as storage devices and the network infrastructure.
Objectives
Implement a network infrastructure.
Lab Setup
Virtual Machines: 20409B-LON-HOST1, 20409B-LON-HOST2, 20409B-LON-DC1, 20409B-LON-VMM1,
20409B-LON-SS1, 20409B-LON-SVR1
User Name: Adatum\Administrator
Password: Pa$$w0rd
1.
2.
In Hyper-V Manager, click 20409B-LON-DC1, and then in the Actions pane, click Start. Wait 30
seconds.
3.
Click 20409B-LON-VMM1, in the Actions pane, click Start, and then click Connect. Wait until the
virtual machine starts.
4.
5.
Password: Pa$$w0rd
Domain: Adatum
Repeat steps 2 through 4 for 20409B-LON-SS1 and 20409B-LON-SVR1.
Exercise 1: Implementing a Network Infrastructure

Scenario
As the virtualization administrator, you have been asked to provide a network virtualization proof-ofconcept for Adatum. You plan to start with four departments that currently have server infrastructure in
primary and secondary London data centers. Because departments originate from different companies
and consequently have some overlapping IP addresses on their servers, your virtualized network will allow
for running virtual machines for any department from any data center.
In this exercise, you will prepare a proof of concept for the Adatum London virtual network. You will
connect a host server with logical networks, configure network virtualization, and connect virtual
machines to a virtual machine network.

1.
Configure logical networks.
2.
Connect a host server with a logical network.
3.
4.
Connect virtual machines to a virtual machine network.
Task 1: Configure logical networks

1.
On LON-VMM1, launch the Virtual Machine Manager console.
2.
Create a logical network named Adatum UK that permits the use of network virtualization.
3.
Create two network Sites that use the All Hosts host group using the following details:
a.
Network site name: Docklands
b.
VLAN: 0
c.
IP Subnet: 192.168.1.0/24
d.
Network site name: Gatwick
e.
VLAN: 0
f.
IP Subnet: 192.168.2.0/24
8-19
4.
5.
From the Fabric workspace, create a new IP Pool named Adatum UK IP Pool. Use the Adatum UK
logical network.
6.
Using the Docklands network site and the 192.168.3.0/24 IP subnet, complete the wizard accepting
the defaults, and then close the Jobs window.
7.
Create another IP pool named Gatwick IP Pool. Use the Adatum UK logical network, and the Gatwick
network site.
8.
From the Fabric workspace, create a Hyper-V Port Profile named Adatum UK Uplink. Use the
Hyper-V port load balancing algorithm.
9.
On the Network configuration page, select the Docklands and Gatwick network sites, and enable
Hyper-V Network-Virtualization.

11. From the Fabric workspace, create a Logical Switch named Adatum UK. Enter the description
Adatum production hosts logical switch. Use the default extensions, and use the Adatum UK
uplink.
12. Add a Virtual Port using the Medium Bandwidth port classification and the Medium Bandwidth
virtual network adapter port profile.
Task 2: Connect a host server with a logical network

1.
From the Fabric workspace, open the properties page for lon-host1.adatum.com, click Hardware,
then click the logical network associated with your network card, (this will be connected to External
Network.)
2.
Click the Adatum UK logical network, read the warning about VLANs, click OK, and then click OK
again.
3.
In the Fabric workspace, click LON-HOST1, click Properties, click Virtual Switches, click New
Virtual Switch, and then click New Logical Switch.
4.
Notice the error message that displays stating that VMM cannot create a virtual switch without any
physical network adapters. At this point, if you have another network card, you can assign the logical
switch to a physical adapter. In the error message pop-up window that displays, click OK.
5.
In the Properties dialog box, click Hardware, and then scroll down and expand Network adapters.
machine placement and management use. Click the Logical network, and on the right under Logical
network connectivity, note that you can assign the logical networks and IP subnets.
6.
Click Cancel, and then click Yes to close the warning.
Task 3: Configure network virtualization

1.
machine network named Adatum North.
2.
Ensure that Adatum UK is selected as the Logical network, and enable Hyper-V network
virtualization.
3.

o
Subnet name: Adatum Finance
Subnet name: Adatum Engineering
4.
5.
machine network named Adatum South. Ensure that Adatum UK is selected as the Logical network,
and enable Hyper-V network virtualization.
6.

o
Subnet name: Adatum Warehouse
Subnet name: Adatum Logistics
7.
8.
From the VMs and Services workspace, create a virtual machine network IP pool for the Adatum
Finance VM Network. Name this pool Adatum Finance VM Network IP Pool.
9.
Ensure the VM subnet is set to Adatum Finance (192.168.4.0/24), and accept the default settings.

11. From the VMs and Services workspace, create a virtual machine network IP pool for the Adatum
Finance VM Network. Name this pool Adatum Logistics VM Network IP Pool.
12. Ensure the VM subnet is set to Adatum Logistics (192.168.5.0/24), and accept the default settings.
Task 4: Connect virtual machines to a virtual machine network
1.
In the VMs and Services workspace, edit the properties of 20409B-LON-TEST1, and connect
Network Adapter 1 to VM network.
2.
Ensure that Adatum North is selected, and ensure that subnet Adatum Finance is selected.
3.
Edit the properties of 20409B-LON-PROD1, and connect Network Adapter 1 to VM network.
4.
Ensure that Adatum South is selected, and ensure that the subnet Adatum Logistics is selected.
5.
Power on 20409B-LON-TEST1 and 20409B-LON-PROD1.
6.
Connect to 20409B-LON-TEST1, and sign in as Administrator with the password Pa$$word.
7.
Configure the virtual machine to use a dynamically assigned IP address, and then verify that the
dynamically assigned IP address is in the range configured for Adatum Finance.
8.
Connect to 20409B-LON-PROD1, and sign in as Administrator with the password Pa$$word.
9.
Configure the virtual machine to use a dynamically assigned IP address, and then verify that the
dynamically assigned IP address is in the range configured for Adatum Logistics.
10. Open Windows PowerShell, and use the ping command to verify that LON-PROD1 cannot
communicate with LON-TEST1.
11. Use the Virtual Machine Manager console to shut down LON-TEST1 and LON-PROD1.
8-21
Results: After completing this exercise, you should have created and configured a new virtual network,
configured network virtualization, and connected virtual machines to a virtual machine network.
Lesson 2
Managing Storage Infrastructure
This lesson describes how to manage a storage infrastructure in VMM. VMM can use three different types
of storage: Fibre Channel, iSCSI, and file share. The lesson explains how to implement and deploy these
different types of storage, and the considerations that you need to be aware of before you implement
highly available storage.
Lesson Objectives
Describe storage options for server virtualization.
Describe how to implement block storage.
Describe how to implement file storage.
Deploy storage in VMM.
Deploy block storage in VMM.
Explain how to manage storage in VMM.
Deploy and manage storage in VMM.
Storage Options for Server Virtualization

A key factor when provisioning virtual
machines is ensuring that the underlying storage
infrastructure is reliable and can provide sufficient
performance. This includes managing peak
utilization times, such as during backups, antivirus
sweeps, and multiple, concurrent virtual machine
startups. Storage is one of the more complicated
and costly resources to manage in virtualization
projects. Therefore, you should design storage
solutions that have the flexibility to scale up and
meet future growth, but not overprovision
capacity.
Windows Server 2012 R2 builds upon, and introduces new storage options for virtualization, which
enables small to midsize companies to utilize highly available storage solutions. These solutions were
historically available only by investing in storage area network (SAN) technologies or non-Microsoft
software.
When planning a virtualization environment, the .vhdx file type performance can affect the virtual
machines performance. Servers that you otherwise provision with random access memory (RAM) and
processor capacity can still experience unsatisfactory performance if you misconfigure the storage system
or if it becomes overwhelmed with traffic. Therefore, you should ensure that the storage design provides
adequate performance, and that your design includes a plan for monitoring storage for availability and
performance.
Consider the following factors when planning the storage options.
8-23
Storage connectivity. You can locate .vhd or .vhdx files on local or remote storage. When you locate
these files on remote storage, you must ensure that there is adequate bandwidth and minimal latency
between the host and the remote storage. Slow network connections to storage, or connections
where there is latency, result in poor virtual machine performance.
Storage redundancy. The volume that the .vhdx files are stored on should be fault tolerant. This
should apply whether the .vhdx file is stored on a local disk, or on a remote SAN device. Hard disks
often fail. Therefore, the virtual machine and the Windows Server 2012 Hyper-V host should remain
in operation after a disk failure. Replacement of failed disks should not affect Hyper-V host or virtual
machine operations.
Storage performance. The storage device where .vhdx files are stored should have excellent
I/O characteristics. Many enterprises use solid-state drive (SSD) hybrid drives in a redundant array
of independent disk (RAID) 1+0 arrays. This helps with achieving maximum performance and
redundancy, particularly when multiple virtual machines are running simultaneously on the same
storage. However, this can place a tremendous I/O burden on a disk subsystem, so you need to
ensure that you select high performance storage. Otherwise, your virtual machine performance may
suffer. The assessment and planning tool measures I/O, and its output can assist in storage planning.
Storage capacity. If you configure .vhdx files to grow automatically, it is important that there is
adequate space in which these files can grow. Additionally, you need to monitor growth carefully
so that you experience no service disruptions if a .vhdx file consumes all available space.
Data protection. Consider the performance of your backup solution, its impact on your storage
design, and the amount of data virtual machines will host. Review existing data, and ensure that you
will be able to back up required virtual machines and their storage within an acceptable timeframe.
Flexible storage options. Hyper-V offers flexible storage options include most of the options that
Windows Server supports, such as locally attached storage (for example, Serial Advanced Technology
Attachment (SATA), SCSI, and SSD). Hyper-V supports remotely connected Fibre Channel, iSCSI, and
Serial Attached SCSI storage. Hyper-V also supports running virtual machines in file shares using
the Server Message Block (SMB) 3.0 protocol. Shared .vhdx files allow guest virtual machines to be
clustered without needing iSCSI or Fibre Channel SANs. Hyper-V and VMM support live migration
outside of a clustered environment, sometimes referred to as shared-nothing live migration.
Note: When selecting your virtualization storage options, closely examine all the features
and components that you plan to use. Carefully review the prerequisites of each technology to
ensure compatibility. For example, if you are planning to use the Windows Server 2012 R2 .odx
feature for virtual machine SAN transfers, you cannot have Windows Server Data Deduplication
or BitLocker Drive Encryption enabled.
Storage availability. Using VMM, you can manage both block storage and file storage for deploying
and storing your virtual machines. You can do this by using Windows Storage Management API
deployment.
The following topics will discuss the various storage types in more detail.
Implementing Block Storage

Fibre Channel
Each Fibre Channel SAN is different. Some SANs
have built-in features such as storage tiering,
thin provisioning, volume snapshots, and volume
replication. If you are designing a Fibre Channel
SAN for high availability, you should consider the
following factors:
The hosts should have multiple physical

Fibre Channel host bus adaptors (HBAs).
You should install multiple SAN switches
and storage controllers, and then enable
multipath I/O in your Windows Server operating system. Given the throughput and capacity
capabilities of modern Hyper-V host servers, it is possible to build clusters that can outperform many
small to mid-range SANs, if you plan carefully, and plan for circumstances such as planned shutdown.
Consider what may happen if someone tried to start several hundred virtual machines simultaneously.
Would the SAN controllers manage this, and how would the hosts behave?
With Virtual Fibre Channel adapters, you can now access Fibre Channel SANs directly from the
Hyper-V hosts guest operating system. Virtual Fibre Channel adapters in Hyper-V are virtual
hardware components that you can add to a virtual machine, which enable the adapters to access
Fibre Channel storage on SANs. To deploy a virtual Fibre Channel adapter:
o
You must configure the Hyper-V host with a Fibre Channel HBA.
The Fibre Channel HBA must have a driver that supports Virtual Fibre Channel.
The virtual machine must support virtual machine extensions.
Virtual Fibre Channel adapters support port virtualization by exposing HBA ports in the guest operating
system. This allows the virtual machine to access the SAN by using a standard World Wide Name (WWN)
associated with the virtual machine.
Hyper-V supports multipath I/O (MPIO) to provide highly available access to the logical unit numbers
(LUNs) that have been exposed to the host. With Virtual Fibre Channel adapters, you can provide access
to LUNs directly from virtual machines that also support MPIO. You can use a combination of both in your
virtualization environment.
iSCSI
A less expensive and simpler way to configure a connection to remote disks is to use iSCSI storage. Many
application requirements dictate that remote storage connections must be redundant in nature for fault
tolerance or high availability. Additionally, many companies already have fault-tolerant networks that
make it less expensive to retain redundancy compared to using SANs.
When designing your iSCSI storage solution, you should consider the following:
Deploy the iSCSI solution on at least a 1 gigabyte per second (Gbps) network. Review specific features
that you intend to use, and ensure that all of your hardware can support these features.
Have a high availability design. This is crucial for your network infrastructure, because network
devices and components conduct the transfer of data from servers to iSCSI storage.
8-25
Design an appropriate security strategy for your iSCSI storage solution.
Involve all relevant teams in the storage implementation, and confirm whether storage deployment
automation will be possible for virtualization administrators and application administrators.
iSCSI is a protocol that supports access to remote SCSIbased storage devices over a TCP/IP network.
iSCSI carries standard small computer system interface (SCSI) commands over IP networks to facilitate
data transfers over intranets, and to manage storage over long distances. You can use iSCSI to transmit
data over local area networks (LANs), wide area networks (WANs), or even over the Internet.
iSCSI relies on standard Ethernet networking architecture. Whether you want to utilize specialized
hardware, such as HBA or network switches, is optional. iSCSI uses TCP/IP (typically, Transmission Control
Protocol (TCP) port 3260). This means that iSCSI enables two hosts to negotiate tasks, such as session
establishment, flow control, or packet size, and then exchange SCSI commands by using an existing
Ethernet network. iSCSI uses a commonly used, high performance, local storage-bus subsystem
architecture, which it emulates over LANs and WANs, thereby creating a SAN.
Unlike Fibre Channel SAN technologies, iSCSI requires no specialized cabling. You can run it over the
existing switching and IP infrastructure. However, as a best practice, you can increase the performance
of an iSCSI SAN deployment by operating it on a dedicated network or subnet.
Note: Although you can use a standard Ethernet network adapter to connect the server to
the iSCSI storage device, you also can use dedicated iSCSI HBAs.
An iSCSI SAN deployment includes the following:
TCP/IP network. You can use standard network-interface adapters and Ethernet protocol network
switches to connect the servers to the storage device. To provide sufficient performance, the network
should provide speeds of at least 1 Gbps, and for redundancy, multiple paths to the iSCSI target. As a
best practice, use a dedicated physical network. For high bandwidth adapters and switches, you can
use converged logical network with Quality of Service to achieve fast, reliable throughput.
iSCSI targets. iSCSI target are used to present the storage, similar to controllers for hard-disk drives
of locally attached storage. However, you access this storage over a network, instead of accessing it
locally. Many storage vendors implement hardware-level iSCSI targets as part of their storage devices
hardware. Other devices or appliances, such as Windows Storage Server 2012 devices, implement
iSCSI targets by using a software driver and at least one Ethernet adapter. Windows Server 2012
provides the iSCSI target server, which is a role service that acts a driver for the iSCSI protocol.
iSCSI initiators. The iSCSI target displays storage to the iSCSI initiator, or client, which acts as a local
disk controller for the remote disks. Windows Server 2008 and newer Windows Server versions
include the iSCSI initiator, and can connect to iSCSI targets. Windows 7 and newer Windows client
operating systems also include the iSCSI initiator.
iSCSI qualified name. iSCSI qualified names are unique identifiers for initiators and targets on
an iSCSI network. When you configure an iSCSI target, you must configure the iSCSI qualified
name for the iSCSI initiators that will connect to it. iSCSI initiators also use iSCSI qualified names
to connect to the iSCSI targets. However, if name resolution on the iSCSI network is a possible issue,
you can identify iSCSI endpoints (both target and initiator) by their IP addresses.
VMM can manage and deploy block storage for your virtualization environment, which can be especially
useful if you plan to build a private cloud or plan to delegate virtualization deployment rights. This is
discussed in more detail later in the lesson in the Managing Storage in Virtual Machine Manager topic.
Implementing File Storage

SMB 3.0
SMB file share provides an alternative to
storing virtual machine files on iSCSI or Fibre
Channel SAN devices. Hyper-V supports storing
virtual machine data, such as virtual machine
configuration files, snapshots, and .vhd files, on
SMB 3.0 file shares. If you opt to implement SMB
file shares, consider the following:
The file share must support SMB 3.0, which

limits placement of .vhdx files to file servers
that are running a Windows Server 2012 host.
Versions of Windows Server prior to Windows Server 2012 do not support SMB 3.0.
You must ensure that network connectivity to the file share is 1 gigabyte (GB) or more.
When creating a virtual machine in Hyper-V on Windows Server 2012, you can specify a network
share when you select the virtual machine location and virtual hard disk location. You also can attach
disks stored on SMB 3.0 file shares. You can use both .vhd and .vhdx disk types with SMB file shares.
Note: Hyper-V over SMB assigns the computer account permissions on the share, so you
can configure it only in an Active Directory Domain Service (AD DS) environment. The VMM
service account requires administrative permissions on the file server, which must be assigned
outside of VMM.
The new SMB protocol in Windows Server 2012 includes the following features:
SMB transparent failover. The SMB protocol has the built-in ability to manage failure so that the client
and server can coordinate a transparent move that allows continued access to resources with only a
minor I/O delay. This ensures that there is no failure for applications.
SMB scale-out. You can use the SMB scale-out feature to access shares through multiple cluster nodes
by using Cluster Shared Volumes (CSVs). By using this feature, you can balance loads across a cluster.
SMB Direct (SMB or Remote Direct Memory Access (RDMA)). Formerly seen only on highperformance computing scenarios, SMB Direct is available now in Window Server 2012. SMB Direct
allows an RDMAenabled network interface to perform file transfers by using technology onboard
the network interface, without the operating system intervening.
SMB Multichannel. SMB Multichannel, which is enabled automatically, enables SMB to detect a
networks configuration. For example, if it detects that two network interfaces are configured and
teamed on the client and server, SMB can make use of all available bandwidth.
SMB encryption. SMB encryption allows for encryption without the need for (IPsec. You can configure
SMB encryption per share or at the server level. Previous versions of SMB clients cannot connect to
encrypted shares or servers.
VSS for SMB file shares. Volume Shadow Copy Services (VSS) is enhanced to allow snapshots at the
share level. Remote file shares act as a provider and integrate with a backup infrastructure.
SQL Server over SMB. You can store Microsoft SQL Server databases on SMB 3.0 shares, which could
allow for infrastructure consolidation.
NFS
8-27
Network file system (NFS) is a file-sharing solution that uses the NFS protocol, and which enables you
to transfer files between computers that are running Windows Server 2012 and other non-Windows
computers.
Windows Server 2012 includes an updated NFS stack, which enables it to provide transparent failover to
NFS clients by using continuously available NFS shares. You can use NFS as storage for VMware virtual
machines. However, NFS is not an option for Hyper-V storage.
Deploying Storage in VMM

Storage Array Settings
After you have added a storage array, you can
choose how your SAN will allocate and provision
new storage. The following logical unit allocation
and deployment methods are for VMM:
Snapshots. With this method, the SAN creates

a writable snapshot of an existing logical unit.
This is the fastest deployment method with
the least storage cost.
Cloning. With this method, the SAN creates

an independent copy of an existent logical unit. This is a slower method, and the new unit is equal in
size to the one that has been cloned.
Note: Each method must be supported by the storage array, and may require a license
from the storage vendor.
To configure the allocation method for a storage array, complete the following procedure:
1.
Launch the VMM console, and then click the Fabric workspace.
2.
In the Fabric navigation pane, click and expand Storage, and then click Arrays.
3.
Right-click the storage array you want to update, and in the storage array Properties dialog box, click
Settings. You can then click either Use snapshots or Clone logical units. Only the supported
storage method will be made available.
Provisioning Storage Logical Units
You can create and manage storage logical units within the VMM console. To create a new storage logical
unit, use the following procedure:
1.
Launch the VMM console, and then click the Fabric workspace.
2.
On the ribbon, click Create Logical Unit.
3.
Click the storage pool drop-down list box, and then click an available storage pool.
4.
Confirm there is enough capacity, enter a name and optionally a description, type the size in
gigabytes, or click to use the arrows to select a size, and then click OK.
5.
To view the new logical unit, click Classifications and Pools.
If you allocate a storage pool to a host group, you can also create and assign logical units directly from
managed Hyper-V hosts in the host group.
Demonstration: Deploying Block Storage in VMM

In this demonstration you will see how to:
Add a storage provider.
Deploy block storage.
Demonstration Steps
Add an iSCSI storage provider
1.
On LON-VMM1, add a storage provider, and select SAN and NAS devices discovered and
managed by a SMI-S provider.
2.
Click the Protocol drop-down list box, and then click SMI-S WMI.
3.
In the Provider IP address or FQDN: text box, type lon-ss1.adatum.com, and then click Browse.
4.
Create a Run As account with the following settings:

o
Name: StorageAdmin
Password: Pa$$w0rd
Confirm password: Pa$$w0rd
5.
Use the StorageAdmin Run As account to create classifications, one named Gold with a description
of 15K SAS Drives, and another named Silver with a description of 7K SATA Drives.
6.
Select the iSCSITarget: LON-SS1:C, check box, and from the Classification drop-down list box, click
Silver.
7.
Select the iSCSITarget: LON-SS1:E check box. From the Classification drop-down list box, click
Gold, and then click Next.
8.
On the Summary page, click Finish.
9.
Deploy Block Storage

In the Fabric workspace, create a Logical Unit using iSCSITarget: LON-SS1:E named LON-APP1_C.
Set the size to 20 GB.
Managing Storage in VMM

Managing Host Storage
VMM is aware of the storage that is attached
to Hyper-V hosts. When VMM makes virtual
machine placement calculations, it can calculate
the amount of free storage on the associated host
disks.
Note: Updating the Hosts
When you add storage to a virtualization
host, VMM will not discover it until you refresh
the host. To work with newly added storage
immediately, you can perform a manual refresh on the virtualization host.
8-29
To see and work with host storage, right-click a host, and then from the Properties dialog box, click
Storage. In the Storage area, you will see areas for each disk subsystem type. If they are present, you can
expand, review, or configure them.
Managing Storage Arrays
Through the VMM console, you can discover, classify, and provision remote storage on supported
storage arrays. VMM fully automates storage assignment to a Hyper-V host or Hyper-V host cluster, and
then tracks any storage that it manages. To enable new storage features, VMM uses the new Storage
Management Service feature to communicate with external arrays through a SMI-S provider.
By default, the Storage Management Service installs during the VMM installation. To manage storage, you
must install a supported SMI-S provider on an available server, and then add the provider to VMM.
Storage Overview Display
To display the storage overview, in the Fabric workspace, click Storage, and then on the ribbon, click
Overview. As your virtual data center grows, the overview displays what the data center is provisioning,
and what resources continue to remain available.
You must complete the following steps to discover, classify, and assign storage through VMM:
1.
For a supported storage array, obtain a Storage Management Initiative Specification (SMI-S) storage
provider from your storage array vendor, and then install the SMI-S storage provider on an available
server as instructed by your storage vendor.
2.
From the VMM console, in the storage node, connect to the SMI-S storage provider to discover and
classify the storage. Connect to the provider by using either the IPv4 address or the fully qualified
domain name (FQDN).
3.
Classify storage. Classifying storage entails assigning a meaningful classification to storage pools. For
example, you may assign a classification of GOLD to a storage pool that resides on the fastest, most
redundant storage array. This enables you to assign and use storage-based classification without
actually knowing its hardware characteristics.
4.
Create logical units. In the storage node, you optionally can create logical units from a managed
storage pool.
5.
From either the VMM console storage node or the target host groups Properties dialog box, allocate
either precreated logical units or storage pools to specific host groups. If you allocate storage pools,
you can create and assign logical units directly from managed hosts in the host group that can access
the storage array. Additionally, if you use rapid provisioning to provision virtual machines by using
SAN snapshots or cloning, VMM can create logical units from the storage pool automatically.
6.
In the Virtual Machine Manager console, from either the host or host cluster Properties dialog box,
assign logical units from the host group to specific Hyper-V hosts or to Hyper-V host clusters, as
shared CSV or available storage. If you allocated a storage pool to a host group, you can create
and optionally assign logical units directly from a host or host clusters Properties dialog box. If the
storage array supports iSCSI host connectivity, you can create iSCSI sessions to the storage array from
a hosts Properties dialog box.
For a list of Supported Storage Arrays, go to:

Configuring Storage in VMM
Assigning Storage to Host Groups
You can assign storage pools to host groups, and using host groups you can define logical groups of
physical computing resources. These groups can help VMM and administrators determine placement for
deploying new virtual workloads. For example, you could create some host groups and assign storage
pools with classifications as shown in the following table.
Host group name
Storage classification
Storage type
Host server CPU
Tier 1
Platinum
SSDs
3.6 gigahertz (GHz)
Tier 2
Gold
Serial Attached SCSI 15,000

rotations per minute (RPM)
3.0 GHz
Tier 3
Silver
Serial Attached SCSI 10,000

RPM
2.4 GHz
Tier 4
Bronze
Serial ATA (SATA) 7,200 RPM
2.0 GHz
To add storage to a host group, you must perform the following steps:
1.
Right-click the host group, and then click Properties.
2.
Click Storage, and then either click Allocate Storage Pools, or click Allocate Logical Units.
3.
Add storage as required.
Note: The iSCSI Target SMI-S Provider for Windows Server is located at either of the
following locations:
The System Center Virtual Machine Manager 2012 Service Pack 1 (SP1) Installation CD in
path:\amd64\Setup\msi\iSCSITargetSMISProvider.msi
The VMM server at %systemdrive%\Program Files\Microsoft System Center 2012\Virtual Machine

Manager\setup\msi\iSCSITargetProv\iSCSITargetSMISProvider.msi
Demonstration: Deploying and Managing Storage in VMM

In this demonstration, you will see how to:
Use VMM to review and configure storage for virtualization hosts.
Add classifications to storage.
Add storage providers.
Demonstration Steps
Add file storage to VMM
1. On LON-VMM1, in the Virtual Machine Manager console, add a storage device provider.
8-31
2.
On the Select Provider Type page, click Windows-based file server, and then click Next.
3.
In the Provider IP address or FQDN text box, type lon-svr1.adatum.com, and then click Browse.
4.
On the Select a Run As account page, click Administrator, and then click OK.
5.
Complete the wizard, accepting the default settings. Click Finish, and then close the Jobs window.
Create file shares from within the Virtual Machine Manager console
1.
On LON-VMM1, click Fabric, and on the ribbon, click Create File Share.
2.
On the Create File Share page, in the Name text box, type SVR1, click the Classification drop-down
list box, and then click Gold. In the Local path text box, type c:\SVR1_Gold, and then click Create.
Assign storage to the host server

1. On LON-VMM1, click Fabric, click All Hosts, click lon-host1.adatum.com, and then on the ribbon,
click Properties.
2.
Click Host Access, and then click Browse.
3.
Click StorageAdmin, and then click OK twice.
4.
On the lon-host1.adatum.com Properties page, click Storage.
5.
On the Storage page, click Add, and then click Add File Share. Click the File share path drop-down
list box, click \\lon-svr1.adatum.com, and then click OK.
Allocate storage to a host group

1.
On LON-VMM1, click Fabric, and then click Storage.
2.
On the ribbon, click Allocate Capacity, and then click Allocate Storage Pools.
3.
In the Available storage pools section, click iSCSITarget LON-SS1:E:, click Add, click OK, and then
click Close.

Scenario
solution was that administrators also could use VMM to manage many of the other components that a
virtualized environment requires. To manage the virtual environment efficiently, administrators need this
ability to manage components such as storage devices and the network infrastructure, from within VMM.
Objectives
After completing this lab, you will be able to Implement a storage infrastructure.
Lab Setup
20409B-LON-SVR1, 20409B-LON-SS1
Password: Pa$$w0rd
1.
2.
Verify that the following virtual machines are still running. If they are not, perform steps 3 through 6.
o
20409B-LON-DC1
20409B-LON-VMM1
20409B-LON-SS1
20409B-LON-SVR1
3.
seconds.
4.
5.
6.
Password: Pa$$w0rd
Domain: Adatum
Repeat steps 3 and 4 for 20409B-LON-SS1 and 20409B-LON-SVR1.
Note: Because you will be using the same virtual machines in the next lab, do not revert the
virtual machines at the end of this lab.
Exercise 1: Implementing a Storage Infrastructure

Scenario
8-33
As part of the A. Datum Corporation United Kingdom proof-of-concept deployment, you will be testing
virtual machine storage using Window Server iSCSI storage and Windows Server file shares. You will also
review how to add and classify storage, and then deploy and allocate storage.
1.
Install the SMI-S storage provider.
2.
Deploy block storage.
3.
Add file storage to VMM.
4.
Assign and allocate storage.
Task 1: Install the SMI-S storage provider

1.
On LON-VMM1, in the Virtual Machine Manager console, on the ribbon, click PowerShell.
2.
Wait until the Windows PowerShell prompt opens, and then type the following Windows PowerShell
command:
$Cred = Get-Credential
3.
In the Windows PowerShell credential request dialog box, in the User name text box, type
adatum\administrator, in the Password text box, type Pa$$w0rd, and then click OK.
4.
In the Windows PowerShell window, type the following Windows PowerShell script:
$Runas = New-SCRunAsAccount Name iSCSIRunas Credential $Cred

Add-SCStorageProvider -Name "Microsoft iSCSI Target Provider" -RunAsAccount $Runas ComputerName "LON-SS1.adatum.com" AddSmisWmiProvider
Task 2: Deploy block storage

1.
On LON-VMM1, in the Virtual Machine Manager console, click Fabric, right-click Storage, and then
click Add Storage Devices.
2.
On the Select Provider Type page, click SAN and NAS devices discovered and managed by a
SMI-S provider, and then click Next.
3.
In the Protocol drop-down list box, click SMI-S WMI. In the Provider IP address or FQDN text box,
type lon-ss1.adatum.com, and then click Browse.
4.
On the Select a Run As account page, click iSCSIRunas, and then click OK.
5.
On the Specify Discovery Scope page, click Next.
6.
On the Gather Information page, review the discovery result, and then click Next.
7.
On the Select Storage Devices page, click Create Classification, and in the Name text box, type
Gold. In the Description text box, type 15K SAS Drives, and then click Add.
8.
Click Create Classification, and in the Name text box, type Silver. In the description text box, type
7K SATA Drives, and then click Add.
9.
Select the iSCSITarget: LON-SS1:C check box, and then in the Classification drop-down list box,
click Silver.
10. Select the iSCSITarget: LON-SS1:E: check box, in the Classification drop-down list box, click Gold,
and then click Next.
11. On the Summary page, click Finish, and wait for the job to finish.
12. Close the Jobs window.
13. On LON-VMM1, in the Virtual Machine Manager console, click Fabric.
14. In the Fabric navigation pane, click Storage, and on the ribbon, click Create Logical Unit.
15. Click the storage pool drop-down list box, and then click iSCSITarget: LON-SS1:E. In the Name text
box, type LON-APP1_C, in the Size (GB) text box, clear the existing value, type 20, and then click OK.
16. In the Fabric navigation pane, click Classifications and Pools. Verify that you can now see the new
LUN listed.
Task 3: Add file storage to VMM

1.
2.
3.
In the Provider IP address or FQDN: field, type lon-svr1.adatum.com, and then click Browse.
4.
On the Select a Run As account page, click Create Run As Account.
5.
In the Name box, type Administrator. In the User name box, type Adatum\Administrator, in the
Password and Confirm password boxes, type Pa$$w0rd, and then click OK.
6.
In the Select a Run As Account box, click Administrator, and then click OK.
7.
8.
9.
On the Select Storage Devices page, click Next.
10. On the Summary page, click Finish.

12. On LON-VMM1, click Fabric, and on the ribbon, click Create File Share.
13. Create a file share using the following information:
o
Name: SVR1
Classification: Gold
Path: C:\
Task 4: Assign and allocate storage

1.
On LON-VMM1, click Fabric, click All Hosts, click lon-host1.adatum.com, and then, on the ribbon,
click Properties.
2.
Click Host Access, and then click Browse.
3.
Click Administrator, and then click OK.
4.
Click OK again to accept the changes.
5.
Click lon-host1.adatum.com, and then, on the ribbon, click Properties.
6.
Click Storage, on the Storage page, click Add, and then click Add File Share.
7.
In the File share path drop-down list box, click \\lon-svr1.adatum.com\SVR1_Gold, and then
click OK.
8.
On LON-VMM1, from the Fabric workspace, allocate the iSCSITarget LON-SS1:E storage pool.
9.
8-35
In the Virtual Machine Manager console, create a new virtual machine using the following details:
o
Name: LON-APP1
Disk: blank virtual hard disk
VM Network: Adatum North
VM Subnet: Adatum Finance
10. Deploy the new virtual machine to lon-host1.adatum.com using the virtual machine path
C:\Program Files\Microsoft Learning\20409\Drives. (Note: this path may differ on your host.)
11. Confirm that the Create Virtual Machine job completes successfully.
12. Close the Jobs windows.
13. On LON-VMM1, click VMs and Services, click All Hosts, right-click LON-APP1, and then click
Migrate Virtual Machine.
14. In the Migrate VM Wizard, on the Select Host page, ensure that lon-host1.adatum.com is selected,
15. On the Select Path page, in the Storage location for VM configuration text box, type
\\lon-svr1.adatum.com\SVR1_Gold, click Automatically place all VHDs with the configuration,
16. On the Select Network page, leave the defaults, click Next, and then click Move.
17. Check the job status.
18. Close the Jobs Wwindow.
Results: After completing this exercise, you should have implemented a storage infrastructure.
Lesson 3
Managing Infrastructure Updates

As is the case with physically deployed servers and software, if you do not apply software updates
to virtual machines and the applications they host, you make your virtually and physically deployed
computers more vulnerable to being exploited by attackers inside and outside of your organization.
After completing this lesson, students will be able to manage infrastructure updates in Virtual Machine
Manager.
Lesson Objectives
Describe infrastructure updates.
Explain how to configure an infrastructure update in VMM.
Plan an update baseline.
Describe the considerations for updating a server.
Explain how to manage infrastructure updates.
Implement infrastructure updates.
What Are Infrastructure Updates?

Microsoft provides a number of solutions for
deploying software updates and scanning
computers for compliance. However, some
network clients (such as cluster-based server
nodes or other highly available server roles)
typically present complexities that can make it
difficult and time-consuming to maintain a
standard update management process.
VMM integrates with Windows Server
Update Services (WSUS) to provide on-demand
compliance scanning and remediation of servers
that comprise an infrastructure. These servers
include Hyper V hosts, library servers, Pre-Boot Execution Environment (PXE) servers, and the VMM
management server.
Integrating WSUS with VMM also provides you with the ability to perform orchestrated updates of
Hyper-V host clusters. When you remediate a host cluster, VMM places one cluster node at a time in
maintenance mode, and then installs the approved updates. For clusters that support live migration,
intelligent placement moves virtual machines off the cluster node that you are updating. If a cluster does
not support live migration, VMM saves the state of the virtual machines before updating the cluster node.
Note: You must have Windows Server 2008 R2 or Windows Server 2012 installed on a
Hyper-V cluster node for live migration support.
8-37
You can use the Update Server role in VMM to manage more complex update tasks for servers in your
private cloud infrastructure. These servers include:
Hyper-V hosts
Hyper-V clusters
Virtual Machine Manager library servers
PXE servers
VMM management servers
Infrastructure servers
To determine compliance status, the System Center 2012 VMM update compliance function allows you to
scan computers managed through VMM against a baseline of approved updates. For any servers that are
noncompliant, you can perform update remediation tasks to install missing updates and restart servers, if
necessary. You also can use the VMM update compliance functionality to deploy the VMM agent to a
non-VMM server, and then use that server in the process of evaluating compliance with baselines.
Configuring Update Management in VMM

To configure update management within your
VMM environment, use the following process:
1.
Use VMM to manage updates by first

enabling update management. You do this
either by adding an existing WSUS server
to VMM, or by installing a dedicated WSUS
server, and then adding the new Update
Server to VMM.
2.
Configure and manage update baselines,

which specify the set of updates for
deployment to a host group, a stand-alone
host, a host cluster, or a VMM server.
3.
After you add an Update Server, you can perform the following tasks from within the VMM console:
o
Perform on-demand synchronization of WSUS with Windows Update.
Configure proxy server name and port settings, which are required for connecting to the Internet
for WSUS synchronizations.
Specify update classifications to synchronize.
Specify products to synchronize.
Specify supported languages to synchronize.
4.
After you assign an update baseline, start a scan to determine compliance status. During a
compliance scan, WSUS checks each update in the assigned update baseline to determine whether
the update is applicable, and if so, whether it is installed on the target server. The target server then
reports a compliance status for each update.
5.
Perform an update remediation to bring a managed server or Hyper-V host cluster into compliance.
You can choose to remediate all update baselines assigned to a computer, all noncompliant updates
in a specific update baseline, or a single update, as necessary.
6.
Specify which update exemptions will prevent a specific update from being installed on a server. The
computer will remain accountable for the assigned baseline, even if you exempt a specific update
from being installed.
Planning an Update Baseline

After you add a WSUS server to VMM to perform
the Update Server role, your next step is to
determine which updates you should install on
each server within the private cloud infrastructure.
VMM adds the updates that you select to an
update baseline, against which each server scans.
VMM then remediates any server that does not
meet the baseline, and installs the missing
updates immediately.
After you determine which updates are required

for your VMM infrastructure servers, you then
need to create a list for VMM to use as a baseline
from which to scan against and remediate. VMM uses the update baseline as the list, and you can add or
remove updates as necessary.
What Is an Update Baseline?

When you synchronize with WSUS, all updates from a specific product and category will display within
the VMM console. To specify only the updates necessary for your requirements, you create an update
baseline. An update baseline is a set of required updates that are assigned to a scope of infrastructure
servers within the private cloud. You can assign an update baseline to the following:
All hosts within all host groups
Specific host groups
A specific stand-alone server within a host group
A specific host cluster within a host group
Library servers
PXE servers
VMM server
Update Server
Planning for Update Baselines

You should consider the following factors carefully when you are planning update baselines:
If you assign a baseline to a host group, any host or host cluster within that group will be assigned to
that baseline. If you move a host to a new host group, WSUS removes the original baseline, and the
host will inherit the baseline associated with the new host group.
If you assign a baseline specifically to a stand-alone host or host cluster, the baseline will stay with the
object when it moves from one host group to another.
When you first add the Update Server, two built-in update baselines are provided. The Sample
Baseline for Critical Updates contains all of the critical updates that synchronize initially, and the
Sample Baseline for Security Updates contains all of the security updates that synchronize initially.
8-39
If you plan to use these built-in update baselines, you will need to maintain the updates as you
perform subsequent synchronization tasks. You also need to assign computers to the baseline before
you are able to use the baseline for compliance scanning and remediation.
You can create a new update baseline that contains the updates that you require, in addition to those that
you assign to the servers for which you want to maintain update compliance.
Update Server Considerations

When you integrate WSUS into the VMM
infrastructure you should consider the following
factors carefully:
If you are using a dedicated WSUS server,

consider limiting the languages, products,
and classifications to only those that are
required by the servers that comprise the
VMM infrastructure.
If you are using a WSUS server that is shared

with a System Center 2012 R2 Configuration
Manager environment:
You should make WSUS configuration changes only by using Configuration Manager.
You should note that for the VMM environment, the synchronization schedule is always on
demand.
You should create a collection in Configuration Manager of all of the servers for which VMM will
manage updates. Exclude this collection from any software update deployments that
Configuration Manager deploys.
If you add the WSUS server to VMM, ensure that you clear the Allow Update Server configuration
changes check box. You configure this in the VMM console, in the Update Server Properties dialog
box.
Managing Infrastructure Updates

You can manage the update compliance of
any servers that are included in the scope of
an update baseline. You can create multiple
update baselines and create update exceptions
for an individual server, or for multiple servers.
Delegated administrators can scan and
remediate server compliance, but only the VMM
administrator can synchronize VMM with WSUS.
The following steps outline the process for
managing the infrastructure updates in VMM.
Scanning for Compliance

You can scan a server or group of servers for compliance using the VMM console as follows:
1.
In the VMM console, click the Fabric workspace. On the ribbon, click Compliance, and then in the
Fabric pane, click Servers.
2.
In the Managed Computers section, review the compliance status and operational status.
3.
To start a compliance scan, click the server to scan, and then on the ribbon, click Scan. Optionally,
you can hold down the Shift key, select multiple servers, and then from the ribbon, click Scan. The
Operational status will change to Scanning. When the scan completes, the Compliance status will be
updated.
Note: If the Scan button is grayed out on the ribbon, then no baseline has been assigned.
Remediating Servers
You can remediate servers as follows:
1.
In the VMM console, click the Fabric workspace. On the Fabric navigation pane, click Servers.
2.
Click and select the server or servers for remediation, and then on the ribbon, click Remediate.
3.
On the Update Remediation page, click to select the update baseline or individual updates. Choose
if you want servers to restart automatically, and then click Remediation.
Creating Update Exceptions

To create update exceptions, use the following procedure:
1.
In the VMM console, click the Fabric workspace. On the Fabric navigation pane, click Servers.
2.
Click and select the server or servers for exception, and then on the ribbon, click Compliance
Properties.
3.
On the Compliance Properties page, click Create. Select the updates to exclude, and then click OK.
When remediating Hyper-V clusters, the nodes will be put into maintenance mode and if possible, virtual
machines will be live migrated until the upgrade is complete.
How to Perform Rolling Updates on a Hyper-V Host Cluster in VMM
Demonstration: Implementing Infrastructure Updates

Integrate WSUS and VMM.
Create an update baseline.
Demonstration Steps
Integrate WSUS and VMM
1.
8-41
On LON-VMM1, in the Virtual Machine Manager console, from the Fabric workspace, expand the
Infrastructure node, and then add an Update Server with the following configuration:
o
Computer name: LON-WSUS
TCP/IP port: 8530
Password: Pa$$w0rd
2.
In the Jobs window, select the Add Update Server job. On the Summary and Details tabs, monitor
the status of the configuration job.
3.
When the job displays as Completed w/info, close the Jobs window.
Create a Baseline
1.
In the Virtual Machine Manager console, click the Library workspace.
2.
Expand the Update Catalog and Baselines node, and then create a Baseline using the Update
Baseline Wizard.
3.
On the General page, in the Name field, type Windows Server 2012 (Demo Baseline), and then
click Next.
4.
On the Updates page, click Add.
5.
In the Add Update to Baseline dialog box, create a new baseline called Windows Server 2012. Click
the first update, on your keyboard press and hold down the Ctrl and Shift keys, and then press the
down arrow key. This will select all the filtered updates, and then click Add.
6.
On the Assignment Scope page, select all of the check boxes, and then click Next.
7.
On the Summary page, review the details, and then click Finish.
8.
When the job displays as Completed, close the Jobs window.
9.
Confirm that the new baseline is available.

Scenario
solution was that administrators then could use VMM to manage many of the other components that a
virtualized environment requires. In addition, the virtualization management solution should provide a
way to apply updates to the Hyper-V servers.
Objectives
Manage infrastructure updates.
Lab Setup
20409B-LON-SVR1, 20409B-LON-WSUS, 20409B-LON-SS1
Password: Pa$$w0rd
1.
2.
Verify that the following virtual machines are still running. If they are not, perform steps 3 to 6.
o
20409B-LON-DC1
20409B-LON-VMM1
20409B-LON-SS1
20409B-LON-SVR1
20409B-LON-WSUS
3.
seconds.
4.
5.
6.
Password: Pa$$w0rd
Domain: Adatum
Repeat steps 3 through 4 for 20409B-LON-SS1, 20409B-LON-SVR1, and 20409B-LON-WSUS.
Note: Because you will be using the same virtual machines in the next lab, do not revert the
virtual machines at the end of this lab. However, you can shut down all virtual machines after
finishing this lab.
Exercise 1: Managing Infrastructure Updates

Scenario
8-43
In this exercise, you will add an Update Server to the VMM infrastructure. You will configure the Update
Baseline, scan for update compliance in VMM, configure update exemption, and verify how to update
WSUS settings in VMM.
1.
Integrate Windows Server Update Services (WSUS) with VMM.
2.
Perform a manual synchronization with WSUS from VMM.
3.
Create the update baseline in VMM.
4.
Assign an existing baseline in VMM.
5.
Scan for update compliance in VMM.
Task 1: Integrate Windows Server Update Services (WSUS) with VMM

1.
In the Virtual Machine Manager console, click the Fabric workspace.
2.
In the navigation pane, expand the Servers node, expand the Infrastructure node, and then click
Update Server.
3.
Add an Update Server with the following configuration:

o
Computer name: LON-WSUS
TCP/IP port: 8530
Password: Pa$$w0rd
4.
In the Jobs window, select the Add Update Server job.
5.
Using the Summary and Details tabs, monitor the status of the configuration job.
6.
Task 2: Perform a manual synchronization with WSUS from VMM

1.
2.
In the navigation pane, expand the Servers node, expand Infrastructure, and then click Update
Server.
3.
Click Synchronize to synchronize VMM with the WSUS server.
4.
In the Jobs window, select the Synchronize Update Server job.
5.
On the Summary and Details tabs, monitor the status of the configuration job.
6.
When the job displays an error message, close the Jobs window.
Note: An error is expected because there is no Internet connection. However, this will not
affect the rest of the lab exercise.
Task 3: Create the update baseline in VMM
1.
2.
In the navigation pane, expand the Update Catalog and Baselines node, and then click Update
Baselines.
3.
Create a Baseline with the name LON Base1 that includes all updates, and assign it to All Hosts and
LON-VMM1.Adatum.com.
4.
In the Jobs window, select the Change properties of a baseline job.
5.
6.
When the job displays as Completed, close the Jobs window.
7.
With the Update Baselines node selected, verify that LON Base1 displays in the Baselines pane with
Assignments set to 2.
Task 4: Assign an existing baseline in VMM

1.
2.
Baselines.
3.
Open the Properties for LON Base1, and assign LON-WSUS.Adatum.com to it.
4.
Click the Jobs workspace.
5.
Click History, and then select the Change properties of a baseline job.
6.
7.
When the job displays as Completed, switch back to the Library workspace.
8.
With the Update Baselines node selected, verify that LON Base1 displays in the Baselines pane with
Assignments set to 3.
Task 5: Scan for update compliance in VMM

1.
2.
In the navigation pane, click the Servers node, and then click Compliance.
3.
Select LON-WSUS.Adatum.com, and then click Scan.
4.
In the Results pane, verify that the Compliance Status lists as Compliant.
Results: After completing this exercise, you should have added and configured an Update Server to
manage infrastructure updates.

Review Questions
Question: You have been assigned the responsibility for selecting a storage solution for the
Hyper-V virtualization deployment. You are considering several Fibre Channel and iSCSI
SANs. What do you need to consider for compatibility with VMM?
Question: Which storage types does VMM allows you to integrate with and configure
automation for?
Question: Before you can configure a virtual machine network, what other network should
you configure?
Question: You have been advised that a potential compatibility issue exists between a
Windows operating system security update and the antivirus software that you are using to
protect your Hyper-V hosts. What could you do in VMM to prevent this issue from affecting
your Hyper-V hosts?
8-45

9-1
Module 9
Creating and Managing Virtual Machines by Using Microsoft

Contents:
Module Overview
9-1
Lesson 1: Virtual Machine Management Tasks in VMM
9-2
Lesson 2: Creating, Cloning, and Converting Virtual Machines
9-13
Lesson 3: Overview of Virtual Machine Updating
9-22
Lab: Creating and Managing Virtual Machines by Using System

9-26
9-29
Module Overview
One of the main tasks that administrators can perform with Microsoft System Center 2012 R2 Virtual
Machine Manager (VMM) is creating and deploying virtual machines and placing them on physical hosts.
You can also use VMM to manage existing virtual machines. This module explains how administrators can
use VMM to deploy a new virtual machine in various ways. For example, you can create a virtual machine
from the beginning, or by using a stored virtual machine from the VMM library. You can also use VMM to
manage virtual disks that virtual machines use, and to create and manage virtual machine checkpoints for
restoring virtual machines to specific points in time.
This module will describe management tasks on virtual machines, disks, and checkpoints that you can
perform in the VMM console. This module also explains how you can use VMM to convert a physical
machine to a virtual machine, and how to convert a virtual machine that you built with another platform
to a virtual machine that you host in Hyper-V on Windows Server 2012. You will also learn how to clone
existing virtual machines to build new ones. Lastly, this module explains how to use VMM to update
virtual machines, and how to use the Virtual Machine Servicing Tool for older VMM versions.
Objectives
Explain virtual machine management tasks in VMM.
Explain how to create, clone, and convert virtual machines.
Describe methods and tools for updating virtual machines.
Lesson 1
Virtual Machine Management Tasks in VMM
9-2 Creating and Managing Virtual Machines by Using Microsoft System Center 2012 R2 Virtual Machine Manager
VMM provides the VMM console that is built on Windows PowerShell. This console is a central utility for
managing virtual machines, and you can use it to perform various tasks, such as starting and stopping
virtual machines, and modifying their properties. You can perform many tasks in VMM that you typically
would perform on virtual machines through Hyper-V Manager. However, with VMM, you can manage
virtual machines that reside on several different hosts. Because Hyper-V Manager is built on Windows
PowerShell, you can also use Windows PowerShell cmdlets to manage any VMM task that you would
manage using the VMM console.
Lesson Objectives
Describe actions for operating and managing virtual machines.
Operate virtual machines.
Describe virtual machine properties.
Describe virtual machine checkpoints.
Create and manage checkpoints.
Actions for Operating and Managing Virtual Machines

You can use VMM to manage and operate every
virtual machine on a host that the VMM server
manages. On each virtual machine, you can
perform various actions. You can perform some
actions (such as pausing a virtual machine) only
when the virtual machine is running. You can
perform other actions (such as storing data in
the VMM library) only when the virtual machines
is shut down. You can also perform some actions
(such as configuring network connections)
irrespective of the virtual machines state.
Windows PowerShell 3.0 has equivalent cmdlets
for all of the functionality that you can perform through the VMM console.
The following table lists actions that you can perform on virtual machines both from the VMM console
ribbon, or using Windows PowerShell cmdlets.
Ribbon option
name
Create
Description
This option has a drop-down list box
that you can use to create either a clone
or a virtual machine template.
Windows PowerShell equivalent

cmdlet
New-SCVirtualMachine
Note: You will learn more about

cloning and templates in a topic later in
this module.
Shut Down
Use this option to perform a proper

shutdown of a virtual machines
operating system. Using the Shut Down
option is equivalent to performing a
shutdown within the guest operating
system. We recommend using this
method to turn off your production
environment virtual machines. This
functionality requires that the guest
operating system have Integration
Services installed.
Power On
This option starts a virtual machine that

is stopped, paused, or is in a saved state.
When you start a virtual machine that is
stopped or turned off, you are initiating
an operating system boot, just like when
you turn on a physical computer. When
you start a virtual machine that is in
paused or saved state mode, you resume
the virtual machine to the state in which
it was when you paused it.
Power Off
This option stops a virtual machine

without saving any state information.
This action has the same effect on the
virtual machine as pulling out the power
cord on a physical computer. If you stop
a virtual machine in production, you risk
losing data because it was not saved, or
because of service interruption. In a
production environment, you typically
use this option only when you cannot
perform a proper shutdown. In test
environments, you can stop a virtual
machine to save time when you are
reverting to a checkpoint and data
consistency is not an important
requirement.
Stop-SCVirtualMachine
with the Shutdown parameter
Start-SCVirtualMachine
with the -Force parameter
9-3
Ribbon option
name
Description
Pause
This option stops virtual machine

operations temporarily. It suspends
execution of a virtual machine, and
keeps all virtual machine state in
memory. The services that the virtual
machine provides become unavailable
while the virtual machine is in a paused
state. However, VMM retains all data in
the virtual machine, including the
memorys contents.
You can resume a paused virtual
machine quickly, usually within one to
two seconds. After you resume a paused
virtual machine, all its services return to
the states that they were in prior to the
paused state.
When you pause a virtual machine, the
virtual machine does not release the
resources that it is using. For example, if
a virtual machine is allocated 1 gigabyte
(GB) of memory, it will continue to use
that memory even while paused.
You can pause and resume a virtual
machine in test environments to
simulate network interruptions.
Resume
Use this option to remove the virtual

machine from the Pause state. You can
use this option only when a virtual
machine is paused. When you use the
Resume option, the virtual machine once
again becomes fully available.
Reset
This is an immediate operation that acts

like a Reset button on a physical
machine. Using this option causes the
virtual machine to reboot immediately.
Similar to the Power Off option, we do
not recommend using the Reset option
because you risk losing data if it was not
saved, or because of service interruption.
Save State
Use this option to suspend a virtual

machine for an extended time. In this
state, the contents of memory are
written to disk into a .vsv file in the same
directory as the virtual machine, for
long-term storage. The services that the
virtual machine provides are unavailable
when the virtual machine is in a saved
state. You can restart a saved virtual
machine quickly. When you restore the
virtual machine from the saved state, it
returns to the condition that it was in
when you saved its state.
When a virtual machine is in a saved

cmdlet
Suspend-SCVirtualMachine
Resume-SCVirtualMachine
Reset-SCVirtualMachine
with the -SaveState parameter.
Ribbon option
name
Description

cmdlet
state, the virtual machine releases the

resources that it is using. For example, a
virtual machine that is allocated 1-GB of
memory will release that memory for use
by other virtual machines. Saving the
state of a virtual machine in a test
environment allows you to stop it
temporarily and free resources for
running another virtual machine.
Discard Saved
State
Migrate Storage
Use this option to delete the saved state

of a virtual machine. When you do this,
the .vsv file gets deleted. This is
equivalent to stopping a virtual machine.
Use this option to migrate a virtual
machines .vhd files to a new location.
When you use this option, the Migrate
Virtual Machine Wizard opens.
with the DiscardSavedState

parameter
Move-SCVirtualMachine
with the Path parameter
Note: The Migrate Virtual

Machine Wizard presents you with
several options, which will be discussed
more in-depth later in this module.
Migrate Virtual
Machine
Use this option to migrate a virtual

machine between hosts. This is useful
when you need to balance workloads
between different hosts. This option also
starts the Migrate Virtual Machine
Wizard.
Store in Library
Use this option to add a virtual machine

to a library. When you store a virtual
machine in the library, you cannot start
it directly. You must first deploy it from
the library to a host.
Create
Checkpoint
In Hyper-V in Windows Server 2008 and

in Windows Server 2012, checkpoints
were called snapshots. In Hyper-V in
Windows Server 2012 R2, checkpoints
have identical functionality to snapshots.
When you use this option, you create an
.avhd file that contains any subsequent
changes, rather than storing them in the
original .vhd file. When you revert a
virtual machine to the state that it was in
when you created the checkpoint, the
system deletes the .avhd file.
You can make up to 64 checkpoints per
virtual machine. However, you should
never checkpoint production systems.
Failure to manage checkpoints properly
can result in serious errors for all virtual
machines on the same volume.
Move-SCVirtualMachine
Save-SCVirtualMachine
New-SCVMCheckpoint
9-5
Ribbon option
name
Description
Manage
Checkpoints
When you click this option, the Virtual

Machine Properties dialog box displays
in the Checkpoints workspace. From
this dialog box, you can create new
checkpoints, view the properties of the
selected checkpoint, or delete, restore,
or revert checkpoints.
Refresh
Use this option to refresh the content

of the screen. The screen should
periodically refresh as items change, but
clicking this option refreshes the content
immediately.
Repair
Select this option to open the Repair

window, where you can restart a job
that failed. You may revert a virtual
machine to a previous state if it was
checkpointed. (If the virtual machine was
not checkpointed, this option will be
grayed out.)
You can also use the Ignore option,
which simply refreshes the virtual
machine without attempting to rerun
the job. If any one of these actions fails,
use the Repair-SCVirtualMachine
Windows PowerShell command with
the parameters Ignore and Force. This
performs a deep cleanup of the virtual
machine. The option to perform a deep
cleanup is grayed out if a failure has not
occurred.
Install Virtual
Guest Services
In VMM, Hyper-V integration

components and older virtual machine
additions are collectively known as
Virtual Guest Services. Virtual Guest
Services improve virtual machine
integration and performance by
improving communications between the
host and guest operating systems. For
example, virtual guest services can add
synthetic drivers, and synchronize time
between the host and the virtual
machines.
You can deploy Virtual Guest Services
depending on the system level of the
host. Normally, this option is grayed out
because Virtual Guest Services are part
of virtual machine creation.
Note: The Refresh, Repair, and
Install Virtual Guest Services options
appear as icons only (with no text name)
on the ribbon. However, when you rightclick a virtual machine, the icons appear
in the context menu with text.

cmdlet
Set-SCVMCheckpoint
Read-SCVirtualMachine
Repair-SCVirtualMachine
Set-SCVirtualMachine
with the
-InstallVirtualizationGuestServices
$True parameter and value
Ribbon option
name
Description
Connect or View
This option provides a drop-down list

box with the following sub-options:
Connect via Console, Connect via RDP,
and View Networking. You can use the
first two sub-options to remote to the
virtual machine either through the VMM
consoles Virtual Machine Viewer, or
through the Remote Desktop Protocol
(RDP), if it is enabled on the virtual
machine.
The View Networking sub-option
provides a graphical representation of
how the virtual machine is connected to
the rest of the network environment.
The ribbon contains multiple view
options of the network environment,
and check boxes to add or remove other
virtual machines.
Delete
Use this option to delete the virtual

machine permanently, including all
files associated with the virtual machine.
This option also removes the virtual
machine either from the host on which
it is deployed, or from the library server
on which it is stored.
Before this action completes, a
confirmation pop-up window displays,
asking you to confirm this option.
Properties
Use this option to view information

about a virtual machine. If the virtual
machine is not running, you can also use
this option to make changes to the
hardware environment and other select
configurations, just as you would when
using the Settings option in Hyper-V.
Several workspaces in the console tree
allow you to observe or make changes
to these various configurable items.

cmdlet
vmconnect.exe
Remove-SCVirtualMachine
There is no Windows PowerShell

cmdlet equivalent for this option.
However, you can use the
Get-SCVirtualMachine cmdlet in
a pipeline to retrieve a particular
virtual machines information.
Demonstration: Operating Virtual Machines

In this demonstration, you will see how to operate a virtual machine.
Demonstration Steps
1.
Sign in to LON-VMM1 as Adatum\Administrator with the password Pa$$w0rd.
2.
On the desktop, on the taskbar, click the VMM console button.
3.
On the Connect To page, click Connect.
4.
In the VMM console, in the lower left workspace, click VMs and Services.
5.
Click the 20409BLON SVR1 virtual machine.
9-7
Note: View the ribbon at the top of the console. Notice how this ribbon provides icons and
text that enable you to manage a virtual machine. Notice how some of the icons on the ribbon
are grayed out or dimmed. This is because this particular virtual machine is turned off, and
therefore these functions will not work.
6.
On the ribbon, click Power On. Wait for the virtual machine to turn on, and then start up.
Note: View the various icons and their functionality, including the Power Off, Connect or
View, Manage Checkpoints, Properties, and Delete icons. Explore the other icons as time
permits.
7.
Shut down the virtual machine, and review the Create icon.
Note: View the Home tab, and notice how you can create a new virtual machine with it.
Overview of Virtual Machine Properties

Each virtual machine that VMM manages has a set
of properties that determine the various attributes
and configuration settings of the virtual machine.
By editing these properties, you can modify the
virtual machines hardware configuration, and
define the virtual machines owner, cost, and other
attributes and settings.
You can access the virtual machine properties,

in the VMM console, by clicking the Virtual
Machine tab of the VMs and Services Workspace,
and then clicking the Properties icon on the
ribbon. Alternatively, you can right-click the
virtual machine, and then click Properties. Nodes in the console tree represent various groups of settings,
and contain the virtual machine properties.
The virtual machine properties are present on the following pages:
General. On the General page of the virtual machine properties, you can change the name of the
virtual machine, define the cost-center property to track resources that the virtual machine allocates,
and optionally define the virtual machine tag that you can use for filtering inside the Virtual Machine
Manager Administrator Console. On the General page, you can also configure or modify the
operating system that is installed inside the virtual machine, associate the virtual machine with a
defined cloud, and view information about dates and times when the virtual machine was added,
modified, or refreshed.
Status. On the Status page, you can view the status of your virtual machine. You can also view
refresher and deployment information, whether there have been any errors, and if the machine is
running or stopped. If there are errors, you have the option to copy them.
Hardware Configuration. On this page, you can configure hardware settings for virtual machines. You
can configure most of the hardware components of a virtual machine only when the virtual machine
is in the stopped state. However, you can modify the Network Adapter configuration when the virtual
machine is running.
Hardware configuration is divided into several nodes, each of which has a set of the following
configurable items:
o
Cloud Compatibility Profile: You can select the VMware ESX Server, Hyper-V and/or Citrix
XenServer profile.
General:
You can define the number of processors, and even allow migration to a virtual machine host
with a different processor version.
You can also define the floppy drives, the COM port configuration, amount of random access
memory (RAM), the Video Adapter, including the Microsoft RemoteFX 3D video adapter, and
the maximum number of monitors.
Bus Configuration:
You can configure hard drives and CD/DVD drives, including integrated drive electronics
(IDE) and small computer system interface (SCSI).
Network Adapters:
9-9
You can define network adapters and their configuration. There is a new option that you can
use to connect to Fibre Channel ports in existing storage arrays via a Fibre Channel Adapter.
You can therefore use your existing Fibre Channel infrastructure to support virtualized
workloads. Support for Fibre Channel in Hyper-V virtual machines provides many features,
such as virtual storage area networks (SAN), live migration, and Multipath IO (MPIO).
Advanced:
You can configure Integration Services to allow operating system shutdown, time
synchronization, data exchange, heartbeat, and backup by using the Volume Shadow Copy
Service (VSS).
You can use availability to configure a virtual machine as highly available. Note that this
requires that you have host clustering configured.
You can use CPU Priority to control which virtual machines get first access to CPU resources
when there is contention. A virtual machine with low priority will not be allocated as much
processing power as a virtual machine with normal priority.
You can use virtual non-uniform memory access (NUMA), a memory-access optimization
method that prevents memory-bandwidth bottlenecks in servers with multiple physical CPUs.
You can use memory weight to ensure that when memory usage on a host is high, virtual
machines with a higher priority are allocated memory resources over those with a lower
priority.
Note: You also can use these settings from hardware profiles that are precreated and
stored in the Library.
Checkpoints. Use the Checkpoints page to manage virtual machine checkpoints. You can create new
checkpoints, remove existing checkpoints, or restore a virtual machine to a specific checkpoint state.
(The next topic in this lesson details checkpoints.)
Custom Properties. Use the Custom Properties page in the Virtual Machine Properties to assign as
many as 10 custom fields to a virtual machine. Use the custom fields to identify, track, and sort virtual
machines by any property, including department, geographic area, or function.
Settings. Use the Settings page to configure quota points for self-service. You can use the VMM selfservice feature to restrict the resource utilization of users by assigning a quota limit. VMM uses the
quota points that you define for a virtual machine to calculate how much of the quota it can use
when a user starts the virtual machine.
Actions. On the Actions page, you can choose to specify which actions to perform on the virtual
machine when Hyper-V on the host starts and stops, which usually happens when rebooting the host
machine. You can choose for the virtual machine to start with the host, or require it to start manually
after the host is running. You also can choose what action the virtual machine will perform when the
physical server shuts down, and whether to disable Performance and Resource Optimization (PRO) for
the virtual machine.
Note: PRO has the ability to implement changes automatically, such as migrating virtual
machines between hosts for load balancing. When you enable the option to Exclude virtual
machine from optimization actions host-level for a virtual machine, any PRO actions that initiate
automatically will not affect the virtual machine. PRO is available when you integrate VMM with
System Center 2012 R2 Operations Manager.
Servicing Windows. On the Servicing Windows page, you can manage servicing windows by applying
them to the virtual machine. Servicing windows indicate when you can take down the virtual machine
for servicing, such as for applying updates. You must first create servicing windows before you can
assign them in the virtual machines Properties window.
Dependencies. On the Dependencies page, you will see the dependencies that are assigned to virtual
machines. Dependencies are resources that are necessary for the virtual machine to operate. These
resources can be as virtual hard disk drives, ISO files, and other items.
Validation Errors. The Validation Errors page lists errors that might occur in your configuration (for
example, removing a dependency), which will make it impossible for the virtual machine to start.
Access. On the Access page, you can select selfservice owners, if they exist, and share the self-service
user roles.
Storage. On the Storage page, you can add and remove created disk and Fibre Channel array
resources. Before doing this, you must first define those resources, or they will appear grayed out.
What Is a Virtual Machine Checkpoint?
By creating checkpoints for a virtual machine,

you can restore the virtual machine to a previous
point in time. You often use checkpoints in patch
testing, so that you can restore a virtual machine
if an update fails or adversely affects the virtual
machine. Another typical use for checkpoints is
to create a temporary backup before you update
an operating system or an application, or make
a configuration change on a virtual machine. In
previous versions of Hyper-V, checkpoints were
called snapshots. In System Center 2008 Virtual
Machine Manager and newer Virtual Machine
Manager versions, snapshots are called checkpoints. In Windows Server 2012 R2, Hyper-V also uses the
term checkpoint.
9-11
You learned in previous modules that virtual machines consist of files. When you create a checkpoint,
those files are disconnected from the virtual machine, and are used as base disks for newly created delta
disks (.avhd files). When you delete a checkpoint, this process is reversed. When you apply a checkpoint,
the .vhd and .avhd files are merged. For virtual machines on Hyper-V and VMware ESX server hosts, a
checkpoint also saves the hardware configuration information.
For virtual machines on Hyper-V and VMware ESX server hosts, checkpoints also are useful in a test
environment when you want to use multiple hardware configurations on a virtual machine.
You can create checkpoints by using the VMM console or by using the Windows PowerShell cmdlet NewSCVMCheckpoint. You can create checkpoints when the virtual machine is running or when it is stopped.
You can export checkpoints together with the virtual machine, and move them to another host.
Note: Be very careful when using checkpoints in a production environment. Reverting a
client workstation or file server to a previous checkpoint will most likely not cause any problems.
However, reverting a Microsoft SQL Server or a Microsoft Exchange Server to a previous
checkpoint can cause problems that might be very hard, if not impossible, to resolve.
Note: You can create checkpoints only for a virtual machine that is deployed on a virtual
machine host. You cannot create checkpoints for a virtual machine that is stored in the Virtual
When you create a checkpoint for a virtual machine, Hyper-V and VMM perform the following steps:
1.
Pause the virtual machine.
2.
Create a new differencing disk for each virtual hard disk, and then configure the virtual machine to
use the new differencing disk (or disks), using an .avhd or .avhdx extension.
3.
Create a copy of the virtual machines configuration file.
4.
Start the virtual machine.
These steps happen so quickly that it is nearly imperceptible that the virtual machine ever paused.
When the virtual machine is running, the contents of the virtual machines memory are saved to the disk.
While this is happening, VMM monitors the memory activity of the virtual machine. If the guest operating
system attempts to modify memory that has not been copied, VMM intercepts the changes until the
original the memory contents are copied. After the original memory contents are copied, VMM applies all
pending changes.
After the checkpoint is complete, the virtual machine configuration file, virtual machine saved state files,
and the snapshot differencing disks (.avhds) are stored in a folder under the checkpoint directory of
the virtual machine. VMM then treats the checkpoint as a read-only point-in-time image of a virtual
machine, while all writing operations go to the .avhd file. You can change virtual machine settings after
applying a checkpoint. However, you cannot change the virtual machine settings of the checkpoint itself.
Checkpoints have different content, depending on the state of the virtual machine when VMM takes
the checkpoint. For checkpoints that you create when the virtual machine is running, the checkpoint
contains the state of the hard disks and the data in memory. On the Checkpoints page in the virtual
machines properties, (or by going to the Manage Checkpoints icon on the ribbon), you can see that the
checkpoints icon has a small, green triangle (known as the Play button). For checkpoints that you create
when the virtual machine is stopped, the checkpoint contains the state of the hard disks only. On the
Checkpoints page, for this type of checkpoint, the icon has a small, red square (known as the Stop button).
Note: In VMM, you can create a maximum of 64 checkpoints per virtual machine. Each
time you create a checkpoint, it creates additional differencing disk files, which results in the use
of additional disk space. Having multiple disks can reduce performance, because the running
virtual machine reads data from the multiple files scattered on the physical disk. Additionally, an
increase in disk space usage can increase the time it takes to migrate a virtual machine between
hosts.
Demonstration: Creating and Managing Checkpoints

In this demonstration, you will see how to create and manage checkpoints.
Demonstration Steps
1.
2.
Open the VMM console and go to the VMs and Services workspace.
3.
Start the 20409B LONSVR1 virtual machine.
4.
Using the ribbon, create a checkpoint, with the description Demonstration of a running systems
checkpoint.
5.
Click the 20409B LONSVR2 virtual machine, without starting it.
6.
Using the ribbon, create a checkpoint, with the description Demonstration of a stopped systems
checkpoint.
Note: On the ribbons Manage Checkpoints icon for each virtual machine, view the
difference between the running and stopped checkpoints. Note that the running checkpoint has
a green triangle and the stopped checkpoint has a red square.
7.
Close the VMM console and sign out of LONVMM1.
Lesson 2
Creating, Cloning, and Converting Virtual Machines
9-13
When you add a Hyper-V host to VMM, any virtual machine on that host becomes manageable on
VMM through the VMM console. However, there may be times when you wish to create a virtual machine,
either from the beginning, or based on certain configurations and properties, such as by using templates,
or by cloning existing virtual machines. When you have multiple physical hosts, you may find that some of
these hosts have less performance power or are running more virtual machines than other physical hosts.
Where you deploy virtual machines during their creation can cause your environment to have issues.
Placement of virtual machines on the various physical hosts is an important aspect of the management of
VMM. Intelligent placement guidelines will recommend the best host for initial placement of virtual
machines.
In addition to creating virtual machines, you can make a copy or clone of a virtual machine. You can also
convert a physical computer into a Hyper-V virtual machine, even if that virtual machine was created in
another virtualization platform.
Lesson Objectives
Describe the creation of virtual machines in VMM.
Describe virtual machine placement configuration in VMM.
Create and deploy a new virtual machine.
Describe virtual machine cloning.
Explain considerations for virtual machine cloning.
Perform virtual machine cloning.
Describe the conversion of a physical machine.
Describe the conversion of a virtual machine.
Describe virtual machine converter.
Creating Virtual Machines in VMM

The advantage of using a virtualized environment
that you manage by using VMM, is the flexibility
that it provides you when creating and deploying
new virtual machines quickly. By using VMM, you
can manually create a new virtual machine with
new configuration settings, and a new hard disk.
You can then deploy the new virtual machine
from one of the following sources:
An existing .vhd or .vhdx file (blank or

preconfigured)
A virtual machine template
A service template
A virtual machine template is a library resource consisting of a guest operating system profile, a hardware
profile, and one or more virtual hard disk (.vhd) files, which you can then use to create a new virtual
machine.
Creating Virtual Machines
You can create new virtual machines either by converting an existing physical machine, cloning an
existing virtual machine, or by utilizing a blank virtual disk or a preconfigured virtual disk that contains a
Sysprepped operating system. VMM provides the following four blank .vhd and .vhdx templates that you
can use to create new disks:
.vhd Blank Disk-Small
.vhd Blank Disk-Large
.vhdx Blank Disk-Small
.vhdx Blank Disk-Large
You can also use a blank virtual hard disk when you want to use an operating system with a Pre-Boot
Execution Environment (PXE). Alternatively, you can mount an .iso image on a virtual DVD-ROM, and then
install an operating system on the empty drive. This is an effective way to build a virtual machines source
image, which you can then use as a future template. To install the operating system on such a virtual
machine, you can use an .iso image file from the library or from local disk, and then map a physical drive
from the host machine, or initiate the guest operating system setup through a network service boot. You
also can choose existing .vhd files when deploying any operating system from which VMM cannot create
a template, such as an operating system that is not based on a Windows operating system.
When you create a new virtual machine using an existing .vhd or .vhdx template, you are essentially
creating a new virtual machine configuration that is associated with the file. VMM will create a copy of
the source file so that you do not have to move or modify the original file. In this scenario, you must use
Sysprep to prepare the operating system for duplication.
Deploying from a Template
When you deploy a virtual machine from a template, it creates a new virtual machine based on a template
from the VMM library. The template is a library resource, which links to a virtual hard drive that has a
generalized (Sysprepped) operating system, hardware settings, and guest operating system settings. You
can use the guest operating system settings to configure operating system settings, such as computer
name, local administrator password, and domain membership. You can also use guest operating system
profiles to preconfigure the roles and features that you will deploy for Windows Server 2008 R2 and
newer Windows Server operating systems.
The deployment process does not affect the actual template, which you can reuse multiple times. The
following requirements apply if you want to deploy a new virtual machine from a template:
You must first install a supported operating system on the virtual hard disk used with the template.
For customized templates, you must prepare the operating system on the virtual hard disk by
removing computer identity information. For Windows Server operating systems, you can prepare the
virtual hard disk by using Sysprep.exe. For Linux operating systems, you can use non-Microsoft tools
that will do the same task.
Deploying Virtual Machines to and from the VMM Library
9-15
During the virtual machine deployment process, when selecting your destination, you can deploy the
virtual machine to a VMM library. Conversely, if you deploy a virtual machine from the VMM library, you
remove the virtual machine from the library and deploy it on the selected host. When using this method,
you must provide the following details in the Create Virtual Machine Wizard:
The host for deployment. The Create Virtual Machine Wizard provides a list of potential hosts and
their ratings.
The path of the virtual machine files on the host.
The virtual networks used for the virtual machine. You can see a list of existing virtual networks on the
host, from which you can choose.
Configuring Virtual Machine Placement in VMM

Virtual machine placement in VMM evaluates host
capacity, and then suggests the most appropriate
virtualization host for deployment. The most
recent version of VMM extends this capability with
more than 100 virtual machine placement checks,
and adds support for custom placement rules.
When you deploy a new virtual machine or

migrate an existing machine, the evaluation that
occurs and the subsequent selection of the most
suitable host for the virtual machine is known
virtual machine placement (or placement). VMM
automatically deploys a virtual machine on the
most suitable host in a host group, and the most suitable volume on a host, based on the volumes
available space. This process is known as automatic placement, and it occurs in the following situations:
When you click and drag a virtual machine onto a host or a host group in the Virtual Machines view.
When you create a new virtual machine either directly, or by using a clone or convert process.
When self-service users deploy virtual machines that they create by using the VMM Self-Service
Portal.
During automatic placement, VMM moves the virtual machine files to the most suitable host for a host
group, and to the most suitable volume on the selected host based on the volumes available space. The
host ratings appear as five stars that are either gray or yellow, indicating their favorability compared to
other hosts. For example, a volume with five yellow stars indicates the highest rating, and a volume with
zero yellow stars (five gray stars) indicates the lowest rating.
Note: You must configure a default virtual machine path on the volume that VMM selects
during automatic placement, or the virtual machine placement will fail.
You can also perform placement manually. In this scenario, during the virtual machine deployment
process, you would manually select a host for the virtual machine. This method is helpful when you want
to use some hosts only for performing maintenance tasks, such as creating and updating virtual machines.
To ensure that VMM does not rate these hosts at zero yellow stars, when you deploy or migrate a virtual
machine, you can remove the hosts from placement.
Intelligent Placement
VMM includes an intelligent placement capability, through which it makes recommendations on where to
run each virtual machine. You can use this feature to move a virtual machine dynamically from one host
to another. For example, you might want to use this feature if host resources are overcommitted.
The intelligent placement decisions depend on VMMs knowledge of the virtual machine host, and its
current load from running virtual machine guests. VMM receives that knowledge from performance data
that the VMM agent collects on the virtual machine host. The VMM agent sends this data to the VMM
server every nine minutes, and the VMM server then stores the data in the VMM database.
Note: When choosing which virtual machine to move to another host, intelligent
placement does not take into account applications that are running inside a virtual machine.
VMMManaged Virtual Machine Placement
Placement rules that you define on a host group level help you to manage virtual machine placement
on specific hosts that are inside a host group. In general, VMM always tries to recommend the most
appropriate host for virtual machine placement by calculating host rating. However, by specifying custom
placement rules, you can define your own rules for placement or placement blocking.
When you deploy a virtual machine and select to deploy it to a host or private cloud, you can also
configure the Expected Utilization settings, which can further refine host ratings based on anticipated
resource utilization. With these settings, you can adjust the following attributes:
CPU percentage expected utilization.
Disk, physical disk space, and expected disk I/O per second.
Network, expected utilization in megabits per second (Mbps).
Custom Placement Rules
Custom placement rules depend on host and virtual machine custom properties. On each host, you can
define values for 10 predefined custom properties. You can also define your own new custom properties
and their values. Similarly, you can define custom properties for each virtual machine.
By defining custom placement rules on a host group level, you can define a rule that uses a custom
property as a condition for allowing or blocking virtual machine deployment on a host in that host group.
For example, you can define a rule specifying that a specific custom property value must match on both
the host and the virtual machine, or the virtual machine will be unable to deploy.
Demonstration: Creating and Deploying New Virtual Machines

In this demonstration, you will see how to create a new virtual machine and then deploy it on a host.
Demonstration Steps
1.
2.
Open the VMM console, and browse to the VMs and Services workspace.
3.
On the Home tab, click the Create Virtual Machine drop-down list box, and then click Create
Virtual Machine.
Note: In the Create Virtual Machine Wizard, observe all of the configurable options.
4.
Name the virtual machine Win2012test, with the description Test of create virtual machine
functionality.
5.
Deploy the virtual machine on the LON-HOST2 host computer.

Note: View how VMM rates the physical hosts.
9-17
6.
At the end of the wizard, save the configuration in a Windows PowerShell script with the name
CreateDemoVM.ps1.
7.
Once the virtual machine is created, in the console tree of the VMM console, click the LON-HOST2
host computer.
8.
Verify that the virtual machine Win2012test has been created and displays here.
9.
What Is Virtual Machine Cloning?
You can create a virtual machine by performing

a cloning operation. During a cloning operation,
you make an exact copy (or clone) of the existing
virtual machine, and then either deploy it on a
host, or store it in a library. Cloning is a process
that you can use to create new virtual machines
based on existing machines, and to create
backups of existing virtual machines. When you
clone an existing virtual machine, VMM creates
a copy of its virtual hard disks and associated
configuration files, and then stores it in a library
or on a host. You may then deploy the existing
virtual machine on a host, or store it in a library. During the cloning process, no modifications occur to the
existing virtual machine.
Note: VMM contains a new feature called Live Cloning. You can use Live Cloning to clone
virtual machines without having to stop the original virtual machine. This can significantly reduce
downtime while creating virtual machines.
When you are cloning a virtual machine, you use the New Virtual Machine wizard to specify the following
settings:
Virtual machine identity. You use this setting to specify a name for the virtual machine, but note that
this name does not have to match the computer name of the clone. You must also specify an owner,
who must have a domain account in Active Directory Domain Services (AD DS).
Configure Hardware. You use this setting to modify the hardware configuration of the clone. Here
you also can select most of the hardware configurable options available to new virtual machines.
Select Destination. Use this setting to specify whether to store the clone on a host or on a library
server.
Select Virtual Machine Host. Use this setting to view the rating system of VMM to find the most
suitable host on which to deploy the virtual machine clone.
Select Path. Here you can select the path of the folder on the host that will store the virtual machine
files. You can also specify a library server here.
Additional Properties. Use this setting to select the behavior of the virtual machine when the host
machine stops or starts.
Summary. Use this setting to review your configuration settings. You can also create a Windows
PowerShell script of cmdlets for all of your configuration settings.
When you create a clone of a virtual machine, the operating system is not generalized. This means that
you cannot have a cloned virtual machine running at the same time as the original virtual machine, unless
you first change the virtual network to which it is connected. However, you may clone a virtual machine
for use in a test environment. In addition, you may clone a virtual machine, use Sysprep.exe to generalize
the virtual machine at a later time, and then use the virtual machine to deploy additional virtual machines.
Remember that a cloned virtual machine is identical to the virtual machine on which it is based. This
includes its identity in the domain, its security identifier (SID), and even the media access control (MAC)
address if it is assigned statically on the original virtual machine. This can cause identity problems in Active
Directory products, in Domain Name System (DNS), and on the same network subnet.
Considerations for Virtual Machine Cloning

When you clone virtual machines, keep in mind
the following considerations and limitations:
You cannot make changes to the operating

system settings, but you can make changes
to the hardware profile.
You can clone a virtual machine that is stored

in the library, a virtual machine that is
deployed already.
The cloned virtual machine has the same

computer name (which is assigned to the
guest operating system), as the source virtual
machine. However, if you deploy the cloned virtual machine on the same host as the original virtual
machine, VMM assigns it a different virtual machine name.
Consider running Sysprep on the cloned virtual machine to eliminate domain name and SID
duplication of the original virtual machine.
When you clone a virtual machine, its virtual hard disks and all of its configuration files are copied.
Because VMM does not verify whether you have enough disk space for these files, prior to cloning
you should ensure that you do. Because virtual hard disks and configuration files can get quite large,
be aware of their size before you begin.
Some virtual machines can have elaborate hardware configurations. If you are cloning these types of
virtual machines, be aware of their hardware configuration requirements.
If you are using VMM, you can now clone a virtual machine that is running. However, all previous
versions of VMM (including System Center 2012 - VMM and System Center 2012 SP1 VMM) will
require that you stop the original virtual machine prior to cloning.
Demonstration: Performing Virtual Machine Cloning

In this demonstration, you will see how to clone a virtual machine.
Demonstration Steps
9-19
1.
2.
Open the VMM console, browse to the VMs and Services workspace, and then click LON-HOST1.
3.
Create a clone of virtual machine 20409B-LON-SVR2, with the description Clone of the LON-SVR2
virtual machine.
4.
Use the defaults for all remaining pages in the Create Virtual Machine Wizard, but notice the various
configurable options.
Note: VMM takes several minutes to create the cloned virtual machine. During this time, a
Jobs window will open. Discuss steps that an administrator would take to ensure the cloned
virtual machine was unique before starting.
5.
When the job completes, return to the VMs and Services workspace, and then click LON-HOST2.
Note that now a virtual machine named 20409B-LON-SVR2 displays. This is the clone.
6.
Delete the cloned virtual machine.
7.
Converting a Physical Machine

VMM no longer supports conversions of
operating systems running on physical hardware
to operating systems running with virtual
machines (otherwise known as P2V conversions).
You can use other products outside of System
Center 2012 R2 for this purpose:
You can use the free Sysinternals Disk2vhd

tool, which can make an online copy by using
the Volume Snapshot feature in Windows
Server operating systems.
Note: The version number of this software

will change over time.
Disk2vhd
You can use other non-Microsoft tools, and backup and mirroring technologies to migrate P2V. Some
of these technologies are created specifically for this purpose, while others may not be designed with
this in mind. Many backup technologies offer a bare-metal recovery agent or tool, which fully restore
a server to non-identical hardware, including a virtual machine.
For those with large data centers that still have older physical machines that require P2V conversion,
it is possible to create a virtualized environment with System Center 2012 with Service Pack 1 (SP1)
VMM. This environment will require an AD DS infrastructure and SQL Server, both of which can also
be virtualized. Microsoft has provided a blog posting on their TechNet website referencing this
procedure.
How to perform a P2V in a SCVMM 2012 R2 environment
What Is the Microsoft Virtual Machine Converter Solution Accelerator?
The Microsoft Virtual Machine Converter Solution

Accelerator is a free, stand-alone solution for
converting virtual machines and virtual disks that
are VMware-based to virtual machines and virtual
hard disks that are Hyper-V-based. This includes
conversion from VMware to Hyper-V on Windows
Server 2012. Because Microsoft Virtual Machine
Converter Solution Accelerator has a fully
scriptable command-line interface, it integrates
particularly well with data center automation
workflows such as those authored and run within
System Center 2012 R2 Orchestrator. Microsoft
Virtual Machine Converter Solution Accelerator is supported by Microsoft, easy to install, and you can also
use it through Windows PowerShell.
Microsoft Virtual Machine Converter Solution Accelerator simplifies low-cost, point-and-click migration of
certain guest operating systems from VMware to Hyper-V. These guest operating systems are:
Windows 7
Windows Vista
Windows Server 2008
Windows Server 2003 R2 with Service Pack 2 (SP2)
Windows Server 2003 with SP2

The Microsoft Virtual Machine Converter
Benefits of Microsoft Virtual Machine Converter Solution Accelerator
The Microsoft Virtual Machine Converter Solution Accelerator converts virtual machines that are VMwarehosted. It transfers the entire configuration (including memory and virtual processor) from the initial
source, while adding virtual network interface cards (NICs) to the deployed virtual machine on Hyper-V.
You can perform a clean migration to Hyper-V by uninstalling the VMware tools on the source virtual
machine.
The Microsoft Virtual Machine Converter Solution Accelerator has a wizard-driven GUI. It also has a
fully scriptable command-line interface that you can use in Windows PowerShell. The Microsoft Virtual
Machine Converter Solution Accelerator also integrates with Orchestrator workflows. It supports the
conversion of virtual machines from VMware vSphere 4.1 and VMware vSphere 5.0 hosts to Hyper-V.
This includes virtual machines that are hosted on a vSphere cluster.
Note: The Microsoft Virtual Machine Converter Solution Accelerator supports conversion of
virtual machines from VMware vSphere 4.0, if vCenter 4.1 or vCenter 5.0 are managing the host.
To convert virtual machines on vSphere 4.0, you must connect to vCenter 4.1 or vCenter 5.0
through the Microsoft Virtual Machine Converter Solution Accelerator.
9-21
Lesson 3
Overview of Virtual Machine Updating
Keeping virtual machines up-to-date is as important as keeping physical hosts current. In many scenarios,
you can update virtual machines by using the same technologies as you would for physical hosts, such as
System Center 2012 R2 Configuration Manager or Windows Server Update Service (WSUS).
However, in some scenarios, you turn off your virtual machines for extended periods, such as when they
are stored in the VMM library. During these times, you cannot update these machines using regular
methods. In some cases, you can use Virtual Machine Servicing Tool 2012 to keep your offline virtual
machines current with the latest updates and patches.
Note: Virtual Machine Servicing Tool 2012 works with System Center 2012 Virtual
Machine Manager, but has not yet been provisioned for System Center 2012 SP1 Virtual Machine
Manager or System Center 2012 R2 Virtual Machine Manager.
Lesson Objectives
Describe methods for maintaining software updates.
Explain how to prepare virtual machines.
Methods for Maintaining Software Updates

When physical servers and virtual machines
are running, you can use various methods and
software to provide them with operating
system and application updates. Based on an
organizations size, available resources, needs,
and complexity, you can choose between several
methods and technologies for this purpose.
WSUS
The most common way to keep computers
up-to-date is to use WSUS. The most recent
version is WSUS 3.0 SP2. This version is a role
in the following operating systems:
Windows Server 2008
Windows Server 2012
You install WSUS through Server Manager. For earlier versions of Windows Server, you must download
WSUS and install it separately. Many organizations choose WSUS as their update management solution,
because it is free, and it is easy to use and manage. WSUS also supports many Windows operating systems
and Microsoft applications.
WSUS is a free product that is helpful in providing IT environments with an efficient and centralized
update infrastructure. The main purpose of WSUS is that IT administrators can use it to deploy the latest
9-23
Microsoft product updates to computers running Windows operating systems. Administrators can also use
WSUS to manage the distribution of Microsoft Update releases to computers on their network.
The WSUS infrastructure consists of three components:
WSUS server
WSUS Administration console
Automatic Update client
Administrators can use the WSUS server component to manage and distribute updates through the
WSUS 3.0 Administrator console. You can install this console on any Windows computer in a domain.
Additionally, a WSUS server can be the update source for other WSUS servers within the organization.
At least one WSUS server in the network must connect to Microsoft Update to get available update
information. The administrator can determine, based on network security and configuration, whether
other servers should connect directly to Microsoft Update.
Note: Automatic Updates enables both server and client computers to receive updates
from Microsoft Update or from a WSUS server.
Configuration Manager
For more complex and demanding environments in which you need to use a single software solution to
update and deploy client and server computers, you can use System Center 2012 Configuration Manager.
Configuration Manager provides a comprehensive solution for change and configuration management for
the Microsoft platform. You can use Configuration Manager to perform tasks such as:
Deploying operating systems.
Deploying software applications.
Deploying software updates, including custom updates.
Metering software usage.
Assessing variations from desired configurations.
Taking hardware and software inventory.
Administering computers remotely.
Configuration Manager collects information in a SQL Server database, in which queries and reports
consolidate information throughout the organization. Configuration Manager can manage a wide range
of Windows operating systems, including client platforms, server platforms, and mobile devices.
Software update deployments in Configuration Manager are helpful in deploying software updates to
Configuration Manager client computers, and for distributing compatible software updates. You can use
the Deploy Software Updates Wizard in Configuration Manager to create or modify a software update
deployment, which deploys software updates to clients in the target collection. You can initiate the
Deploy Software Updates Wizard in different ways, and select the software updates from several different
locations. When you create or modify a software update deployment, clients receive the deployment
policy on their next machine policy cycle, and the updates are available for installation any time after the
configured start time.
The Configuration Manager solution is much more complex than the use of WSUS. Configuration
Manager requires thorough planning before you can deploy to sites, and use its numerous features.
Configuration Manager has the potential to affect every computer in an organization. However, if you
deploy and manage Configuration Manager with careful planning and consideration of your business
needs, it can reduce administrative overhead and total ownership cost.
Overview of Virtual Machine Preparation

Virtual Machine Servicing Tool 2012 works with
fully functional virtual machines that are capable
of running as soon as you deploy them from the
library, or stop them on a virtualization host. For
each virtual machine, ensure that you:
Enable the DHCP client service.
Install VMM Virtual Guest Services.
Enable Windows Firewall, with the following

exceptions:
File and Printer Sharing
Windows Management Instrumentation (WMI)
Remote Administration
Incoming Echo Request for Internet Control Message Protocol (ICMP) v4 and v6
Configure offline virtual machines to replace existing virtual or physical servers in case of failure.
These offline virtual machines, sometimes referred to as hot spares, require extra preparation to
update with the Virtual Machine Servicing Tool. Each hot spare virtual machine requires two network
adapters:
o
Configure network adapter 1 to use a dynamic IP address and a static MAC address, and connect
this adapter to an isolated virtual local area network (VLAN). The servicing job uses this adapter.
Verify that the physical server that corresponds to the hot spare virtual machine cannot connect
to this network.
Configure network adapter 2. The hot spare uses this adapter during its normal operation as a
replacement server.
Best Practice: To be compatible with DHCP, virtual machines must use static MAC
addresses.
You must ensure that the host is registering a heartbeat signal for the virtual machine. If the heartbeat
signal is not functioning, and if Windows PowerShell cannot detect the virtual machine, verify that the
local computer name of the virtual machine matches the virtual machines fully qualified domain name
(FQDN).
When you create a servicing job to update a hot spare virtual machine, make sure that the servicing job
uses the isolated VLAN.
Preparing Virtual Machines for Configuration Manager Updates

If you use Configuration Manager to manage updates:
9-25
Ensure that the software update point has downloaded the updates.
Ensure that the updates are packaged for deployment.
Create deployments for the updates that include the deployment deadline. To specify that the
updates should be installed as soon as possible, (which is the next time that the virtual machines
contact the Configuration Manager database), set the deadline to the shortest possible interval, so
that the deadline has passed by the time the servicing jobs begin to run.
The Configuration Manager deployment also must identify the virtual machine collections to which
the updates apply.
Preparing Virtual Machines for WSUS Updates

If you are using WSUS to manage updates, ensure that:
Each virtual machine has a WSUS client agent installed.
Each virtual machine is subject to a domain Group Policy Object (GPO) that identifies the WSUS server
as the intranet update service location.
Lab: Creating and Managing Virtual Machines by Using

Scenario
A. Datum Corporation has implemented a Hyper-V virtualization platform in all four subsidiaries, and
has deployed System Center 2012 R2 VMM. They have also added servers, and networking and storage
devices to the VMM infrastructure, configured the VMM library, and created the required library objects.
VMM has discovered all existing virtual machines on the virtualization hosts, and now administrators want
to manage them by using the VMM console. They also want to create new virtual machines by using
virtual machine templates in the VMM library.
Several servers are still running on physical hardware. A. Datum plans to use VMM to convert those
servers to virtual machines.
Objectives
Use VMM to create a virtual machine, and then modify its properties.
Use VMM to clone a virtual machine.
Lab Setup
Virtual machines: 20409B-LON-HOST1, 20409B-LON-DC1, 20409B-LON-VMM1
Password: Pa$$w0rd
1.
2.
seconds.
3.
Click 20409B-LON-VMM1, and then in the Actions pane, click Start, then click Connect. Wait until
the virtual machine starts.
4.

o
Password: Pa$$w0rd
Domain: Adatum
Exercise 1: Creating a Virtual Machine and Modifying Its Properties

Scenario
9-27
In this exercise, you will deploy a virtual machine based on the virtual machine template created in the
previous lab. You will also view and modify virtual machine properties, and create and apply checkpoints.
The main task for this exercise is as follows:
1.
Create a new virtual machine with the VMM console in Microsoft System Center 2012 R2 Virtual
Machine Manager.
Task 1: Create a new virtual machine with the VMM console in Microsoft System
1.
On LON-VMM1, open the Virtual Machine Manager Console.
2.
In the Virtual Machine Manager Console, browse to the VMs and Services workspace.
3.
Click the Home tab, click the Create Virtual Machine drop-down list box, and then click Create
Virtual Machine.
4.
In the Create Virtual Machine Wizard, name the virtual machine Win2012Lab9, with the description
Lab 9 exercise, create virtual machine.
5.
Modify Network Adapter1 to be on the External Network.
6.
Put the virtual machine on the lon-host2.adatum.com host computer. Use the path
E:\Program Files\Microsoft Learning\20409\. (Note that the actual drive letter of the path may
differ on your host machine.)
7.
At the end of the wizard, save the configuration in a Windows PowerShell script with the name
CreateWin2012Lab9.ps1. Accept the defaults on all other pages.
8.
When the virtual machine is created, in the console tree, click LON-HOST2. This will show that the
Win2012Lab9 virtual machine has been created.
9.
Close the Virtual Machine Manager console.
Results: After completing this exercise, you should have created a virtual machine and modified its
properties.
Exercise 2: Cloning a virtual machine

Scenario
In this exercise, you will use VMM to clone a virtual machine. Because of classroom restrictions, you will
use the existing virtual machine as a physical machine. When conversion starts, you will continue with the
next task.
1.
Clone a virtual machine.
2.
Use Sysprep on the clone of LON-SVR2.
Task 1: Clone a virtual machine

1.
On LON-VMM1, open the Virtual Machine Manager Console.
2.
Browse to the VMs and Services workspace, and then click LON-HOST1.
3.
Create a clone of virtual machine 20409B-LON-SVR2, with the description Clone of the LON-SVR2
virtual machine.
4.
Put the new machine on lon-host2.adatum.com. Use the path E:\Program Files\Microsoft
Learning\20409\. (Note the actual drive letter may differ on your host machine.)
5.
After about 10 minutes, the cloned virtual machine will be created.
6.
Verify that the virtual machine was created by confirming that in LON-HOST2, the 20409B-LON-SVR2
virtual machine displays. This is the cloned virtual machine.
Task 2: Use Sysprep on the clone of LON-SVR2

1.
In the VMs and Services console tree, expand All Hosts, expand LocalGroup, and then click
LON-HOST2.
2.
Power on and connect to the cloned 20409B-LON-SVR2 virtual machine.
3.
Sign in as Adatum\Administrator with the password Pa$$w0rd.
4.
Open a Command Prompt window as Administrator, and run

C:\Windows\System32\Sysprep\Syprep.exe with the generalize switch.
5.
After the cloned virtual machine restarts, continue with the steps below.
6.
In the Virtual Machine Viewer window, click the File drop-down list box, and then click Exit.
7.
In the Virtual Machine Manager Console, return to the VMs and Services workspace, and then click
LON-HOST2.
8.
Click 20409B-LON-SVR2 virtual machine, power it off, and then delete it.
9.
Close the Virtual Machine Manager Console.
Results: After completing this exercise, you should have cloned a virtual machine.

Common Issue
Troubleshooting Tip
You cannot deploy a virtual machine to a

host.
You do not receive expected results from

the host rating.
You cannot perform a virtual-to-virtual

machine conversion.
Tools
Microsoft Assessment and Planning Toolkit 8.5. Provides reports regarding virtualization candidates.
Found in: Microsoft Download Center
9-29
WSUS. Provides an efficient and centralized update infrastructure, and deploys the latest Microsoft
product updates to computers running Windows Server and Windows client operating systems.
Found in: Server Manager Role
Virtual Machine Servicing Tool 2012. Use it to service:

o
Offline virtual machines in a VMM library.
Stopped and saved state virtual machines on a host.
Virtual machine templates.
Offline virtual hard disks in a VMM library, by injecting update packages.
Found in: Microsoft Download Center

10-1
Module 10
Configuring and Managing the Microsoft System Center
2012 R2 Virtual Machine Manager Library and Library
Objects
Contents:
Module Overview
10-1
Lesson 1: Overview of the Virtual Machine Manager Library
10-2
Lesson 2: Working with Profiles and Templates
10-9
Lab: Configuring and Managing the Microsoft System Center 2012 R2

10-23
10-27
Module Overview
One of the main components of Microsoft System Center 2012 R2 Virtual Machine Manager (VMM) is the
Virtual Machine Manager library. The Virtual Machine Manager library is a resource catalog that you can
use to build virtual machines. The Virtual Machine Manager library contains templates, operating system
profiles, files that library shares store, and hardware profiles that the Virtual Machine Manager database
stores. The Virtual Machine Manager library catalogs all resources that you use when creating new virtual
machines. Therefore, some organizations might find that it is important for the library to be highly
available.
You also store templates and profiles in the Virtual Machine Manager library. You use virtual machine
templates to create new virtual machines and configure tiers in a service template. VMM profiles contain
configuration settings that you can apply to a new virtual machine template or virtual machine. You can
create, view, and modify profiles and templates in the Virtual Machine Manager library.
In this module, you will learn how to manage the Virtual Machine Manager library and library resources
and how to make the library highly available. You will also learn about the various templates and profiles
that are available to deploy virtual machines with specific features.
Note: Various System Center 2012 versions are available. For this course, the stand-alone
acronym VMM is a reference to the Microsoft System Center 2012 R2 Virtual Machine Manager
version.
Objectives
Describe the Virtual Machine Manager library and library resources.
Manage hardware profiles and virtual machine templates.
Lesson 1
Overview of the Virtual Machine Manager Library
10-2 Configuring and Managing the Microsoft System Center 2012 R2 Virtual Machine Manager Library and Library Objects
The Virtual Machine Manager library is a catalog that provides access to file-based resources necessary for
building virtual machines. These file-based resources can be System Preparation Tool (Sysprep) scripts, .iso
images, and virtual hard disks that your library servers store. From the Virtual Machine Manager library,
you also can manage virtual machine templates, guest operating system profiles, and hardware profiles
that reside in the Virtual Machine Manager database. You also can store virtual machines in the Virtual
Machine Manager library when you are not using them.
One of the key benefits of VMM is the use of Virtual Machine Manager libraries to simplify the creation
of virtual machines. You can use the Virtual Machine Manager library to centralize all necessary resources
in one location. By doing this, when you create a virtual machine, the preconfigured components are
immediately available to you. This makes it easier and faster to create virtual machines compared with
creating them manually each time.
Lesson Objectives
Describe the Virtual Machine Manager library.
Describe the Virtual Machine Manager library resources.
Describe the association of the library server and host groups.
Explain how to work with the Virtual Machine Manager library.
Describe high availability options for the Virtual Machine Manager library.
What Is the Virtual Machine Manager Library?
The Virtual Machine Manager library is a catalog

of resources that you can use to store objects that
are not running or are not associated with a host.
You can then use those resources repeatedly
for building new virtual machines. The library
contains files that are stored on library shares,
templates for services and virtual machines,
application profiles, capability profiles, guest
operating systems, hardware, physical computers,
and Microsoft SQL Server. These are all stored on
the Virtual Machine Manager database. There are
only two places where an object can reside and be
managed in VMM: the object either can be registered to a host or stored in the Virtual Machine Manager
library.
The Virtual Machine Manager library server hosts the library. When you install VMM, the VMM server is
configured as a default library server. The VMM server indexes files that are stored on library shares. You
cannot remove or modify the default library server that is created during the installation process.
However, you can add additional library servers if necessary.
10-3
Each library server can have one or more library shares. A library share is a file share that contains the
resources that you use to build virtual machines. You use the Add Library Share Wizard to map a library
share to a VMM library. When you add a new library share, the Add Library Share Wizard does not create
the share for you. Instead, you must create and configure a file share before adding it as a new library
share.
You can organize content in a library share by creating subfolders. This is similar to creating folders in a
file share. However, the subfolders will not appear in the VMM console if they do not have any content.
You can copy resources such as virtual hard disks and .iso files to a file share by using File Explorer. When
you add new files to a library share, they are not immediately available. The VMM server must refresh the
content before it becomes available. Content refreshes (indexes) once per hour by default. One hour is the
minimum setting possible, but you can trigger a refresh manually.
During a Virtual Machine Manager library refresh, VMM indexes files that are stored on library shares and
then updates the Library view and resource listings. Not all files are indexed, and not all indexed files
display in the Library view.
If any of the library resources are attached to a virtual machine, when VMM indexes the configuration file
for that virtual machine, the resources display as part of the virtual machine rather than as individual
components.
You can create other resources from the VMM console, such as templates and profiles. These resources
are metadata that exist only in the Virtual Machine Manager database, and not in the library share file
system. However, they are visible in the Library view.
Enabling Data Deduplication
Data Deduplication is a new feature of Windows Server 2012 that uses variable chunking, which ranges
in size from 32 kilobytes (KB) to 128 KB. Data Deduplication also uses compression of primary data to
other storage areas from one disk to another. Data Deduplication is for industry standard hardware and
does not need extensive server resources. You can run Data Deduplication on a small server with a single
central processing unit (CPU), 4 gigabytes (GB) of RAM and a Serial ATA (SATA) drive. By placing the
library share on a separate hard drive, you gain the ability to grow the drive to accommodate various
library components. By turning on per volume Data Deduplication, you can realize significant space
savings on moderately used libraries.
For more information on Data Deduplication, refer to:
Introduction to Data Deduplication in Windows Server 2012
Question: What is the primary purpose of the Virtual Machine Manager library?
Virtual Machine Manager Library Resources

A Virtual Machine Manager library contains the
building blocks for creating new virtual machines.
When you have the necessary resources available,
you can deploy a new virtual machine in minutes.
Without library resources, new virtual machine
deployments will be much slower because you
would have to recreate each virtual machine.
The Virtual Machine Manager library can contain
various resources that you can use to create new
virtual machines.
Types of Library Resources

The Virtual Machine Manager library component
can store the following resources:
File-based resources, which include:

o
Answer files
Driver files
Virtual hard disks
Virtual floppy disks
.iso images
Windows PowerShell scripts
Microsoft SQL Server scripts
Microsoft Server Application Virtualization (Server App-V) packages
Microsoft Web Deployment Tool packages
SQL Server data-tier applications (DACs)
You must add these files manually to the library shared folder if you want to use them in VMM.
You can also add custom resources that enable you to store information that normally would not be
indexed into the library for indexing purposes. Only those files associated with a particular Windows
Server operating system version will be discovered. For example, if a library server is running Windows
Server 2008 R2, it will only discover virtual hard disk files with the .vhd extension, but not .vhdx, which
is the file extension that is used in Windows Server 2012. VMM includes support for using Offloaded
Data Transfer .odx files that are stored in the library.
Virtual machine templates and profiles. You can use these resources to create standardized virtual
machines. The Virtual Machine Manager database stores these configurations, but they are not
represented by physical configuration files. The types of available templates include service
deployment configurations, service templates, and virtual machine templates. In addition to the
hardware and guest operating system profiles available in earlier VMM versions, there are several new
types of profiles that you can use for service creation. These include application profiles, capability
profiles, physical computer profiles, and SQL Server profiles.
Equivalent objects. Equivalent objects are user-defined groupings of library resources that VMM
considers equivalent to certain objects. VMM can substitute an equivalent object for a particular
virtual disk on a particular library share when you create a service or a virtual machine. In this case,
you can create templates and profiles that do not depend on particular physical resources, which
10-5
enables you to service resources without affecting the availability of the template or profile. When
you deploy virtual machines and services, VMM only supports virtual disks, .iso files, and custom
resources as equivalent objects.
Cloud libraries. When you create private clouds, VMM adds a private cloud library to the cloud
librarys name for that private cloud. Cloud libraries are made up of read-only library shares that
are assigned to that private cloud, if the administrator specifies the library share.
Self-service user content. Application administrators or users who are assigned to the self-service
user role can upload their own resources to the Virtual Machine Manager library. Resources include
elements such as author templates, virtual hard disks, .iso files, application files, and scripts. Users
then can use these elements when they create templates. If they have appropriate permissions, they
can share these resources with other users in the same or a different application administrator role.
Orphaned resources. An orphaned resource is a Virtual Machine Manager library resource on a

Virtual Machine Manager library server that has been removed. If you have templates that reference
resources that were located in a library share that was removed from the VMM management server,
they will appear here. You can view and then modify that template and point it to reference resources
that are in existing libraries.
Update catalog and baselines. The update catalog stores Windows Server Update Services (WSUS)
update baselines in the VMM libraries. You use the update catalog if you manage updates by using
WSUS and VMM.
Stored virtual machines and services. You can view stored virtual machines in the Virtual Machine
Manager library. However, the files for a virtual machine do not display in the library because you
cannot use the files to create or configure new virtual machines.
Note: You also can store VMware virtual machines, hard disks, floppy disks, and .iso images
in the Virtual Machine Manager library. The Virtual Machine Manager library recognizes the
.vmtx extension for VMware templates. If you import a VMware template, the template appears
under Templates, in the VM Templates node.
Library Server and Host Group Association

A library server is a central repository, or storage
area, of resources that you can use to create
virtual machines. By storing these resources
centrally, you can simplify the process of creating
virtual machines. Additionally, you can provide
security for the resources.
When you install VMM, the VMM server is

configured as a default library server. Additionally,
VMM creates a default library share during the
installation process. You cannot remove or modify
this library share, and the default library server
might be the only library server you ever need.
This typically is the case for small and medium-sized environments. However, you can add more library
servers and library shares, depending on your current business needs and objectives, and scale out as your
virtual environment grows.
Each library server can have multiple library shares. To enhance performance and reduce network traffic
during virtual machine creation, it is important to store the files that you use to create virtual machines
near the hosts that you will use to stage virtual machine creation.
You can associate library servers with specific host groups. For example, you might have a library server
that you dedicate to the resources in a test lab environment. In this case, you will associate the library
server with the host groups that contain the hosts for the lab environment. A library server should have
fast network connectivity to the host group with which you associate it.
A library server must meet the following requirements:
The library server must have Windows Server 2008 R2 Service Pack 1 (SP1) and newer only. For highly
available file servers, the failover cluster must have been created in Windows Server 2008 or Windows
Server 2008 R2.
The library server must be in an Active Directory Domain Services (AD DS) domain that has a two-way
trust relationship with the VMM servers domain.
VMM does not support file servers that you configure with the case-sensitive option for Windows
Services for UNIX in the network file system (NFS). Case sensitivity is set to the Ignore value in NFS.
The Virtual Machine Manager library server role does not have to run any other VMM role. It just needs to
be a file server.
Host Groups
As you add more library servers, you can create host groups to help you organize library servers. VMM
uses library groups in the same manner. As a best practice, align each library server with the host group
that uses the resources on that library server. You use the Library group Properties dialog box to perform
alignment by displaying the host groups tree in the Library group drop-down list box.
When you select an object such as a template, virtual hard disk, or virtual machine to create a new virtual
machine, you can filter the objects by a specific host group name. Then, when you select a host on which
to place the virtual machine, you can filter the available hosts by the aligned host group name.
For example, you might create 25 geographic regions and then assign a host group to each region. If you
are creating a virtual machine for the Pacific Northwest region/host group, you will want to use library
objects from the library server associated with that region. This helps prevent large file copy operations
across long distances. To enable this, you would right-click the library file share and set the host group
equal to Pacific Northwest. Now, when you launch the New Virtual Machine Wizard, you will see that
when you select a library object with which to build a virtual machine, you can scope the objects by host
group to ensure that you use the closest copy of the file that you need.
Demonstration: Working with the Virtual Machine Manager Library
In this demonstration, you will see how to add an additional library server to the VMM infrastructure, and
how you can add resources to the library server.
Demonstration Steps
1.
Sign in to LON-VMM1 as Adatum\Administrator with a password of Pa$$w0rd.
2.
Start the Virtual Machine Manager console.
3.
Verify that LON-VMM1 is listed as a library server.
4.
On LON-HOST1, make a shared folder called Host1Library. Share the folder with the Everyone
group, and assign Read access.
5.
10-7
In the VMM console, add Lon-Host1 as a Library Server. In the Add Library Server Wizard, perform
a.
Sign in as ADATUM\Administrator with the password Pa$$w0rd.
b.
Add Lon-host1 as a library server.
c.
Add Host1Library and add the Default Resources.
6.
After the library server is created, under the Library Servers node, review the new library server
nodes and child nodes.
7.
Observe the properties of the ApplicationFrameworks item Equivalent Resource.
8.
In Host1Library, add a new folder named ISOs.
9.
Observe that the ISOs folder does not show up in the Virtual Machine Manager console until a
resource is added to it.
10. Close all open windows.
Considerations for Highly Available Library Servers
To make your Virtual Machine Manager library

highly available, you can use two approaches.
The simpler solution is to deploy multiple Virtual
Machine Manager library servers with redundant
content. By using that approach, if one server fails,
you will still have library resources available on
another server. However, this solutions biggest
drawback is the synchronization between two or
more library servers. When you add a resource
to one library server, you have to add it to other
library servers manually. Alternatively, you can
use a script with scheduled tasks to automate this
process. Moreover, you use more disk storage for duplicated content. This approach is appropriate if you
do not have significant library resources and these resources do not change frequently.
Another approach is to use failover clustering technology from Windows Server 2008 or Windows Server
2012. You can use this approach to make a file server failover cluster that can provide high availability to
Virtual Machine Manager library resources.
Cluster Configuration
You typically perform much of the procedure for creating the Virtual Machine Manager library cluster in
the Failover Cluster Management Console. Before you begin installing VMM in a failover cluster, ensure
the following:
Add both nodes to a cluster and validate your configuration by using the Validation Wizard in the
Failover Cluster Management Console. This will ensure that no compatibility issues arise during the
cluster configuration.
Create a file server as a cluster service. During configuration, you should specify a client access point
(CAP) name and IP address. You will use this access point to connect to a clustered file server. During
this same procedure, you will configure the cluster disk that you will use as storage for the Virtual
Add a shared folder to the cluster. After you configure a file server as a cluster service, you should add
a shared folder to that service. You will use this folder as a library share that you will add to VMM.
You must assign the shared folder name and define appropriate permissions for accessing the share.
This share should be accessible only to Administrators (who should have full access), and by the VMM
service account (with Read permission only). This step completes the Failover Clustering Management
configuration.
Add a clustered library server. After you create the file server cluster, you should add a new Virtual
Machine Manager library server to the VMM console. When you add a new library server, you should
use the CAP name that you configured during the cluster configuration. Additionally, you will add a
share that you created on the cluster service. The Validation Wizard will discover all of the nodes in
the failover cluster and install a Virtual Machine Manager agent on each node. The highly available
library server will appear as a single library server in Library view, with the node status available in the
properties of the library server.
At the end, you can copy resources that you want to use in the library to a shared folder on the file
server cluster.
When you plan or manage highly available Virtual Machine Manager library servers, you should consider
the following:
VMM does not support using a failover cluster that contains the VMM server as a highly available
library server. Do not create highly available file shares for the Virtual Machine Manager library on the
same cluster as a highly available VMM management server.
VMM does not provide a method for replicating physical files in the Virtual Machine Manager library
or metadata for objects that are stored in the Virtual Machine Manager database. You must replicate
physical files outside of VMM and transfer metadata by using scripts or other means. You can use the
Robocopy file replication command-line tool to replicate Virtual Machine Manager library files. VMM
does not support Distributed File System (DFS) namespaces, formerly known as DFS or DFS
Replication.
In a failover cluster, when the associated file server resource goes offline, all shared folders in that
resource go offline. This means that all shared folders will be affected.
VMM does not refresh cluster node membership after you add a highly available library server. If you
add a node to the cluster after you add a highly available library server to VMM, you must add the
node manually to the library server by using either the Add Library Server Wizard or the Windows
PowerShell Add-LibraryServer cmdlet. The new node will not display in Library view until you add a
library share to that node. To find out which nodes are in a highly available library server, view the
library server properties or use the Windows PowerShell Discover-Cluster cmdlet.
To have high availability for the Virtual Machine Manager library server, you must provide high
availability for the Virtual Machine Manager database, which is part of Virtual Machine Manager
library. Because the Virtual Machine Manager database is based on SQL Server, you can use failover
clustering to provide high availability.
You remove a highly available library server in the same way that you remove a stand-alone library
server. However, removing the highly available file server only removes the cluster name, not the
nodes. The nodes remain because they might support a different highly available file server.
Lesson 2
Working with Profiles and Templates
10-9
Virtual machine templates and associated profiles are important components of rapid virtual machine
deployment. Virtual machine templates are a library resource that consists of hardware and guest
operating system profiles. You can use them to provision new virtual machines quickly. Instead of
configuring various virtual machine and operating system settings each time you deploy a new virtual
machine, you can use preconfigured values from virtual machine templates and profiles. The various
profiles are the Virtual Machine Manager library resources. System Center 2012 VMM adds several new
profiles.
System Center 2012 VMM introduces the concept of services, which includes a new template type: the
service template. The service template includes two new profiles: the application profile and the SQL
Server profile. VMM also includes the physical computer profile, which you can use to model physical
computers and the server roles with which you will deploy them. You can also create capability profiles
in the library to limit the resources that are used by virtual machines that created for deployment in a
private cloud. Capability profiles also are a new profile type in all System Center 2012 versions of VMM.
You can create virtual application packages by using Server App-V. This lesson focuses on managing these
specific types of library resources.
Lesson Objectives
Describe a hardware profile.
Describe a guest operating system profile.
Describe Server App-V.
Describe an application profile.
Describe a SQL Server profile.
Explain how to configure virtual machine templates.
Create and modify a virtual machine template.
Describe capability profiles and physical computer profiles.
Describe the purpose of service templates and service deployment configurations.
Explain how to plan for Virtual Machine Manager profiles and templates.
What Is a Hardware Profile?

In VMM, a hardware profile is a library resource
that contains hardware specifications that you
can apply to a new virtual machine or a virtual
machine template. A hardware profile can contain
the following:
Specifications for cloud compatibility
CPU
Memory
Network and Fibre Channel adapters
Floppy disk drive
Integrated device electronics (IDE)
SCSI and DVD drives
Communications (COM) ports
Memory weight
Virtual non-uniform memory access (NUMA)
The priority given to the virtual machine when allocating resources on a virtual machine host
By using hardware profiles, you can ensure consistent hardware settings in virtual machines. You can
update any existing hardware profile to modify settings for one or more virtual machine hardware
components. After you make changes, any new virtual machines that you create by using that hardware
profile will use the updated hardware configuration settings. Changes do not affect existing virtual
machines that you created earlier by using this profile, nor do they affect settings on a template or virtual
machine into which this profile was previously imported. VMM maintains no association with the
hardware profile after you create a virtual machine or template.
You can create a hardware profile by using the new hardware profile action in Library view, or you can
save a new hardware profile based on the hardware configuration of a virtual machine or a template. You
also can create it while creating a new virtual machine or virtual machine template.
You can create hardware profiles that import a standard hardware configuration into either a template or
a virtual machine. The options are the same whether you update the hardware configuration of a virtual
machine, a hardware profile, or a template. You manage hardware profiles in Library view.
By right-clicking the Hardware Profiles element in the Profiles node of the Library workspace console tree,
you can create a hardware profile by using the new Hardware Profile Wizard. The wizard has two pages.
On the General page, you can enter the name and description of the new hardware profile, and on the
Hardware Profile page, you can select numerous elements to preconfigure the hardware aspects of a
deployable virtual machine.
Question: What is the main benefit of using hardware profiles in VMM?
What Is a Guest Operating System Profile?

In a virtual environment, a guest operating system
runs on a virtual machine and the host operating
system runs on the physical host computer on
which you deploy one or more virtual machines.
In VMM, a guest operating system profile is a
collection of operating system settings that
you can import into a virtual machine template
to provide a consistent operating system
configuration for the virtual machines that you
create from that template. To ensure standard
settings for the operating systems on virtual
machines, you create guest operating system
profiles.
10-11
Guest operating system profiles are Virtual Machine Manager database objects. They are not associated
with any physical files. You configure guest operating system profiles in the Library workspace, and they
display in the Profiles node. You also can view templates by selecting the Templates node in the Library
workspace console tree.
You can create a guest operating system profile by using the New Guest OS Profile Wizard in the Library
workspace, or you can specify guest operating system settings while you create a template. After you
create a template, VMM does not maintain an association between the template and the guest operating
system profile that was used with it. Any changes that you make to the guest operating system profile
only affect new templates that you create after you make changes.
The settings available to a guest operating system profile include the following:
Operating System. Use this setting to specify the operating system of the virtual machine. VMM
provides you with a drop-down list of 37 separate operating system editions, from Windows 2000
Server to Windows Server 2012 R2 Datacenter.
Identity Information. Use this setting to add the computer name. You can provide a pattern for the
computer name here. For example, consider a scenario where you create a profile to deploy different
virtual machines that run Server Core for Windows Server 2012. You could type W2012-Core## and
then use this as a template where the first server would be named W2012-Core01, the second
W2012-Core02, and so on. You can also let VMM assign a random name of numbers and letters by
typing an asterisk in the Computer Name text box.
Admin Password. This setting offers you three choices. You can select No local administrator
credential required, Provide the specific password of the local administrator account, or you can use
the Run As account for the local administrator account.
Product Key. You can use this setting to specify the product key to use for the virtual machine. If you
use a multiple activation key (MAK) take note of the number of virtual machines that you create with
this key to avoid running out. If you use a Key Management Services (KMS) key or AD DS key server,
ensure that you set up the infrastructure to support it.
Time Zone. This setting provides a drop-down list to select a specific time zone.
Roles. You can use this setting to select various server roles that are available in Windows
Server 2008 R2 and newer operating systems. The roles are listed alphabetically, and the various
role services that are available to that role are listed directly underneath and tabbed to the right.
Features. Like the Roles option above, you can select from the features that are available with
Windows Server 2008 R2 and newer operating systems. If a feature has subordinate elements, these
are included underneath the feature name and tabbed to the right.
Domain/Workgroup. By default, the New Guest OS Profile Wizard selects a workgroup named
Workgroup. However, you can choose to supply a fully qualified domain name (FQDN). If you do,
you must supply the credentials of a user who is allowed to join a computer to a domain, or you can
select the Run As account credentials.
Answer File. You use the answer file to set additional settings. You can attach a Sysprep.inf file for
Windows Server 2003 and earlier operating systems, or a Unattend.xml file for Windows Vista and
newer operating systems. The answer file must be stored on the library share.
GUIRunOnce Commands. You can use this setting to run a command automatically the first time
a user logs on. Normally, these commands would be command-line commands, executables, and
scripts. You can add as many commands as you deem necessary.
The New Guest OS Profile Wizard also includes a Dependencies page, which is empty by default, and an
Access page, where you can share the profile with any self-service users or roles that you specify here.
Question: What is the purpose of using guest operating system profiles?
What Is Server App-V?

By virtualizing an application with Server App-V,
you can capture the information that is required
to install the application, such as the applications
binary files and registry settings. Server App-V
also retains the runtime state of the deployed
application, which includes registry settings, log
files, and other data that the application stores.
This runtime state persists on the disk until you
remove the application from the server.
The application runtime state includes the data
that is captured while the deployed application is
running. This data can include log files, collected
data, and settings that are modified for a specific application deployment.
Server App-V uses the Microsoft Server App-V Sequencer to perform a sequencing operation that
captures an applications settings and configuration prior to deployment. After sequencing, this
information, along with the runtime state information, enables you to back up a deployed Server App-V
application. You can capture the initial settings and the entire runtime state of the application. You then
can deploy this capture to another server with the applications last runtime state intact. The Server App-V
Sequencer stores all of this information into a Server App-V package. You store the package in the Virtual
If an application can function in a load-balanced environment, VMM can deploy the application across
additional servers and reconfigure the load balancer to use the newly deployed servers. Server App-V
allows you to virtualize and deploy many server-based applications. Server App-V can sequence several
different components. Additionally, applications such as multi-tier web applications and network service
applications lend themselves to virtualization with Server App-V.
A single application might require you to specify registry settings, modify configuration files, or create
Windows operating system services. Additionally, an application might have many other points where it
interacts with the operating system. If so, the Server App-V Sequencer needs to capture these points, or
the application might not work properly when you deploy it.
Applications that require you to perform the following tasks might be suitable for virtualization with
Server App-V:
Save runtime state to local disk.
Install Windows services.
Create Windows Server Internet Information Services (IIS) applications.
Add and change registry settings.
Install and use COM+ and Distributed COM (DCOM).
Use text-based configuration files.
Install Windows Management Instrumentation (WMI) providers.
Install and use Microsoft SQL Server Reporting Services.
Add, modify, or use Local Users and Groups.
Install and use Java-based applications.
10-13
If an application requires another type of virtualized information that is not included on this list, it might
not work properly with Server App-V. There is no exhaustive list of applications that will work with Server
App-V. You must thoroughly test all applications that you virtualize before you run them in a production
environment.
Server App-V is flexible, and you can use it to virtualize a wide variety of server-based applications.
However, you cannot use Server App-V to virtualize a few functions. For example, applications that
require the following functionality are not supported:
Windows drivers or other components that must load when an operating system starts up.
Microsoft SharePoint Server or applications that install SharePoint Server.
SQL Server databases.
Just as there is no complete list of supported Server App-V virtualization application types, there also is no
exhaustive list of unsupported applications types for Server App-V. Server App-V is included with System
Center 2012 VMM, but you must install it separately.
What Is an Application Profile?

When you deploy a virtual machine as part of a
service, application profiles provide configuration
instructions for installing specific application
types. Application profiles support the following
application types:
SQL Server DACs
Server App-V applications
Web applications
Scripts
SQL Server DACs
SQL Server 2008 R2 supports a new package type called a DAC. A DAC contains all database and instance
objects that the application uses, and typically is targeted toward department-based applications.
SQL database developers create DACs by using one of the following methods:
Author and build a DAC by using the SQL Server Data-tier Application project type that is available in
Microsoft Visual Studio.
Extract a DAC from an existing database by using the Extract Data-Tier Application Wizard in the SQL
Server Management Studio.
After developers create DACs, they can import the DACs into the Virtual Machine Manager library, which
is then accessible from the application profile.
Server App-V Applications
Server App-V creates virtual application packages that then deploy to servers that run the Server App-V
agent. A virtual application package does not require a local installation; however, the package runs as if it
is a locally installed application.
As previously discussed, you create Server App-V packages by using the Server App-V Sequencer. When
you create a Server App-V package, the Server App-V Sequencer monitors a typical application
installation and records information that is required for the application to run in a virtual environment.
After you create the Server App-V package, you can import it into the Virtual Machine Manager library so
that it is accessible from an application profile.
Web Applications
A web application is a package that is stored within the Virtual Machine Manager library. It contains
the content, websites, certificates, and registry settings of a web-based application. You can package
and deploy web applications with the Web Deployment Tool. VMM also uses this tool to deploy web
applications as a service when deploying a web application as specified in an application profile.
Scripts
When deploying a virtual machine as part of a service, you also can use the application profile to run
scripts. You use scripts during the preinstallation and the post-installation phases of a specific application.
For example, you might need to copy updated configuration files to a deployed web application, or you
might have to run specific virtual application commands to finalize a virtual application deployment. You
also can use scripts to help you with preconfiguration or post-configuration tasks when you uninstall
applications. Scripts must be available in the Virtual Machine Manager library as a resource package.
To create an application profile, complete the following procedure:
1.
Open the VMM console, and then click the Library workspace.
2.
In the navigation pane, expand Profiles, and then click Application Profiles.
3.
On the ribbon, click Create, and then click Application Profile.
4.
In the New Application Profile dialog box, on the General page, provide a Name and Description
for the application profile.
5.
In the Compatibility drop-down list box, click General to allow for all types of supported
applications in the profile. Alternatively, you can use the SQL Server Application Host selection if
you are using this application profile to deploy a SQL Server DAC to an existing SQL Server computer.
Clicking this option only allows you to add SQL Server DAC packages and SQL Server scripts.
6.
On the Application Configuration page, click OS Compatibility, and then select the guest
operating systems that are compatible with the application.
7.
Click Add, and then select the appropriate application type. Note that you can only add an
application script after you have added an application.
8.
For each application or script that you added, configure the appropriate settings.
9.
Click OK to accept the application configuration settings.
You can add one or more applications as required by the service that you are configuring.
What Is a SQL Server Profile?

VMM allows you to configure a SQL Server
instance when you deploy a virtual machine as
part of a service. The process for installing and
configuring a SQL Server instance includes a
number of tasks as described in the following
steps:
1.
Prepare a SQL Server image. The virtual

machine that you deploy must contain a
version of SQL Server 2008 R2 or newer that
you prepared previously by using Sysprep.
SQL Server 2008 R2 and newer versions
provide built-in Sysprep functionality that you
can use to deploy and configure SQL Server rapidly.
Note: You can use SQL Server 2012 with System Center 2012 SP1 VMM or System Center
2012 R2 VMM only.
10-15
2.
Create a SQL Server profile. The SQL Server profile contains a number of configuration settings, such
as the instance name and ID, product key, media source, SQL Server administrators, and service
account designations.
3.
Create a virtual machine template. The virtual machine template specifies the hardware, operating
system, and SQL Server profile that you plan to deploy to a new virtual machine.
4.
Create a service template. A service template provides the foundation for deploying a virtual
machine and using the SQL Server profile to configure the instances that are defined within the
profile settings. A service is a set of virtual machines that you configure and deploy together to
support specific infrastructure requirements. For example, you might have a multi-tier, web-based
application that requires a SQL Server database. A service template gathers all of the configuration
settings into a single managed entity for the multiple servers. You can only configure and deploy a
virtual machine with SQL Server when you deploy the application as a service.
5.
Deploy the service. Deploying the service essentially deploys and configures all servers and
applications that are associated with the service.
Before you can deploy a SQL Server .vhd image, you must prepare the image by using the SQL Server
Sysprep process. You run SQL Server Sysprep prior to running Windows Sysprep to create an image that
includes a prepared operating system and an SQL Server installation that has not been configured.
SQL Server Sysprep is a two-step installation process that begins with image preparation. During the
image preparation phase, SQL Server Setup installs the product binaries without configuring any SQL
Server settings for the instance that is being prepared. After this first step completes, Sysprep begins and
then captures the image.
You perform the second step of the installation process during image deployment. After you deploy an
image to a virtual machine, you can proceed with the final installation and completion of a SQL Server
prepared instance. VMM uses the SQL Server profile that you prepared to provide the configuration
settings for each instance in the image that was prepared with Sysprep.
The SQL Server profile provides most of the common settings for use during deployment. However, you
also can use a SQL Server configuration file to provide the additional configurations for settings that are
not available in the SQL Server profile. A SQL Server configuration file is an .ini file, which is similar to a
Windows operating system answer file (Unattend.xml). If you use a SQL Server configuration file, you must
save it to a Virtual Machine Manager library share so that it is available to the template.
Install SQL Server 2012 from the Command Prompt
Configuring Virtual Machine Templates

VMM provides three kinds of templates in
the Virtual Machine Manager library: Service
Deployment Configuration (this node is a storage
location and you cannot templates), Service
Templates, and VM Templates. You can create
Service and VM Templates by using their
respective wizards.
Note: Creating Service Templates will be
covered in Module 12, Managing Services in
and App Controller.
You can modify the settings in an existing template. VMM incorporates the updated settings into new
virtual machines that you create from the template. However, the updated template will not affect
existing virtual machines that you created previously from the template. When you modify an existing
template, there are additional properties than those available when creating the template in the New
Template Wizard.
To modify virtual machine template settings, open the Library workspace, expand the Templates node in
the console tree, click VM Templates, and then double-click the template in the details pane.
On the General page, you can modify following fields:

o
Name (required). Identifies the template to VMM.
Description (optional). Describes the characteristics and purpose of a template.
Cost Center (optional). Specifies the cost center for a virtual machine that you create from a
template. Identifying a cost center enables you to collect data about the allocation of virtual
machines (or resources allocated to virtual machines) by cost center.
Tag (optional). Specifies a word or phrase that you can use to group specific virtual machines as a
set. You can use the tag as a filter to search for that set of virtual machines.
On the Hardware Configuration page, you can modify settings that are described in the What Is a
Hardware Profile? topic.
10-17
On the Operating System Configuration page, you can modify the guest operating system settings
that are described in the What Is a Guest Operating System Profile? topic.
On the Application Configuration page, you can modify settings to add a compatible operating
system, SQL Server DACs, virtual applications, web applications, and scripts.
On the SQL Server Configuration page, you can modify a SQL Server instance, the configuration of an
instance in the service account, and the agent that SQL Server uses to run its various services.
On the Custom Properties page, you can add or modify the custom fields (optional). You can add up
to 10 custom properties to each virtual machine that you create by using this template.
On the Settings page, you can add or modify quota points (optional). You can use quota points to
limit the number of virtual machines that self-service users can deploy at one time. Only self-service
users who share a self-service policy use quota points. You can specify a value for the Quota Points
setting if the virtual machines that you will create by using this template are for self-service users. The
quota applies to all virtual machines that you deploy on a host, including virtual machines that are
not running.
On the Dependencies page, you can select and modify properties of the dependencies listed by
clicking on the hyperlinks that make up their name and modifying the various properties.
The Validation Errors page will display any validation errors that the template might encounter.
On the Access page, you can modify the self-service owner, and add or remove self-service user roles
with which you share the template.
Demonstration: Creating a Virtual Machine Template

In this demonstration, you will see how to create a virtual machine template.
Demonstration Steps
1.
2.
3.
Navigate to the Library workspace, and then create both a Guest OS and a Hardware Profile with
o
Guest OS Profile:
Name: DemoGuestOS
Description: Demonstration creating a Guest OS profile
Operating System: 64-bit edition of Windows Server 2012 Standard
Identity Information, Computer name: WS2012-Core###
Admin Password: Specify the password of the local administrator account: Pa$$word
Hardware Profile:
Name: DemoHWProfile
Description: Demonstration creating a hardware profile
Compatibility: Hyper-V
Memory: Dynamic with 1024 Maximum memory set
Network Adapter 1: External Network
4.
Create a VM Template with the following settings:

o
Name: DemoVMTemplate
Description: Demonstration creating a VM template
Configure Hardware: Use the DemoHWProfile
Configure Operating System: Use the DemoGuestOS profile that you created earlier
Application Profile: None
SQL Server Profile: None
5.
After the DemoVMTemplate is created, open its properties, and then review all pages in the console
tree.
6.
Close all open windows.
What Are Capability Profiles and Physical Computer Profiles?

Capability and physical computer profiles
ensure that private cloud physical hosts have
the necessary resources to provide the level
of availability that is required by the virtual
machines, and the resources that the cloud
needs. You use a capability profile for a cloud
that requires highly available virtual machines
and services. The physical computer profile
includes configuration settings, such as the
location of the operating system image used
during host deployment, and other hardware
and operating system configuration settings.
To access a capability profile, in the Library workspace, under the Profiles node of the console tree, click
the Capability Profiles child node. When selected, the child node displays three existing capability profiles
in the Profiles details pane:
ESX Server. Use this profile for VMware hosts.
Hyper-V. Use this profile for Microsoft Hyper-V Server hosts.
XenServer. Use this profile for Citrix XenServer hosts.
You can use these profiles to provide the built-in fabric capability profile for their respective virtual
machine host platforms. These profiles are set to the read-only access level, and you should not modify
them unless you wish to globally change the host platform capability profile permanently.
Instead of altering these default profiles, you can make your own capability profiles. For example, you
might have a Hyper-V cluster that is used in a private cloud. To ensure that everything in this private
cloud is highly available, you can create your own capability profile.
Creating a Capability Profile
10-19
To create a capability profile, navigate to the Library workspace, on the Home tab of the ribbon, click
Create, and from the selection menu, click Capability Profile. This brings up the Create Capability Profile
Wizard. On the General page, you provide a name and optional description of the profile. On the
Capabilities page, you can find the following options:
Fabric Capability. Selected targets with this hardware profile will be used. VMM will ensure that the
provided settings are compatible with these destination locations. There are three selections in this
setting: Hyper-V, ESX Server, and XenServer virtualization hosts.
Processor Range. Use this option to select the number of processors that the host will use. You can
use a default range or select a minimum and maximum number of processors. You can also provide
compatibility with different processor versions, and VMM can limit the processors that a virtual
machine can use. You have the option of using the default setting, selecting a user-defined or
required processor compatibility, or disabling the capability altogether.
Memory Range. Use this setting to specify how much memory to allocate to the virtual machine, or
let the virtualization host manage the amount dynamically within a range.
DVD Drive Range. Use this option to set the number of DVD drives that you can use.
Shared Image Mode. Use this option to enable virtual machines to share .iso image files that are
stored in the Virtual Machine Manager library.
Hard Disk Count. This option sets the number of virtual hard disks in use. The maximum number
allowed is 255.
Disk Size Range. Use this option to set the size of virtual hard disks. The maximum size is 64 terabytes
(TB).
Fixed Disk Mode. Use this option to select fixed, dynamic, or differencing virtual hard disk options.
Dynamic Disk Mode. This option is identical to the Fixed Disk Mode option.
Differencing Disk Mode. This option is identical to the Fixed Disk Mode option.
Network Adapter Range. This option allows you to select up to 12 network adapters.
Network Optimizations. Use this option to enable network optimizations.
Availability. This option allows you to select a highly available virtual machine mode. When you
configure VMM to be highly available, VMM attempts to place the virtual machine on a clustered
server.
Creating a Physical Computer Profile
The process for creating a physical computer profile is similar to creating a compatibility profile. If you
need to create a physical computer profile, navigate to the Library workspace, on the Home tab of the
ribbon, click Create, and from the selection menu, click Physical Computer Profile. This brings up the New
Physical Computer Profile Wizard, which has the following pages:
General. Provide a name and an optional description for the physical computer profile. You also have
the ability to select the role of virtual machine host or Windows file server.
OS Image. On this page, you can select a virtual hard disk with an operating system image. The image
must have a Windows Server version that can start from a virtual hard disk. The Hyper-V role in this
operating system will be installed by default. For best results, allow for enough free space on the
partition to contain the recommended page file size, which is determined by the amount of memory
on the host system.
Hardware Configuration. On this page, you can configure the following settings:
Network Adapters. Includes the ability to configure a physical network adapter as the
Management NIC. It also allows you to set the use of Consistent Device Naming for the adapter
and to use a dynamically assigned IP address or a static IP address.
Disk and Partitions. You can use this setting to add a new disk requirement and to add a petition
to this disk by using the master boot record (MBR) or the GUID partition table (GPT). You can
also assign the Primary, NTFS file server, and all remaining space on the operating system
volume.
Driver Options. You can filter the list of drivers so that only the appropriate drivers apply to an
operating system as part of a virtual machine host deployment. VMM automatically applies the
drivers that match Plug and Play IDs discovered on the computer.
OS Configuration. Allows you to configure the following:

o
Domain. Specify the domain that the virtual machine host should join. To join a domain, the
computer must have at least one network adapter that has access to the network.
Admin Password. Specify the credentials for the local administrator account.
Identity Information. You can add the full and organizational name of the host configuration.
Product Key. Specify the product key use for the virtual machine.
Time Zone. Specify the time zone for the virtual machine.
Answer File. To set additional settings, you can attach an Unattended.xml file to the host profile.
The answer file script must be stored on a library share.
GUIRunOnce Commands. Specify zero or more command-line commands to run immediately

after deployment.
Host Settings. Use this page to specify virtual machine placement paths on the host. VMM uses virtual
machine placement paths as default locations to store virtual machines placed on a host.
Summary. This page allows you to confirm the selected settings and view a script of Windows
PowerShell cmdlets that you can use to create the physical computer profile made with this wizard.
What Are Service Templates and Service Deployment Configurations?

System Center 2012 VMM provides you with
two new tools for creating, managing, and
deploying services: service templates, and service
deployment configurations.
Service Template
A service template is a logical component that

defines and connects all necessary components
for service deployment and functionality. A
service template encapsulates everything that
you require to deploy and run a new instance of
an application. Deploying a new service requires
a high level of automation and predefined
components, and it requires management software support. Service templates in VMM simplify
deployment of services. Just as a private cloud user can create new virtual machines on demand, a user
can also use service templates to install and start new applications on demand.
10-21
When creating service templates, you can select either the Single Machine pattern, the Two-tier
Application pattern, or the Three-tier Application pattern. Deploying tiers actually defines the levels of
your application. For example, one tier of your application can be a Web server (or servers), while a
second tier could be database servers.
A machine tier is not an equivalent of a virtual machine, but rather contains one or more virtual machines
of a particular type. When creating a tier, you can select the configuration settings for this collection. The
New Service Template Wizard uses the Service Template Designer GUI to set and order these
configuration settings quickly.
Service Deployment Configuration
After you create the service template, you then can deploy the service to a private cloud or to virtual
machine hosts. To deploy a service, you should first create a service deployment configuration. You can
create a deployment configuration by right-clicking a service, and then selecting Configure Deployment.
Type a name for the deployment configuration, and then select a destination for the service. You can
choose between host groups and private clouds, if you have created any.
After you type the name and select a destination for a service, VMM performs placement evaluation.
Following the evaluation, the Deploy Service console opens, displaying the deployment diagram and the
selected host machine or private cloud. Here you can configure a virtual machine name and a computer
name for the virtual machines that deploy as a part of service. By default, VMM generates names in the
format ServiceVM0000X.domain for both virtual machine name and computer name. However, you can
change this for each service deployment.
When you click the Deploy Service button in the Deploy Service console, you actually initiate the
deployment process. You can monitor deployment progress in the Jobs window. Depending on the
number of virtual machines deployed and the network and storage speed, this process can take between
10 minutes to a few hours. For long-running service deployments, we recommend that you also monitor
the VM Manager log in Event view, and the System log on the VMM management server. You can find
additional, detailed information about tasks in the Event Viewer.
After the service deploys, you can update the service template and then deploy those updated changes
to the already deployed service. Alternatively, you can deploy additional virtual machines to an existing
service to provide additional resources for the deployed service.
Note: Module 12, Managing Services in Microsoft System Center 2012 R2 Virtual Machine
Manager and App Controller, covers service templates and service deployment configuration in
detail.
Planning Virtual Machine Manager Profiles and Templates

As part of your virtualization strategy and
infrastructure design, consider the number of
different templates, stored virtual disks, hardware,
guest applications, and database profiles you
will need. You should plan how many different
operating systems you will deploy and where
your files need to be stored. The following list
summarizes some considerations for working with
profiles and templates:
Working with library items. Consider creating

a plan for the number of templates you think
you will need, and configure some or all of
these before starting deployment. Consider keeping only the number of .vhdx files that you require.
In a mixed host environment, consider having both .vhd and .vhdx formats. Remove legacy and
unused profiles and templates. Back up a library occasionally, and if you must recover an older image,
you can retrieve it from the backup.
Try to keep the Virtual Machine Manager library tidy and prevent virtual sprawl. Remove virtual
machines and virtual hard disks that are unused. Virtual sprawl includes offline files, which can end
up being stored across file and infrastructure servers other than hosts.
If you need to have the same templates and files across multiple Virtual Machine Manager libraries,
you can send large files offline and then import them where required. If you need to avoid using
small wide area network (WAN) links, set up equivalent objects at multiple locations for virtualization
deployment resources that you need and do not want to deploy over a WAN.
Performance. Consider the impact of servicing many offline files. If you update them, consider
collaborating in larger organizations to ensure that someone is not servicing images while someone
else is trying to deploy those same images.
Consider a standard hardware profile. If you set the base configuration for all of your virtual servers
with more memory, processors, and disk space than necessary, you will not achieve the full value of
virtualization, and you will waste resources.
Licensing. You can use guest operating system profiles to help enforce licensing requirements. For
example, you can preconfigure an image for the Microsoft Developer Network (MSDN) website and
then assign this to the developers who have the MSDN agreement. Consider licensing when using a
template that is based on another machine; ensure that only the people that should use a template
are using it.
Systems integration, automation, and self-service. VMM and its libraries are the source from which
other applications deploy. If necessary, create multiple libraries with appropriate security and ensure
that the deployed files and images are up to date.
Service templates. When building services for applications that scale out, consider versions and
revisions, and try to keep them consistent. For example, if you have a template for a three-tier
application, when you are updating the tiers, you need to remember to increment the revisions
appropriately.
Lab: Configuring and Managing the Microsoft System

Center 2012 R2 Virtual Machine Manager Library and
Library Objects
Scenario
10-23
The IT management at A. Datum Corporation wants to ensure that the management processes for
the virtualized environment are as efficient as possible. This means that the work involved in creating
new virtual machines should be minimized. In addition, most of the components that deploy in the
environment should be standardized to simplify the management of the environment and to reduce the
chances of making errors. Because the virtualization hosts are located in five different locations, you also
need to ensure minimum bandwidth utilization between data centers when performing tasks such as
creating new virtual machines.
To optimize this management process, you need to configure the Virtual Machine Manager library and
deploy components in the library.
Objectives
Configure and manage the Virtual Machine Manager library.
Create and work with Virtual Machine Manager profiles and templates.
Lab Setup
Virtual machines: 20409B-LON-HOST1, 20409B-LON-DC1, 20409B-LON-VMM1
Password: Pa$$w0rd
1.
On the host computer LON-HOST1, start Hyper-V Manager.
2.
seconds.
3.
4.

o
Password: Pa$$w0rd
Domain: Adatum
the virtual machines at the end of this lab. However, you can shut down the virtual machines
after finishing this lab.
Exercise 1: Configuring and Managing the Virtual Machine Manager

Library
Scenario
In this exercise, students will add a library server and library shares, configure refresh, associate the Virtual
Machine Manager library with a host group, add content to the library, and work with equivalent library
resources.
1.
Examine the Library workspace defaults, and create the shared folders on the virtualization host
computers.
2.
Add LON-HOST1 and LON-HOST2 as Virtual Machine Manager library servers.
3.
Examine the library server shared folder resources, and create an additional subfolder on LON-HOST1.
Task 1: Examine the Library workspace defaults, and create the shared folders on the
virtualization host computers
1.
2.
On the desktop, on the taskbar, click the Virtual Machine Manager Console icon.
3.
On the Connect to Server page, click the Connect button.
4.
Verify that LON-VMM1 is listed as a library server.
5.
On LON-HOST1, in the root directory of drive C, make a shared folder called Host1Library. Share
with the Everyone group, having Read access.
6.
On LON-HOST2, in the root directory of drive C, make a shared folder called Host2Library. Share
with the Everyone group, having Read access.
Task 2: Add LON-HOST1 and LON-HOST2 as Virtual Machine Manager library servers
In the Virtual Machine Manager console, add both LON-HOST1 and LON-HOST2 as Library Servers.
In the Add Library Server Wizard, do the following:
a.
Sign in with the credentials ADATUM\Administrator and the password of Pa$$w0rd.
b.
Add LON-HOST1 and LON-HOST2 as library servers.
c.
Add Host1Library and Host2Library as Library Shares, and add the Default Resources to
both.
Task 3: Examine the library server shared folder resources, and create an additional
subfolder on LON-HOST1
1.
After you create the library servers, under the Library Servers node, review the new library server
nodes and child nodes.
2.
Observe the properties of the ApplicationFrameworks item Equivalent Resource.
3.
In Host1Library, add a new folder named ISOs. In this folder, create a text file named Test.iso. Make
sure to have the .iso extension, as this will simulate a real .iso file.
4.
Switch back to LON-VMM1, and then examine the Host1Library again. The ISOs folder should
display. If not, refresh Host1Library.
Exercise 2: Creating and Managing Profiles and Templates

Scenario
10-25
In this exercise, students will create and modify the hardware profile and a guest operating system profile.
Students will also explore configuration options for host profiles and application profiles. Finally, they will
use Hardware and Guest OS profiles to create a virtual machine template, which they will deploy in the
next lab.
1.
Create the Guest OS Profile.
2.
Create the Hardware Profile.
3.
Create a virtual machine template.
Task 1: Create the Guest OS Profile
In the Virtual Machine Manager console, navigate to the Library workspace, and then create a Guest
OS Profile with the following settings:
o
Name: LabGuestOS
Description: Lab creating a Guest OS profile
Operating System: 64-bit edition of Windows Server 2012 Standard
Identity Information, Computer name: WS2012-Core###
Admin Password: Specify the password of the local administrator account: Pa$$word
Task 2: Create the Hardware Profile
Navigate to the Library workspace, and then create a Hardware Profile with the following settings:
o
Name: LabHWProfile
Description: Lab creating a hardware profile
Memory: Dynamic with 1024 Maximum memory set
Network Adapter 1: External Network
Task 3: Create a virtual machine template

1.
Create a VM Template with the following settings:

o
Name: LabVMTemplate
Description: Lab creating a VM template
Browse for disk: Blank Disk - Small.vhdx
Configure Hardware: Use the LabHWProfile
Configure Operating System: Use the LabGuestOS Profile
Application Profile: None
SQL Server Profile: None
2.
After the LabVMTemplate is created, open its properties and review all pages in the console tree.
3.

Question: Why did you copy an .iso file into the newly created ISOs subfolder?
Question: What was the purpose of using WS2012-Core### in the Computer name section
of the Guest OS Profile?

Review Questions
Question: What is the Virtual Machine Manager library, and what kind of resources can you
index in it?
Question: What should you create to deploy a VM Template in VMM?

Common Issue
You cannot add a library server.
Resources do not appear in the Virtual

Machine Manager library after you add
them to the library share.
You cannot add a file server cluster as a

library server.
Tools
VMM console
Server App-V
Failover Cluster Management Console
Troubleshooting Tip
10-27

11-1
Module 11
Managing Clouds in Microsoft System Center 2012 R2
Contents:
Module Overview
11-1
Lesson 1: Introduction to Clouds
11-2
Lesson 2: Creating and Managing a Cloud
11-11
Lesson 3: Working With User Roles in Virtual Machine Manager
11-19
Lab: Managing Clouds in Microsoft System Center 2012 R2

11-27
11-34
Module Overview
Many IT professionals today consider cloud computing to be one of the most important technical
inventions in recent years. Cloud computing can reduce IT costs by increasing the availability of services
and applications without administrative intervention. Although cloud computing has been in use for a
few years, organizations require new virtualization and management tools to fully utilize its benefits.
These tools enable administrators to implement cloud computing within private networks, thereby
creating private cloud infrastructures.
You can use Microsoft System Center 2012 R2 Virtual Machine Manager (VMM) to build cloud
computing services. VMM includes several new and improved tools and features that you can use to
create an internal infrastructure that will support cloud computing within your organization. In this
module, you will learn about cloud computing, private clouds and public clouds, and how to use VMM
to create them.
Objectives
Explain the concept of a private cloud and a public cloud, and describe how you can use VMM to
create these cloud services.
Create and manage a private cloud or a public cloud.
Create and use user roles in VMM.
Lesson 1
Introduction to Clouds
11-2 Managing Clouds in Microsoft System Center 2012 R2 Virtual Machine Manager
Cloud computing is changing the way businesses develop services and applications. The on-demand
model of cloud computing provides new ways to scale services, and provide better availability to those
services. Most organizations today experience a continuous increase in data, platforms, and users. The
result is a growing requirement for services, which creates a need for a more robust platform with an
almost unlimited capacity to manage the ever-increasing loads. In this lesson, you will learn about cloud
computing and its benefits. You will also learn how you can use VMM to implement cloud computing.
Lesson Objectives
Explain the concept of a cloud.
Describe the features of public clouds, private clouds, and hybrid clouds.
Describe how to implement virtualization in cloud services.
Explain how you can use VMM to create a cloud.
Explain how a VMM implementation works.
What Is a Cloud?
For many years, traditional computing has
involved a rapid growth of data centers with a
great deal of server inefficiency. Historically, IT
professionals would purchase individual physical
servers, and then typically assign one workload
to each server. With the ability to run multiple
workloads on a single server, some application or
hardware-based resource consolidation occurred,
but IT professionals would typically use single
workloads or functions on servers. The result
was servers using less than 10 percent of their
available resources. This meant that in a data
center, hundreds or thousands of servers were consuming large amounts of space and power, while
providing low overall usage.
About 10 years ago, technology improved enough to enable data centers to isolate workloads operating
systems within a virtual machine. IT professionals could now consolidate multiple virtual machines on one
server. This led to a significant increase in resource usage with reduced physical hardware costs and power
consumption.
The Evolution of Cloud Computing
Cloud computing extends virtualization concepts to make them even more elastic. Public and private
clouds are more easily accessible to business unit IT teams, and more accountable through features such
as cost center-based chargeback modeling for billing.
The National Institute of Standards and Technology (NIST) defines cloud computing as a model for
enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing
11-3
resources such as networks, servers, storage, applications, and services. Using cloud computing, you can
rapidly provision and release these resources with minimal management effort or service provider
interaction.
For example, an application owner can deploy a developed application to a private cloud infrastructure,
knowing that the infrastructure will adjust resources dynamically for the application, scale the application,
and enable the application to migrate across servers based on the best resource match.
This current cloud-computing model ultimately provides elasticity, design scalability, and accountability
for the actual resource use that the application is employing. Additionally, cloud computing makes
maximum use of the resources that are available in a data center.
Benefits of Cloud Computing

Cloud computing offers the following benefits:
Virtualized data center. Cloud computing provides methods to access computing services that are
independent both of your physical location, and the hardware that you use to access it. With cloud
computing, you no longer need to store data or applications on your local computer. The data
center remains a key component of the cloud computing infrastructure. However, cloud computing
emphasizes virtualization technologies that focus on delivering applications rather than supporting
the data center infrastructure.
Reduced operational costs. Cloud computing helps mitigate issues such as low system use,
inconsistent availability, and high operational costs, by providing pooled resources, elasticity, and
virtualization technology.
Server consolidation. Cloud computing enables you to host multiple virtual machines on a
virtualization host, which helps you to consolidate servers across a data center.
Improved resilience and agility. With products such as System Center 2012, cloud computing can
reduce costs and improve efficiency.
Businesses using cloud computing and cloud services can see a substantial decrease in maintenance and
support costs. This is because to a great extent they are no longer involved in maintenance and support.
These costs are borne by the cloud services vendor, which allows the business to use its funds on the
actual service being provided.
What Are Public, Private, and Hybrid Clouds?

Cloud computing offers three deployment
models:
Public cloud.
Private cloud.
Hybrid clouds.
Public Cloud
With public cloud computing, a cloud vendor
(also known as a hosting provider) provides
cloud resources for an organization. The cloud
vendor may share its resources with multiple
organizations, or with the public. The main feature of a public cloud is that the resources that the
organization uses, such as storage, processing power, various web-based applications, and other
components, do not belong to the organization that is utilizing the resources, but rather to the cloud
vendor.
With public cloud services, the tenant organization has less management overhead than organizations
that use private clouds. This means the renting organizations are not responsible for maintaining or
supporting those resources, they just use them. However, this also means that control of the public
infrastructure and services is greatly reduced because the service provider manages this for the tenant
organization. In addition, the public cloud hosts the infrastructure and services for multiple organizations
(multitenant), which introduces security implications that you need to review.
In most cases, the cloud vendor will provide the renting organization with a service level agreement (SLA).
The SLA specifies the following items:
What resources are being made available
What failure rate or downtime is acceptable
The escalation procedures if any of the resources fail
The fees for different resources and services
The SLA is a very important structural component of the public cloud. Without an SLA, many businesses
would feel that they still need to deploy their own resources.
Private Cloud
The key difference between a public cloud and a private cloud is that an organization typically owns
and manages its own cloud resources infrastructure and assets. Private clouds are cloud services that are
controlled by one organization, are not shared with other organizations, and therefore typically are more
secure.
One of the key benefits of a private cloud is that the organization has complete control over the cloud
infrastructure and services that it provides. However, the organization also has the management overhead
and costs that are associated with this model.
In most instances, private clouds are owned by their respective organizations. In this scenario, the
organizations data center manages and maintains the cloud infrastructure. However, external service
providers can provide private cloud resources in a variety of ways.
Hosted private clouds are private clouds that hosting companies manage specifically for a particular
organization. This means that no other companies or applications are running on the infrastructure other
than your own. On-premises private clouds are built from components within the organizations data
centers, while off-premises private clouds are built with components that are hosted outside the business
by an external provider.
Hybrid Cloud
A hybrid cloud allows you to blend your private cloud infrastructure with infrastructure and resource
elements from a public cloud. For example, an organization might use an on-premises Microsoft
Exchange Server messaging solution, but decide to store additional mailboxes on Microsoft Office 365
Exchange Online. Similarly, an organization could make use of Microsoft SQL Server databases hosted on
Windows Azure while also continuing to host databases within its private cloud.
Considerations for Choosing a Cloud Computing Model
11-5
When moving to a cloud-computing model, regardless of the cloud model that you choose to adopt,
consider the following factors:
Cloud service models. You can choose infrastructure as a service (IaaS), software as a service (SaaS),
or platform as a service (PaaS) for your cloud service model. You should understand the difference
between these models so that you can select the model that is the best for your organization.
o
IaaS. IaaS is a cloud-computing model in which you manage your virtual server within your
organization. For example, creating a private cloud with System Center 2012 provides you with
the IaaS model.
SaaS. SaaS is a cloud-computing model in which you receive a service over the Internet, such as
email messaging. For example, Office 365 is a SaaS offering.
PaaS. PaaS is a cloud-computing model that is between IaaS and SaaS. This model provides a
computing platform that you use, and upon which you manage your applications. For example,
Windows Azure is a PaaS.
Internet connection. Your Internet connection can become a single point of failure when using your
line-of-business (LOB) applications. Whether moving to a public cloud or a private cloud, you need to
ensure that the connectivity between your on-premises computers and the cloud-based applications
are always available. Network latency is also a major factor. If you spread your infrastructure across
multiple sites and site links, and over wide areas, this can have a detrimental effect on the
performance and availability of your applications.
Data protection and recovery. Although you will already have methods in place to protect and
recover your mission-critical data, you need to consider the following questions when moving to a
cloud computing model:
Are the current protection and recovery methods compatible with the virtualization technologies
that the public cloud or private cloud uses?
Is data being stored securely?
Do you need a local backup of your data in the event of an Internet connection failure? In this
case, how is the data transferred back to your organization, and how is the data restored in the
event of a catastrophic failure?
Disaster recovery. Ask yourself the following questions:

o
What is your current disaster recovery model?
Do you have mirrored sites? If so, how will data synchronize between these sites?
How will mirrored sites and data synchronization affect the cloud-computing model that you
choose?
Performance and availability. Application performance and availability are key factors to consider
when adopting any cloud-computing model. With a public cloud, you need to ensure that the service
provider can meet the performance and availability requirements of your applications. You need to
consider the SLAs that the service provider includes with their services.
Question: What is the main difference between on-premises private clouds and off-premises
private clouds? How do off-premises private clouds differ from hybrid clouds?
Virtualization and Cloud Computing

The private cloud encompasses more than just
virtualization. However, virtualization is still an
important and vital component of the private
cloud. Several elements of virtualization make a
private cloud possible such as:
Server consolidation
Simplified deployment
Elasticity and scalability
Multitenancy
High availability and mobility
Server Consolidation
Server consolidation is one of the primary reasons for implementing virtualization. You can deploy
multiple virtual machines and server roles on a single physical server, and thus utilize that physical server
more efficiently. Furthermore, by using multiple hosts in VMM, you can manage those physical servers
and their virtual machines more efficiently.
Easy Deployment
Virtualization makes deploying new services much simpler. Virtual machines are based on virtual hard
disks, which you can copy, clone, and start quickly, in some cases within seconds. This is faster than any
single physical server, whose deployment is measured in hours. Cloned virtual machines can have many
iterations. Therefore, you can dispatch more than a single copy.
Elasticity and Scalability
You can create or copy virtual machines quickly, and you can deploy many copies simultaneously.
For example, consider a scenario where you need to run multiple and extensive searches for data on a
database server. Using virtualization, you can quickly start up multiple virtual machines that are running
SQL Server, run these extensive database queries, aggregate the results, and report them back. When you
finish, you can then turn off or even delete those virtual machines. Such functionality is highly elastic and
scalable.
Consider another example of an event-based model involving a website that experiences increased traffic
closer to the date for a particular event, such as a conference or a holiday. You could attach and start
multiple virtual machines hosting the website and the various web applications to add capacity and
performance as traffic increases. After the event, when you would expect traffic to decrease considerably,
you can begin removing those virtual machines that you no longer need. The resources that the virtual
machines consumed can now be reallocated for other functions. Such events can happen very quickly,
often within minutes. However, by using virtual machines in cloud services, these events will be managed
automatically based on the traffic being generated.
Multitenancy
Virtual machines also provide the ability to segregate and isolate applications that run on different virtual
machines. You can have multiple tenants on the same virtual machines. Consider a scenario where you
have code that was originally written to run on SQL Server 2008. Due to new functionality, you now have
updated code that runs on SQL Server 2012, and you wish to compare functionality and results between
the two code implementations. Traditional testing would require multiple physical servers with various
version levels of SQL Server installed on them. However, virtualization simplifies this testing.
11-7
In another example, suppose you have macros written for Microsoft Office Word 2010 and you now want
to develop similar functionality on Word 2013. Normally, you would not be able to run both versions of
Word on the same computer. However, you can easily implement this with virtualization.
High Availability and Mobility
Virtualization provides high availability and mobility. High availability implies continuous presence so
that any failures are transparent to the user and the applications or functions that the user is employing.
With high availability, you can switch functionality from one virtual machine to another by using features
such as Network Load Balancing (NLB) and failover clustering. Mobility refers to the ability to migrate
applications, virtual machines, or on an as-needed basis. Virtual machines in HyperV include
technologies such as the Live Migration feature, which simplify mobility. By using VMM, you can
conceptualize clustering by using the fabric.
Another key feature of virtualization is the ability to immediately present a functional duplicate of a virtual
machine on another host so that a connected user does not experience a disruption in service. You can
place a virtual machine on another physical server, even one thousands of miles away, within seconds.
When you implement these virtualization features in a private cloud, you should be aware of several key
considerations:
Automated management. Certain decisions, such as instantaneous failover, do not require human
intervention. Rather, an administrator creates a failover cluster with key decision points that allow
the cluster to switch to another virtual machine automatically, even on another physical server. Based
on the decision tree, the cluster fails over automatically. Without automated management, a private
cloud would be too difficult to manage. In this case, the administrator still provides the top-level
guidance, but the automation enables a greater amount of control than what a person could do
sequentially.
Pools of compute resources. When you do not require a particular functionality or at least a large part
of that functionality, you can turn off specific virtual machines and reallocate the resources they were
consuming. Pools of compute resources include aspects of the physical server, such as disk space,
memory, CPU cores, and available bandwidth. Available bandwidth is a feature of not just the physical
computer, but of the overall network as well. By using VMM, you can more easily administrate a very
complex infrastructure of virtual machines, their availability, their use of resources, and a host of other
factors.
Self-service provisioning. The recent versions of VMM include self-service provisioning. The
management capabilities of VMM include the Virtual Machine Manager Self Service Portal that allows
VMM to make use of private cloud storage space at the business unit level. This allows individual
business units with specific virtualization needs to consume that storage space rather than waiting for
an administrator to make storage available. This enables faster provisioning of virtual machines.
Usage-based chargeback. Different business units within an organization might have different
needs for virtualization services in a private cloud. The usage-based chargeback concept means
that IT within an organization can ascertain the specific costs associated with provisioning a separate
business units virtualization costs. This enables management to make knowledgeable decisions about
the allocation of resources within an organization.
Clouds in System Center 2012 R2 Virtual Machine Manager

In the VMM console, in the VMs and Services
workspace, you will find a Create Cloud icon
on the ribbon. You use this interface to create
and manage cloud services in VMM. Cloud
management in VMM combines a collection of
hosts, host groups, logical networks, virtual IP
profiles, storage and storage classifications,
content libraries, and load balancers. By managing
these features, you can create capability profiles
and assign capacity values that enable you to
reserve computing capacity to business units and
their projects.
Creating a private cloud is not a requirement for using VMM. For small businesses and organizations,
having a few physical hosts with multiple virtual machines may be enough, and they may never require
cloud services in their infrastructure. However, a small business can conceptualize the infrastructure into
the fabric, and then use that fabric to offer private cloud capability. Even if just the IT department uses the
cloud services to run applications for the rest of the business, it can be a step towards enhanced
management, lower costs, and increased efficiency for the administrators.
When you use a private cloud, all details of the infrastructure are hidden, and you can use role-based
access (RBAC) to allocate capacity. Users with role-based access control (RBAC)assigned permissions
can use the consoles in either System Center 2012 Service Pack 1 (SP1) VMM and newer versions, or the
System Center 2012 - App Controller and newer versions to provision and manage virtual machines and
their services. To do this, users do not need to be aware of any factors relating to fabric, storage,
networking, or other IT related infrastructure.
You can define quota limits for private clouds at the individual, group and cloud levels. You can create
quota definitions for memory, CPUs, storage, and number of virtual machines. For example, suppose you
have a small group of seven developers. You could create a quota that allows each developer create up to
three virtual machines, but limit the developers group to only 18 virtual machines. This would balance the
needs of the developers group with the potential for over-allocating resources.
System Center 2012 SP1 VMM and newer versions include a new role called Tenant administrator. You
use this role to assign delegated rights, including the ability to create additional users with specific
permissions. The Tenant administrator role also enables more automation with System Center 2012 Orchestrator and System Center 2012 - Operations Manager and newer versions.
Unless an organization is using a hosted private cloud, all the infrastructure resources that make up
the private cloud are owned by the organization. These resources are named on-premises, which mean
that the resources are located in a facility that the organization owns. However, organizations can have
facilities in multiple locations, including other cities, provinces, or countries. In this scenario, the only thing
public about a private cloud would be the wide area network (WAN) connections over the Internet that
the organization utilizes.
Organizations also have the ability to create hybrid clouds by moving virtual machines from on-premises
servers to Windows Azure. Using the Network Virtualization feature in Windows Azure, you can allow the
virtual machine to keep its current IP address, and then using the new gateway functionality, you can link
your network to Windows Azure. The virtual machine then appears as if it were part of your network even
if you host it elsewhere. You could also obtain certain services directly from a public cloud vendor, which
abstracts the infrastructure management. In a hybrid cloud, resource and infrastructure management
varies, while in a public cloud, organizations have no resource and infrastructure management.
Enhancements in Virtual Machine Manager 2012 R2 Clouds

VMM includes several new enhancements that
enable you to manage and perform administrative
tasks from the VMM console instead of having
to use several disparate tools. You can also use
multiple kinds of storage: Internet small computer
system interface (iSCSI) storage area network
(SAN), Fibre Channel SAN, or Server Message
Block (SMB) 3.0.
VMM contains new advanced Windows Server
2012 Hyper-V network virtualization policies,
and is configured to be aware of and provision
virtual machines. Additionally, VMM makes use of
custom virtual networks in the data center, and is multitenant aware. Managing Hyper-V network
virtualization is a natural extension for policy-based networking.
11-9
Virtual machines can run concurrently on a single physical host but you can isolate them from each
other as if they were running directly on the physical host hardware. With network virtualization, you can
create multiple virtual network infrastructures that run on the same physical network, and that potentially
include overlapping IP addresses. Each of these virtual networks performs as if it is the only virtual
network on the network infrastructure.
Network virtualization separates virtual networks from the physical network and removes both
hierarchical and virtual local area network (VLAN) IP address assignment restrictions from virtual machine
deployment. This flexibility makes it easier for organizations to move to cloud computing, and makes
managing infrastructure more efficient for cloud vendors and data center administrators. In addition,
network virtualization ensures the necessary multitenant isolation, security requirements, and overlapping
virtual machine IP addresses.
IP Addressing Management (IPAM) is a built-in framework for discovering, monitoring, auditing, and
managing the IP address space used on a corporate network. IPAM has been significantly enhanced in
VMM. For example, you can now use it for administration and monitoring of servers running Dynamic
Host Configuration Protocol (DHCP) and Domain Name System (DNS). The following table lists the new
functionalities in VMM.
Feature/functionality
New or
improved in
VMM
Description
RBAC
New
RBAC enables you to customize the types of

operations and access permissions for users and
groups of users on specific objects.
Virtual address space

management
New
IPAM streamlines management of physical and

virtual IP address space in VMM.
Enhanced DHCP server

management
Improved
IPAM has several new available operations to

enhance the monitoring and management of the
DHCP server service on the network.
External database support
New
In addition to Windows Internal Database (WID),

IPAM also optionally supports the use of a SQL
Server database.
Upgrade and migration

support
New
If you install IPAM on Windows Server 2012,

your data is maintained and migrated when you
upgrade to Windows Server 2012 R2.
Enhanced Windows
PowerShell support
Improved
Windows PowerShell support for IPAM is greatly

enhanced to provide extensibility, integration, and
automation support.
Lesson 2
Creating and Managing a Cloud
11-11
A private cloud is one of the main concepts in VMM, including System Center 2012 SP1 VMM. By defining
a private cloud, you define a set of resources and technologies that are available to users. To create and
manage private clouds, you need to understand the private cloud concept, in addition to its properties
and components. You also need a clear understanding of how to create and manage private cloud
services and technologies to provide end users with private cloud accessibility.
Lesson Objectives
Explain how to configure cloud resources.
Explain how to configure cloud capacity.
Describe how to configure cloud capability.
Create a cloud from a host group.
Describe how to manage a cloud.
Explain how to delete a cloud.
Configuring Cloud Resources

Similar to all services and software, a private cloud
depends on hardware resources such as servers,
storage, networks, CPUs, and memory. A private
cloud in VMM can run on traditional hardware
configurations, including conventional or blade
servers, a SAN, and various load balancers.
Characteristics of Private Cloud

Resources
To prepare private cloud resources in the VMM

private cloud infrastructure, you define various
hardware and software components that VMM
then uses as private cloud building blocks. After
defining and creating components, you should validate that all of the hardware and software components
are functioning together correctly. This process can be complex and time consuming, but typically, you do
not have to do this very often.
After you prepare all of the hardware and software components, you can assign them to a private cloud
by using the Create Cloud Wizard. Later, you can add and remove resources from your existing private
cloud by editing the private cloud properties.
A private cloud can utilize physical resources either from host groups or from VMware resource pools.
Host groups can contain some combination of physical servers running Hyper-V, VMware ESX, VMware
ESXi, or Citrix XenServer. The VMware resource pool contains only servers running VMware ESX or
VMware ESXi. When you build a private cloud, you cannot select specific physical servers. Instead, you can
select a host group or resource pool. After you select the specific host group or resource pool that you
want to use to build a private cloud, you are presented with resources that belong to that group or pool.
Private Cloud Resources

When creating a private cloud, you should assign at least one logical network. A logical network is one
of the infrastructure elements that you must create prior to creating your private cloud. With a logical
network, you define VLANs, IP subnets, and a network site that belongs to that logical network.
If you create a load balancer, you can also add it to the private cloud. Adding a load balancer is not
mandatory. However, the Microsoft Network Load Balancing load balancer is installed by default. With a
load balancer, you can add a virtual IP template to your private cloud. The virtual IP template contains
load balancer-related configuration settings for a specific type of network traffic. For example, you can
create a virtual IP template to define load balancing for HTTP traffic that passes through port 80.
In VMM, you can also manage storage classifications and assign it to your private cloud by defining
storage pools and classifications. Storage classifications enable you to assign user-defined storage
classifications to discovered storage pools, typically by Quality of Service (QoS) that storage offers. For
example, you can assign a classification of gold to storage pools that have the highest performance and
availability, or silver for Fibre Channel serial attached small computer system interface (SCSI) storage
redundant array of independent disks 5 (RAID 5), or bronze to Serial ATA (SATA) disks.
To enable the new storage features, VMM uses the new Microsoft Storage Management Service to
communicate with external arrays through a Storage Management Initiative - Specification (SMI-S)
provider. The Storage Management Service is installed by default during the installation of VMM.
However, you must install a supported SMI-S provider on an available server, and then add the provider
to VMM management.
The Virtual Machine Manager library is also a very important part of configuring cloud resources. Most
VMMmanaged objects (such as virtual machines or services) deploy from the Virtual Machine Manager
library. While configuring a cloud, you can add a stored virtual machine path and read-only library shares.
Users can store the virtual machines they create in a stored virtual machine path. To provide self-service
users the ability to store virtual machines in the Virtual Machine Manager library, you can create a library
share. Alternatively, you can create a folder in a library share that serves as the storage location. However,
be aware that the library share location you designate for stored virtual machines must be different from
the shares that you designate as read-only resource locations for the private cloud. Read-only library
shares can provide a place where administrators store read-only resources such as any .iso files that they
want to make available to self-service users.
Configuring Cloud Capacity

For each private cloud, you can specify its total
available capacity. By specifying cloud capacity,
you limit the resources that private cloud users
can create or consume. You configure private
cloud capacity during the private cloud creation
process. However, you can change it later. You
can limit resource usage based on user roles, and
on individual members of a user role.
The following table describes categories and quotas that you use to set up private cloud capacity.
Quota type
Description
11-13
Virtual CPUs
The virtual CPU quota sets a limit on processing capacity within the private
cloud. This quota is expressed as capacity provided by a specified number of
CPUs and the quota is applied against virtual machines that are running. Setting
a virtual CPU quota does not guarantee contiguous capacity. Only the total CPU
capacity that is available among hosts in the private cloud is guaranteed.
Memory
The memory quota sets a quota in gigabytes (GB) on memory that is available
for virtual machines that you deploy on the private cloud. This quota is applied
against running virtual machines only. When you set a memory quota, it does
not guarantee contiguous capacity. For example, the private cloud might have
2 GB of memory available on one host, and 2 GB of memory available on
another.
Storage
The storage quota sets a quota on storage capacity in gigabytes that is available
to virtual machines that you deploy in your private cloud. For dynamic virtual
hard disks, quota calculations are based on maximum size. However, we
recommend that you use fixed-size disks.
Custom quota
(points)
A custom quota sets a quota on virtual machines that you deploy in a private
cloud. This quota is based on total quota points that you assign to the virtual
machines using their virtual machine templates. You assign quota points as an
arbitrary value to a virtual machine template based on the anticipated size
of the virtual machines. Custom quotas are available to provide backward
compatibility with self-service user roles that were created in System Center
Virtual Machine Manager 2008 R2 (VMM 2008 R2).
Virtual machines
The virtual machines quota limits the total number of virtual machines that you
can deploy in a private cloud.
If the private cloud capacity already equals the capacity of the underlying private cloud infrastructure,
you must first add hosts or other private cloud infrastructure resources, then make them available to the
private cloud, and then increase private cloud capacity. To modify any private cloud resource settings,
open the private cloud properties, and then click the desired tab.
Configuring Cloud Capability

The cloud capability profile defines which
resources and features are available to a virtual
machine after you deploy it to a private cloud. By
assigning the cloud capability profile to a private
cloud, you can specify which hypervisor platform
it supports, and how much memory or how many
processors you can assign to a virtual machine.
You can also define supported virtual disk types,
and the number of hard drives and network
adapters. Within a capability profile, you also can
define whether the virtual machine will deploy
only on a highly available cluster.
Configurable Options for Capability Profiles

The following is the list of configurable capability profile options:
Fabric Compatibility. Fabric compatibility options include Hyper-V virtualization host, VMware
virtualization host, and XenServer virtualization host.
Processor Range. This may vary from hypervisor to hypervisor. Hyper-V currently is limited to a
maximum of four virtual CPU, while VMware and Citrix XenServer supports as much as 8 virtual CPU.
Memory Range. This varies from hypervisor to hypervisor.
Microsoft Synthetic Video Adapter. This option is for Hyper-V only.
DVD Drive Range. This is the number of DVD drives.
Shared Image Mode. This option is for Hyper-V only.
Bus Configuration. This option contains virtual disk configuration information. For example, to control
whether or not you want your users to create virtual machines with differential disks on your private
cloud, you could specify either Fixed Disk Mode or Dynamic Disk Mode in the profile.
Network Adapters. You use this option to set the minimum and maximum number of virtual network
interface cards (NICs).
Network Optimization. This option is for Hyper-V only.
Advanced. With this option, you can configure the capability profile to enforce Highly Available
Virtual Machine Mode, and define it as required.
Built-In and Custom Capability Profiles
For each private cloud that you create, you can assign a capability profile. If you do not want to use
predefined capability profiles such as VMware ESX Server, Citrix XenServer, or Hyper-V, you should first
create a new capability profile in the library before assigning it to the private cloud. The built-in capability
profiles represent the minimum and maximum values for various categories that you can configure for a
virtual machine, for each supported hypervisor platform. If you have a mixed environmentfor example,
a private cloud with servers running both Hyper-V and VMware ESXthe virtual machine templates that
you create must support a capability profile for one or the other hypervisor platform (or both).
In the library workspace, you can also create custom capability profiles and use them to limit the
resources that the virtual machines in the private cloud use. To view the settings associated with a built-in
capability profile, open the virtual library pane, expand Profiles, and then click Capability Profiles. You can
then view the properties of a capability profile. To create a new profile, on the Home tab, in the Create
group, click Create, and then click Capability Profile.
The following table lists characteristics of built-in capability profiles.

Resource
Hyper-V
VMware
Citrix XenServer
11-15
Virtual CPU range
14
18
1 8
Memory range
8 MB 64 GB
4 MB 255 GB
16 MB 32 GB
Dynamic memory
User-defined, Required,
Disabled
Disabled
DVD drives
04
04
04
Shared .iso image
Disabled
Hard disks
0 255
0 255
07
Disk size range
0 MB 2040 GB
0 MB 256 GB
0 MB 2040 GB
Disk options
Allow Fixed Disks,

Allow Dynamic Disks,
Allow Differencing Disks
Allow Fixed Disks,

Allow Dynamic Disks,
Allow Differencing Disks
Network adapters
0 12
0 64
07
Network
optimizations
Disabled
Virtual machine
availability
Disabled
Disabled
User-defined,
Required, Disabled
Demonstration: Creating a Cloud from Host Group

In this demonstration, you will see how to create a private cloud by using the Create Cloud Wizard.
Demonstration Steps
1.
2.
3.
4.
In the Virtual Machine Manager console, in VMs and Services, create a private cloud with the
following properties:
a.
Name: DemoCloud
b.
Description: Demonstration of creating a Cloud
c.
Resources: LocalGroup
d.
Logical Networks: Local Network
e.
Load Balancers: (none) Default
f.
VIP Templates: (none) Default
g.
Port Classifications: Select the following:
Host management
Guest Dynamic IP
High bandwidth
Medium bandwidth
Low bandwidth
h.
Storage: Local Storage
i.
Library: Select the Stored VM path: \\lon-host1.adatum.com\Host1Library\
j.
Capacity: Make the following changes:
Memory: 8 GB
Storage: 1,000 GB
Virtual machines: 3
Capability Profiles: Hyper-V
5.
Review the various Create Cloud Wizard pages, and review the different items and selections as you
complete the wizard.
6.
On the Summary page, use the View Script button to review the Windows PowerShell cmdlets. Do
not save the script.
7.
After DemoCloud is created, in the details pane, open and review the Overview information.
8.
Managing a Cloud
Chargeback and Governance of
Resource Usage
As more and more organizations decide to use

a private cloud model for IT delivery, business
units might opt to use pooled cloud resources
instead of purchasing dedicated resources for
their application. There is a risk that private cloud
consumers might continue to use IT services
as they have in the past; that is, they will
oversubscribe and underutilize the services. To
encourage conservation, System Center 2012 SP1
and System Center 2012 R2 provide a number of mechanisms for resource governance, including quotas,
leases, approvals, and chargeback. These provide both rules and incentives to encourage the
recommended behavior from cloud consumers.
Organizations can use the new chargeback capability introduced in System Center 2012 SP1 to
better measure and account for the allocation of virtual resources in their private cloud. Data center
administrators create a price sheet for resources in their data center, and then apply this price sheet to
one or more private clouds. A price sheet defines the fixed and variable costs for resources consumption,
such as virtual CPU cores, memory, and storage. Different clouds will have different SLAs, and IT can price
11-17
resources differently in their various private clouds to reflect this. As business units create Cloud Resource
Subscriptions to allocate capacity, VMM and Windows Server 2012 capture cost records in System Center
2012 Service Manager.
You can use the data center application management and System Center 2012 monitoring capabilities to
help provide a highly productive application and service experience to application owners.
System Center 2012 SP1 and System Center 2012 R2 provide application management across four key
private cloud capabilities:
Application Self-Service
Application Performance Monitoring
Governance, Resource Management and Chargeback
Management Across Clouds
Application Performance Monitoring
System Center 2012 SP1 and System Center 2012 R2 provide a complete monitoring solution covering
both the underlying infrastructure and all aspects of running applications. System Center 2012 SP1 and
System Center 2012 R2 monitor the performance of an application by tracking:
The infrastructure hosting the application. The physical components like network and storage, the
virtual platforms and the operating systems.
The server-side components of the application. The execution performance of the application inside
the service template.
The client-side components of the application. The end user experience.
A set of synthetic workloads designed to highlight failures in situations that might not otherwise be
caught.
Aggregating this information enables the data center administrator to build rich dashboards and
visualizations to quickly see how applications are performing against the defined service levels.
Administrators can delegate these dashboards to application owners and operators to give them
quick and detailed visibility of application performance and availability.
Global Service Monitor - Ensuring Applications Are Always Available
For organizations with Internet-facing applications, you should ensure that applications are always
available to customers. Global Service Monitor extends management and monitoring capabilities from
the on--premises data center into the public cloud. Global Service Monitor provides test agents that are
hosted in Windows Azure computer locations around the world. The test agents look back into the private
cloud environment and continuously monitor hosted applications. Global Service Monitor provides private
cloud administrators and application owners real-time visibility of the performance and availability of their
application from the Internet. Global Service Monitor provides a view of what customers see from more
than 20 locations around the globe.
Deleting a Cloud
Before you can delete a private cloud, you must ensure that the private cloud has no objects that
reference it, such as services, service deployment configurations, and deployed or stored virtual machines.
You should pay specific attention to any user roles that are assigned as part of a scope for that cloud. You
must remove any user roles associated with the private cloud that you wish to delete. This does not delete
the user role itself.
To remove a user role from a cloud:

1.
Open the Settings workspace.
2.
In the User Roles details pane, select the user role you want to remove.
3.
On the ribbon, click Properties.
4.
In the Properties dialog box, click the Scope workspace.
5.
In the Scope tree list, clear the cloud that you want to delete, and then click OK.
To delete a private cloud:
1.
Open the VMs and Services workspace.
2.
In the VMs and Services pane, expand Clouds. Locate and then click the private cloud that you want
to delete.
3.
On the Folder tab, click Delete.
4.
When you are prompted whether you want to remove the private cloud, click Yes.
5.
Open the Jobs workspace to view the job status.

Question: How does chargeback benefit application owners?
Lesson 3
Working With User Roles in Virtual Machine Manager
11-19
After installation, most products are available immediately to the administrator. However, you might need
to modify the systems default configuration to make it more usable for other users. As with any system,
you must implement security in VMM to lock down the functionality and to provide an audit trail for
security.
Configuring and enabling user roles in VMM is a relatively straightforward process, but it is a critical step
that you should consider carefully. Because you are enabling access to a virtual environment that many
users may use, you must plan user delegation to limit which actions users can perform. This lesson
provides details on how role-based security works in VMM, and how to implement user roles in VMM.
Lesson Objectives
Describe the roles available in VMM.
Describe the objects and actions that you can delegate.
Describe the different types of user role profiles.
Create a user role.
Connect to VMM by using different user roles.
Create and use a user role in VMM.
What Are User Roles in VMM?

You create user roles to address the various
and disparate needs of different business users
within an organization. A user role defines a set of
operations that you can perform on a selected set
of objects. A user role has several components,
which can vary according to the profile selected:
Profile. The profile of the user role determines

what actions members of the user role can
perform. This includes tasks such as starting
and stopping virtual machines, creating
checkpoints, and enabling remote control of
the virtual machines.
Members. The members list specifies the Active Directory Domain Services (AD DS) user accounts and
security groups that you assign to the role.
Scope. The scope outlines which objects the user can manage. You can limit the scope by using a
private cloud, and depending on the profile, host groups and library servers.
Cloud quotas. Depending on the profile, you can specify cloud resource usage at a particular level.
Permissions. Depending on the profile, you can assign detailed permission levels.
One of the main characteristic of the private cloud is self-service. Using self-service, end users can request
services in a controlled and guided manner. An automation process then either approves or denies the
request, and if approved, executes the request in a consistent and predictable way. You can ensure that
only certain people have the ability to place requests for particular offerings by using groups from AD DS.
Active Directory groups enable you to segregate roles, which you can then apply settings to, limiting the
types of services that users can request.
Additionally, you can use user roles to consider not only who is using resources, but also how and why
they are using the resource. By establishing user roles, you can predefine what you will allow users to
do based on business needs, and what you will not allow them to do based on security needs. After you
establish these user roles, you then add the Active Directory users or groups, depending on your needs.
A user can be a member of more than one user role, in which case VMM grants the user the rights
associated with all their roles. In some cases, you may need a different user profile with specific
permissions on a group of hosts or even a cloud. This type of object in the VMM is called a Run As
Profile, which is a service account that group members can use.
Objects and Actions that Can Be Delegated

When creating a user role, you can define which
objects in the VMM implementation the user role
can manage. The main objects that you can
delegate security for are:
Private clouds
Host groups
Library servers
Virtual machines
Note: The Administrator user role has

administrative access over the entire organization. You cannot modify this configuration.
A private cloud requires changes to the way that you manage information security. A private cloud can
host applications and services for multiple tenants. Although all of these tenants will belong to the same
organization, it is still necessary to maintain strict isolation between the virtualized private cloud resources
allocated to different tenants. By doing this, you maintain the confidentiality and integrity of the data
kept by the tenants in the private cloud.
The infrastructure of a private cloud is designed to maintain this isolation between virtual environments at
run time. However, you should monitor the environment for attempts to break through the isolation, or
for evidence that confidential information has been exposed or data tampered with.
Operational activities such as those that relate to service continuity, availability management, and incident
management may be designed to operate at the physical tier. An example of such an activity includes
detecting and replacing a faulty server. However, these operations must maintain the isolation between
different tenant's resources in the virtual environments in the cloud.
Private Clouds
The resources available in a private cloud are:
Virtual CPUs
Memory
Storage
Custom quotas (points)
Virtual machines
Data paths
The actions you can allow for these resources in a private cloud are to:
Author
Checkpoint (snapshots)
Checkpoint (restore only)
Deploy
Deploy (from template only)
Local Administrator
Pause and resume
Receive
Remote connection
Remove
Save
Share
Shut down
Start
Stop
Store
Host Groups
11-21
If you are delegated to a host group, you can administer hosts and virtual networks that are in the
assigned host groups. This includes virtual hard disks, virtual network adapters, SCSI adapters, and
anything configured on virtual machines within the hosts. This can be useful if you want to group hosts
based on your networks administrative areas. For example, you might choose to group Hyper-V hosts
based on the types of virtual machines that the servers host. This also can be useful if you group servers
based on physical office locations, and then delegate administration accordingly.
Library Servers
A library servers objects include virtual hard disks, virtual floppy disks, .iso image files, Windows
PowerShell scripts, Sysprep answer files, and VMware templates. These objects are stored in all library
shares on the library servers. You can delegate administrative control to each library server object. This
can be useful if you distribute library servers in multiple locations, and you want to ensure that local
administrators can work only with objects in the local library.
Virtual Machines
You can delegate permissions to virtual machines on a one-by-one basis. To enable users or groups to
manage a specific virtual machine, you can add the user or group as the virtual machine owner in the
VMM Administrator Console, or through the Self-Service Administration Portal site. You might choose to
delegate permissions at the virtual machine level if you want to restrict which virtual machines in a host
group that self-service users can manage.
User Role Profiles

Administrator User Role
The basic installation of VMM includes a default

Administrator user role. The Administrator role is
not a profile, but a preexisting user role. Members
of the Administrator role can perform all VMM
actions on all objects that the VMM server
manages. Members of the Administrator role can
create new Fabric (Delegated), and the following
user roles: Read-Only, Tenant and Application
(Self-Service), and Administrator. Only members
of the Administrator user role can add additional
members. Administrator role members, by default, include the domain user that performed the VMM
installation, the VMM Server Computer account, and members of the servers local Administrators group.
Administrators are responsible for the following VMM features:
Only administrators can add stand-alone Citrix XenServer hosts and Citrix XenServer clusters (known
as pools) to VMM management.
Only administrators can add a Windows Server Update Services (WSUS) server to VMM, which enables
VMM fabric updates through VMM.
Profiles
You can create user roles by assigning one of four types of user role profiles in VMM:
Fabric Administrator
Read-Only Administrator
Tenant Administrator
Application Administrator
Fabric Administrator Role
Members of the Fabric Administrator role have similar rights as the Administrator role. They can perform
all administrative tasks within their assigned host groups, clouds, and library servers, except for adding
Citrix XenServer and adding WSUS servers. The main difference between the two roles is that the Fabric
Administrator role cannot modify global VMM settings, or add or remove Administrator role members. In
addition, while the scope for the Administrator role is always the entire organization. you can limit the
scope of the Fabric Administrator role.
In System Center VMM 2008, the Fabric Administrator role was known as the Delegated Administrator
role. This name may still show up in technical references
Read-Only Administrator Role
Read-only administrators can view properties, status, and job status of objects within their assigned host
groups, clouds, and library servers. However, they cannot modify objects. In addition, the read-only
administrator can view only the Run As accounts that administrators or delegated administrators have
specified for that read-only administrator user role.
Tenant Administrator Role
11-23
In System Center 2012 SP1 VMM and newer editions, you can create Tenant Administrator user roles.
Members of the Tenant Administrator user role can manage self-service users and virtual machine
networks. Tenant administrators can create, deploy, and manage their own virtual machines and services
by using the VMM console or a web portal. Tenant administrators can also specify which tasks the selfservice users can perform on their virtual machines and services. Tenant administrators can place quotas
on computing resources and virtual machines.
Application Administrator (Self-Service User) Role
Members of the self-service user role can manage their own virtual machines within a restricted
environment. A self-service user role specifies the operations that members can perform on virtual
machines. You also can place a quota on the self-service user role, subsequently limiting the number
virtual machines that a user can deploy at any one time. This quota can be useful when allowing testing
teams to create workstations and servers. As an example, a server might have a quota of 10 points and
a workstation might have a quota of 1 point, with the user being allowed a total of 25 quota points.
Note: In System Center VMM 2008 and older VMM versions, the Application Administrator
role was known as the Self-Service User role. This name may still show up in technical references.
Creating a User Role

To configure a user role, you must run the Create
User Role Wizard in the VMM console. The
options that are available when you run the
wizard depend on the type of user role that you
are creating.
Note: When you run the Create User
Role Wizard, you can create only Delegated
Administrator and Self-Service User roles. You
cannot create additional Administrator user roles,
although you can add members to the default
Administrators user role.
When using the Create User Role Wizard, complete the following steps to create a user role:
1.
Start the Create User Role Wizard.
2.
Name the user role, and provide a description. When given a choice about what type of user role you
want to create, select the user role type.
3.
If you choose to create a Fabric or Read-Only Administrator role, provide the following information:
a.
Members. You can add Active Directory user or group accounts to the user role. (You do not
need to add members to the user role when you create it. You can do this later.)
Note: As a best practice, you should avoid adding user accounts directly to the user roles.
Use Active Directory groups instead.
4.
b.
Scope. You can specify the private cloud and host groups that the delegated administrator can
administer. By default, no objects are selected. When you select an option, the administrator
receives permissions for all child objects. For example, if you grant a fabric administrator
permission to a host group, the administrator can manage all hosts and virtual machines within
the host group.
c.
Library servers. Each member of this user role can use only the library servers that you specify.
d.
Run As accounts. Each member of this user role can use only the Run As accounts that you
specify. (A Run As account is a container for a set of stored credentials.) Only administrators and
fabric administrators can create and manage Run As accounts. Read-only administrators can see
only the account names associated with Run As accounts that are in the scope of their user role.
If you choose to create a Tenant or Application User role, you will need to provide the following
information as you complete the wizard:
a.
Members. You can add Active Directory user or group accounts to the user role. (You do not
need to add members to the user role when you create it. You can do this later.)
b.
Scope. The scope of the user role determines the objects on which the member of user role can
perform actions. For the Tenant and Application Administrator profile, you only can specify a
private cloud in their scope page. If no private cloud exists then the user role cannot perform
actions.
c.
Quotas for the cloud name cloud. This setting is only for Tenant Administrators. Once you create
a private cloud, you can specify whether it can use the maximum of any or all resources, or a
subset of those resources, by setting a quota for the various resources. When you create a user
role, you have the ability to further set limits on the resources for the specified private cloud. You
can first set quotas at the root level, which will set all members of the role to the same standard.
Next, you can set quotas at the member level, which means that each member of this user role
has the same standard.
d.
Networking. Each member of this user role can use only the specified virtual machine networks.
The administrator creating this user role can either select an existing virtual machine network, or
create a new one.
e.
Resources. By default, users cannot save virtual machines in a library, and cannot connect the
.iso files in the library to virtual machines. If you enable this option, you can limit user access to
specific shared folders in the library of your choice. You can also choose whether users can use
only the resources that you specify. To do this, you establish a user role data path, which is path
to the library that you choose. This path enables the user role members to store virtual machines
in the designated library share. It also determines whether users can access the .iso files stored in
that specific library.
f.
Permissions. You can enable the user role to have a wide variety of permissions globally or on a
private cloud, or you can apply more restrictive permissions that limit the actions that the user
can perform. For example, you can enable users to start and shut down virtual machines, but can
prevent them from creating checkpoints or stopping the virtual machines. You also can choose
whether users can create their own virtual machines.
Connecting to VMM by Using Various User Roles

Beginning with System Center 2008 VMM,
VMM implemented role-based security to provide
finer control over what users can do within the
virtualized environment. RBAC is access that is
based on assigning user roles. For each user role
that you create, you configure the actions that
members of that user role can perform, and
you restrict the objects that members of the user
role can manage. This security model supports
delegated administration, which was not available
in System Center 2007 VMM. Self-service user
roles replace the self-service policies that were
used to administer virtual machine self-service in System Center 2007 VMM.
11-25
In RBAC, dynamic collections of object instances (such as hosts or virtual machines), determine the
available targets for a particular operation that a user performs. For example, when a user with a specific
user role attempts to start a virtual machine, VMM first checks whether the user role has permission to
perform the Start action on virtual machines. VMM then verifies that the user role has the right to start
the selected virtual machine.
The objects in RBAC are hierarchical. Providing access to a particular instance provides access to all
instances contained in that instance. For example, providing access to a host group provides access to all
hosts within the host group and to all virtual networks on the hosts.
System Center 2012 VMM adds private cloud management capabilities to the Fabric Administrator user
roles, and enhances the capabilities granted to Application user roles.
In addition to using the Create User Role Wizard, you can create and manage user roles by using
Windows PowerShell:
To create a new user role, use the New-SCUserRole cmdlet.
To update user roles, use the Set-SCUserRole cmdlet.
To get information about the user roles for a specified user, use the Get-SCUserRoleMembership
cmdlet.
Demonstration: Creating and Using a VMM User Role

In this demonstration, you will see how to create a user role by using the Create User Roles Wizard.
Demonstration Steps
1.
2.
On the desktop, on the taskbar, click the Virtual Machine Manager console icon.
3.
4.
In the Virtual Machine Manager console, in the lower left Workspace area, click Settings. In the
Settings console tree, click the User Roles node.
5.
Review all of the icons and buttons on the ribbon.
6.
On the ribbon, click the Create User Role icon. Create a User Role named DemoRole, with a
description of User role created for demonstration. Choose the profile Fabric Administrator
(Delegated Administrator).
7.
Add the ADATUM\IT Active Directory domain group as Members, and the DemoCloud and
LocalGroup as the scope.
8.
Select host1.adatum.com as a library server.
9.
On the Summary page, review the Windows PowerShell cmdlets but do not save them. Finally, create
the user role.
10. After the DemoRole is created, review the properties.

11. Close the Virtual Machine Manager console.
Lab: Managing Clouds in Microsoft System Center 2012

R2 Virtual Machine Manager
Scenario
11-27
A. Datum Corporation has finished deploying the core features in VMM. At this point, only the main office
and branch office server administrators can manage the virtual servers and hosts. Several business groups
have requested that they manage their own virtual machines. These business groups want the flexibility to
create and manage their own virtual machines, rather than waiting for a server administrator to do this for
them.
Although IT management would like to enable business groups to manage their own virtual machines,
they are concerned about the impact to the rest of the virtualization environment. You need to
implement a solution that will enable this functionality, but also limit the impact that any business group
can have on the rest of the infrastructure. You will implement this solution by creating private clouds
within VMM.
Objectives
Create a private cloud by using VMM.
Create and manage user roles.
Deploy virtual machines to a private cloud.
Lab Setup
Virtual machines: 20409B-LON-HOST1, 20409B-LON-DC1, 20409B-LON-VMM1, 20409B-LON-CL1
Password: Pa$$w0rd
1.
On the host computer (LON-HOST1), start Hyper-V Manager.
2.
seconds.
3.
4.
5.
Password: Pa$$w0rd
Domain: Adatum
Repeat step 3 for 20409B-LON-CL1. Do not sign in until directed to do so.
Exercise 1: Creating a Private Cloud

Scenario
In this exercise, students will review supporting documentation, and will create a cloud based on a host
group and explore its properties.
Email
From: Ed Meadows
To: IT department
Subject: Test of Adatum private cloud
1.
Now that we have our VMM infrastructure in place, I would like to see you implement business unit
access to the private cloud.
2.
Both the Development and Research departments of A Datum should have ability to create and
manage virtual machines and other resources for testing purposes.
3.
Please create private cloud space for these departments, and that ensure their personnel can create
virtual machines, use them, and then delete them within their own private cloud.
4.
As discussed in our meeting on Tuesday, we need to ensure that our available resources are not
overwhelmed, so consider limiting the total number of virtual machines and the resources devoted to
these departments within each cloud. However, Id like you to test it by letting them create only one
virtual machine, and then do further testing to ensure that they cannot create another by further
testing.
Ed Meadows, CTO, Adatum

1.
Review the scenario and the email from Ed Meadows, and then answer the questions.
2.
Create the Development private cloud.
3.
Create the Research private cloud.
Task 1: Review the scenario and the email from Ed Meadows, and then answer the
questions
Review the scenario and the email from Ed Meadows, and then answer the following questions:
1.
How many private clouds do you need to create?
2.
How many user roles should you create?
3.
How will you fulfill the requirement to ensure the resources are not overwhelmed?
Task 2: Create the Development private cloud

1.
2.
3.
4.
In the Virtual Machine Manager console, in VMs and Services, create a cloud with the following
properties:
a.
Name: DevCloud
b.
Description: Cloud for the Development Department.
c.
d.
Logical Networks: External Network
e.
f.
g.
Port Classifications:
Host management
Guest Dynamic IP
High bandwidth
Medium bandwidth
Low bandwidth
h.
Storage: Local Storage
i.
Library: (none) Default
j.
k.
5.
Memory: 8 GB
Storage: 1,000 GB
Virtual machines: 3
11-29
After DevCloud is created, click and then review the Overview information in the details pane. Verify
that the capacity settings match the values that you set in the wizard.
Task 3: Create the Research private cloud
In the Virtual Machine Manager console, in VMs and Services, create a cloud with the following
properties:
a.
Name: ResCloud
b.
Description: Cloud for the Research Department
c.
d.
Logical Networks: External Network
e.
f.
g.
Port Classifications:
Host management
Guest Dynamic IP
High bandwidth
Medium bandwidth
Low bandwidth
h.
Storage: Select Local Storage
i.
Library: (none) Default
j.
6.
Virtual CPUs: 2
Memory: 8GB
Storage: 1,000GB
Virtual machines: 3.
After ResCloud is created, click and then review the Overview information in the details pane. Verify
that the capacity settings match the values that you entered in the wizard.
Results: After completing this exercise, you should have created a private cloud based in a host group,
and you should have reviewed its properties.
Exercise 2: Working With User Roles

Scenario
In this exercise, students will create the user roles Read-Only Administrator and Application Administrator.
They also will explore different configuration options, and then connect to VMM as a member of different
roles to confirm which actions they can perform.
1.
Create the Development department user role.
2.
Create the Research department user role.
Task 1: Create the Development department user role

1.
In the Virtual Machine Manager console, in the lower-left workspace, click Settings.
2.
In the console tree, click the User Roles node.
3.
Use the Create User Role button to create a User Role named DevRole, with a description of User
role created for the Development Department. Choose the profile Application (Self-Service
User) Administrator.
4.
Add the ADATUM\Development Active Directory domain group as members.
5.
On the Scope page, select the DevCloud check box.
6.
On the Quotas for the DevCloud cloud page, in the Member level quotas section, clear the Use
Maximum column check box in the Virtual Machines row, and then in the Assigned Quota column,
type 1.
7.
On the Networking page, select the External network.
8.
On the Resource page, in the Specify user role data path, click MSSCVMMLibrary.
9.
On the Permissions page, under the Name column, select all check boxes except for Receive and
Share.
10. On the Summary page, create the User Role.
Task 2: Create the Research department user role
11-31
1.
In the Virtual Machine Manager console, in the lower left Workspace, click Settings.
2.
In the Settings console tree, click User Roles.
3.
Use the Create User Role button to create a user role named ResearchRole, with a description of
User role created for the Research Department.
4.
Choose the profile Application (Self-Service User) Administrator.
5.
Add the ADATUM\Research Active Directory domain group as members.
6.
On the Scope page, select the ResCloud check box.
7.
On the Quotas for the ResCloud cloud page, in the Member level quotas section, in the Virtual
Machines row, clear the Use Maximum column check box, and then in the Assigned Quota
column, type 1.
8.
On the Networking page, click External network.
9.
On the Resource page, in the Specify user role data path, select the Host1Library.
10. On the Permissions page, under the Name column, select all check boxes except the Receive and
Share check boxes.
11. On the Summary page, create the user role.
12. In the Settings console tree, in the Security node, under User Roles, verify that the ResearchRole
object displays in the User Roles details pane.
13. Click the ResearchRole object, and then on the ribbon, click the Properties button.
14. In the ResearchRole Properties dialog box, review the various properties, and then click Cancel.
Results: After completing this exercise, you should have created several user roles, explored different
configuration options, and then connected VMM as a member of different roles to confirm which actions
they can perform.
Exercise 3: Deploying Virtual Machines to a Private Cloud

Scenario
In this exercise students, will deploy to a private cloud, a virtual machine that is based on the existing
virtual machine template.
1.
Use the Virtual Machine Manager console on LON-CL1 to create virtual machines as a Development
department user.
2.
Use the Virtual Machine Manager console on LON-CL1 to create virtual machines as a Research
department user.
Task 1: Use the Virtual Machine Manager console on LON-CL1 to create virtual
machines as a Development department User
1.
Sign in to LON-CL1 as adatum\ben with a password of Pa$$w0rd. You may have to wait a moment
while the users profile is created.
2.
Navigate to the Apps by name start screen, and pin the Virtual Machine Manager Console tile to
the desktop taskbar.
3.
4.
In the Connect to Server pop-up, change the Server name to LON-VMM1.adatum.com.
5.
In the VMs and Services workspace, click DevCloud.
6.
Create a virtual machine with the following properties on these pages:

a.
Select Source: Create the new virtual machine with a blank virtual hard disk
b.
Identity:
Name: 1stDevCloudVM
Description: First virtual machine in the DevCloud
c.
Configure Hardware: select the Hyper-V check box
d.
Select Destinations: Deploy the virtual machine to a private cloud
e.
Select Cloud: DevCloud
f.
Add Properties: default (no change)
g.
Summary: Create
7.
Verify that 1stDevCloudVM now displays in the DevCloud VMs details pane.
8.
Attempt to make another virtual machine, using step 6 above, but change the name to
2ndDevCloudVM and the description to Second virtual machine in the DevCloud.
9.
The task will fail at step 6e.
10. On Ratings Explanation tab, note the line that says, The operation results in a violation of the
virtual machine count quota for the private cloud.
11. With the DevCloud selected, right-click 1stDevCloudVM, and then click Delete. When a
confirmation pop-up displays ,click Yes.
12. Close the Virtual Machine Manager console, and sign out of LON-CL1.
machines as a Research department user
1.
Sign in to LON-CL1 as adatum\hani with a password of Pa$$w0rd. You may have to wait a moment
2.
Navigate to the Apps by name start screen, and pin the Virtual Machine Manager console tile to
the desktop taskbar.
3.
Start the Virtual Machine Manager Console.
4.
In the Connect to Server pop-up, change the Server name to LON-VMM1.adatum.com.
5.
In the VMs and Services workspace, select ResCloud.
6.
Create a virtual machine with the following properties on these pages:

a.
Select Source: Create the new virtual machine with a blank virtual hard disk
b.
Identity:
Name: 1stResCloudVM
Description: First virtual machine in the ResCloud
c.
Configure Hardware: Select the Hyper-V check box.
d.
Select Destinations: Deploy the virtual machine to a private cloud
e.
Select Cloud: ResCloud
f.
Add Properties: default (no change)
g.
Summary: Create
11-33
7.
Observe that 1stResCloudVM now displays in ResCloud VMs details pane.
8.
Attempt to make another virtual machine, using step 6 above, but change the name to
2ndResCloudVM and the description to Second virtual machine in the ResCloud.
9.
The task will fail at step 6e. On the Ratings Explanation tab, note the line that says, The operation
results in a violation of the virtual machine count quota for the private cloud.
10. With the ResCloud selected, right-click 1stResCloudVM, and then click Delete. When the
confirmation pop-up displays, click Yes.
11. Close the Virtual Machine Manager console and sign off LON-CL1.
Results: After completing this exercise, you should have used the VMM console to create virtual machines
as a Development department user, and as a research department user.

Review Questions
Question: What is the main difference between private clouds and set of virtual machines
that users can access and administer?
Question: What considerations do you need to make before you delete a private cloud?
Question: You need to allow non-IT users to make their own virtual machines, but host
server space is limited. What would be the appropriate user role profile to use, and what
specific settings should you set?
Tools
Use the Create Cloud Wizard to create a private cloud in VMM 2012.
Use the Create User Roles Wizard to create collections of users that can be assigned permissions to all
or some private clouds, and select permission to what can be done by the user role on resources in
that private cloud.
Use System Center 2012 - App Controller to provide a common self-service experience that can help
you configure, deploy, and manage virtual machines and services across private and public clouds.

Common Issue
A user cannot create a virtual machine in a
specific cloud.
You cannot delete a cloud because it has

virtual machines that you want to keep.
You have set the quotas for a particular

cloud, and the self-service users have
consumed them all, but need to use more.
You have added a new host, but they still
cannot create more virtual machines.
Troubleshooting Tip

12-1
Module 12
Managing Services in Microsoft System Center 2012 R2
Contents:
Module Overview
12-1
Lesson 1: Understanding Services in VMM
12-2
Lesson 2: Creating and Managing Services in VMM
12-9
Lesson 3: Using App Controller
12-16
Lab: Managing Services in Microsoft System Center 2012 R2

12-24
12-30
Module Overview
Deploying services in the private or public cloud environment is key to managing your cloud
environment. Microsoft System Center 2012 R2 Virtual Machine Manager (VMM) introduces several
new tools for creating, managing, and deploying services in your cloud environment. These new tools
integrate with System Center 2012 R2 App Controller (App Controller), which end users can use to
deploy services for their own use. In this module, you will learn about VMM services and managing
services by using VMM. You will also see how you can configure and deploy both services and the servicemanagement feature. You will see how to use App Controller to configure, deploy, visualize, and update
multitier application components in the context of holistic service delivered to a business. You will also
learn how service consumers can view all the applications for which they are responsible in one window.
Objectives
Explain the purpose and functionality of a service.
Create and manage services in VMM.
Describe how to use App Controller.
Lesson 1
Understanding Services in VMM
12-2 Managing Services in Microsoft System Center 2012 R2 Virtual Machine Manager and App Controller
One of the most important tasks in cloud technology is deploying and managing services in the private or
public cloud environment. VMM includes several new tools that you can use for creating, managing, and
deploying services. These new tools integrate with App Controller, which end users can use to deploy
services for their own use. In this lesson, you will learn about services and service management in VMM,
and you will see how you can configure and deploy them.
Lesson Objectives
Explain the purpose and functionality of a service.
Describe a service template.
Describe the components and configuration settings of a service template.
Explain how to create and manage a service and a service template.
Describe common scenarios for creating and deploying services.
What Is a Service?
Services are a new concept in VMM. Therefore,
it is very important that you understand
services fully before deploying a private cloud
infrastructure. The concept of a service in VMM
differs from traditional service scenarios.
Traditional Services Scenario
Services usually refer to an application or set

of applications that provide some service to
end users. For example, you can deploy various
types of web-based services, but you can also
implement a service such as email. In a noncloud
computing scenario, deploying any type of service
usually requires that users, developers, and administrators work together through the phases of creating a
service, deploying a service, testing the service, and maintaining the service.
A service often includes several computers that must work together to provide a service to end users.
For example, a web-based service is usually an application that deploys on a web server, connects to a
database server (which can be hosted on another machine), and performs authentication on an Active
Directory domain controller. Enabling this application requires three different roles, and possibly
three different computers: a web server, a database server, and a domain controller. Deploying a test
environment for a service such as this can consume time and resources. Ideally, developers work with
IT administrators to create an environment where they can deploy and test their web application.
Concept of a Service in a Private Cloud Scenario

With the concept of a private cloud, how you manage services and service-related tasks can change
significantly. In a private cloud, you can prepare the environment for a service, and then let developers
deploy the service by using a self-service application such as App Controller.
12-3
In VMM, a service is a set of one or more virtual machines that you deploy and manage together as a
single entity. You configure these machines to run together to provide a service. In VMM 2008, users were
able to deploy new virtual machines by using the Virtual Machine Manager Self-Service Portal. System
Center 2012 VMM enhances this feature to allow users to deploy new services. In System Center 2012
Service Pack 1 (SP1) VMM, the functionality of the Self-Service Portal is in the System Center 2012 App
Controller, which also can deploy services. By deploying a service, users actually are deploying the entire
infrastructure, including the virtual machines, network connections, and applications that make the service
work. However, you can use services to deploy only a single virtual machine without any specific purpose.
You now can use App Controller to create a service that will deploy a virtual machine that is joined to a
domain. That virtual machine could have several roles and features preinstalled, such as Windows Server
2008 R2. This simplifies the process of creating and updating new virtual machines. You also can deploy
sets of preinstalled virtual machines that work together to support a distributed application, such as a web
application.
What Is a Service Template?

Deploying a new service requires a high level of
automation and predefined components, and
requires management software support. VMM
provides service templates for this purpose. A
service template is a template that encapsulates
everything required to deploy and run a new
instance of an application. Just as private cloud
users can create new virtual machines on demand,
users can also use service templates to install and
start new applications on demand.
A service template provides the foundation for

deploying a virtual machine and using a different
profile to configure instances that the profile settings define. A service is a set of virtual machines that
you configure and deploy together to support specific infrastructure requirements. For example, you may
have a multitier web-based application that requires a Microsoft SQL Server database. A service template
gathers all of the configuration settings into a single managed entity for the multiple servers. You can only
configure and deploy a virtual machine with SQL Server when you deploy the application as a service.
Process for Deploying a New Service
When using service templates in VMM, the process of deploying a new service or application is as follows:
1.
The system administrator creates and configures service templates in VMM by using Service Template
Designer.
2.
The application owner, such as a developer who needs to deploy the application environment,
opens the App Controller portal, and requests a new service deployment based on available service
templates that he or she can access. The user can then deploy the service to a private cloud where a
user has access. As an alternative to App Controller, the user also can use the VMM console.
3.
A request is submitted and the VMM management server evaluates the request. VMM searches for
available resources in the private cloud, then calculates the user quota, and verifies that the cloud is
capable for the requested service deployment.
4.
VMM creates the service automatically, and then deploys the virtual machines and applications (if
any) on the host that it chooses.
5.
The application owner gains control over service virtual machines through the App Controller portal,
or by Remote Desktop Protocol (RDP).
If there is a need for manual approval for resource creation, you can use Microsoft System Center 2012 Service Manager to create workflows for this purpose.
Information Included in the Service Template
The service template includes information about the virtual machines that VMM deploys as part of
the service. The service template also includes which applications to install on the virtual machines,
and the networking configuration that the service requires, including the use of a load balancer. The
service template also can make use of existing virtual machine templates. While you can define the
service without using any existing virtual machine templates, it is much easier to build a template if you
create the virtual machine templates first. After creating the service template, you can configure it for
deployment by using the Configure Deployment option.
Common Scenarios for Using Services

Several typical situations exist in which you might
use services. Most organizations incorporate some
of these scenarios, and perhaps all of them. The
following section describes the usefulness of these
common scenarios and their requirements:
Deploy a virtual machine with Windows

Server roles or features installed. There are
many reasons why an organization might
benefit from this deployment type. It is
relatively simple and straightforward and has
been a common practice with physical servers
for many years. In this deployment scenario,
you automate most of the manual steps by having a guest operating system profile that details the
steps. You would install a virtual machine with at least the Windows Server 2008 R2 operating system
or newer. Because these systems might be providing some type of service to multiple users, you
would want to ensure they are member servers in a domain. Next, you would create a guest
operating-system profile that lists the roles and or features that you want to install.
Deploy an updated version of the guest operating system, such as the latest service pack, to a
virtual machine. Most software companies update their products regularly to include hardware
improvements and enhanced security features that can counter increasingly sophisticated security
threats. For example, over the past decade, Microsoft has released several versions of Windows Server,
starting with Windows Server 2003 through Windows Server 2012 R2. In such cases, you would create
a new virtual hard disk with the updated operating system, and then create an updated service
template. You then would deploy the new virtual machine with the updated settings.
Deploy a Microsoft Server Application Virtualization (Server App-V) application. A Server App-V
application is an image of an application that you can load to a virtual machine without having to
install it as a local application. Because you are not installing an application locally, you can have
different versions of the same application running on the same virtual machine, such as different
versions of a web application.
12-5
You use Server App-V to create virtual application packages that you can deploy to computers that
are running a Windows Server operating system and have the Server App-V agent installed. You
create virtual application packages by sequencing the application using Server App-V. You then
create an application profile and add it to a service template, which can then deploy out the
application.
Deploy an instance of SQL Server to a virtual machine. Many web-based applications and multitier
services use SQL Server for database functionality. You often have to deploy database applications to
support virtualized services within the private cloud. You can use a SQL Server profile as a building
block for deploying instances of SQL Server onto virtual machines. You first create a virtual hard disk
that contains a sysprepped version (prepared instance) of SQL Server. From this virtual hard disk, you
will create a SQL Server profile that contains instructions for customizing an instance of SQL Server for
a SQL Server data-tier application. You then can deploy this instance to a virtual machine as part of a
service.
For more information about these common scenarios, refer to:

Common Scenarios for Services
Service Template Components

Application Profiles
When you deploy a virtual machine as part of a
service, application profiles provide configuration
instructions for installing specific application
types. Application profiles support the following
application types:
SQL Server data-tier applications (DACs)
Server App-V applications
Web applications
Scripts
Hardware Profiles
A hardware profile contains specifications for various hardware components such as the number of
processors, memory allocation, integrated drive electronics (IDE) devices, small computer system interface
(SCSI) adapter configurations, and network adapter configurations. Although, you can deploy a virtual
machine without a hardware profile, using a hardware profile in conjunction with a virtual machine
template ensures that your virtual machine deployment uses a consistent hardware configuration.
Physical Computer Profiles
Physical computer profiles replace host profiles in System Center 2012 R2 VMM. Similar to a host profile,
you can use physical computer profiles to provision a Microsoft Hyper-V host system. You can create
and store one or more physical computer profiles within the Virtual Machine Manager library. You create
a physical computer profile using the New Physical Computer Profile Wizard. The physical computer
profile contains various settings such as what operating system .vhdx file to use, hardware configurations,
operating system configurations, and virtual machine placement paths for default locations in which to
store virtual machines. Note that you do not use a physical computer profile to create a virtual machine
template, because physical computer profiles specify settings for a physical host, not a virtual machine.
Guest OS Profiles
In the virtual machine template, you can configure the guest operating system profile settings manually,
or you can import settings from a preconfigured guest OS profile. If you do not need to customize the
operating system, you can select None customization not required.
Note: If you choose not to include a guest OS profile in the virtual machine template, VMM
removes all other application and SQL Server profile settings so that they are not available for
configuration in the virtual machine template.
SQL Server Profile

The SQL Server profile contains a number of configuration settings, such as the instance name and ID,
product key, media source, SQL Server administrators, and service account designations.
VM Template
When you create a new virtual machine, either you can derive the source of the new virtual machine from
an existing virtual machine or hard disk, or you can base the new virtual machine on a VM template. If
you use a stored virtual machine or a virtual hard disk, you can only customize the hardware settings;
there is no option for adding additional information such as the operating system configuration or
applications.
A VM template provides additional flexibility and efficiency for virtual machine deployment. The
advantages of using a VM template include the following:
You can configure hardware, operating system, applications, and SQL Server specifications.
You can use them to create new virtual machines or service templates.
You can share them with self-service users or roles to provide a consistent virtual machine
deployment process.
Each service template that you create in VMM has several settings that you can configure. You access
these settings by opening the Properties dialog box of the service template that you are creating.
The following list provides explanations for the most important service template settings:
Name. Specify the name for the service template. This name will appear in the virtual machine and in
the Services workspace. Additionally, this is the name that self-service users will see, so use descriptive
names.
Release. Specify a value that indicates the service templates version. The release value is important
when you update a service. The release value helps you to identify the version of the service template.
Each time you create a service template and make a deployment based on the template, you can
make no further changes to it. If you want to make changes, you must first create a new version.
Dependencies. Specify the location in which you can view objects that derive from a specific service
template, and library resources that the template references. You cannot make any changes here.
Access. Define the service templates owner. You also can list self-service users that can use this
service template to deploy a service. If you want to provide self-service users with the ability to
deploy services by using the VMM console or by using App Controller, you must add them to the
access list for the service template.
You should configure all service template settings before you begin deploying services from a specific
template.
Service Life Cycle Management

Services always link to the service templates
from which they were created. If you have
a central location that contains the service
templates and their core settings, you have less of
a chance of different instances straying from the
desired configuration those settings represent.
Occasionally, you or application users will need
to update the deployed service instances and
perhaps scale out those services to additional
users. At that point, you will need to create a new
version of the service template, associate it with a
running instance, and then update the instance
with the updated template.
Why Use Services?
12-7
1.
You can use services to model and manage multitier applications as a single unit across a group of
virtual machines.
2.
By enabling automatic scale-out, you can manage application peak loads easily by adding more
virtual machines to run an application as load increases. You also can add virtual machines manually.
3.
You can create operating-system images and applications dynamically when you deploy them, as
necessary. This means that deployment consumes fewer resources unless they are necessary at a
specific moment.
4.
Application administrators can change service instances dynamically by updating the service template
as necessary.
Service Life Cycle Management

When working with a typical VMM service-management life cycle, you:
1.
Start by creating a service template. To do so, you create a number of profiles based on different
hardware and service elements, and then join these together to make a virtual machine template.
2.
Use the virtual machine template to create a service template from which VMM can derive service
instances.
3.
Can preview and customize the template before you deploy.
4.
Can deploy the template once it meets your satisfaction.
Deploying the template makes it available to application users who can create their own service instances.
At this point, an organization is using a service. This would be part of normal operations, which can
continue for months or even years. The organization benefits from the speed with which it can deploy a
service and that services dependability.
At some point, modifications may be necessary. Perhaps you no longer need a running service, or you
require a new version. When this happens, you can update the service. To update a service, you update
the template by reconfiguring the service instance with the new requirements. You then change or update
the profiles, and repackage them into an updates template, from which you can redeploy the service until
the next update occurs.
For example, suppose your organization wants to promote its products up to, and cumulating with, an
advertisement during a global sporting event. You might announce a website to which customers can
navigate to enter a prize drawing, but only during that specific sporting event. Your organization would
expect to get millions of visits to that webpage during the event, but very few, if any, after. Therefore, you
could use a service for this promotion. Once the event is complete, you could turn off the service and
delete the service template.
Lesson 2
Creating and Managing Services in VMM
12-9
Services are essentially a set of virtual machines that you configure and deploy together and then
manage as a single entity. You can create and modify service templates that allow this deployment and
management. Additionally, System Center 2012 VMM introduces the Service Template Designer that
offers a graphical management tool to create and configure virtual machine templates. In addition, you
might want to change the scale of a service, update a service, or even import a service template into
another VMM infrastructure.
In this lesson, you will focus on creating service templates and deploying them out as services, including
virtual machines.
Lesson Objectives
Explain how to create a service template.
Describe how to configure service template properties.
Work with the Service Designer.
Describe how to create deployment configuration for services.
Deploy a service.
Describe how to scale out a service.
Describe how to update a service.
Describe how to export and import service templates.
Creating a Service Template

In the VMM console, you use the Service Template
Designer to create a service template, which
defines the configuration of the service. When
you start the Service Template Designer, few
preconfigured patterns will be available. However,
you can create additional templates by modifying
the Blank pattern, or by selecting either the Single
Machine pattern, the Two-tier Application pattern,
or the Three-tier Application pattern. Deploying
tiers actually defines levels of your application. For
example, one tier of your application can be a
web server (or servers), while a second tier could
be database servers.
A tier is not the equivalent of a virtual machine. A tieror more specifically, a machine tiercontains one
or more virtual machines of an identical type. When you create a tier, you specify the default, minimum,
and maximum values for the number of virtual machine instances that you will allow in in the tier. You
also can add a virtual IP load balancer to a tier that has virtual machines with services that need load
balancing. By creating tiers, you define levels on which your application is working.
The simplest way to add a tier is to use the Service Template Designer. In the Service Template Designer,
a list of available virtual machine templates displays in the left pane. Select the virtual machine template
that you want to use to create a tier, and then drag the virtual machine template on to the canvas. Service
Template Designer then creates the tier using the properties of the virtual machine template that you
selected.
For each tier that you have in your service template, you can configure options such as name, scale-out
capabilities, hardware configuration, operating system configuration, and application configuration. If
you created a service template with a pattern that creates default tiers for you, you can drag the virtual
machine template on to one of those default tiers. The service template then configures the tier with its
properties. Additionally, you can add tiers.
However, be aware that the service template does not create a link or relationship between the virtual
machine template and the tier that you create. Any subsequent changes that you make to the virtual
machine template in VMM do not propagate to the tier in the service template. Furthermore, any
configuration settings that you make to the tier do not propagate to the virtual machine template. The
virtual machine template that you drag to the tier in the Service Template Designer provides you with a
configuration template that you can modify. However, it establishes no permanent connection between
the virtual machine template, tier, or service template.
Configuring Service Template Properties

Each service template that you create in VMM
has several settings that you can configure by
accessing the Properties dialog box of the service
template that you are creating.
The following list describes the most important
service template properties that you can
configure:
Name. Specify the name for the service

template. This name will appear in the virtual
machine and Services workspace. This also is
the name that self-service users will see, so
use descriptive names.
Release. Specify a value that indicates the service templates version. The release value is important
when you update a service, because it identifies the version of the service template. Each time you
create a service template, and perform a deployment based on that template, you can make no
further changes to it. If you want to make changes, you must first create a new version.
Dependencies. Specify the location at which you can view objects that derive from a specific service
template, and library resources that the template references. You cannot make any changes here.
Access. Specify the templates owner. You also can list self-service users that can use this service
template to deploy a service. If you want to allow self-service users to deploy services by using the
VMM console, or by using App Controller, you must add them to the service templates access list.
We recommend that you configure all service template settings before you begin deploying services
based on that template.
Demonstration: Working with Service Designer

In this demonstration, you will see how to work with Service Designer.
Demonstration Steps
12-11
1.
Sign in to LON-VMM1 as adatum\administrator with the password Pa$$w0rd.
2.
Open the Virtual Machine Manager console.
3.
In the Virtual Machine Manager console, click the Create Service Template icon, and then create a
service template with the following properties:
a.
General page:
b.
Name: DemoServiceVM
Hardware Configuration page:
Select a virtual hard disk: SmallCore.vhd
Network Adapter 1 (Legacy) details pane: Connected to a VM network: External Network.
c.
Operating System Configuration: In the Operating system drop-down list, click 64-bit
edition of Windows Server 2012 Standard.
d.
Application Configuration: Click None do not install any applications.
e.
SQL Server Configuration: Accept the defaults (None).
f.
Custom Properties: Accept the defaults.
g.
Settings: Accept the defaults.
h.
Dependencies: Accept the defaults.
i.
Validation Errors: Validation errors appear here. Accept defaults.
j.
At the bottom of the Single Tier Properties dialog box, click OK.
Creating Deployment Configuration for Services

After you create the service template, you then
can deploy the service to a private cloud or
to virtual machine hosts. To deploy a service,
you should first create a service deployment
configuration. You can create a deployment
configuration by right-clicking a service, and
then selecting Configure Deployment. Type a
name for the deployment configuration, and
then select a destination for the service. You can
choose between host groups and private clouds.
After you type the services name and select its

destination, placement evaluation will be
performed. Following the evaluation, the Deploy Service console opens, displaying the deployment
diagram and the selected host machine or private cloud. From this console, you can configure a virtual
machine name and a computer name for the virtual machines that you will deploy as a part of service.
By default, VMM generates names in format ServiceVM0000X.domain for both virtual machine name and
computer name. However, you can change this for each service deployment.
When you click the Deploy Service button in the Deploy Service console, you initiate the deployment
process. You can monitor deployment progress in the Jobs window. Depending on the number of virtual
machines that you deploy, and the network and storage speed, this process can take ten minutes and up
to a few hours. For long-running service deployments, we recommend that you monitor the VM Manager
log in Event viewer, and the System log on the VMM management server. Event Viewer provides detailed
information about the tasks performed.
After the service deploys, you can update the service template, and then deploy those updated changes
to the already deployed service. Alternatively, you can deploy additional virtual machines to an existing
service to provide additional resources for the deployed service.
You can also start a deployment from the App Controller portal. If you provide a self-service user role with
access to a service template, self-service users can initiate a service deployment by using App Controller.
Optimally, in a private cloud environment, end users should use App Controller to deploy services and
applications without ever having to know a virtual machines number, configuration, or location.
Note: The VMM Self-Service portal has been removed in System Center 2012 SP1.
Demonstration: Deploying a Service

In this demonstration, you will see how to deploy a service.
Demonstration Steps
1.
Use your mouse to drag the External Network box next to the NIC 1 box.
2.
Click Save and Validate the service, and then click the Configure Deployment icon. Provide the
name of the service as follows:
o
Name: Demo Service
3.
In the Deploy Service Demo Service dialog box, if a pink shaded area displays in the Deploy
Service Demo Service console, with a message saying it could not find a host, click the Refresh
Preview button.
4.
Click Deploy Service, and in the Deploy service pop-up window, click Deploy. On LON-HOST2, in
Microsoft Hyper-V Manager console, connect to the new virtual machine, and then Skip the product
key input page.
5.
6.
Close all open windows.
Scaling Out a Service

After you deploy a service, you may need to
deploy additional virtual machines to a tier in
that service. You can use the VMM scale-out
functionality for such scenarios.
You may need to expand your service quickly due
to rapid growth in demand. Consider, for example,
a particular product that you sell only during a
holiday season. An organization with a website
that sells this particular product might see a big
increase in visits to their webpage during the
holiday season. In this scenario, the ability to scale
out additional virtual machines that are hosting
web servers would be ideal.
12-13
You specify within a tiers properties in a service template whether you want to allow that tier to scale out.
You can set the minimum and maximum number of virtual machines that you want to deploy in that tier,
and if users try to scale out that tier beyond that maximum number, they will receive a warning. However,
VMM will not prevent you from scaling out that tier. The tier and service will display a Needs Attention
status in the VMs and Services workspace.
Use the following procedure to scale out a tier in a deployed service:
1.
Open the VMs and services workspace.
2.
Select the private cloud or host group to which you deployed the service.
3.
Select the service to scale out.
4.
On the Home tab of the ribbon, click the Services icon.
5.
On the Service tab of the ribbon, click the Scale Out icon. This opens up the Scale Out Tier Wizard.
6.
The first page of the wizard is the Select Tier page. The Tier details section shows the number of
virtual machines currently deployed, and the minimum and maximum tier sizes.
7.
On the Select Tier page, click the Tier drop-down list box, click the tier that you want to scale out,
8.
On the Specify Virtual Machine Identity page, type a name for the new virtual machine that you
are creating, and then click Next.
9.
Depending on whether the tier is in a service that is deployed to a private cloud or to a host already,
do the following:
o
Service deployed to a private cloud:
On the Configure Settings page, click Identity Information in the settings tree, and in the
Computer name text box, type the computer name, and then click Next.
Service deployed to a host group:

i.
On the Configure Settings page, click Identity Information in the settings tree, and then in
the Computer name text box, type the computer name.
ii.
Update any other virtual machine settings as needed, and then click Next.
10. On the Add Properties page, select any actions to take when the host server starts or stops, and then
click Next.
11. On the Summary page, click Scale Out.
12. The Jobs window will open and show the Create virtual machine task. This can take several minutes.
13. When the Create virtual machine task finishes, return to the VMs and Services workspace, and verify
that the new virtual machine is in the services tier.
Updating a Service
Requirements should dictate whether a particular
service is current and practical to those who use it.
Over time, requirements change and may require
updating. You can make changes to a deployed
service by updating that service. In VMM, you use
a service template to deploy a service. You can
make updates to a service template, which then
makes changes to the deployed service.
You can use VMM to make updates to a deployed

service in two ways. You can apply updates to
existing virtual machines, or you can deploy
new virtual machines with the updated settings.
Applying updates to existing virtual machines is faster than deploying new virtual machines, and is an inplace update. You can apply most application updates and configurations changes to virtual machines by
using an in-place update.
In VMM, you can create upgrade domains, which are objects that allow you to minimize service
interruptions when you perform an in-place update of a tier. Please note that upgrade domains are not
related to Active Directory Domain Services (AD DS) domains.
You can set the number of upgrade domains that you need to use, and VMM will arbitrarily assigned
virtual machines to an upgrade domain. When you need to update a tier in a service, VMM updates
the virtual machines in the tier according to the upgrade domain to which they belong. The upgrade
domains are updated one at a time, and the virtual machines being updated in that upgrade domain are
shut down, updated, and then brought back online. VMM then moves to the next upgrade domain and
repeats the process. This means that updates can take place with the least possible impact to the running
service.
Alternatively, you can use VMM to update a deployed service by creating new virtual machines with the
updated settings. This option takes more time than upgrading, as you are replacing the existing virtual
machines with new virtual machines. However, this would be the preferred way to deploy operating
system updates such as service packs on the virtual machine. You can use a script to save the state of
certain applications before removing the virtual machines, and then restore the application state to the
new virtual machines when you deploy them. You also can use Server App-V, which supports automatic
saving and restoring of application states without scripting.
Exporting and Importing Service Templates

With VMM, you can export and import service
templates. You also can back up service templates
and share service templates between different
VMM installations. Exporting a service template in
VMM includes:
Tier definitions
Hardware settings
Guest operating system settings
Application installation settings
Network configurations
12-15
VMM saves these settings to an .xml file. Optionally, you can add sensitive data that is marked as secure,
such as passwords, an applications product keys, and global settings that require action. You can encrypt
sensitive data settings and protect them with an encrypted password.
When you import a service template, you can choose to either exclude or include sensitive settings. If you
decide to include these settings, you must use an encrypted password to do so.
You can also choose to export some or all of the physical resources that are associated with the service
template, such as base virtual hard drives, scripts, or application packages along with the .XML file.
During a service template import, VMM validates physical and logical resources that the service template
references. You can then update references to any missing resources, such as logical resources in logical
networks and virtual hard disks.
You should store the .xml file in a Virtual Machine Manager library share, which ensures that
administrators have access to the file for the service template imports. You can also store the file in a
file share, or copy it and then deploy it to administrators for import into different VMM installations.
The account requirements for exporting and importing service templates are straightforward. VMM
administrators can import and export service templates. Application administrators, or self-service users,
to whom you assign the Author action to their user role, can import and export service templates to which
you provide them with access. This is regardless of who owns the service template. When authorized
application administrators import a service template, they become the service template owners.
Lesson 3
Using App Controller
You can use App Controller to provide a means of self-service that enables users to easily configure,
deploy, and manage virtual machines and services across private cloud and public clouds. App Controller
helps you meet consumer and service provider expectations by providing an effective way to deliver IT as
a service (ITaaS).
App Controller is the end users single view to manage applications and services across Microsoft cloud
services and the Windows Azure public cloud. You can use App Controller to configure, deploy, visualize,
and update multitier application components as a holistic service delivered to the business. In one
window, service consumers can view all applications for which they are responsible.
In this lesson, you will learn about App Controller and its capabilities.
Lesson Objectives
Describe the purpose and functionality of App Controller.
Explain how to connect App Controller to public and private clouds.
Describe the functionality of an App Controller.
Describe the system requirements for an App Controller.
Explain how to deploy and manage virtual machines and services.
Explain how to use an App Controller to deploy VMM and App Controller.
What Is App Controller?

In a private or public cloud solution, end user
focus is not on virtual machines or servers, but
rather on applications and services. Because VMM
focuses primarily on virtual machines and service
management, you need an additional tool that
allows application owners to view services and
applications. In previous VMM versions, such as
System Center Virtual Machine Manager 2008
(VMM 2008) R2, the Self-Service Portal provided
end users with the ability to create and manage
virtual machines from their permission scope.
However, Self-Service Portal is orientated to
virtual machines, not to services or applications.
Benefits of App Controller
App Controller gives the application owners a self-service experience across the VMM, and provides them
with a unified view that lets them manage applications and service across private clouds and Windows
Azure. App Controller provides the ability for users to manage application components in the context of
the holistic service that it represents to the business.
12-17
App Controller provides the self-service component of this solution by enabling application owners to:
Configure, deploy, and manage services through an intuitive, unified, and service-centric interface,
while using a library of standard templates.
Provide self-service application management, visibility, and control across both the Microsoft private
cloud services and the Microsoft public cloud services (such as Windows Azure).
Create, manage, and move services using a web-based interface that presents a customized view of
resources based on your role in the organization, and enables you to manage services rather than
servers. This lets application owners focus on improving business value. View virtual machines, and
both private and public cloud services. Control components at each layer, track jobs, and maintain a
detailed history of changes.
App Controller also enables data center administrators to delegate authority to application owners.
Predefined templates help ensure compliance with company IT standards and policies. Using App
Controller, data center administrators can create for application owners a customized, role-based view of
private and public cloud services, and a consumed and available resources view. In addition, application
owners can customize all service components, including virtual machines, network resources, and load
balancing.
You also can use App Controller to move applications and components within public and private cloud
environments, including:
Windows Azure configuration settings.
Package files.
.vhd and .vhdx files among Windows Azure subscriptions and the private clouds storage.
Copy service templates and resources.
App Controller now works with VMM. It can connect to the Service Provider Foundation versions that
shipped with System Center 2012 SP1 and System Center 2012 R2.
Connecting an App Controller to Cloud Services

After you install App Controller, you will want
to connect it to either a public cloud or a
private cloud. You can connect App Controller
simultaneously to both Windows Azure and to
a locally installed VMM instance.
Connecting to a Private Cloud
You can connect to a VMM server and Virtual

Machine Manager clouds in the Common Tasks
section by choosing the hyperlinks in the Status:
Private Clouds section. When you select this
option, you must provide the connection name,
which you define. Optionally, you can provide a
description, and type the Server name and port. The server name should be the fully qualified domain
name (FQDN) of your VMM server. The port is set to 8100 by default. You should not change the port
number unless you changed the port when you were configuring VMM.
Importing SSL Certificates
You also have an option to import Secure Sockets Layer (SSL) certificates automatically. This is the default
behavior. To copy files or templates to and from VMM cloud libraries, you must import SSL certificates to
the App Controller server. For the import to succeed, users must belong to all of the following roles:
Local administrator of the App Controller server
Local administrator of the VMM server
VMM administrator
After you import all of the data, you should be able to connect to both your private clouds and your
VMM server.
Connecting to Both Public and Private Clouds
If you want to connect to Windows Azure, you select the Connect a Windows Azure subscription option.
You will have to provide a connection name, your subscription ID, a management certificate, and a
corresponding password. If you connect to both the VMM private cloud and Windows Azure, you will be
able to manage and deploy all of your cloud-based services and applications.
Accessing the App Controller Web Portal
The App Controller console is a portal that is accessible through a web browser. You should install
Microsoft Silverlight 4 before connecting to the App Controller portal. We also recommend that you add
the App Controller portal to Trusted sites or intranet sites on the computer from where you are making a
connection. To use single sign-on, you will have to add the portal to intranet sites in the Windows Internet
Explorer settings, so that Internet Explorer will allow delegation of default credentials. If you do not want
to be logged on using the same credentials that you use to log on to your computer, you should not
enable Windows Authentication on the /api virtual directory.
Managing Clouds and Resources with App Controller
The default path for connecting to the App Controller console is https://AppControllerServerFQDN/
(substitute your server FQDN). Ensure that the certificate for App Controller is issued to the same name
that you are using to connect. After you connect to App Controller, you can use it to deploy and manage
services, private clouds, and virtual machines. However, unlike the VMM console that provides a full set of
options for these tasks, App Controller provides a limited set of options that focus on private clouds and
services. For example, you can use App Controller to deploy new virtual machines and new services based
on existing templates only. Additionally, App Controller enables you to connect to, and manage, both
public cloud and private cloud resources from the same place.
VMM Administrator vs. Self-Service User
If you log on to App Controller as a VMM administrator, you will be able to create connections, view
resource usage, and manage User Roles. However, if you log on to the App Controller console as a selfservice user, your set of available options will be limited to resources to which you have permissions.
For example, in the App Controller console, on the Clouds tab, a self-service user can view both private
clouds and public clouds to which that user has appropriate permissions. On this tab, a self-service user
will also see an option to deploy resources to cloud services. Based on templates provided in the Virtual
Machine Manager library that are available to the self-service user, it is possible to deploy a new service or
virtual machine. Self-service users can also access a library view, where they can view available templates,
shares, and other resources. From this point, it is also possible to deploy a new service or virtual machine.
However, unlike VMM where new virtual machine or service deployment requires several steps and
several decisions, the App Controller process is a more straightforward. From App Controller, each selfservice user can see his or her active jobs, job progress, and state.
Demonstration: Overview of an App Controller

In this demonstration, you will explore the App Controller functionality.
Demonstration Steps
1.
On LON-VMM1, sign in as adatum\administrator with the password Pa$$w0rd.
2.
Start the App Controller web portal page.
3.
Sign into the page as ADATUM\Administrator with the password Pa$$w0rd.
4.
Explore the page contents as follows:
5.
12-19
a.
Click the hyperlinks 1 Virtual Machine Manager server, and 1 Virtual Machine Manager
clouds.
b.
Explore the console tree by clicking every node in the tree, and then examining the details pane
of each node.
c.
Expand all child nodes, and then explore those nodes and their details pane as well.
Sign out of App Controller, close Internet Explorer, close all open windows, and then sign out of
LON-VMM1.
System Requirements for App Controller

You install App Controller as a separate
component. You can choose to host this service
on a separate server, or you can host it together
with an existing service such as VMM. In both
cases, first you should verify that your server
meets system requirements for App Controller.
For better performance, you should install the
App Controller server on a separate computer
from the VMM management server.
Hardware Requirements
From a hardware perspective, App Controller is

not a very demanding service. You must have at
least a Pentium 4 CPU running on 2 gigahertz (GHz). Additionally, the recommended amount of random
access memory (RAM) is 4 GB (with a 1 GB minimum), and 1 GB or a minimum of 512 megabytes (MB), of
hard-disk space. Because of the low hardware requirements, you can run App Controller in a virtual
machine to optimize resource usage.
Software Requirements
App Controller has software requirements that you must meet prior to installation. You can install App
Controller only on Windows Server 2008 R2 SP1 and newer. You must also install a Web Server role, that
is, Windows Internet Information Services (IIS). There are several Web Server role services required for
App Controller, but the App Controller Setup Wizard will install all of them during setup. You also should
install Microsoft .NET Framework 4 (4.5 on Windows Server 2012 R2) before installing App Controller, or
you can let App Controller setup install it for you.
To run successfully, App Controller also requires SQL Server 2008 Service Pack 2 (SP2) or SQL Server 2008
R2 or newer. SQL Server does not require a dedicated server. Instead, you can use the SQL instance that
VMM is using. Additionally, you must install the VMM console on the server that is running App
Controller. However, it does not have to be on the VMM management server. You must install VMM
locally or remotely, because the App Controller is a portal to the data and services that VMM provides.
If you want to use Windows PowerShell for App Controller, at a minimum, you should install .NET
Framework 3.5.1 (available as feature in Windows Server 2008 R2) and Windows PowerShell 2.0 (built in
Windows Server 2008 R2). Windows Server 2012 comes with .NET Framework 4 and Windows
PowerShell 3.0.
Installation Considerations
To install the App Controller, you must be logged on to the computer that you are configuring, as a
domain user with membership in the local Administrators group. This account also must have at least
database-owner permission on the database that it will use.
While running the App Controller Setup Wizard, you must provide a service account that App Controller
can use to run. You can choose between Network Service and domain account. We recommend that you
create a dedicated account just for this purpose, or that you use the Managed Service Account feature.
You also should configure the port on which App Controller services will work. This port is for internal
purposes only, so you do not need to configure it on a firewall.
If you are installing multiple App Controller servers behind a load balancer, you will be required to
configure an encryption key that the servers share. After installing the first App Controller server, you
export the encryption key by using the Export-AppControllerAesKey cmdlet, which you then provide
key when installing subsequent servers.
If there is a problem with the setup completing successfully, consult the log files that are in the
%LOCALAPPDATA%\AppController\Logs folder.
Deployment Considerations
When deploying App Controller, it is important that you configure certificates properly. You cannot
request a certificate during setup, so you should prepare the certificate using the Internet Information
Services (IIS) console prior to running setup. An alternative to your internal public key infrastructure (PKI)
is to use a self-signed certificate. However, using self-signed certificates can cause potential trust issues.
App Controller is not a cluster-aware service, but you can make it highly available by making:
The database highly available, which you can do by installing the database on a clustered SQL Server.
The App Controller server highly available by:

o
Installing multiple App Controller servers behind a load balancer.
Installing App Controller servers on a highly available virtual machine.
By default, App Controller prompts users to sign in by entering their AD DS user name and password.
If you want to configure App Controller to use the users current Windows credentials to sign in
automatically, you should enable Windows Authentication on the /api virtual directory on the App
Controller website.
App Controller Limits
12-21
The following table displays some limits for App Controller. You should be aware of these limits when you
plan App Controller deployment.
Measure
Value
Maximum number of objects in a Windows Azure storage directory
900
Maximum number of VMM management servers
Maximum number of Windows Azure subscriptions per user
20
Maximum number of concurrent users
75
Maximum number of jobs that can be run in a 24-hour interval
10,000
Deploying and Managing Virtual Machines and Services

In the App Controller web-based console, you use
the Services page deploy new services to both
public clouds and private clouds. You also use this
page to change the properties of the services that
are deployed. You can deploy virtual machines
either to VMM, Windows Azure, or to another
hosting provider. If a virtual machine is part of
a VMM service, it will deploy when the service
deploys. The App Controller console also can
provide management control of the services in
virtual machines already deployed on VMM
private clouds and those on Windows Azure.
On the Services page, you can view a list of deployed services as well as display a diagram, much like the
Services Template Designer. The Services page enables you to view or change deployed service properties
and other tasks that you can perform on deployed services.
To deploy a service to a private cloud, access the Clouds node in the App Controller console tree. Rightclick a named cloud in the Clouds details pane, and then click Deploy, or in the control bar at the top of
the Clouds details pane, click the Deploy button. App Controller allows you to use the New Deployment
diagram view to configure the settings for the service deployment. The Deploy button is not available
until you supply all required settings.
You also can manage deployed services by selecting the Services node in the App Controller console
tree. The All Deployed Services details pane has a list of the various available deployed services. A VMM
administrator creates service templates in the VMM console, and then delegates them to a user role. Then,
they appear as deployed services in the All Deployed Services details pane. You can right-click a deployed
service name, or you can select the name, and then use the various buttons on the control bar above.
The Open Diagram button brings up a diagram view in which you can change settings for a particular
deployed service. You also can start, stop, suspend, and resume a deployed service. A Servicing item lets
you upgrade and delete deployed services, and resolve any issues.
If your organization has a subscription to Windows Azure, you can add the items in that subscription to
the App Controller console. You can find Windows Azure items in in the App Controller Library. To deploy
a service to Windows Azure, you will have to create a Windows Azure configuration and package file. You
then must upload this file to the Windows Azure storage account, and then select the particular
configuration file. The diagram view then will load with the proper information, and you can click
hyperlinks to configure settings. After this, the Deploy button in the diagram view becomes available.
The Virtual Machines node of the App Controller console also has a Deploy button. When selected, it
brings up a New Deployment diagram view, which you can use to create a virtual machine. You click the
hyperlinks to configure the various settings. Once all the required configuration of the various settings is
complete, the Deploy button will become available. You can also use the Virtual Machines node to select
a listed virtual machine and then right-click it, or choose an item from the control bar above to manage it.
The functionality allows you to:
Open a diagram of an existing virtual machine.
View a virtual machines properties.
Start a virtual machine.
Store a virtual machine in a virtual machine library.
Mount an .iso image to the virtual machine.
Open a console to the virtual machine.
Delete a virtual machine.
Demonstration: Using App Controller to Deploy Virtual Machines and

Services
In this demonstration, you will see how to use App Controller to deploy virtual machines and services.
Demonstration Steps
1.
On LON-VMM1, sign in as adatum\administrator with the password Pa$$w0rd.
2.
Start the App Controller web portal page, and sign in as ADATUM\Administrator with the
password Pa$$w0rd.
3.
Create a new deployment to the DemoCloud with the following settings:

a.
Select the Demo Service Template that you created earlier.
b.
Click the Configure hyperlink, and then in the Instance box, bring up the Properties of a new
virtual machine dialog box.
c.
Complete the dialog box with the following settings:
Computer name: AppCDemoVM
Description: Demonstration creating a virtual machine in a service template for App

Controller
In the New Deployment window, in the Service box, click the Configure hyperlink, and then
add the following: Service name: DemoApC. Deploy it.
4.
On the yellow bar at the bottom of the App Controller webpage, verify that you can see a hyperlink
entitled VMM service deployment started. Wait approximately minutes while the service deploys.
5.
In the Virtual machine node of the console tree, verify that the Status changes from Under Creation
to Running.
12-23
6.
On 20409B-LON-HOST2, in Hyper-V Manager, connect to the virtual machine.
7.
On the Product Key page, click Skip.
8.
If you get a connection failure warning, click the Reconnect button at the top of the console. If this
fails, return to the VMM Console, use Connect via Console to connect, and then exit the virtual
machine.
9.
Sign on to the virtual machine from the App Controller web portal. Note that the virtual machine is
running Windows Server 2012 Core. Sign out of the virtual machine, and then close the console page.
10. Sign out of App Controller, and then close Internet Explorer.
11. Close all open windows, and then sign out of LON-VMM1.
Lab: Managing Services in Microsoft System Center 2012

R2 Virtual Machine Manager and App Controller
Scenario
A. Datum Corporation has implemented Hyper-V hosts and deployed System Center 2012 R2 VMM for
managing its virtualization infrastructure. The enterprise has virtualized physical servers, which are running
as individual virtual machines, even if services that they provide span over multiple servers. As A. Datum
is expanding its business, it needs to plan for scaling out those services. A. Datum is considering using
VMM to achieve this goal. A. Datum also has created a cloud for each vendor, and has configured cloud
capacity limits to control the resources that each vendor can consume. Vendors will use App Controller to
manage their clouds, services, and the virtual machines in their clouds.
Objectives
Create a service template, and deploy a service.
Modify the service template properties, and manage services.
Configure and use an App Controller.
Use App Controller to work with service templates.
Lab Setup
Estimated Time: Duration: 75 minutes
Virtual machines: 20409B-LON-HOST1, 20409B-LON-HOST2, 20409B-LON-DC1, 20409B-LON-VMM1,
20409B-LON-CL1
Password: Pa$$w0rd
1.
2.
seconds.
3.
Click 20409B-LON-VMM1, and in the Actions pane, click Start, and then click Connect. Wait until
the virtual machine starts.
4.

o
Password: Pa$$w0rd
Domain: Adatum
5.
Repeat step 3 for 20409B-LON-CL1. Do not sign in until directed to do so.
6.
On LON-VMM1, open the VMM console, and perform the following steps:
a.
Click the Library workspace, and then in the navigation pane, click LON-VMM1.Adatum.com.
b.
Expand Library Servers, expand LON-VMM1.Adatum.com, expand MSSVMMLibrary and then

click VHDs.
c.
Right-click VHDs, and then click Explore.
12-25
d.
In the path box, type C:\VHD, and then press Enter.
e.
Right-click the SmallCore.vhd file and select Cut. Ensure that a cut rather than a copy is done, as
you are moving the file, which makes the process much faster.
f.
Click the back button to go back to the \\LON-VMM1.Adatum.com\MSSCVMMLibrary\VHDs

folder.
g.
Paste the SmallCore.vhd file into this folder.
Exercise 1: Creating a Service Template

Scenario
In this exercise, students will use Service Template Designer to create a service template, which they can
base on the objects that already exist in the Virtual Machine Manager library.
1.
Open the Virtual Machine Manager Service Template Designer with a new service template.
2.
Use the Service Template Designer to modify a single tier virtual machine.
Task 1: Open the Virtual Machine Manager Service Template Designer with a new
service template
1.
2.
On the desktop, on the taskbar, click Virtual Machine Manage Console.
3.
4.
In the Virtual Machine Manager console, on the lower left, click the Library workspace.
5.
On the Home tab of the ribbon, click Create Service Template.
6.
In the New Service Template dialog box, in the Name field, type Lab 12 Service Template, and
then in the Release field, type 1. In the Patterns section, click Single Machine, and then click OK.
This will bring up the Virtual Machine Manager Service Template Designer console.
7.
Note the name selected, Lab 12 Service Template, is part of the overall name, because this is what
you are currently designing. The numeral 1 beside it is the release version.
8.
Note the Designer canvas area.
Task 2: Use the Service Template Designer to modify a single tier virtual machine
1.
In the Virtual Machine Manager Service Template Designer, create a service template with the
following properties:
a.
General page:
b.
Name: Lab12ServiceVM
Hardware Configuration page:
Select a virtual hard disk: SmallCore.vhd (You may have to click Refresh (F5) to see it.)
Network Adapter 1 (Legacy): Connected to a VM network External Network
c.
OS Configuration page:
Operating system: 64-bit edition of Windows Server 2012 Standard
d.
Application Configuration page: Select the None do not install any applications
e.
SQL Server Configuration page: Accept the defaults (None).
f.
Custom Properties page: Accept the defaults.
g.
Settings page: Accept the defaults.
h.
Dependencies page: Accept the defaults.
i.
Validation Errors page: Accept the defaults.
2.
3.
Use your mouse to drag the External Network box beside the NIC 1 box.
Results: After completing this exercise, you should have created a service template by using the Service
Template Designer.
Exercise 2: Deploying a Service and Updating a Service Template

Scenario
In this exercise, students will configure service deployment, and then deploy the service. They also will
modify the template, and then update the service.
1.
Deploy the service.
2.
Create an update for the service template.
3.
Update the service template.
Task 1: Deploy the service

1.
In the Service Template Designer, click the Save and Validate icon, and then click the Configure
Deployment icon.
2.
Deploy to DevCloud with the name Lab 12 Service.
3.
When the Deploy Service Lab 12 Service displays, if you get a pink shaded area in the Deploy
Service Lab 12 Service console, which indicates that it could not find a host, click Refresh Preview.
4.
Click Deploy Service, and in the Deploy service pop-up windows, click Deploy, and then name the
virtual machine Lab12ServiceVM.
5.
The Jobs window will display. This will take approximately 30 minutes to complete.
6.
When the job completes, close the Jobs window, and then confirm that the Lab12ServiceVM virtual
machine is running.
Task 2: Create an update for the service template
12-27
1.
In the Virtual Machine Manager console, open the Library workspace, and in the console tree,
expand Templates, and then select Service Templates.
2.
Click the Lab 12 Service Template service template, and in the Properties page, select the Access
page in the console tree, and then add the DevRole user role.
Note: Due to the ongoing creation of the Lab12ServiceVM virtual machine from Task 1
above, step 5 may take longer than expected or fail. If that happens, you cannot run Exercise 4,
Task 1.
Task 3: Update the service template

1.
Select the Lab 12 Service Template item, replace the template with an updated template named
Lab 12 Service Template, Release1, and then set the template.
2.
Apply updates to existing virtual machines in-place and immediately. The Jobs window will appear,
and the servicing job will complete.
3.
Results: After completing this exercise, you should have configured service deployment, and then
deployed the service. You also should have modified the template, and then updated the service.
Exercise 3: Configuring App Controller

Scenario
In this exercise, students will use an App Controller to connect to the private cloud that they created in
the previous lab. They will work with different user roles, and explore the App Controller interface and its
available options.
1.
Connect App Controller to VMM.
2.
Load App Controller on LON-CL1.
3.
Explore the functionality of the App Controller web page.
Task 1: Connect App Controller to VMM

1.
On LON-VMM1, click to the Start screen, and then click App Controller.
2.
In Internet Explorer, on the App Controller sign in webpage, type Adatum\Administrator as the
User name and Pa$$w0rd as the Password.
3.
On the Overview page, under Private Clouds, click Connect a Virtual Machine.
4.
On the Add a new VMM connection page, provide the following settings, and then click OK:
5.
Connection name: Adatum
Server name: LON-VMM1.adatum.com
Notice that the App Controller webpage loads with data shown under the Private Clouds section.
Task 2: Load App Controller on LON-CL1
1.
Sign in to LON-CL1 as adatum\administrator with the password Pa$$w0rd.
2.
Add the Ben Martens and Hani Loza domain user accounts to the Remote Desktop Users group by
using the System \Remote settings located in the Control Panel.
3.
Close all windows and sign off of LON-CL1.
4.
Sign in to LON-CL1 as adatum\ben with the password Pa$$w0rd.
5.
On the desktop, start Internet Explorer, and then in the address bar, type
https://lon-vmm1.adatum.com/.
6.
In the There is a problem with this websites security certificate, click Continue to this website.
7.
If a warning displays stating that Microsoft Silverlight is not compatible, click Run add-on, and then
click Continue to this website.
8.
On the App Controller web portal page, use the following credentials:
o
User name: adatum\ben
Password: Pa$$w0rd
Task 3: Explore the functionality of the App Controller web page

1.
2.
On the App Controller Overview web portal page, click the following hyperlinks:
o
1 Virtual Machine Manager cloud
1 Virtual Machine Manager server
X (where X is a number 0-n) Virtual Machines.
If a virtual machine exists:

a.
Make a note of its full name, and return to LON-VMM1. In the VMM Management console,
delete the named virtual machine.
b.
Return to LON-CL1, and then refresh the Virtual Machine list in App Controller.
3.
Explore the console tree by clicking the nodes in the tree, and then examining the details pane of
each node. Expand all second level nodes, and then explore those nodes and their details panes.
4.
Do not close or sign out of App Controller.
Results: After completing this exercise, you should have configured App Controller to connect to a
private cloud.
Exercise 4: Deploying a Virtual Machine in App Controller

Scenario
12-29
In this exercise, students will use App Controller to deploy a virtual machine, based on an existing virtual
machine template.
1.
Deploy the Lab 12 Service Template.
Task 1: Deploy the Lab 12 Service Template

1.
On the App Controller Overview web portal page, in the Library console tree, right-click the Lab 12
Service Template, and then click Deploy.
2.
In the New Deployment window, in Cloud box, click Configure.
3.
In the Select a cloud for this deployment window, click DevCloud.
4.
Click the Service box, and then click the Configure hyperlink.
5.
In the Properties of Lab 12 Service Template, set the Service name to AppCServiceDevCloud.
6.
In the Instance box, click the Configure hyperlink, and then click OK.
7.
In the New Deployment window, click Deploy, and then click the VMM service deployment started
hyperlink.
8.
Leave the Jobs node alone for approximately 15 to 20 minutes, which is how long it should take the
deployment to finish. You can continue to the next step while the deployment continues.
9.
Open the LON-VMM1 VMM console, and then click the Jobs workspace. Verify that you see a Create
Service Instance that is running. This job takes a long time to finish. Do not wait for it to finish, but
proceed to the next step.
10. In App Controller, in the Virtual Machines node, verify that you see a new virtual machine with a
name that is a long string of letters and numbers. This is a name that it generated randomly. If the
service instance takes a long time, switch to the host machine that is hosting the new service, and
then view the virtual machine in Hyper-V Manager. You may need to click Skip to skip past the
license key information on the installation. Normally an answer file would address this.
11. On the App Controller web portal, in the upper-right corner, click the Sign out hyperlink.
12. Close Internet Explorer, and then sign out of LON-CL1.
13. On LON-VMM1, close all open windows, and then sign out of LON-VMM1.
Results: After completing this exercise, you should have deployed a virtual machine by using App
Controller.

Review Questions
Question: What should you create to deploy a service in VMM?
Question: Can a user deploy new virtual machines by using App Controller?
Best Practice: Best Practices Related to a Particular Technology Area in this Module
Make a detailed plan for private cloud capacity, capability, and resources for each private cloud that
you create.
Use App Controller rather than single virtual machines for deploying services.
Test service templates before publishing them to users.

Common Issue
You cannot deploy a service to a specific
private cloud.
You cannot add a virtual machine

template to a service template tier.
App Controller cannot connect to the

VMM server.
User cannot deploy a service by using App

Controller.
Troubleshooting Tip

13-1
Module 13
Protecting and Monitoring Virtualization Infrastructure
Contents:
Module Overview
13-1
Lesson 1: Overview of Backup and Restore Options for Virtual Machines
13-2
Lesson 2: Protecting Virtualization Infrastructure by Using DPM
13-9
Lesson 3: Using Operations Manager for Monitoring and Reporting
13-21
Lesson 4: Integrating VMM with Operations Manager
13-29
Lab: Monitoring and Reporting Virtualization Infrastructure
13-35
13-40
Course Evaluation
13-41
Module Overview
Highly available technologies such as clustering and Windows Server 2012 Hyper-V replication provide
efficient solutions for high availability and offsite disaster recovery. However, you still need to monitor
those technologies, and you also need to back up the virtual machines and their data. How you monitor
and protect your virtualization infrastructure is a crucial part of the design process. This module provides
insight on the data protection options and methods available with Windows Server Backup, and Microsoft
System Center 2012 R2 Data Protection Manager (DPM). The module also describes how to integrate
monitoring with System Center 2012 R2 Operations Manager.
Objectives
Describe the backup and restore options that are available for virtual machines.
Plan a protection strategy for the virtualization infrastructure by using DPM.
Describe how to use Operations Manager for monitoring and reporting.
Configure basic monitoring and alerting in Operations Manager.
Integrate System Center 2012 R2 Virtual Machine Manager (VMM) and Operations Manager.
Lesson 1
Overview of Backup and Restore Options for Virtual

Machines
In this lesson, you will see how to build a protection strategy for the entire virtualization infrastructure.
You will also see how to implement this protection strategy by using the backup services in Windows
Server 2012 R2. This lesson also describes VMM components, and how you can protect them.
Lesson Objectives
Describe the purpose and features of the Windows Server Backup infrastructure.
Explain the options for backing up virtual machines.
Describe how to back up and restore VMM.
Describe the backup and restore options for VMM.
Describe the scenarios for using Windows Server Backup.
Windows Server Backup Infrastructure

Windows Server Backup is an installable Windows
Server feature that provides tools for performing
basic Windows Server backup and recovery.
Backups include Windows Server files and folders,
and some of its role services such as Hyper-V and
Active Directory Domain services (AD DS).
What Is VSS?
13-2 Protecting and Monitoring Virtualization Infrastructure
Beginning with Windows Server 2003 R2,

Microsoft introduced Volume Shadow Copy
Service (VSS), a Windows service that helps
application vendors create consistent backups of
Windows operating systems, Windows services,
and Windows applications. VSS coordinates VSS components to create data-consistent shadow copies of
one or more volumes. A shadow copy is often referred to as a snapshot, which is not the same as Hyper-V
checkpoints that were also referred to as snapshots in earlier versions of Hyper-V. The shadow copy is a
copy of data blocks that is taken after VSS ensures that the application or role service is in a data or
application-consistent state.
The following table lists the key VSS components.

Component
Description
13-3
VSS
A Windows service that coordinates components to create data-consistent shadow

copies of one or more volumes.
Requestor
A backup application or backup agent that requests VSS to take a volume shadow
copy.
Writer
The application vendor creates this component. For example, in Hyper-V, Microsoft
SharePoint Server, or AD DS, the writer is used to back up the application in a way
the vendor can support the process.
Provider
The component that creates and maintains the shadow copies. These can be
hardware for storage arrays, software, or the system that is included with the
Windows operating system.
How Does VSS Work?
When a backup service such as Windows Backup begins, a VSSenabled backup calls the VSS service. The
VSS service in turn calls the VSS writer, for example, the Hyper-V VSS writer. The VSS writer knows which
application services, files, and volumes should be placed briefly into a dormant state for a consistent
backup. VSS achieves the dormant state by preventing writes to the data while the shadow copy is
created, flushing a cache, or writing out data from memory to disk. While in the dormant state, the VSS
provider creates the snapshot. Once the snapshot completes, the dormant state ends, and the requestor
completes the backup.
What Are VSS Providers?
VSS has three types of providers: the system provider, the hardware provider, and the software provider.
The system provider is built into Windows Server operating systems, and requires an NTFS file system
volume in which to store the shadow copy data. A hardware provider is a vendor-authored provider
that allows the storage hardware to use its own shadow copy (storage area network (SAN) snapshot)
technology. To use the hardware provider with Hyper-V, you must install a hardware provider that is
compatible with Hyper-V, on each Hyper-V host that you want to back up. For example, when backing
up a Cluster Shared Volume (CSV) in a cluster, you must install the provider on each node of the cluster.
A software provider is similar to the hardware provider, except that it uses software to create the shadow
copy.
What Benefit Does VSS Provide to Virtual Machine Backups?
When you install Windows Server Backup on the Hyper-V host and enable the integration agents on a
compatible Windows Server virtual machine that is being backed up, the VSS inside the virtual machine
performs a shadow copy. This enables the entire virtual machine to be backed up online, from where you
can recover it safely without the risk of corrupting open files.
Where Does Windows Server Back Up To?
Windows Server Backup can back up to a local share, or to a remote file share. You should provide a
dedicated disk or volume for the backup. Although you can use an existing and used volume, this is not
a best practice. When deciding where to place the backup data, you should consider the performance
impact on both the source disks and the target disks.
Full vs. Incremental Backups
After you have run a full backup, you can choose to run incremental backups. Running incremental
backups greatly reduces the backup time. It also reduces the performance impact on the source virtual
machine, and on the host that is performing the backup.
Backup Options for Virtual Machines

When creating a backup solution for virtual
machines, you should consider the data that is
being backed up. You can install the Windows
Server Backup feature inside a virtual machine
to perform an in-guest backup, or you can install
Windows Server Backup on the host and perform
a host-level backup. In many cases, you may
want to use both host and in-guest backup. For
example, you may want to perform a weekly host
backup and daily in-guest backup.
Consider a scenario when you want to provide a
backup for a file server. To provide fast recovery
of individual files to a specific point in time, an in-guest backup will be adequate.
If you wanted to back up a Remote Desktop Session host server, a host-level backup would most likely
be more useful than an in-guest backup. The host-level backup enables you to recover the entire virtual
machine quickly, whereas the in-guest backup would require you to build a virtual machine and install
Windows Server before you could attempt a recovery.
Understanding Online and Offline Backups
You can perform online backups that do not incur virtual machine downtime, if the following conditions
are met:
The virtual machine being backed up has integration services installed and enabled.
Each disk that the virtual machine uses is running NTFS file system basic disks.
The VSS service is enabled on all volumes within the virtual machine, and snapshots for each volume
are stored on the same volume. For example, volume D must store shadow copies on volume D.
For detailed information regarding Windows Server backup and Storage Pools, refer to the following link:
Windows Server Backup and Storage Pools
Note: In the Windows Server Backup Wizard in Windows Server 2012, when you select the
Hyper-V virtual machines to back up, the backup types available are either Backup Using Saved
State (Offline), or Backup Using Child Partition Snapshot (Online). This has been changed in
Windows Server 2012 R2 to Offline and Online.
You can enable Windows Backup by using the following procedure:
1.
Sign in to LON-HOST1.
2.
On the taskbar, click the Server Manager icon, and on the dashboard, click Add Roles and Feature.
3.
In the Add Roles and Feature Wizard, on the Before you begin page, click Next.
4.
On the Installation Type page, click Role-based or feature-based installation, and then click Next.
5.
On the Server Selection page, click LON-HOST1.Adatum.com, and then click Next.
6.
On the Select server roles page, click Next.
13-5
7.
On the Select feature page, scroll down and click to select Windows Server Backup, and then click
Next.
8.
On the Confirmation page, click Install.
9.
On the Installation progress page, when the installation has completed, click Close and then close
Server Manager.
To schedule the first backup, use the following procedure:

1.
Sign in to LON-HOST1, and then click the Windows icon.
2.
On the Start screen, type backup, and in the Search text box, type Windows Server Backup.
3.
In the navigation pane on the left, click Local Backup, and in the Actions pane on the right, click
Backup Schedule.
4.
In the Backup Schedule Wizard, on the Getting Started page, click Next.
5.
On the Select Backup Configuration page, review the warning, and then click Next.
6.
On the Select Items for Backup page, click Add Items.
7.
On the Select Items page, click to expand Hyper-V. Select the check box next to each virtual machine
that you want to protect, click OK, and then click Next.
8.
On the Specify Backup Time page, enter the schedule details, and then click Next.
9.
On the Specify Destination Type page, select where you will store the backup, and then click Next.
10. On the Select Destination Volume page, click Add. Review the volumes for sufficient free space.
Click the desired volume, click OK, and then click Next.
11. On the Confirmation page, click Finish. The status should update to You have successfully created
the backup schedule. The status will also confirm the schedule backup time.
12. On the Confirmation page, click Close.
Note: A warning during the procedure will remind you that you cannot mix virtual volume
backups with physical disk backups.
Advanced Settings
When you schedule or modify a backup using the Backup Schedule Wizard, you can modify the following
settings:
Exclusions. You can exclude file types within specific folders and optionally their subfolders. For
example, if you back up a Hyper-V host with several virtual machines, you may not want to back up
any .iso files that have been attached.
VSS backup. With VSS backup options, you can select either a VSS full back up or VSS copy backup.
The full backup updates the backup history and clears the log file. However, if you use other backup
technologies that also use VSS, you might want to choose the VSS copy backup, which retains the VSS
writer log files.
Demonstration: Backing Up and Restoring Virtual Machines

Add the Windows Server Backup feature to Windows Server.
Configure one time and scheduled backups.
Select items for backup, including virtual machines.
Set advanced VSS features.
Finally, you will see where to configure the performance settings that control incremental and full
back ups.
Demonstration Steps
Install Windows Backup

1. Sign in to LON-HOST1, launch the Add Roles and Feature Wizard, and install the Windows Server
Backup feature.
2.
When the installation completes, click Close, and then close Server Manager.
Perform an online backup

1. Launch Windows Server Backup.
2.
In the navigation pane on the left, start the Backup Schedule Wizard.
3.
On the Select Items page, expand the Hyper-V hosts, and select 20409B-LON-DC1 (Online). Add
an exclusion for files with the .iso extension. For the destination, select Local Disk C:
4.
Start the backup. The backup may take as long as 15 minutes. On the Backup Progress page, the
Status should be Creating shadow copy of volume.
Adjust backup performance
From the Windows Server Backup console, configure performance to set an Incremental backup.
Backup and Restore Options for VMM

When you deploy VMM to manage your
virtualization infrastructure, you can spend a
considerable amount of time and effort with
configuration. The larger the deployment,
the more likely you will want to avoid even a
temporary loss of availability for VMM and its
services. Therefore, you should consider and be
familiar with all the options you have to protect
VMM and its components.
Virtual Machine Manager Database
The Virtual Machine Manager database is a

Microsoft SQL Server database, and you can use
the VMM console to run unplanned backups on this database. For a scheduled regular backup, you will
need to use an alternative method. You can use the SQL Server Management Studio console to configure
regular backups for the Virtual Machine Manager database. You also must configure an additional backup
technology if you want this backup to be committed to a tape device.
VMM Library
13-7
You can back up everything that is stored in the Virtual Machine Manager library by using normal file
service-level backups. If the Virtual Machine Manager Library is virtual, then you can back up the entire
virtual machine. While you can run more infrequent backups of legacy .iso files and virtual machine
templates, you should configure more regular backups for commonly created and used library items.
VMM Server
If your VMM management server is virtual, you should protect it as a virtual machine. Otherwise, when
recovering a VMM management server, you should perform a clean installation, and then import the
database.
You should also review individual support backup methods and recommendations for other components
such as the Windows Deployment Services (Windows DS) and Windows Server Update Services (WSUS)
servers.
You configure the Virtual Machine Manager database backup from the VMM console by using the
following steps:
1.
Launch the VMM console.
2.
In the VMM console, click the Settings workspace, then on the ribbon, click Backup.
3.
In the Path field, type a path, either local to the SQL server that VMM is using, or to a network share
that the SQL Server can access, and then click OK.
Scenarios for Using Windows Server Backup

Window Server Backup is ideal for many backup
scenarios. You can use Windows Server Backup
to perform a quick, unplanned backup before
making an important configuration change,
or before installing new software on a server.
Alternatively, you can use it to provide regular
scheduled backups that allow recovery from a
server failure, loss of files, or loss of a virtual
machine.
Because you can send your data to a remote

storage location, Window Server Backup can make
an ideal platform for providing a disaster recovery
solution. However, while you can configure Windows Server Backup remotely by connecting to other
servers, you must configure backups on each server. In a larger environment, this can create a large
administrative overhead, and provide a reason to upgrade to a more flexible backup tool such as DPM.
With Windows Server Backup 2012, you can protect:
A full server (all volumes), or just selected volumes.
Individual files and folders.
System state.
Individual virtual machines on a Hyper-V host.
CSVs.
With Windows Server Backup 2012, you can:
Perform a bare-metal restore. A bare-metal backup contains all critical volumes, and allows you to
restore without first installing an operating system. You do this by using the product media on a DVD
or USB key, and the Windows Recovery Environment (Windows RE). You can use this backup type
with Windows RE to recover from a hard-disk failure, or if you have to recover the entire computer
image to new hardware.
Use system state. The backup contains all information to roll back a server to a specific point in time.
However, you must install an operating system prior to recovering the system state.
Recover individual files and folders or volumes. The Individual files and folders option enables you to
back up and restore specific files, folders, or volumes, or you can add specific files, folders, or volumes
to your backup when you use an option such as critical volume or system state.
Exclude selected files or file types. You can exclude selected files (such as temporary files) or file types
from the backup.
Select from more storage locations. You can store backups on remote shares, or on non-dedicated
volumes.
Use the Windows Azure Online Backup. The Windows Azure Online Backup is a cloud-based backup
solution for Windows Server 2012 that enables you to back up and recover files and folders off-site,
from cloud services.
Lesson 2
Protecting Virtualization Infrastructure by Using DPM
13-9
Building a robust protection solution for your virtualization infrastructure is as important as building the
solution itself. This lesson provides insight into the capabilities of System Center 2012 R2 Data Protection
Manager (DPM), specifically in relation to server virtualization. DPM along with server virtualization
provides a framework on which you can build a protection solution. This lesson provides details on both
core and optional DPM components, their usage, and requirements.
Lesson Objectives
Describe the benefits of using DPM.
Describe the DPM components and protection process.
Explain the considerations for using DPM to back up virtual machines.
Describe how to deploy DPM protection agents.
Explain how to configure protection groups.
Describe the options for protecting virtualization infrastructure.
Describe how to perform a virtual machine recovery.
Explain how to deploy Windows Azure Online Backup for DPM.
Benefits of Using DPM

DPM is an enterprise backup solution. DPM
is classified as Enterprise for its features and
functionality, although it is also an optimal
solution for small to medium size organizations.
While DPM is available as an independent
platform, for optimal usage, it is best to integrate
it with other System Center components.
You use DPM to back up virtualized data centers.
It offers application-aware backups and full
Hyper-V host backups. Unlike Windows Backup,
DPM supports multiple backup schedules and has
advanced features and functionality that you can
use to create a fully automated protection solution.
You should use DPM to:
Back up multiple Hyper-V hosts and virtual machine servers at the same time, and use one or more
schedules.
Enhance disaster recovery by replicating protected data to a secondary offsite location.
Protect workloads such as Microsoft Office SharePoint, AD DS, SQL Server, Microsoft Exchange Server,
Linux and Windows client operating systems such Windows 7 and Windows 8.
Protect data using disk-to-disk, disk-to-tape, or Window Azure Online Backup.
Received detail reports on data churn, growth, forecasting and the Data Protections Manager Health
status.
DPM offers the following feature and or benefits:
Uses SQL Server, and includes support for clustered servers that are running SQL Server. This allows
for scalability and availability of your backup solution.
Supports full and incremental backups. After a full synchronization has occurred, you can optionally
back up only the block changes, thereby providing faster backups.
Can be deployed to a virtual machine; this enhances its own protection and flexibility.
Provides self-service for workloads such as SQL Server databases. For example, a developer could
restore a database to the same location, to a folder, or to an alternate server that is running SQL
Server. An end user also could recover files they have deleted from within a protected share.
Integration with System Center 2012 Orchestrator. This enables you to build automation into your
virtualization or cloud computing environment.
Integration with System Center 2012 Service Manager. This enables you to offer backup as part of a
service catalogue, and align with business processes.
Integration with Operations Manager. You can administer DPM from within the Operation console.
This provides a single console to administer multiple DPM servers, and allows granular delegation of
tasks to operators and administrators, such as bulk restart of failed backup jobs.
Supports item-level Recovery. Item-level recovery allows you to back up a virtual disk of a virtual
machine on the Hyper-V host server. You can then recover individual items from within the protected
virtual machines virtual disk.
Supports automation. Supports automation using either the DPM Management Shell, which is built
on Windows PowerShell, or by using the System Center Integration Pack that integrates Orchestrator
and DPM.
Supports bare-metal restores. This enables you to restore an entire server using the Repair your
computer option located on the Windows Server setup media.
Online backup. DPM makes use of VSS on the Hyper-V host and on a virtual machine. If a virtual
machine is running Windows 2003 or newer, and if the virtual machine receives a backup request
from the Hyper-V host, it uses VSS and places the guest operating system in a suitable state for
backup.
Provides several disaster recovery options. For disaster recovery you can back up all the DPMprotected data to a secondary site, or back up to Windows Azure Online Backup.
DPM protects several workloads and their associated components as follows:
SQL Server
Hyper-V
AD DS
SharePoint Server
Exchange Server
Virtual Machine Manager database
Linux virtual machines
13-11
For a comprehensive list of protected workloads and their recoverable data types, refer to the following
link:
Protecting workloads with DPM
Other DPM benefits include support for the protection of virtual machines that are running on CSV, and
for virtual machines that are running from Server Message Block (SMB) 3.0 file shares. To improve backup
performance, DPM can exclude virtual machine page files from incremental backups. DPM also supports
backups for machines during live migration.
DPM Components and the Protection Process

DPM is made up of the following architectural
components:
DPM server. The DPM server is the main

server component that processes the backup
and recovery jobs. It manages the storage
volumes and tape hardware, and provides
the reporting features. The DPM server also
manages agent configuration and
deployment.
The DPM server requires a server that is

running SQL Server. The DPM installation
includes an instance of SQL Server 2008 R2,
which DPM setup installs on the DPM server. You can choose to use an alternate SQL Server for DPM.
DPM database. The DPM database stores the DPM configuration and reporting data. When using a
remote SQL Server, DPM requires that the SQL Server database engine and SQL Server Reporting
Services components are installed. DPM supports SQL Server 2008 R2 and SQL Server 2012.
DPM protection agents. A protection agent is the software that you install on the target servers or
computers that you intend to protect. Protection agents allow the DPM server to identify and transfer
the data for backup and restore. DPM has only a single agent type. Whether you are protecting
SQL Server, Hyper-V, Exchange Server, or AD DS, you only need to deploy a single agent type.
Protection groups. Protection groups define storage pools, retention settings, and data sources that
need protecting. All data sources in the same protection group share storage allocation, replication
creation methods, and compression settings.
Central console. The central console allows monitoring of multiple DPM servers including differing
versions from a single console. You must install the central console on an Operations Manager server.
The console provides remote administration, role-based access, remote remediation, service level
agreement (SLA) alerts, scripting support, and alert consolidation.
Storage pool. The storage pool consists of disks that attach to the DPM server, and that DPM uses to
store its data replicas and recovery points. DPM can use direct-attached storage (DAS), Fibre Channel,
and Internet small computer system interface (iSCSI). However, it cannot use USB storage or the
Storage Spaces feature in Windows Server.
Tape libraries. You can attach tape drives and tape libraries to the DPM server either directly, or
through your SAN. (Refer to TechNet DPM documentation to search for compatible tape devices.)
You can also use a virtual tape library. A virtual tape library emulates a physical tape library but stores
data on disk.
Secondary DPM server. The secondary DPM server is the same as the primary DPM server with the
exception that you use it to provide protection for you primary DPM servers.
Windows Azure Backup Agent. When using the Windows Azure Backup feature, you must download
and install a Windows Azure Backup Agent on to each DPM server (both primary and secondary).
Overview of DPM Features
How DPM Works
After you have installed a primary DPM server and configured its storage and tape components, you
are now ready to create a protection group. Within the DPM console, select the desired protection type
(Servers or Clients), add at least one member to the group, and then define if you will use disk, tape, or
Windows Azure Backup Agent. You then set a schedule and retention range, and then configure the disk
allocation and the initial replication method.
After you create the protection group, DPM creates a volume in the storage pool in which to store a
replica of each server or client that is part of the protection group. When the DPM protection agent on
the protected server or client tracks data changes, DPM synchronizes the protected data to the replica,
and transfers the changed data to the DPM server.
The Synchronization Process
During synchronization, the DPM protection agent uses a volume filter and change journal to track file
changes, and then performs a checksum process to synchronize only the changed blocks. A data replica
has can become inconsistent due to various reasons. However, you can schedule to run a consistency
check that allows DPM to verify replica data with its source, and then synchronize required changes that
return the replica to a consistent state. When creating or modifying a protection group, you can define
what are known as recovery points. Recovery points are points in time from which you can restore data.
DPM uses VSS writers for backing up remote workloads. It also uses VSS locally to create express full
backups. Express full backups update the replica data with the incremental changes.
For file data, DPM can store a maximum of 64 recovery points, which is the limit for VSS. For example,
if you schedule two recovery points per day, the maximum retention will be 32 days.
For application data, DPM can store a maximum of 512 available recovery points. However, DPM
reserves 64 recovery points for VSS, so you can only select up to 448 recovery points for your
applications.
For longer term recovery options, you should consider using tapes or virtual tapes.
Considerations for Using DPM to Back Up Virtual Machines

When planning your backup strategy for virtual
machines, you should consider your backup
options with respect to specific services or
product that are running on your virtual
machines. Moreover, you should follow the
technical documentation and supported backup
options for each service or product that runs on
your virtual machines, such as AD DS, files and
folders, Exchange Server, and SQL Server.
Consider the following options for implementing
virtual machine backups in your organization:
13-13
Perform backups on the physical server where

virtual machines are located. In this scenario, you back up all virtual machine files. This type of backup
is thorough, because all of your virtual machine configuration and data is backed up. However, you
must ensure that this type of backup is supported for the services or products that are running on
your virtual machines. For example, we do not recommend this type of backup for Exchange Server
when it is running in a virtual environment.
Perform data backups on the virtualized server. This option performs data backup in the same
manner as if a server was installed on a physical machine, which means that only the data inside the
virtual machine is backed up. We recommend this type of backup when Microsoft Exchange Server is
running in a virtual environment.
Perform an online backup. This type of backup ensures that data has been backed up without
interrupting a production environment. If the product installed in your virtualized environment
supports this type of backup, we recommend that organizations utilize online backup so that their
servers can continue to work during the backup process.
Perform an offline backup. This type of backup requires that you stop the virtual machine until the
backup is complete. The virtual machines then can resume working. We do not recommend this
type of backup because it will cause a downtime of services that are running on the virtual machine.
Instead, consider performing an offline backup if no other type of backup is supported or is possible
in your organization.
Deploying DPM Protection Agents

You must install DPM protection agents on each
server or client that you want to protect. The DPM
protection agent is the software that DPM uses to
identify and track changes to data that the DPM
server can protect. You can use several methods
to deploy protection agents, and several scenarios
in which you can deploy them.
Note: This course reviews how to install
DPM protection agents in the same Windows
domain as the DPM server. Installing DPM in
untrusted domains and work groups is supported,
but it is beyond the scope of this course.
Firewall Settings
Before you deploy DPM protection agents, you should ensure that the DPM server can communicate with
the protected computer through any firewalls. On the DPM server, you should ensure that port 135 is
open for TCP traffic, and that the DPM service (Msdpm.exe) and the DPM protection agent (DPmra.exe)
can communicate through the firewall.
Automated Installation Process for No Firewall, Same Domain

1.
On the DPM server, launch the DPM Administrator Console. On the ribbon, click the Management
workspace, and then click Install.
2.
In the Protection Agent Installation Wizard, on the Select Agent Deployment Method page, click
Install agents, and then click Next.
3.
On the Select Computers page, in the Computer name section, click to highlight one or more
computers that you want to protect, and then click Add. You can install earlier versions of the agent
by clicking Advanced, and then selecting the version from the drop-down list box. When you have
finished selecting computers, click Next.
4.
On the Enter Credentials page, enter credentials with administrative rights for the server or client
you will be protecting. You domain will be listed as default. After entering your credentials, click
Next, and wait for the cluster-checking phase to complete.
5.
On the Choose Restart Method page, click Restart the protected computer manually or
automatically, and then click Next.
6.
On the Summary page, review the note about computers possibly losing network connectivity during
installation, and then click Install.
Manual Installation Process for Windows Firewall, Same Domain

1.
Copy the DPM protection agent setup files, or map a drive to the DPM protection agent installation
directory on the DPM server.
2.
Run the installer from a command prompt, and specify the fully qualified domain name (FQDN) for
the DPM server. For example, to install the DPM protection agent on a 64-bit computer with a DPM
server named LON-DPM1.adatum.com, you would type the following at a command prompt:
DPMAgentInstaller_x64.exe LON-DPM1.adatum.com
3.
On the server you wish to protect, sign in, open a command prompt, and type the following
command:
netsh advfirewall firewall add rule name="Allow DPM Remote Agent Push" dir=in
action=allow service=any enable=yes profile=any remoteip=<IPAddress>
4.
On the DPM server, launch the DPM Administrator Console. Click the Management workspace and
then on the ribbon click Install.
5.
In the Protection Agent Installation Wizard, on the Select Agent Deployment Method page, click
Attach agents, click Computers on trusted domain, and then click Next.
6.
On the Select Computers page, in the Computer name section, click to highlight one or more
computers that you want to protect. Alternatively, you either can type the FQDN of the DPM server,
or you can select to import from a text file, and then click Add. When you have finished selecting
computers to protect, click Next.
13-15
7.
On the Enter Credentials page, enter credentials with administrative rights for the server or client
you will be protecting. Your domain will be listed as the default. After entering your credentials, click
Next, and wait for the cluster checking phase to complete.
8.
On the Summary page, review the note about computers possibly losing network connectivity during
installation, and then click Attach.
DPM performs an automatic discovery to identify new computers that have been added to the Active
Directory domain of which the DPM server is a member. By default, auto discovery runs at 01:00 A.M
daily, but you can modify this schedule. Discovered servers and clients are listed in the Protection Agent
Installation Wizard, or in the Create New Protection Group Wizard.
For a list of ports and agent network troubleshooting steps, use the following article as a guide:
Data Protection Manager Agent Network Troubleshooting
Configuring Protection Groups

What Are Protection Groups?
Protection groups are a collection of data sources
that share protection configurations, such as
storage pools, retention settings, schedules,
recovery points, and compression settings. Data
sources are referred to as members. Individual
servers can have multiple members. For example,
system state and each volume are classified as
members.
A member can be protected by multiple

protection groups, but only one primary DPM
server can protect any one data source. Protection groups can include more than one server or client,
and you should use them to create logical groups that support your backup strategy. Some examples of
protection groups that you could implement are:
A group of Hyper-V hosts whose virtual machines you protect using the online backup method.
A group for specific virtual machines and physical servers such as SQL Server databases or domain
controllers.
A group of file servers.
An Exchange Server group
A group of non-production servers.
To create a protection group, perform the following steps:

1.
On the DPM server, launch the DPM Administrator Console, and then click the Protection workspace.
On the ribbon, click New.
2.
In the New Protection Group Wizard, on the Welcome page, click Next.
3.
On the Select protection group type page, click Next.
4.
On the Select group members page, in the Available members section, select the data sources. For
example, if your Hyper-V host server is named LON-HOST1, expand LON-HOST1, and then click to
select each virtual machine that you want to protect. When you are finished selecting data sources,
click Next.
5.
On the Select Data Protection Method page, in the Protection group name text box, type a
descriptive name for the protection group name. Click to select the protection method or methods.
For example, click I want to short-term protection using: Disk. If you have configured online
protection with Windows Azure Backup or if you have configured a tape library, you can select these
now. When you are finished selecting the protection methods, click Next.
6.
On the Select Short-term Goals page, select the number of retention days for the protection group,
and then click Modify.
7.
On the Express Full Backup page, you can optimize the number of recovery points by amending the
express full backup schedule. When done, click Next.
8.
On the Review Disk Allocation page, click Modify. Here you can review and change the replica and
recovery point volumes. Click Cancel, and note that Automatically grow the volumes is selected by
default. Click Next.
9.
On the Choose Replica Creation Method page, for the data that you select, you can choose either
to replicate now, or to replicate later. Alternatively you can perform a manual data transfer using
removable media. Leave the default settings, and then click Next.
10. On the Consistency check options page, you can choose to run consistency checks when replicas
become inconsistent (this is the default). Additionally, you can create a scheduled daily check. Leave
the default settings, and then click Next.
11. On the Summary page, review your protection group settings, then click Create Group.
12. On the Status page, review the results of the tasks, and then click Close.
Within protection groups, you can configure recovery points separately for application members and file
members. For example, you can schedule daily express full backups for a file server, and multiple daily
backups for SQL databases in the same group. Where separate applications such as Exchange Server and
SQL Server are within the same group, they will be grouped on the same schedule. Therefore, if this
option is not suitable, you should create a separate protection group for another application type.
You can enable compression for each protection group. Compression reduces the amount of data that
transmits over the network for replica creation, synchronization, consistency checks, and recovery
operations. By enabling compression, you incur a slight additional CPU overhead for both the DPM server
and the protected server or client.
You can enable compression by using the following steps:
1.
Sign in to the DPM server and launch the DPM Administrator Console. Click the Protection
workspace. In the central section under Protection Group Member, click the Protection group, and
then on the ribbon, click Optimize.
2.
In the Optimize Performance dialog box, click the Network tab. In the Network section, click
Enable on-the-wire compression.
You can add and remove members from a protection group, and you can modify group settings by using
the Modify Group Wizard. Use the following steps to access the Modify Group Wizard:
1.
Sign in to the DPM server, and launch the DPM Administrator Console. Click the Protection
workspace, then in the central section under Protection Group Member, click the Protection group.
On the ribbon, click Modify.
2.
In the Modify Group Wizard, on the Select Group page, you can add and remove members.
3.
Complete each step of the wizard, making any required changes.
13-17
A consistency check verifies that replica data is valid. Consistency check settings are shared with all data
members in a protection group. Running consistency checks can create a slight overhead on the DPM
server and the protected computer, and consume network bandwidth.
You cannot throttle bandwidth at the protection group level. Bandwidth throttling is set in the DPM
protection agent settings for each protected server or client.
Options for Protecting Virtualization Infrastructure

You can use DPM to build your virtualization
infrastructure protection strategy by utilizing the
following virtualization-specific functionalities:
Protection for both running and stopped

virtual machines, from a DPM agent that you
install on a Hyper-V host
Protection for running virtual machines using

a traditional backup, including system state
and all files
Protection of specific guest application

workloads, namely Microsoft workloads such
as the SQL databases used to run the System Center 2012 components
Item-level recovery, which allows you to restore a single file from within a virtual hard disk that was
backed up at host level
Protection for virtual machines that reside on CSVs
Protection for virtual machines that reside on SMB storage
Protection for virtual machines during live migration
Protection for both clustered and non-clustered VMM servers
Scale-out protection. In some scenarios, you can have multiple DPM servers to provide protection to
a large Hyper-V cluster. The host must be running a clean installation of Hyper-V on Windows 2012,
and System Center 2012 SP1 DPM or System Center 2012 R2 DPM
Select to back up Hyper-V as a host-level workload in a protection group. This ensures that all future
virtual machines that you create on that host or cluster will also be backed up
When designing a backup solution, you will need to consider options such as the following:
How and when will initial replication take place?
How many hosts and virtual machines can be backed up at the same time without causing
performance issues?
How much load will there be, and is compression and or bandwidth throttling required?
Remember that you can use DPM in conjunction with other technologies such as Hyper-V Replica, and
that DPM can help form part of an overall solution. While it is imperative that you implement a good
data protection strategy, it is also important that you not overcomplicate protection and recovery. The
following topics are protection options for different Hyper-V host scenarios.
Stand-Alone Hyper-V Hosts
To provide host-level protection to a virtual machine that is running on a stand-alone Hyper-V host, you
must first install an agent on the Hyper-V host. You can protect virtual machines that are running on local
storage, such as DAS, SAN, and network-attached storage (NAS). If your Hyper-V host uses SMB 3.x, you
must also install a DPM protection agent on the file server that is hosting the SMB share.
CSVs
DPM can provide protection for virtual machines that reside in CSV by using a hardware VSS provider,
or an integrated software provider. There is a significant difference between Windows Server 2008 R2
Hyper-V CSVs and Windows Server 2012 R2 CSVs. Without a hardware-based VSS provider, you can
only run one backup job at a time per CSV volume. In addition, the backup job places the cluster into
a redirected I/O mode, which significantly reduces overall cluster performance. With CSV 2.0, this is no
longer the case. By default, you can run three parallel backups or more with a registry key update. I/O
redirection no longer occurs during backup. To perform CSV backups, you must install the DPM
protection agent on each node in the Hyper-V host cluster.
SMB 3.x Shares
As with stand-alone Hyper-V hosts, you can back up Hyper-V host clusters that use SMB 3.x storage. The
storage is represented by either a stand-alone file server or a clustered file server. You must install the
DPM protection agent on each Hyper-V host and on each file server, to protect the virtual machines by
using host-level backups.
Live Migration Protection
During live migrations, DPM protects virtual machines within a cluster without requiring any administrator
intervention. DPM detects the migration and continues to protect the virtual machine from the new
hosting node of the cluster. DPM can also protect live migrations that you perform outside of a cluster.
However, this method has some requirements, such as the protected virtual machine must be part of
cloud configured on System Center 2012 Service Pack 1 (SP1) VMM or newer, and the DPM servers must
be connected to the VMM management server on which the cloud service is located.
Item-Level Recovery
Item-level recovery allows you to protect virtual machines at the host level. It also allows you to recover
individual files and folders from within the virtual hard disk of the virtual machines. Unfortunately, you
cannot restore these items directly to their original location. However, you can restore them locally to the
DPM server or to a network location, and then copy them to their original location. Item-level recovery is
very useful in many situations. However, you may want to use the in-guest backup method for a file
server, which will enable end-user self-service recovery.
You can use each of these to protect an entire virtual machine at the host level. When you build your
protection solution, ensure that you take into consideration the workloads that you need to protect.
Where appropriate, you should schedule virtual machinelevel backups.
Using both item-level recovery and virtual machinelevel backup provides the best solution. For example,
you may have a critical database server that requires hourly backups. However, you could schedule the
virtual machine that is hosting the database to be backed up daily. In this scenario, you would configure
two scheduled backups, and then set the start times.
Best Practices
As a best practice, you should:
Document the options pertaining to your specific virtualization infrastructure, including:

o
Hyper-V host versions.
Storage technology.
Virtual machine workloads.
Operating systems versions.
13-19
Where possible, use a proof of concept on hardware that is as similar as possible to the end solution.
Determine the following:

o
Backup volumes
Network throughput
Document recovery points
Recovery times and locations
Be sure to test recovery from backups, and where possible, randomize the recovery testing.
Define who will receive the backup reports, and make sure that they receive them.
Have an action plan that is subject to the content of the backup reports, such as increasing storage
space, modifying schedules, or throttling bandwidth.
Performing Virtual Machine Recovery

When performing a virtual machine recovery,
there are typically three scenarios:
Recovering a virtual machine to its original

location
Recovering a virtual machine to an alternate

location
Recovering an item such as a file, folder,

volume, or disk, from within a virtual machine
You can use the DPM Administrator Console to

recover a virtual machine to its original location.
Use the following high-level steps, where:
DomainName is the name of the domain in which the server was backed up.
ServerName is the name of the server you are recovering.
xyz is the state of the server when it was backed up, for example: Saved State, or Online.
1.
Launch the DPM Administrator Console.
2.
Click the Recovery workspace.
3.
In the navigation pane, expand Recoverable Data\DomainName\ServerName, and then click All
Protected HyperV Data.
4.
In the results pane, under Recoverable Item, select and right-click Backup Using xyz State
\ServerName, and then click Recover.
5.
In the Recovery Wizard, on the Review Recovery Selection page, click Next.
6.
On the Select Recovery Type page, click Recover to original instance, and then click Next.
7.
On the Specify Recovery Options page, click Next.
8.
On the Summary page, click Recover.
9.
On the Recovery Status page, verify that the Recovery status is Successful, and then click Close.
As a best practice, you should always test recovery scenarios as part of your overall backup strategy. When
testing, note the amount of time it takes to recover the data, and the integrity of data. Consider that as
the backup sizes grow, the recovery time will also grow. While an incremental backup may take 10
minutes, a full server restore may take an hour or longer.
Note: Be aware of any performance impact from recovering virtual machines to production
Hyper-V hosts. During the proof of concept phase of a virtualization deployment, you should
determine whether recovering full virtual machines is acceptable during business hours. To
determine this, review network, storage, and processor performance.
Deploying Windows Azure Online Backup for DPM

You can use Windows Azure Online Backup to
send a replica copy to a vault that you configure
in Windows Azure cloud services. This is similar
to a secondary offsite DPM server, except
considerably less expensive and with reliability
backed by a service level agreement (SLA).
Windows Azure Backup Prerequisites

When you back up DPM using Windows Azure
Backup, you must ensure that your network meets
the following prerequisites:
The DPM server must have installed either

Windows Server 2012 R2, Windows Server 2012, or Windows Server 2008 R2 SP1, and must be
running either System Center 2012 SP1 DPM or System Center 2012 R2 DPM.
You must have a Windows Azure account with the Windows Azure Backup feature enabled. (You can
create a trial account to test this feature.)
The Windows Azure Backup Agent must be installed on the DPM servers that you want to back up.
The DPM servers must have at least 2.5 gigabytes (GB) of local free storage space for cache location
(15 GB recommended).
You must have a management certificate that you will upload to the backup vault in Windows Azure.
One consideration when you import data is that during the initial data transfer, you must send the full
copy of the data, which will use your Internet connection. Ensure that any other production traffic that
uses this connection will not be impacted during the initial or subsequent synchronizations.
For more detailed information on configuring Window Azure Backup for DPM, refer to the following link:
Backing Up DPM using Windows Azure Backup
Lesson 3
13-21
Using Operations Manager for Monitoring and Reporting
Every administrator strives to keep their virtualization environment in a good state of health. Where
possible, you should maintain sufficient reporting information about availability, performance, and
capacity. Ideally, you will use this information for forecasting. Keeping your environment in a good state
of health can consist of remediating issues automatically, or being alerted instantly to any issues and
having immediate knowledge of details and the steps necessary to resolve them. Operations Manager is
designed to do this for virtualized environments, and for many other technologies. This lesson introduces
you to Operations Manager and its components, and provides basic information about monitoring and
alerting.
Lesson Objectives
Describe the key features and components of Operations Manager.
Use the Operations console.
Describe the purpose and functionality of management packs.
Explain how to import management packs.
Describe how to create overrides.
Explain how to configure notifications.
Describe how to configure reports and reporting.
Key Features and Components of Operations Manager

Operations Manager is a cross-platform
monitoring and alerting solution that provides
application and infrastructure monitoring. You can
integrate Operations Manager with VMM, Service
Manager, and Orchestrator to provide automated
remediation in response to errors, performance
issues, and outages. Operations Manager also
provides management packs to monitor other
systems, including many non-Microsoft hardware
and software components.
Operations Manager includes the following
features:
Network monitoring. Operations Manager supports the discovery of network routers and switches.
This provides a platform for you to monitor networks, from desktop to servers.
Application code monitoring. Operations Manager provides detailed monitoring information for
applications, including Microsoft .NET Framework, and Java Platform, Enterprise Edition applications.
Operations Manager also provides the ability to identify and pinpoint problems with applications.
End-to-end monitoring. Operations Manager can perform end-to-end monitoring of applications.

This means that it can monitor the application, the operating system on which it is running, the
hardware that the operating system relies on, and the network devices that are used to provide
access to the application. If an application is distributed across multiple systems, you can configure
Operations Manager to show the application topology in a single pane. This allows administrators to
see instantly where in the topology a problem occurs.
Dashboard widgets. Operations Manager offers predefined and easily customizable dashboard
widgets for monitoring key statistics, alerts, and issues, from a single management console.
Heterogeneous platform monitoring. Operations Manager monitors Windows servers and

applications, Linux, and UNIX systems for health and performance issues.
Operations Manager uses management packs that contain information about the objects that you
monitor. These management packs are usually developed by application vendors. For example, Microsoft
creates management packs for each version of its operating systems and server application products, such
as SQL Server and Exchange Server.
Operations Manager Components

Operations Manager includes the following components:
Operations console. The Operations console is the user interface that you use for monitoring alerts
and making administrative changes. The Operations console reads and writes data through a
management server.
Management server. Each management group has one or more management servers that are
responsible for reading and writing data to the operational database. To service requests,
management servers are combined into resource pools.
Operational database. The operational database is a SQL Server database that stores recently
collected information. By default, this database keeps data for seven days. Each management group
has only one operational database.
Data warehouse database. The data warehouse database is a SQL Server database that stores
historical data for reporting and long-term performance monitoring. Operations Manager
simultaneously writes data to the data warehouse database and the operational database. Each
management group has only one data warehouse database.
Operations Manager reporting server. The Operations Manager reporting server runs SQL Server
Reporting Services (SSRS). Operations Manager generates reports from data located in the data
warehouse database, and then stores reports on the Operations Manager reporting server.
Agents. In most cases, monitored servers have an Operations Manager agent installed. The
Operations Manager agent is responsible for transmitting data to the management server. The
management server configures the agent with rules for reporting data. Based on these rules, the
Operations Manager agent is responsible for identifying the data for transmittal to the management
server.
Web console. The web console is an optional component that provides access to Operations Manager
data through a web-based interface. This avoids the need to install the Operations console on each
computer where alerts are accessed and resolved.
SharePoint Portal. The SharePoint Portal, a feature of Microsoft SharePoint 2010, allows you to display
dashboard views in a SharePoint site. This can be useful for displaying Operations Manager data in an
existing SharePoint site for a workgroup.
13-23
Audit Collection Services. Operations Manager includes Audit Collection Services (ACS), which collects
and stores data from security logs. ACS has a separate infrastructure that integrates with other
Operations Manager components. This allows you to secure ACS data separately from the other
Operations Manager data. You can use ACS to monitor security on computers that are running
Windows Server, Solaris, AIX, UNIX, and Linux. ACS components include:
o
ACS collector. The ACS collector is a service that runs on a server and accepts events that are
being archived. The ACS database stores all collected events.
ACS database. The ACS database is a SQL Server database that stores the events that the ACS
collector collects.
ACS forwarder. The ACS forwarder is a service that runs on monitored computers. The forwarder
collects security events, and then passes them to the ACS collector.
ACS reporting server. The ACS reporting server runs SSRS. This can be the same SSRS instance
that functions as the reporting server for Operations Manager, or a different SSRS instance. If you
use the same SSRS instance, Operations Manager controls the security for the reports. If you use a
different SSRS instance, you must configure SSRS security to control access to the reports.
Demonstration: Using the Operations Console

In this demonstration, you will review the Operations console and its workspaces, including:
Monitoring
Authoring
Reporting
Administration
Demonstration Steps
1.
On LON-OM1, launch the Operations Manager console.
2.
Review the Monitoring Overview page, including the States and Alerts sections. Review the
Required Configurations tasks.
3.
Click Active Alerts, and review an alert, including the Alert details section at the bottom of the
screen. Explore the actions and tasks pane.
4.
Right-click an alert, review the options that display, and then click Properties.
5.
In the Alert Properties dialog box, review some of the Alert Property tabs.
6.
Click the Authoring workspace. Review the options where you can create your own customized
management packs, which may include components such as discoveries, tasks, knowledge, Run As
profiles, reports monitors, rules, and groups.
7.
Click the Reporting workspace. Review how you can read and schedule reports, which are often
included in management packs.
8.
Click the Administration workspace, and review the list of items in the navigation pane.
9.
Click My Workspace, review how you can customize and save console settings.
10. Close the Operations console.
Overview of Management Packs

Management packs contain the settings
that allow you to monitor components. The
Operations Manager installation includes various
management packs. Some of these packs are for
monitoring Operations Manager itself in addition
to common infrastructure components such as
UNIX and Linux, and network devices.
To manage and monitor other applications
and technologies, you must first import
management packs. For example, Microsoft
provides management packs for many of its
applications, including Exchange Server and
SQL Server.
Management packs can contain any of the following items:
Monitors. Monitors are responsible for monitoring the state of each instance of a class. For example,
you can monitor the health state of a server or application. The management pack author controls
the health states that are reported by the monitor. For example, a monitor can indicate that a HyperV hosts memory state is in a warning state when it reaches 80 percent utilization for more than a few
minutes.
Rules. Rules identify events and data that are collected from monitored servers and devices. Rules
define what actions are performed based on the collected events or data. For example, Operations
Manager can send alerts when a specific event appears in the event log, or when a monitored state
changes.
Views. Views display information in the Operations console. Management packs can include views
that organize information about the application they are monitoring. You can create and save your
own customized views in the Operations console.
Knowledge. Knowledge is content that the management pack author adds to provide operators and
administrators with information regarding problem resolution. The knowledge that the author adds is
known as product knowledge. In addition to product knowledge, you can add company-specific
knowledge for your organizations specific environment.
Object discoveries. Object discoveries locate the objects that you can monitor, such as servers,
devices, or applications. To find specific objects, object discoveries can use the registry, Windows
Management Instrumentation (WMI), scripts, OLE DB, or custom code. The object types that you can
monitor are called classes.
Tasks. Tasks are executable code or scripts that can run on the management server, or on the device
or server that you are monitoring. You can run tasks by using automation. For example, when
monitoring disk fragmentation, you can run a task for using defragmentation. Tasks can display in the
Operations console. For example, when integrating DPM and Operations Manager, certain tasks
become available that enable administrators to interact with backup jobs without the need to log on
to a DPM server and launch the DPM Administrator Console.
Reports. The management pack author creates reports, which contain information that is specific to
monitoring for that product. For example, a report may contain graphs showing a Hyper-V host
servers utilization over time, or it may contain forecasting, which you can use for capacity planning.
Run As profiles. Run As profiles can be used by monitors, rules, and tasks to carry out actions. The Run
As profile contains the credentials used to access system resources and perform actions.
Creating Overrides
You create overrides to customize management
pack functionality for the specific requirements of
your environment. This helps you to control the
amount of data that Operations Manager collects.
You can create overrides for the following:
Monitors
Attributes
Object discoveries
Rules
13-25
When creating overrides, you can choose if they

will target a specific object, or a group of objects. The minimum account permissions required to create
overrides is Advanced Operator.
Sealed vs. Unsealed Management Packs
There are two types of management packs: sealed and unsealed. The main difference between these
two management pack types is that you cannot edit the sealed management packs, whereas you can
edit the unsealed management packs. As a best practice, after importing a management pack to which
you need to make changes or override specific settings, create an unsealed management pack in which
to store your changes. For example, if a sealed management pack is named Adatum Finance App
(Adatum.Finance.App.mp), you could create an unsealed management pack called Adatum Finance
App_Overrides (Adatum.Finance.App.xml). The unsealed management pack references the sealed
management pack for its default settings, but contains your modification and overrides.
Note: Do not save settings, changes, or elements of the default unsealed management
packs that you install when you first install Operations Manager. Instead, create a management
pack in which to save your modifications.
To configure an override for a monitor, perform the following high-level steps:
1.
Launch the Operations console, and then click the Authoring workspace.
2.
In the Authoring workspace, expand Management Pack Objects, and then click Monitors.
3.
In the Monitors pane, expand an object type, and then click on a monitor.
4.
On the Operations console toolbar, click Overrides, click Override the Monitor, and then choose to
override for all objects of a class, group, or specific object.
5.
After you choose and click on the group of object types that you want to override, the Override
Properties dialog box opens. Here, you can view and edit the default settings contained in this
monitor.
6.
Click in the Override column next to each parameter that you want to override, and then edit the
Override Value.
7.
At the bottom of the Override Properties page, you can select a destination management pack from
the list, or you can create a new unsealed management pack by clicking New.
8.
When you finish editing the management pack, click OK.
Configuring Notifications
You can enable notifications in Operation a
Manager to alert administrators, users, or groups
of users to an event, issue, or state change of a
monitored object. There are several components
required to enable notification: notification
channels, notification subscribers, notification
subscriptions, and Run As profiles.
Notification Channels
A notification channel is a channel used to
deliver specific alerts that display in the alert view
of the Operations console. The alerts are sent to
administrators or users that you designate. The
types of notification channels that you can configure are:
Email. An email channel can send a message to a Simple Mail Transfer Protocol (SMTP) server. The
SMTP server can be an Exchange server or another SMTP server.
Instant Messaging (IM). An IM channel delivers an instant message through Microsoft Office Live
Communications Server, Office Communications Server, or Microsoft Lync.
Text Message (SMS). An SMS is used for delivering messages to mobile phones. The phone provider
network delivers the messages. You must provide a compatible modem that supports SMS message
Application Protocol Data Unit (APDU) mode.
Command. The command channel allows you to create customized notifications by running scripts or
an executable that generates a notification.
Notification Subscribers
To begin sending notifications to users, you must first set up notification subscribers. Notification
subscribers are lists of people that can be notified. The notification subscriber allows you to configure
the delivery addresses and channel for notifications. You can choose multiple channels to allow each
subscriber to be notified using multiple methods. You can configure a subscriber schedule by setting a
time zone, a date range, days of the week, and times that the subscriber will received alerts.
Notification Subscriptions
After creating notification channels and notification subscribers, you can configure notification
subscriptions. Notification subscriptions determine which alerts will be sent to which subscribers, and
through which channels. By selecting subscription criteria, you can define which alerts a subscription can
use. If you do not define any criteria, all alerts that the Operations Manager generates will be sent. When
creating a subscription, you can select multiple subscribers, and you must include which channels the
subscription will use to send alerts.
Alert Aging
You can use alert aging to suppress notifications until an alert has remained active for a specified period.
For example, you may use this mechanism to allow automation to resolve an alert or to provide service
desk staff sufficient time to resolve an issue, before it is escalated.
When defining and implementing notifications, make sure that everyone involved is in agreement with
what you will send to them. Do not enable more notifications than what is necessary. For example, send
the Backup team backup notifications, and send the Virtualization team their notifications.
Note: If you use Operations Manager to monitor and alert for business-critical systems,
consider ensuring that the Operation Manager components are monitored, potentially by
another Operations Manager, or by an external system. Consider monitoring the notification
channels. For example, if SMTP and SMS are the notification channels and they stop working, you
will not be notified by Operations Manager for any notifications, as its notification channels are
down.
Demonstration: Configuring Notifications

Create a notification channel.
Create a notification subscription.
Create a notification subscriber.
Demonstration Steps
Create a notification channel
1.
On LON-OM1, launch the Operations console.
2.
From the Administration workspace, create a new channel, click Email (SMTP), and leave the
default name and description.
3.
Use the following information:

o
SMTP server (FQDN): smtp.adatum.com
Port number: 25
Authentication method: Anonymous
Return address: SCAlerts@adatum.com
4.
On the Format page, accept the default message format.
5.
After the channel saves, click Close.
Create a notification subscriber
13-27
1.
In the Operations console, in the Administration workspace, click Subscribers.
2.
In the tasks pane, click New.
3.
In the Notification Subscriber Wizard, on the Description page, accept the default name, and then
click Next.
4.
On the Schedule page, accept the default settings, and then click Next.
5.
On the Addresses page, click Add to create a new subscriber address.
6.
Use the following settings:
7.
Address name: Work E-mail
Channel Type: E-mail (SMTP)
Delivery address: administrator@adatum.com
Complete the wizard accepting the default settings.
Create a notification subscription
1.
In the Operations console, from the Administration workspace, click Subscriptions.
2.
In the tasks pane, click New.
3.
In the Subscription name text box, type Windows Server 2012 notifications, and then click Next.
4.
For the criteria, type raised by any instance in a specific group, and choose the Windows Server
2012 Computer Group.
5.
Use Adatum\Administrator as the subscriber, and E-mail as the channel. Enable Delay sending
notifications if conditions remain unchanged for longer than (in minutes), enter 10 as the value,
and then complete the wizard.
6.
When finished, close the Operations console.
Configuring Reports and Reporting

The Reporting component of Operations
Manager and SSRS provide the reporting feature
in Operations Manager. Reporting is an optional
component, and you can install it on a standalone server. Some considerations for
implementing reporting are:
Other applications cannot use the SSRS

instance that Operations Manager uses.
For the virtualization forecasting reports to

work, you must also integrate SQL Server
Analysis Services (SSAS) with VMM.
Prior to System Center 2012 VMM, integrating Operations Manager and VMM enabled some reporting
functions from within the VMM console. However, Beginning with System Center 2012 VMM, the reports
are now enabled inside the Operations Manager Console.
Reports are often included in management packs. For example, when integrating VMM and
Operations Manager, the virtualization reports are enabled with the management packs that VMM
imports automatically. You can run reports and then view them immediately in the Operations console, or
you can schedule and deliver them automatically.
Lesson 4
Integrating VMM with Operations Manager
13-29
You can integrate VMM with Operations Manager to create an effective monitoring solution for your
virtualization environment. Integrating VMM with Operations Manager provides several benefits,
including monitoring health and availability, and viewing virtualization infrastructure diagrams. You
can also implement Performance and Resource Optimization (PRO) tips, which are Operations Manager
management packs that can perform actions automatically in VMM in response to monitored events. This
lesson describes how to configure integration of VMM and Operations Manager, and how to implement
advanced monitoring for virtualization components.
Lesson Objectives
Describe Operations Manager integration with VMM.
Explain how to configure Operations Manager and VMM integration.
Explain how to integrate VMM and Operations Manager.
Describe the functionality of PRO.
Describe how to configure advanced monitoring for virtualization components.
Operations Manager Integration with VMM

You can integrate VMM and Operations Manager
to provide complete monitoring of both physical
host machines and virtual machines. Integrating
VMM with Operations Manager has several
benefits. You can:
Monitor the health and availability of virtual

machines, hosts, the VMM management
server, the Virtual Machine Manager database
server, and the library servers. You can also
monitor a VMware-based virtual
environment.
View diagram views of your virtualized

environment from within the Operations console.
Implement PRO tips, which collect performance data from host machines, virtual machines, and
applications. PRO tips enable you to automate changes to the VMM and host environment based
on the performance information that Operations Manager provides. For example, if a physical hard
disk fails, an alert in Operations Manager could trigger the evacuation of the host with a degraded
disk subsystem. Another example could be using performance information to scale out a web farm
automatically in response to increased transactions in VMM. Enable maintenance-mode integration.
When you place hosts in maintenance mode, VMM attempts to put them in maintenance mode in
Operations Manager.
Integrate Operations Manager and VMM to enable the reporting functionality in VMM.
Integrate SSAS. By integrating SSAS, you can run forecasting reports that can predict host activity
based on history of disk space, memory, network I/O, disk I/O, and CPU usage. This option also
supports SAN usage forecasting.
Configuring Operations Manager and VMM Integration

You configure Operations Manager and VMM
integration through the VMM console. The wizard
that configures integration imports the VMM
management packs into Operations Manager,
and enables Windows PowerShell remoting on
the VMM server. Windows PowerShell remoting
allows the Operations Manager management
server to run VMM management scripts on the
Virtual Machine Manager server.
Before you configure integration, you should
complete the following prerequisites:
Install Windows PowerShell 2.0 on all

Operations Manager management servers.
Install the Operations console on the VMM server.
Install Operations Manager agents on the VMM management server, and on all hosts that VMM
manages.
Install the SQL Server management pack in Operations Manager.
The PRO tips implementation is more granular for System Center 2012 Operations Manager and System
Center 2012 VMM, than for previous versions of these products. You can enable or disable PRO tips all
the way down to individual virtual machines. This allows for better control of PRO tip implementation and
delegation. For example, you can configure PRO tips so that self-service users are notified when PRO tips
are available for any virtual machines that they own.
After configuring integration between Operations Manager and VMM, you can verify functionality by
viewing discovered VMM servers, and by viewing diagrams that show virtualization hosts and the virtual
machines that they host. Additionally, you can use Windows PowerShell cmdlets. To manually initialize
PRO tip diagnostics from Windows PowerShell, use the following command:
Test-SCPROTip
To manually push all VMM objects discovered from Windows PowerShell use the following command:
Write-SCOpsMgrConnection
Demonstration: Integrating VMM and Operations Manager

In this demonstration you will see how to:
Install the Operations Manager console on a VMM server.
Enable VMM integration with Operations Manager.
Demonstration Steps
Install the Operations console on a VMM server
13-31
1.
On LON-VMM1, open File Explorer.
2.
Browse to and run D:\SCOM\setup.exe.
3.
On the Operations Manager window, click Install.
4.
Select only the Operations console to install.
5.
Use the default installation location, agree to the license terms, choose not to Help improve System
Center 2012 - Operations Manager, and choose not to participate in both Customer Experience
Improvement Program and Error Reporting.
6.
Do not use Microsoft Update, and do not opt to start the Operations console when the wizard closes.
7.
Complete the installation wizard, and then close all open windows.
Enable VMM integration with Operations Manager

1.
On LON-VMM1, launch the VMM console.
2.
From the Settings workspace, click System Center Settings, right-click Operations Manager
Server, and then click Properties.
3.
On the Connection to Operations Manager page, use lon-om1.adatum.com for the server name.
4.
On the Connection to VMM page, use the following:

o
User name: adatum\scservice
Password: Pa$$w0rd
5.
Complete the wizard.
6.
In the Jobs window, click New Operations Manager connection, and wait for the job to complete.
This takes approximately five minutes.
7.
When the job completes, close the Jobs window.
What Are PRO Tips?

PRO tips are Operations Manager management
packs that can perform actions in VMM
automatically, in response to monitored events.
For example, hardware vendors can create PRO
tips in reaction to a hardware event on a physical
server. In response, the PRO tip can take remedial
action, for example by moving one or more virtual
machines automatically to another Hyper-V host
server and placing the original hosts into
maintenance mode.
Note: Prior to System Center 2012 VMM,
PRO tips were responsible for moving and balancing workloads across Hyper-V host clusters. This
functionality was replaced by dynamic optimization, which is built into VMM.
To enable PRO, use the following procedure:
1.
In the VMM console, open the Settings workspace.
2.
In the Settings pane, click System Center Settings, and then click Operations Manager Server.
3.
On the Home tab, in the Properties group, click Properties.
4.
On the Details page, under Connection Settings, select Enable Performance and Resource
Optimization (PRO), and then click OK.
To configure PRO for hosts, use the following procedure:
1.
In the VMM console, click the Fabric workspace.
2.
In the Fabric navigation pane, click the host group containing the server you will configure. In the
main section, click the host, and then on the ribbon, click Properties.
3.
On the left of the host Properties page, click PRO State. You can click to enable Monitoring and
Remediate for each of the Host PRO Monitors available. The default monitors are Virtual Machine
Manager Dynamic Memory VM Pressure, and Virtual Machine Manager Maximum Dynamic Memory
Monitor
Note: You also can author your own PRO tip. To do this, you need to understand
Operations Manager management pack authoring, and have an understanding of Windows
PowerShell and XML.
Microsoft provides a programmers guide to creating PRO tips. If you do not have the required
knowledge or would like assistance with creating PRO tips, contact your regional Microsoft office
and locate a System Center Partner to develop the management pack and PRO tips that you
need.
Configuring Advanced Monitoring for Virtualization Components.

When you build a server virtualization
environment and deploy Operations Manager
to monitor it, there are several management
packs that you can import and configure. These
management packs include storage server
management packs, and management packs
authored by network vendors. Each of these
management packs are created for specific
hardware and software technologies. By
implementing and tuning the management packs,
you can build an advanced monitoring solution.
The following are reasons why you should
consider implementing hardware vendor management packs:
Receive alerts about a predictive physical hard disk failure. This enables you to replace a disk in a
redundant array of independent disks (RAID) array before it actually fails.
Receive alerts about a storage controller failover or path status degradation in a multipath SAN.
Receive a notification about new firmware availability.
Receive temperature alerting with hardware.
13-33
In addition to monitoring hardware, you can obtain Microsoft management packs for much of your
environment. For example, you can download management packs for SQL Server, WSUS, and File
Servers services. You can use these management packs to monitor some of the VMM components
more granularly. Apart from management packs authored by Microsoft, there is a large community of
developers that are creating free management packs, including management packs for virtualization.
You can search for management packs online using an Internet search engine.
Fabric Health Dashboard
The Fabric Health Dashboard provides a detailed view of private clouds health, and any underlying fabric
resources. The dashboard provides administrators with immediate health and status information, allowing
for rapid resolution of issues or potential issues.
You can view the Fabric Health Dashboard by using the following steps:
1.
In the Operations Manager console, click the Monitoring workspace.
2.
In the Monitoring navigation pane, click and expand Microsoft System Center Virtual Machine
Manager, expand Cloud Health Dashboard, and then click Cloud Health.
3.
Select the cloud you want to review, and then in the tasks pane, click Fabric Health Dashboard.
The following are some of the Fabric Health Dashboard features:
Host State: This feature monitors the health state of host groups, or the resource aspects of the
private cloud, such as CPU, memory, disks, and network adapters.
Storage Pools State File Share and LUN State. This feature monitors the health state of storage,
including disk allocation and capacity.
Network Node State. This feature monitors the health state of network nodes (devices) for the
selected private cloud. Only physical network devices within a hop of the hosts display. To view
physical network devices, enable Network Monitoring in Operations Manager, and then monitor
the physical network devices that are connected to your hosts.
Active Alerts and Number of VMs. The Active Alerts and Number of VMs fields in the Fabric Health
Dashboard can depict what issues are having the highest impact on your private cloud.
Fabric Health Monitoring Diagram View
The Diagram view in the Fabric Health Dashboard provides you with a diagram of your entire
infrastructures fabric health. It also shows the health state of each part of the fabric. The Diagram view
helps you answer questions about the health of your entire fabric. Improvements to the Diagram view
ensure that health roll ups and that the relevant fabric components are part of the Diagram view.
Lab: Monitoring and Reporting Virtualization

Infrastructure
Scenario
13-35
As usage of the A. Datum Corporation virtual environment increases, IT management is concerned about
the lack of information available about the environment. IT management wants to ensure that all virtual
machine and host computer performance is monitored carefully. They also would like to see high-level
reports showing the performance for the entire environment.
To provide this level of monitoring and reporting, you must configure integration between VMM and
Operations Manager. You will then use Operations Manager to provide IT management with better
reports regarding the virtualization infrastructure, including performance monitoring.
Objectives
Implement Operations Manager agents.
Configure Operations Manager monitoring components.
Configure Operations Manager integration with VMM.
Lab Setup
Virtual machines: 20409B-LON-HOST1, 20409B-LON-DC1, 20409B-LON-VMM1, 20409B-LON-OM1
Password: Pa$$w0rd
1.
2.
seconds.
3.
Click 20409B-LON-VMM1, and then in the Actions pane, click Start, and then click Connect. Wait
until the virtual machine starts.
4.

o
Password: Pa$$w0rd
Domain: Adatum
5.
Repeat steps 3 and 4 for 20409B-LON-OM1.
6.
In the 20409B-LON-VMM1 on LON-HOST1 Virtual Machine Connection, click the Media dropdown list box, click DVD Drive, and then click Insert Disk.
7.
In the Open pop-up dialog box, navigate to D:\Program Files\Microsoft Learning\20409\Drives

(the location where the virtual machines are located), select the SC2012R2.iso file, and then click
Open.
Note: Shut down all virtual machines after finishing this lab.
Exercise 1: Implementing Microsoft System Center 2012 R2 Operations

Manager Agents
Scenario
In this exercise, you will deploy Operations Manager agents to both a virtualization host and a virtual
machine. You will deploy one agent by using discovery method, and you will deploy the other agent
manually.
1.
Deploy Operations Manager agents using the Operations console.
2.
Deploy Operations Manager agents manually.
Task 1: Deploy Operations Manager agents using the Operations console

1.
On LON-OM1, from the taskbar, launch the Operations console.
2.
In the Operations console, click the Administration workspace.
3.
Start the Computer and Device Management Wizard.
4.
On the Discovery Type page, ensure that Windows computers is selected.
5.
On the Auto or Advanced page, ensure Advanced Discovery is selected.
6.
On the Discovery Method page, type LON-HOST1.adatum.com as the computer name.
7.
Run the discovery, and then click LON-HOST1.adatum.com as the object to manage.
8.
Complete the wizard, wait for the task to complete successfully, and then click Close.
Task 2: Deploy Operations Manager agents manually

1.
On LON-OM1, in the Operations console, update the Security settings by enabling Review new
manual agent installations in pending management view.
2.
Sign in to LON-VMM1.
3.
Locate and run the following file:

\\lon-om1\c$\Program Files\Microsoft System Center 2012 R2\Operations Manager
\Server\AgentManagement\amd64\momagent.msi
4.
In the Microsoft Monitoring Agent Setup Wizard, enter Adatum for the Management Group name.
Enter LON-OM1 for the Management Server name, and then complete the wizard.
5.
On LON-OM1, in the Operations Manager console, in the Administration workspace, locate the
Pending Management node, and then approve LON-VMM1.adatum.com.
6.
In the Manual Agent Install window, read the information, and then click Approve.
Results: After completing this exercise, you should have deployed Operations Manager agents to a
virtualization host and to a virtual machine.
Exercise 2: Configuring Operations Manager Monitoring Components

Scenario
In this exercise, you will deploy and configure monitoring components. You will install and configure
management packs, configure notifications, and configure reports.
1.
Configure notifications.
Task 1: Configure notifications
13-37
1.
In the Operations Manager console, click the Administration workspace.
2.
From the Notifications node, create a new channel, select Email (SMTP), and leave the default name
and description.
3.
Use the following information:

o
Port number: 25
Return address: SCAlerts@adatum.com
4.
On the Format page, accept the default message format.
5.
6.
In the Operations Manager console, in the Administration workspace, click Subscribers.
7.
In the Task pane, click New.
8.
In the Notification Subscriber Wizard, on the Description page, accept the default name, and then
click Next.
9.
On the Schedule page, accept the default settings, and then click Next.
10. On the Addresses page, click Add to create a new subscriber address.
11. Use the following settings:
o
Address name: Work E-mail
Channel Type: E-mail (SMTP)
Delivery address: administrator@adatum.com
12. Complete the wizard, accepting the default settings.

13. In the Operations Manager console, from the Administration workspace, click Subscriptions.
14. In the Task pane, click New.
15. In the Subscription name text box, type Windows Server 2012 notifications, and then click Next.
16. Enter raised by any instance in a specific group for the criteria, and choose the Windows Server
2012 Computer Group.
17. Use Adatum\Administrator as the subscriber, and E-mail as the channel. Enable Delay sending
notifications if conditions remain unchanged for longer than (in minutes), enter 10 as the value,
and then complete the wizard.
18. When finished, close the Operations Manager console.
Results: After completing this exercise, you should have deployed and configured monitoring
components including management packs, notifications, and reports.
Exercise 3: Configuring Operations Manager Integration with System

Center 2012 R2 Virtual Machine Manager (VMM)
Scenario
In this exercise, you will configure Operations Manager integration with VMM. You will install the
Operations Manager console on the VMM management server, import management packs, and verify the
effects of the integration.
1.
Integrate Operations Manager and VMM.
2.
Test Performance and Resource Optimization PRO) integration.
3.
Work with virtualization reports.
4.
Perform advanced monitoring: Fabric dashboard and cloud health.
Task 1: Integrate Operations Manager and VMM

1.
On LON-VMM1, open File Explorer.
2.
Browse to and run D:\SCOM\setup.exe.
3.
Select only to install the Operations Manager console.
4.
Use the default installation location, agree to the license terms, and on the Help improve
Operations Manager page, click No, I am not willing to participate for both Customer
Experience Improvement Program and Error Reporting.
5.
Do not use Microsoft Update, and do not Start the Operations Manager console when the wizard
closes.
6.
Complete the installation wizard, and then close all open windows.
7.
On LON-VMM1, launch the VMM console.
8.
From the Settings workspace, click System Center Settings, right-click Operations Manager
Server, and then click Properties.
9.
On the Connection to Operations Manager page, use lon-om1.adatum.com for the server name.
10. On the Connection to VMM page, use the following:

o
User name: adatum\scadmin
Password: Pa$$w0rd
11. Complete the wizard.
13-39
12. In the Jobs window, click New Operations Manager connection, and wait for the job to complete.
This takes approximately ten minutes.
13. When the job completes, close the Jobs window.
Task 2: Test Performance and Resource Optimization PRO) integration

1.
In the VMM console, click the Settings workspace, in the navigation pane, click System Center
Settings, right-click Operations Manager Server, and then click Properties.
2.
In the Add Operations Manager Wizard, on the Connection Details page, under the Diagnostics
section, click Test PRO, and then click OK.
3.
In the PRO window, click the PRO Diagnostics alert, review the information, and then close the PRO
window.
4.
In the JOBS workspace, click the PRO diagnostics job, and then monitor the progress of the job.
Task 3: Work with virtualization reports

1.
On LON-OM1, in the Operations Manager console, click the Reporting workspace, and then click
Microsoft System Center Virtual Machine Manager 2012 R2 Reports.
2.
On the right, launch the Host Utilization report, and then expand the report window.
3.
Review the From and To criteria, which should be First day of this month Today and the current
time and time zone.
4.
On the right, click Add Group. In the Group Name drop-down list box, ensure that Contains is
selected, in the Filter 3, type all hosts, and then click Search.
5.
Under the Available items section, click All Hosts, click Add, and then click OK.
6.
Run the report. When the report finishes loading, review the report description, and then review the
report.
7.
Click File, review the export options, and then when done, click Close
Task 4: Perform advanced monitoring: Fabric dashboard and cloud health

1.
2.
In the Monitoring navigation pane, browse to Microsoft System Center Virtual Machine Manager
\Cloud Health Dashboard, and then click Cloud Health.
3.
Review the state and details of the DevCloud, then in the navigation pane, click Fabric Health
Dashboard,
4.
Review the Fabric Health Dashboard, and when done, close the dashboard.
5.
Close the Operations console.
Results: After completing this exercise, you should have configured the integration of Operations
Manager with VMM. You should have installed the Operations Manager console, imported management
packs, and verified the effects of the integration.

Review Questions
Question: One of the virtualization infrastructure on-call team members has requested that
the team not receive infrastructure alerts through SMS during normal business hours. How
can you address this issue?
Question: Although the on-call team members no longer receive SMS alerts during business
hours, they also no longer receive email notifications during the day. What could be the
reason for this issue, and what can you do to resolve it?
Question: When performing a recovery by using DPM, what are the three options for virtual
machines?
Question: Your data protection strategy calls for an offsite copy of your backups. What
features does DPM provide to facilitate this?
Course Evaluation
Your evaluation of this course will help Microsoft
understand the quality of your learning experience.
Please work with your training provider to access the
course evaluation form.
Microsoft will keep your answers to this survey private
and confidential and will use your responses to improve
your future learning experience. Your open and honest
feedback is valuable and appreciated.
13-41

L1-1
Module 1: Evaluating the Environment for Virtualization
Lab: Evaluating the Environment for

Virtualization
Exercise 1: Selecting the Appropriate Virtualization Method
Task 1: Design a virtualization solution to resolve a remote worker application
scenario
A. Datum has just passed a remote worker policy that allows up to an additional 50 people to work
remotely. Until now, only a few designated on-call IT staff were approved to work remotely, and they all
have fixed lines and secure virtual private networks (VPNs).
Remote workers will be required to use their own devices, although they should run the companys
applications, and ideally keep data such as documents, reports, and spreadsheets within the company
network.
1.
Which virtualization technology can assist with the remote worker requirements?
Answer: Presentation virtualization: Remote Desktop Services is the best candidate for this solution.
2.
What are three of the components required to deliver the remote worker solution?
Answer: Any three of the following components can deliver a remote worker solution.
3.
Remote Desktop Session Broker
Remote Desktop Gateway
Remote Desktop Session Host
Remote Desktop Licensing Manager
Approximately four months after A. Datum has gone live with the remote worker solution, users
begin to complain they cannot access the company systems from home. What could be a likely
problem?
Answer: The problem could be any (or a combination) of the following:
4.
The evaluation licenses have expired.
Either no licenses or the wrong or licenses are configured on the Remote Desktop Licensing
Manager.
The Remote Desktop Session Host servers are not configured, or are not able to communicate
with the Remote Desktop license server.
When designing the virtualization solution, you must be able to accommodate a physical server
failure by providing reasonable fast recovery. What are the options to achieve a fast recovery?
Answer:
Option 1
You can build more than one Remote Desktop Session Host server, and incoming users will be loadbalanced by the session broker. During a hardware failure, some of the users will lose their remote
session, but when they attempt to connect again they will be directed to working servers.
L1-2 Evaluating the Environment for Virtualization
Option 2
You can build a virtual server that runs Windows Server 2012 Remote Desktop. You can then place
this server on a Windows Server 2012 Hyper-V host cluster, which would permit hardware failure.
While users will lose their remote session when the server fails, when reconnecting they should be
able to use the virtual machine that has started on another cluster node.
Task 2: Design a solution to for a Microsoft Office upgrade
A. Datum urgently needs to upgrade from Microsoft Office 2007 to Office 2010 for all employees.
However, the remote workers, some senior managers, and most the IT staff should be piloting Office 2013
at the same time.
Remote workers will need to have access to both Office 2010 and Office 2013.
Providing separate computers is not an option, and you have heard about application compatibility issues
between different versions of Microsoft Office.
1.
Which virtualization technology could help you with these requirements?

Answer: Microsoft System Center 2012 R2 Application Virtualization (App-V) can help deliver the
required solution.
2.
You create packages for the following products:

o
Office 2013
For which other operating system do you need to create packages?
Answer: You should create packages for Windows Server 2012 so that the remote workers can access
both versions of Microsoft Office from the same servers.
Task 3: Design a solution for the development team

A. Datum developers use Microsoft SharePoint and Microsoft SQL Server extensively. They frequently
need hardware, more disk space, and extra memory for their computers that are running client
hypervisors. Developers also frequently contact the helpdesk with requests for restores, or to confirm
that their databases are backed up. You have some additional budget that you could use for hardware
and software to help the development team, and to reduce the administrative and operation task load
that they create.
1.
Which virtualization and management technology could you implement to improve the development
department infrastructure?
Answer: You can implement server virtualization using Hyper-V.
2.
What tool can you use to find out how big the Hyper-V hosts must be to accommodate the
developers current systems?
Answer: You can use the Microsoft Assessment and Planning Toolkit (MAP).
3.
Which System Center 2012 R2 component could help you delegate some virtual machine
administration, and provide some elements of self-service to the developers?
Answer: You can use System Center 2012 R2 Virtual Machine Manager (VMM) to provide delegated
administration and self-service.
Server Virtualization with Windows Server Hyper-V and System Center L1-3
Task 4: Respond to the CEOs green initiative enquiry
The Chief Executive Officer (CEO) of A. Datum has asked you to provide some feedback on how your new
virtualization project will meet the companys green initiatives. Your predecessor had already obtained
quotes for more power and cooling feeds to each of the companys five data centers, to accommodate
high-density blade centers that would provide the core virtualization infrastructure.
List a few suggestions that could form part of a report to the CEO.
Answer:
o
Migrating from physical to virtual machines for most of the companys server workloads should
be a key factor in the green initiative.
Selecting low-power processors and memory in some, or all virtualization hosts will help with
energy consumption.
Windows Server 2012 R2 deduplication could help reduce the storage footprint, in turn making
the company greener.
Consolidate some of the data centers. You could reduce the data centers from five to three by
using one subsidiary as secondary data center to the head office main data center.
Use shared storage.
Results: After completing this exercise, you should have evaluated a given scenario and selected the
appropriate virtualization method for that scenario.
Exercise 2: Assessing the Environment by Using MAP

Task 1: Install MAP
1.
From LON-CL1, move the pointer to the bottom left of the screen, right-click the Windows icon, and
then click Run.
2.
In the Run text box, type \\lon-dc1\e$\labfiles\mapsetup.exe, and then click OK.
3.
In the Microsoft Assessment and Planning Toolkit Setup Wizard, on the Welcome page, click Next.
4.
On the License Agreement page, review the license agreement, click I accept the terms of the
license agreement, and then click Next.
5.
On the Installation Folder page, review the installation path, and then click Next.
6.
On the Customer Experience Improvement Program page, click I dont want to join the
program at this time, and then click Next.
7.
On the Ready to Install page, click Install.
8.
On the Installation Successful page, ensure the Open the Microsoft Assessment and Planning
and Toolkit check box is selected, and then click Finish.
9.
On the Datasource page, in the Create or select a database section, in the Name text box, type
10. Leave the MAP console open for the next task.
L1-4 Evaluating the Environment for Virtualization
11. On the desktop, move the mouse to the bottom left of the screen, right-click the Windows icon, and
then click Run.
12. In the Run text box, type \\lon-dc1\e$\labfiles, and then click OK.
13. Right-click the file MAP_Training_Kit.zip, and then click Extract All. In the destination text box,
type C:\map, and then click Extract.
14. When the file finishes extracting, close the two File Explorer windows.
15. From the menu at the top of the MAP overview window, click File, and then click Manage
Databases. In the databases section, click Import, next to the Backup File text box, click the Browse
icon, in the File name text box, type c:\map\map_sampleDB.bak, and then click Open.
16. In the Database Name text box, type MAPDEMO, and then click OK.
17. When a warning displays, saying that the imported databases needs to be upgraded, click Yes. Note
that this process may take a minute or two.
18. When the import shows as having been successfully imported and upgraded, click OK, and then click
Close.
19. Click File, click Select a Database, click MAPDEMO, and then click OK.
Task 2: Review assessments

1.
On LON-CL1, from the Overview page, on the navigation pane on the left, click Server
Virtualization.
2.
Under the Steps to complete section, click Run the Server Consolidation Wizard.
3.
In the Server Virtualization and Consolidation Wizard, on the Virtualization Technology page, click
Windows Server 2012 Hyper-V, and then click Next.
4.
On the Hardware Configuration page, click Sample host, and then click Next.
5.
On the Utilization Settings page, in each text box, type 75, and then click Next.
6.
On the Choose Computers page, click Choose the computers from a list on the next step of the
wizard, and then click Next.
7.
On the Computer List page, select the Computer Name check box, and then click Next.
8.
On the Summary page, review the settings, and then click Finish.
9.
When the assessment process completes, click Close.
10. In the MAP console, on the Server Virtualization page, under Scenarios, click Server
Consolidation, and review the Details section.
11. Under the Options section, click the Server Virtualization Report, and when the proposal is
generated, click Close.
12. On the MAP console menu, click View, and then click Saved Reports and Proposals.
13. In the File Explorer window, right-click the ServerVirtRecommendation workbook, and then click
Open.
14. In the Microsoft Office Activation Wizard, click Close, click Next three times, and then click All done!.
15. At the bottom of the Microsoft Excel workbook, click each tab, and review the information in the
report.
16. When you finish reviewing the information, close Excel, and then close File Explorer.
17. Review the MAP toolkit. Review at least three of the scenarios for which the MAP toolkit provides
information.
18. Be prepared to answer discussion questions based on your results.
Results: After completing this exercise, you should have installed MAP and assessed a virtualization
environment.

L2-7
Module 2: Installing and Configuring the Hyper-V Role
Lab: Installing and Configuring the Hyper-V

Role
Exercise 1: Installing the Hyper-V Role
Task 1: Write down your LON-HOST number
Note: One of the students in a pair will be working on LON-HOST1, and the other student
will be working on LON-HOST2.
Write down your LON-HOST number on a piece of paper. If your LON-HOST number is 1, your
partners number will be 2, and vice-versa.
Task 2: Verify that the LON-HOST2 computer does not have the Hyper-V role
installed
1.
Verify that the Hyper-V role is not yet installed on LON-HOST2. On LON-HOST2, in Server Manager,
in the menu bar, click Manage, and then click Add Roles and Features.
2.
In the Add Roles and Features Wizard, on the Before you begin page, click Next.
3.
On the Select installation type page, ensure that the Role-based or feature-based installation
option is selected, and then click Next.
4.
On the Select destination server page, ensure that Select a server from the server pool is
selected, and then click Next.
5.
On the Select server roles page, in the Roles section, verify that Hyper-V is not selected (which
means that it is not installed).
6.
Click Cancel to close the Add Roles and Features Wizard.
7.
On LON-HOST2, on the desktop, on the taskbar, click the Windows PowerShell icon.
8.
In the Windows PowerShell window, run the following cmdlet:

Get-WindowsFeature *Hyper*
9.
Verify that the output shows that neither Hyper-V nor Hyper-V Management Tools are installed.
10. In Windows PowerShell, run the following cmdlet:

Get-Command Module Hyper-V
11. Verify that no cmdlet is listed.

bcdedit.exe
13. Verify that in the output, in the Windows Boot Loader section, there is no line with
hypervisorlaunchtype Auto.
Note: LON-HOST2 has multiple operating systems installed. Ensure that

hypervisorlaunchtype Auto does not display in the Windows Boot Loader section for
Windows Server 2012 R2.
14. Minimize the Windows PowerShell window.
15. Open the Start screen, and search for programs that contain the word hyper. Confirm that no
program is found.
16. On the Start screen, search for and open Event Viewer.
L2-8 Installing and Configuring the Hyper-V Role
17. In Event Viewer, in the navigation pane, expand the Applications and Services Logs node, expand
Microsoft, expand Windows, and verify that there is no node that starts with word Hyper-V.
18. Close Event Viewer.
19. On the Start screen, search for and open Performance Monitor.
20. In Performance Monitor, in the navigation pane, click Performance Monitor, and then in the details
pane, on the toolbar, click the Add (green +) icon.
21. In the Add Counters window, ensure that <Local computer> is selected, and then verify that there is
only one counter that starts with the word Hyper-V, Hyper-V Dynamic Memory Integration
Service.
22. In the Add Counters window, click Cancel, and then close Performance Monitor.
23. On the Start screen, search for and open Windows Firewall with Advanced Security.
24. In the Windows Firewall with Advanced Security window, in the navigation pane, click Inbound
Rules.
25. In the details pane, verify that there are no rules that start with the word Hyper-V.
26. Close Windows Firewall with Advanced Security.
27. On the Start screen, click the Control Panel tile.
28. In Control Panel, in the Search text box, type services, and then click View local services.
29. In the Services window, verify that seven services that start with the word Hyper-V display, but that
Hyper-V Virtual Machine Management service is not present.
30. Close Services, and then close the Services Control Panel window.
Task 3: Install the Hyper-V role by using Server Manager

1.
On LON-HOST2, on the desktop, on the taskbar, click Server Manager.
2.
In Server Manager, in the menu bar, click Manage, and then click Add Roles and Features.
3.
4.
On the Select installation type page, ensure that the Role-based or feature-based installation
option is selected, and then click Next.
5.
6.
On the Select server roles page, in the Roles section, click Hyper-V.
7.
In the Add Roles and Features Wizard, verify that Include management tools (if applicable) is
selected, and then click Add Features.
8.
9.
On the Select features page, click Next.
10. On the Hyper-V page, click Next.

11. On the Create Virtual Switches page, click Next.
12. On the Virtual Machine Migration page, click Next.
13. On the Default Stores page, click Next.
14. On the Confirm installation selection page, select the Restart the destination server
automatically if required option.
15. In the Add Roles and Features Wizard, click Yes, and then click Install.
16. Wait until LON-HOST2 restarts, and then sign in with the user name Adatum\Administrator and
password Pa$$w0rd.
17. In the Add Roles and Features Wizard, click Close.
Task 4: Verify that the Hyper-V role was installed successfully

1.
Verify that the Hyper-V role is installed on LON-HOST2.
2.
On LON-HOST2, in Server Manager, in the menu bar, click Manage, and then click Remove Roles
and Features.
3.
In the Remove Roles and Features Wizard, on the Before you begin page, click Next.
4.
5.
On the Remove server roles page, verify that in the Roles section Hyper-V is selected (which
indicates that the role is installed).
6.
Click Cancel to close the Remove Roles and Features Wizard.
7.
Close Server Manager.
8.
On LON-HOST2, on the desktop, on the taskbar, click the Windows PowerShell icon.
9.
In Windows PowerShell, run the following cmdlet:

Get-WindowsFeature *Hyper*
Note: The output shows that both Hyper-V and Hyper-V Management Tools are installed.
Note: The output returns many cmdlets, which confirms that the Hyper-V module is
installed and available.
11. In Windows PowerShell, run the following command:
bcdedit.exe
12. Verify that in the output, in the Windows Boot Loader section, there is a hypervisorlaunchtype
Auto line.
Note: LON-HOST2 has multiple operating systems installed. Ensure that
hypervisorlaunchtype Auto displays in the Windows Boot Loader section for Windows Server
2012 R2.
13. Minimize Windows PowerShell.
14. Open the Start screen, and search for programs that contain the word hyper. Confirm that two
programs are discovered: Hyper-V Manager, and Hyper-V Virtual Machine Connection.
15. On the Start screen, search for and open Event Viewer.
16. In Event Viewer, in the navigation pane, expand Applications and Services Logs node, expand
Microsoft, expand Windows, and verify that multiple nodes that start with word Hyper-V display.
17. Close Event Viewer.
18. On the Start screen, search for and open Performance Monitor.
19. In Performance Monitor, in the navigation pane, click Performance Monitor, and then in the details
pane, on the toolbar, click the Add (green +) icon.
20. In the Add Counters window, ensure that <Local computer> is selected, and then verify that there
are multiple counters that start with the word Hyper-V.
21. In the Add Counters window, click Cancel, and then close Performance Monitor.
22. On the Start screen, search for and open Windows Firewall with Advanced Security.
23. In the Windows Firewall with Advanced Security window, in the navigation pane, click Inbound
Rules. In details pane, verify that multiple rules that start with the word Hyper-V display.
24. Close Windows Firewall with Advanced Security.
25. On the Start screen, click the Control Panel tile.
26. In Control Panel, in the Search text box, type services, and then click View local services.
27. In the Services window, verify that multiple services that start with the word Hyper-V display.
Note: Hyper-V Virtual Machine Management service is one of services that display in the
Services window, and the status of this service is Running.
28. Close the Services window and the Services - Control Panel window.
29. On LON-HOST2, run the following script: C:\Labfiles\Mod02-LON-HOST2.ps1 to prepare the
environment.
Note: This script will import three virtual machines: 20409B-LON-PROD2,
20409B-LON-TEST2, and 20409B-LON-CL2.
Results: After completing this exercise, you should have installed the Hyper-V role.
Exercise 2: Configuring Hyper-V Settings

Task 1: Create a network share for storing virtual machines
1.
On LON-HOSTx, on the taskbar, click Server Manager.
2.
In Server Manager, in the navigation pane, click File and Storage Services, and then click Shares.
3.
In the Shares section, click Tasks, and then click New Share.
4.
In the New Share Wizard, on the Select the profile for this share page, in the Select share profile
section, click SMB Share Applications, and then click Next.
5.
On the Select the server and path for this share page, click Next.
6.
On the Specify share name page, in Share name text box, type VHDs, and then click Next.
7.
On the Configure share settings page, click Next.
8.
On the Specify permissions to control access page, click Customize permissions.
9.
In the Advanced Security Settings for VHDs dialog box, click Add, click Select a principal, in the
Enter the object name to select text box, type Domain users, click OK, select the Full control
check box, and then click OK twice.
10. On the Specify permissions to control access page, click Next.

11. On the Confirm selections page, click Create.
12. On the View results page, click Close.
13. Minimize Server Manager.
Task 2: Configure a virtual hard disk location

1.
On LON-HOSTx, start Hyper-V Manager.
2.
Verify the default location for creating new virtual hard disks. In Hyper-V Manager, in the Actions
pane, click New, and then click Hard Disk.
3.
In the New Virtual Hard Disk Wizard, click Next three times.
4.
In the New Virtual Hard Disk Wizard, on the Specify Name and Location page, verify that the
Location field is set to C:\Users\Public\Documents\Hyper-V\Virtual Hard Disks\, and then click
Cancel.
5.
In Hyper-V Manager, in the Actions pane, click Hyper-V Settings.
6.
On the Hyper-V Settings for LON-HOSTx page, in left pane, verify that Virtual Hard Disks is
selected.
7.
On the Hyper-V Settings for LON-HOSTx page, in the Location field verify that the same location
that was used in the New Virtual Hard Disk Wizard is listed.
8.
Click Browse, and in the navigation pane, click Local Disk (C:). In the details pane, click Users, and
then click Select Folder.
9.
On the Hyper-V Settings for LON-HOSTx page, click OK.
10. Verify that C:\Users is set as a default location for creating new virtual hard disks.
11. In Hyper-V Manager, in the Actions pane, click New, and then click Hard Disk.
12. In the New Virtual Hard Disk Wizard, click Next three times.
13. In the New Virtual Hard Disk Wizard, on the Specify Name and Location page, verify that the
Location field is set to C:\Users\, and then click Cancel.
Note: This is the same location as you configured for Virtual Hard Disk location.
14. On LON-HOSTx, on the taskbar, click the Windows PowerShell icon.
15. In Windows PowerShell, run the following cmdlet, where y is number of your partner host. For
example, if you are using HOST1, y represents 2. If you are using HOST2, y represents 1:
Set-VMHost -VirtualHardDiskPath \\LON-HOSTy\VHDs
16. In Hyper-V Manager, in the Actions pane, click Hyper-V Settings, and verify that
\\LON-HOSTy\VHDs is specified as the Virtual Hard Disk location.
Task 3: Configure Hyper-V settings by using Windows PowerShell and Hyper-V

Manager
1.
2.
On the Hyper-V Settings for LON-HOSTx page, in the left pane, click Virtual Machines, and in the
details pane, in the text box, verify that C:\ProgramData\Microsoft\Windows\Hyper-V displays.
3.
On the Hyper-V Settings for LON-HOSTx page, in the left pane, click NUMA Spanning, and in the
details pane, verify that NUMA Spanning is set to Enabled.
4.
In the left pane, click Storage Migrations, and verify that 2 simultaneous storage migrations are
allowed.
5.
In the left pane, click Enhanced Session Mode Policy, and in the details pane, verify that Allow
enhanced session mode is disabled.
6.
Close the Hyper-V Settings for LON-HOSTx page.
7.
Minimize Hyper-V Manager.
8.
On LON-HOSTx, on the taskbar, click the Windows PowerShell icon.
9.
In Windows PowerShell, run the following cmdlets, where y is number of your partner host. Press
Enter at the end of each line:
Set-VMHost
Set-VMHost
Set-VMHost
Set-VMHost
VirtualMachinePath \\LON-HOSTy\VHDs
-NumaSpanningEnabled $false
-MaximumStorageMigrations 4
-EnableEnhancedSessionMode $true
Note: You can ignore the message that states that you must restart the Hyper-V Virtual
Machine Management Service to apply the NUMA Spanning configuration.
10. Maximize Hyper-V Manager, and in the Actions pane, click Hyper-V Settings.
11. On the Hyper-V Settings for LON-HOSTx page, click Virtual Machines, and verify that
\\LON-HOSTy\VHDs is specified as the Virtual Machine location.
Note: This is the location that you set using Windows PowerShell.
12. In the left pane, click NUMA Spanning, and verify that NUMA Spanning is disabled.
Note: NUMA Spanning is disabled because you set it to disabled using Windows
PowerShell.
13. In the right pane, select the check box to allow NUMA Spanning.
14. In the left pane, click Storage Migrations, and then verify that the number of simultaneous storage
migrations allowed is set to 4.
Note: This value is set to 4 because you set the value using Windows PowerShell.
15. In the left pane, click Enhanced Session Mode Policy, and verify that Policy is enabled. In the details
pane, clear the Allow enhanced session mode check box to disable Enhanced Session Mode
Policy.
16. Click OK to close Hyper-V Settings for LON-HOSTx. Click Close.
Results: After completing this exercise, you should have configured Hyper-V settings.
Exercise 3: Accessing and Managing Hyper-V Remotely

Task 1: Turn on the Hyper-V Management Tools feature
1.
On LON-HOSTx, in Hyper-V Manager, start and connect to 20409B-LON-CLx.
2.
Sign in to LON-CLx with the user name Adatum\Administrator and the password Pa$$w0rd.
3.
On LON-CLx, on the Start screen, search for programs that contain the word hyper. Confirm that no
program is found.
4.
On the Start screen, search for and start Windows PowerShell.
5.

6.
Verify that no cmdlet is listed, and then minimize the Windows PowerShell window.
7.
On LON-CLx, on the Start screen, search for and then click Turn Windows features on or off.
8.
In the Windows Features window, expand the Hyper-V node, click Hyper-V Management Tools,
and then click OK.
9.
Wait until the Windows operating system completes its required changes, and then click Close.
10. Maximize the Windows PowerShell window, and again run the following cmdlet:
Note: This time many cmdlets display, because the Hyper-V module is now installed.
11. Minimize the Windows PowerShell window.
12. On LON-CLx, on the Start screen, search for programs that contain the word hyper. Confirm that two
programs, Hyper-V Manager and Hyper-V Virtual Machine Connection, are discovered.
Task 2: Connect to the Hyper-V host and manage it remotely

1.
On LON-CLx, on the Start screen, type Hyper-V, and then click Hyper-V Manager.
2.
In Hyper-V Manager, in the navigation pane, right-click Hyper-V Manager, and then click Connect
to Server.
3.
In the Select Computer dialog box, click Browse, in the Enter the object name to select text box,
type LON-HOSTx, and then click OK twice.
4.
Verify that LON-HOSTx now displays in the Hyper-V Manager navigation pane.
5.
In Hyper-V Manager, click Hyper-V Settings.
6.
In the Hyper-V Settings for LON-HOSTx dialog box, review Hyper-V Settings for LON-HOSTx,
and verify that they are configured as you configured them in the previous exercise.
7.
Close Hyper-V Settings for LON-HOSTx.
Note: Virtual Hard Disks and Virtual Machines locations are set to \\LON-HOSTy\VHDs,
NUMA Spanning is enabled, Storage Migrations is set to 4, and Enhanced Session Mode
Policy is disabled.
8.
On the desktop, on the taskbar, click the Windows PowerShell icon.
9.
In Windows PowerShell, run the following command:

Get-VMHost ComputerName LON-HOSTx | fl
Note: The output displays the Hyper-V settings for LON-HOSTx.

Set-VMHost ComputerName LON-HOSTx -MaximumStorageMigrations 3
11. Switch to Hyper-V Manager.

12. In Hyper-V Manager, right-click LON-HOSTx, and then click Refresh.
13. In the Actions pane, click Hyper-V Settings, verify that Storage Migrations is set to 3, and then
click OK.
Note: This value is 3 because this is how you configured it in Windows PowerShell.
14. Close Windows PowerShell.
15. Close Hyper-V Manager.
Results: After completing this exercise, you should have accessed and managed Hyper-V remotely.

L3-17
Module 3: Creating and Managing Virtual Hard Disks, Virtual

Machines, and Checkpoints
Lab A: Creating and Managing Virtual Hard

Disks and Virtual Machines
Exercise 1: Creating and Managing Virtual Hard Disks
Task 1: Create virtual hard disks
1.
2.
In Windows PowerShell, run the following cmdlets:

Set-VMHost -VirtualHardDiskPath C:\Shares\VHDs
Set-VMHost VirtualMachinePath C:\Shares
3.
On LON-HOSTx, open Hyper-V Manager.
4.
In Hyper-V Manager, in the Actions pane, click New, and then click Hard disk.
5.
In the New Virtual Hard Disk Wizard, on the Before You Begin page, click Next.
6.
On the Choose Disk Format page, confirm that VHDX is selected.

Note: This is the default disk format on Windows Server 2012 and newer.
7.
Click VHD, and then click Next.
8.
On the Choose Disk Type page, confirm that the default disk type for VHD hard disk is Fixed size,
and then click Next twice.
9.
On the Configure Disk page, confirm that the maximum size for the VHD is 2,040 GB.
10. Click Previous three times to return to the Choose Disk Format page.
11. On the Choose Disk Format page, click VHDX, and then click Next.
12. On the Choose Disk Type page, confirm that the default disk type for the VHDX hard disk is
Dynamically expanding, and then click Next.
13. On the Specify Name and Location page, in the Name field, type Dynamic.vhdx, confirm that the
Location field is set to C:\Shares\VHDs\, and then click Next.
14. On the Configure Disk page, confirm that Create a new blank virtual hard disk is selected, in the
Size field, type 100, and then click Next.
15. On the Completing the New Virtual Hard Disk Wizard page, click Finish.
16. On LON-HOSTx, in Hyper-V Manager, in the Actions pane, click New, and then click Hard disk.
17. In the New Virtual Hard Disk Wizard, on the Before You Begin page, click Next.
18. On the Choose Disk Format page, select VHD, and then click Next.
19. On the Choose Disk Type page, click Differencing, and then click Next.
20. On the Specify Name and Location page, in the Name field, type Differencing.vhd, confirm that
the Location field is set to C:\Shares\VHDs\,and then click Next.
21. On the Configure Disk page, click Browse, and then browse to E:\Program Files
\Microsoft Learning\base\.
Note: The actual drive letter on which base images are stored can be different, and it
depends on the physical server configuration. Drive E is used in the instructions, but you should
use the drive on which base images are stored in your environment.
22. In the Base folder, click Base14A-WS12R2.vhd, click Open, and then click Next.
23. On the Completing the New Virtual Hard Disk Wizard page, click Finish.
24. On LON-HOSTx, on the taskbar, click the Windows PowerShell icon.
25. In Windows PowerShell, create a fixed-size virtual hard disk by running the following cmdlet:
New-VHD Path C:\Shares\VHDs\Fixed.vhdx -SizeBytes 1GB Fixed
Task 2: Explore different virtual hard disk types
L3-18 Creating and Managing Virtual Hard Disks, Virtual Machines, and Checkpoints
1.
On LON-HOSTx, on the taskbar, click File Explorer.
2.
In the This PC window, browse to the C:\Shares\VHDs folder.
3.
In the VHDs folder, confirm that the three virtual hard disks that you created in the previous task
display.
4.
In the VHDs folder, right-click Fixed.vhdx, select Properties, confirm that its size on the disk is
1.00 GB, and then click OK.
5.
In the VHDs folder, verify that Dynamic.vhdx and Differencing.vhd are allocated much less space
on the disk, even though you configured Dynamic.vhdx with 100 GB.
6.
On LON-HOSTx, in Hyper-V Manager, right-click LON-CLx, and then click Settings.
7.
In Settings for LON-CLx, in the left pane, click SCSI Controller, in the right pane, click Hard Drive,
and then click Add.
8.
In the Hard Drive section, browse to C:\Shares\VHDs.
9.
In the VHDs folder, click Fixed.vhdx, click Open, and then click OK.
10. In Windows PowerShell, add two additional virtual hard disks to LON-CLx by running the following
cmdlets:
Add-VMHardDiskDrive VMName 20409B-LON-CLx ControllerType SCSI Path
C:\Shares\VHDs\Dynamic.vhdx
Add-VMHardDiskDrive VMName 20409B-LON-CLx ControllerType SCSI Path
C:\Shares\VHDs\Differencing.vhd
11. On LON-HOSTx, in Hyper-V Manager, double-click LON-CLx.

12. On LON-CLx, on the desktop, click File Explorer.
13. In File Explorer, right-click This PC, and then click Manage.
14. In Computer Management, in the navigation pane, click Disk Management. After the Initialize Disk
window opens, click OK.
15. Confirm that LON-CLx has multiple disks. Confirm that the last three disks have 1023 MB (1 GB),
100 GB, and 127 GB. Confirm that the last disk has two partitions, which are assigned letters E: and
F:. Confirm that the first two disks have only unallocated space.
16. Right-click the unallocated space of Disk 1, click New Simple Volume, click Next four times, and
then click Finish. Disk is formatted and assigned letter G:. Close File Explorer and click Cancel in the
Microsoft Windows dialog box.
17. Right-click the unallocated space of Disk 2, click New Simple Volume, click Next four times, and
then click Finish. Disk is formatted and assigned letter H:. Click Cancel in the Microsoft Windows
dialog box.
18. In File Explorer, browse to C:\Windows.
19. In the Windows window, in the details pane, right-click the Inf folder, and then click Copy.
20. In the navigation pane, click Local Disk (F:), and then confirm that multiple folders display in the
details pane.
Note: This is a partition on a differencing disk. You did not yet copy anything on it to the
virtual hard disk; this is content on the parent disk.
21. In the details pane, right-click, and then click Paste. Verify that the Inf folder is copied to drive F: on
the differencing virtual hard disk.
22. Copy folder Inf to drives G: on the fixed-size disk and H: on the dynamically expanding disk.
23. On LON-HOSTx, in File Explorer, browse to the C:\Shares\VHDs folder.
24. In the VHDs folder, confirm that all three disks still display. Confirm that the size of the Fixed.vhdx file
is still 1 GB, while the size of the Differencing.vhd and Dynamic.vhdx files has increased as you copy
data to the partitions on those disks.
Task 3: Manage virtual hard disks

1.
On LON-HOSTx, in Hyper-V Manager, in the Actions pane, click Edit Disk.
2.
In the Edit Virtual Hard Disk Wizard, on the Before you Begin page, click Next.
3.
On the Locate Virtual Hard Disk page, click Browse, and then browse to C:\Shares\VHDs.
4.
In the VHDs folder, click Fixed.vhdx, click Open, and then click Next.
5.
On the Choose Action page, confirm that Expand is selected, and then click Next.
6.
On the Expand Virtual Hard Disk page, in the New size field, type 2, and then click Next.
7.
On the Completing the Edit Virtual Hard Disk Wizard page, click Finish.
8.
In Hyper-V Manager, in the Actions pane, click Edit Disk.
9.
In the Edit Virtual Hard Disk Wizard, on the Before you Begin page, click Next.
10. On the Locate Virtual Hard Disk page, click Browse, and then browse to C:\Shares\VHDs.
11. In the VHDs folder, click Dynamic.vhdx, click Open, and then click Next.
12. On the Choose Action page, confirm that the dynamically expanding disk has two actions available,
Compact and Expand. A third option, Shrink, would be available if there were unallocated space on
that disk. Click Expand, and then click Next.
13. On the Expand Virtual Hard Disk page, in the New size field, type 200, and then click Next.
14. On the Completing the Edit Virtual Hard Disk Wizard page, click Finish. Notice that the operation
finished much faster than when you expanded the fixed-size virtual hard disk.
15. On LON-CLx, in Computer Management, right-click Disk Management, and then click Refresh.
Confirm that Disk 1 and Disk 2 have expanded, and now have 1 GB and 100 GB of unallocated space.
Notice that Hyper-V expanded the virtual hard disks while the virtual machine was running.
16. On LON-HOSTx, in Windows PowerShell, remove the first two small computer system interface (SCSI)
virtual hard disks from LON-CLx by running the following cmdlets:
Remove-VMHardDiskDrive VMName 20409B-LON-CLx ControllerType SCSI ControllerNumber
0 ControllerLocation 0
Remove-VMHardDiskDrive VMName 20409B-LON-CLx ControllerType SCSI ControllerNumber
0 ControllerLocation 1
17. On LON-HOSTx, in Hyper-V Manager, in the Actions pane, click Edit Disk.
18. In the Edit Virtual Hard Disk Wizard, on the Before you Begin page, click Next.
19. On the Locate Virtual Hard Disk page, click Browse, and then browse to C:\Shares\VHDs.
20. In the VHDs folder, click Dynamic.vhdx, click Open, and then click Next.
21. On the Choose Action page, confirm that there are new options available.
Note: Shrink is available because the disk now has unallocated space, and Convert is
available only if the disk is not used by a virtual machine.
22. On the Choose Action page, click Convert, and then click Next.
23. On the Convert Virtual Hard Disk page, click VHD, and then click Next.
24. On the Convert Virtual Hard Disk page, click Dynamically expanding, and then click Next.
25. On the Convert Virtual Hard Disk page, click Browse, and then browse to C:\Shares\VHDs.
26. In the VHDs folder, in the File name field, type Converted.vhd, click Save, and then click Next.
27. On the Completing the Edit Virtual Hard Disk Wizard page, click Finish.
28. On LON-HOSTx, in File Explorer, browse to C:\Shares\VHDs.
29. In the VHDs folder, confirm that file Converted.vhd is created, and that the size of Fixed.vhdx is now
2 GB.
Task 4: Add a directly attached disk

1.
On LON-HOSTx, from Server Manager, click Tools, and then click iSCSI Initiator.
2.
When the Microsoft iSCSI dialog box displays, click Yes.
3.
In the iSCSI Initiator Properties dialog box, in the Target field, type 172.16.0.14, and then click
Quick Connect.
4.
In the Quick Connect dialog box, click the target with lon-ss1 in the name, and then click Done.
5.
On LON-HOSTx, in Server Manager, click the Tools menu, and then click Computer Management.
6.
In the Computer Management navigation pane, click Disk Management.
7.
In the details pane, confirm that disk has been added, and that it has a status of Offline. Make a note
of its size.
Note: Two disks are added on LON-HOST1. One disk is added on LON-HOST2.
8.
Close Computer Management, and minimize Server Manager.
9.
10. In Settings for LON-CLx, in the left pane, under SCSI Controller, click Hard Drive. In the right pane,
in the Media section, click Physical hard disk, and then click OK.
11. On LON-CLx, in Computer Manager, in the navigation pane, click Disk Management. Confirm that
Disk 1 displays, that it has the same size as the disk that was added to LON-HOSTx, and that it is not
initialized. This is the directly attached disk that was added to LON-CLx.
12. In Computer Management, right-click Disk 1, and then click Initialize disk.
13. In the Initialize Disk dialog box, click OK.
14. Right-click in the unallocated space of Disk 1, click New Simple Volume, click Next four times, and
then click Finish. Close File Explorer and click Cancel in the Microsoft Windows dialog box.
15. On LON-HOSTx, in Windows PowerShell, remove SCSI virtual hard disks from LON-CLx by running the
following cmdlet:
Remove-VMHardDiskDrive VMName 20409B-LON-CLx ControllerType SCSI -ControllerNumber
0 -ControllerLocation 2
Note that the location might differ. If so, check the virtual machine settings for LON-CLx.
16. On LON-CLx, in Disk Management, confirm that Disk 1 no longer displays.
17. On LON-HOSTx, in the iSCSI Initiator Properties window, in the Discovered targets section, click the
target with lon-ss1 in the name, and then click Disconnect.
18. In the Disconnect From All Sessions dialog box, click Yes, and then click OK.
Results: After completing this exercise, you should have created and managed virtual hard disks.
Exercise 2: Creating and Managing Virtual Machines

Task 1: Create virtual machines
1.
On LON-HOSTx, in Hyper-V Manager, in the Actions pane, click New, and then click Virtual
Machine.
2.
In the New Virtual Machine Wizard, on the Before You Begin page, click Next.
3.
On the Specify Name and Location page, in the Name field, type LON-VM2, and then click Next.
4.
On the Specify Generation page, click Generation 2, and then click Next.
5.
On the Assign Memory page, in the Startup Memory field, type 1024, select the Use Dynamic
Memory for this virtual machine check box, and then click Next four times.
6.
On the Completing the Virtual Machine Wizard page, click Finish. A virtual machine named
LON-VM2 is created.
7.
On LON-HOSTx, in Windows PowerShell, create a Generation 1 virtual machine, and then attach it to
a virtual hard disk by running the following cmdlets:
New-VM Name LON-VM1 MemoryStartupBytes 1GB Generation 1 BootDevice IDE
Add-VMHardDiskDrive VMName LON-VM1 ControllerType IDE Path
C:\Shares\VHDs\Differencing.vhd
Task 2: Manage virtual machines
1.
On LON-HOSTx, in Hyper-V Manager, right-click the LON-VM2 virtual machine, and then click
Settings.
2.
In Settings for LON-VM2, in the Add Hardware section, in the details pane, confirm that three types
of hardware display. Confirm also that in the left pane, in the Hardware section, no BIOS, IDE
Controllers, COM ports, or Diskette Drive display, but Firmware does display.
3.
In the Hardware section, click Firmware, and then confirm that Enable Secure Boot is enabled.
4.
In the Boot order section, click Hard Drive, click the Move Up icon to set Hard Drive as the first
boot device, and then click OK.
5.
In Hyper-V Manager, right-click the LON-VM1 virtual machine, and then click Settings.
6.
In Settings for LON-VM1, in the Add Hardware section, in the details pane, confirm that five types of
hardware display. In the left pane, in the Hardware section, confirm also that BIOS, IDE Controllers,
COM ports, and Diskette Drive display, but Firmware does not display.
7.
Click BIOS, confirm that you can change Startup order, but that no Enable Secure Boot option exists.
8.
Click Memory, and then confirm that Enable Dynamic Memory is not selected.
9.
In the left pane, in the Hardware section, confirm that a single Network Adapter displays, and then
click OK.
10. On LON-HOSTx, in Windows PowerShell, enable dynamic memory, and then add a network adapter
to the LON-VM1 virtual machine by running the following cmdlets:
Set-VM Name LON-VM1 DynamicMemory
Add-VMNetworkAdapter VMName LON-VM1
11. In Hyper-V Manager, right-click the LON-VM1 virtual machine, and then click Settings.
12. In Settings for LON-VM1, click Memory, and then confirm that Enable Dynamic Memory is selected.
13. In the left pane, in the Hardware section, confirm that two Network Adapters display, and then
click OK.
Task 3: Work with dynamic memory

1.
2.
In Settings for LON-CLx, click Memory. In the details pane, confirm that Enable Dynamic Memory is
selected, and then click OK.
3.
In Hyper-V Manager, make note of the currently Assigned Memory for the LON-CLx virtual machine.
4.
In LON-CLx, open Windows PowerShell.
5.
In Windows PowerShell, type the following two commands to allocate additional memory:
cd C:\LabFiles\Mod03
.\TestLimit64.exe d 400 c 1
6.
On LON-HOSTx, in Hyper-V Manager, make note of the currently Assigned Memory for the LON-CLx
virtual machine, and then confirm that LON-CLx is now using more memory.
7.
In LON-CLx, close Windows PowerShell.
8.
After a few minutes, check Assigned Memory for the LON-CLx virtual machine.
Task 4: Work with storage Quality of Service management

1.
On LON-CLx, open a Command Prompt window, and then type the following two commands to view
virtual disk performance:
cd c:\LabFiles\Mod03
.\sqlio.exe
2.
Wait for 30 seconds for the test to complete, and then make note of the IOs/sec result.
3.
4.
In Settings for LON-CLx, under IDE Controller 0, expand Hard Drive, and then click Advanced
Features.
5.
In the details pane, in the Advanced Features section, click Enable Quality of Service
management. In the Minimum field, type 100, in the Maximum field, type 200, and then click OK.
6.
On LON-CLx, at a command prompt, type and execute sqlio.exe again.
7.
After the test completes, verify the IOs/sec result, and then confirm that it is close to 200, which is the
limit you set and is considerably lower than the first result.
8.
On LON-HOSTx, in a Windows PowerShell window, disable Quality of Service management by

running the following cmdlets:
Set-VMHardDiskDrive VMName 20409B-LON-CLx ControllerType IDE MaximumIOPS 0
MinimumIOPS 0
Task 5: Configure Integration Services

1.
On LON-CLx, on Start screen, type services, and then click View local services.
2.
In the Services window, in the details pane, confirm that Hyper-V Time Synchronization Service is
running.
3.
On LON-CLx, open a new Command Prompt window, and then run the Time command.
4.
Make note of the current time, type 11:00 as the current time, and then press Enter.
5.
In the Command Prompt window, enter the Time command again, and then confirm that it
automatically set back to its previous value, as Integration Services automatically synchronized the
time on LON-CLx with the time on LON-HOSTx.
6.
7.
In Settings for LON-CLx, in the Management section, in the left pane, click Integration Services.
8.
In Integration Services, in the details pane, clear the Time synchronization check box, and then
click OK.
9.
On LON-CLx, in Services, right-click Services (Local), and then click Refresh. Confirm that Hyper-V
Time Synchronization Service is not running, and then close Services.
10. In LON-CLx, at the command prompt, run the Time command. Make note of the current time, type
11:00 as the current time, and then press Enter.
11. At the command prompt, type Time, and then press Enter twice. Confirm that the returned time is
few second over 11:00, as time on the virtual machine is no longer synchronizing with the Hyper-V
host.
12. In the Command Prompt window, run the devmgmt.msc command.
13. In Device Manager, expand Display adapters, and then confirm that the virtual machine is using the
Microsoft Hyper-V Video adapter, which is provided as part of Integration Services.
14. In Device Manager, expand System devices, and then confirm that the virtual machine is using
several devices with Hyper-V in their name, including Microsoft Hyper-V Dynamic Memory. All of
those virtual devices are provided as part of Integration Services.
15. Close Device Manager.
16. On LON-HOSTx, in Windows PowerShell, enable time synchronization for LON-CLx by running the
following cmdlet:
Enable-VMIntegrationService VMName 20409B-LON-CLx Name Time Synchronization
17. In LON-CLx, at the command prompt, run the Time command again, and then confirm that the time
on the virtual machine is synchronized with the time on LON-HOSTx.
Results: After completing this exercise, you should have created and managed virtual machines.
Lab B: Creating and Managing Checkpoints

and Monitoring Hyper-V
Exercise 1: Importing Virtual Machines and Working with Checkpoints
Task 1: Import a virtual machine
1.
On LON-HOSTx, in Hyper-V Manager, in the Actions pane, click Import Virtual Machine.
2.
In the Import Virtual Machine window, on the Before You Begin page, click Next.
3.
On the Locate Folder page, type C:\VirtualMachines\LON-EXPORT\, and then click Next.
4.
On the Select Virtual Machine page, confirm that LON-EXPORT is selected, and then click Next.
5.
On the Choose Import Type page, confirm that Register the virtual machine in-place (use the
existing unique ID) is selected, and then click Next.
6.
On the Configure Processor page, in Number of virtual processors field, type 1, and then click
Next.
Note: This page shows only if a virtual machine is configured with more processors than
are available on the Hyper-V host.
7.
On the Connect Network page, select External Network as the virtual switch to which you want
virtual machine to be connected, and then click Next.
Note: This page shows only if the virtual machine is configured to use a virtual switch,
which is not available on the Hyper-V host.
8.
On the Completing Import Wizard page, click Finish.
9.
When the error message Hyper-V encountered an error during the import operation displays, click
See details, and notice that this is because a parent virtual hard disk was not found. Click Close.
10. In Hyper-V Manager, in the Actions pane, click Edit Disk.

11. In the Edit Virtual Hard Disk Wizard, on the Before You Begin page, click Next.
12. On the Locate Folder page, type C:\VirtualMachines\LON-EXPORT\Virtual Hard Disks
\LON-EXPORT.vhd, and then click Next.
13. On the Reconnect Virtual Hard Disk page, click Next.
14. On the Reconnect to Parent Virtual Hard Disk page, type E:\Program Files\Microsoft Learning
\Base\Base14A-WS12R2.vhd, and then click Next.
Note: Actual drive letters on which base images are stored can be different, and it depends
on the physical server configuration. Drive E is used in the instructions, but you should use the
drive on which base images are stored in your environment.
15. On the Completing the Edit Virtual Hard Disk Wizard page, click Finish.
16. In Hyper-V Manager, in the Actions pane, click Import Virtual Machine.
17. In the Import Virtual Machine window, on Before You Begin page, click Next.
18. On the Locate Folder page, type C:\VirtualMachines\LON-EXPORT\, and then click Next.
19. On the Select Virtual Machine Import Virtual Machine page, confirm that LON-EXPORT is
20. On the Choose Import Type page, confirm that Register the virtual machine in-place (use the
existing unique ID) is selected, and then click Next.
21. On the Completing Import Wizard page, click Finish.
22. In Hyper-V Manager, right-click LON-EXPORT, and then click Settings.
23. In Settings for LON-EXPORT on LON-HOSTx, confirm that LON-EXPORT is configured with a single
virtual processor and that it is connected to virtual switch named External Network, and then
click OK.
Task 2: Use enhanced session mode

1.
On LON-HOSTx, in File Explorer, browse to C:\Windows, and then double-click Win.ini.
2.
In Notepad, copy a few lines of text to the Clipboard by pressing Ctrl+C, and then close Notepad.
3.
On LON-CLx, open Notepad.
4.
In Notepad, from the menu bar, click Edit, and then confirm that the Paste option is not available.
5.
In Virtual Machine Connection to LON-CLx, in the Clipboard menu, click Type clipboard text.
Confirm that the text that you copied from the Win.ini file is typed. Close the 20409B-LON-CLx
window.
Note: Without enhanced session mode being enabled, this is the only way to copy content
to virtual machines, and it works only for text.
6.
On LON-HOSTx, in Hyper-V Manager, in the Actions pane, click Hyper-V Settings.
7.
In Hyper-V Settings, on the left side, in the Server section, click Enhanced Session Mode Policy, in
the details pane, click Allow enhanced session mode, and then click OK.
8.
In Hyper-V Manager, right-click 20409B-LON-CLx, and then click Connect.
9.
In the Connect to 20409B-LON-CLx window, click Show Options, click the Local Resources tab, in
the Local devices and resources section, click More, click Drives, and then click OK.
10. In the Connect to 20409B-LON-CLx window, click Connect. Confirm that you are not automatically
signed in to LON-CLx.
11. In LON-CLx, click ADATUM\administrator, in the Password field, type Pa$$w0rd, and then press
Enter. Your previous session, including an opened Notepad, displays.
12. In Notepad, on the menu bar, click Edit, and then click Paste. Verify that the copied text from the
Win.ini file is pasted.
13. Close Notepad, and when prompted, click Dont Save.
14. On LON-HOSTx, in File Explorer, browse to C:\Windows, right-click Write.exe, and then click Copy.
15. On LON-CLx, right-click the desktop, and then click Paste. Confirm that file Write.exe is copied to the
LON-CLx desktop.
Note: When enhanced session mode is used, you can copy and paste files between a virtual
machine and a Hyper-V host even if the virtual machine does not have network connectivity.
16. On LON-CLx, on the taskbar, click File Explorer. Confirm that in the navigation pane, drives from
LON-HOSTx are mapped to the virtual machine.
17. In the navigation pane, right-click This PC, and then click Properties.
18. In the System window, click Remote Settings. Confirm that in the Remote Desktop section, Dont
allow remote connections to this computer is selected.
19. Click OK, and then close the System window.
20. In the Virtual Machine Connection to 20409B-LON-CLx window, in the Action menu, click Turn Off,
and then click Turn Off.
21. Close Virtual Machine Connection.
22. On LON-HOSTx, in Hyper-V Manager, double-click the LON-CLx virtual machine.
23. In Virtual Machine Connection, in the Action menu, click Start.
24. Confirm that LON-CLx is starting.
Note: Because Integration Services are not available during system start, enhanced
session mode is not used during that time. However, after the system starts, the Connect to
20409B-LON-CLx window displays, and you can configure enhanced session mode properties.
25. On LON-HOSTx, in Hyper-V Manager, in the Actions pane, click Hyper-V Settings.
26. In Hyper-V settings, on the left side, in the Server section, click Enhanced Session Mode Policy.
27. In the details pane, clear the Allow enhanced session mode check box, and then click OK.
Task 3: Create checkpoints

1.
On LON-HOSTx, in Hyper-V Manager, right-click LON-VM1, and then click Settings.
2.
In Settings for LON-VM1, under IDE Controller 0, click Hard Drive, confirm that it is using the
Differencing.vhd virtual hard disk that you created earlier, and then click OK.
3.
In Hyper-V Manager, right-click LON-VM1, and then click Checkpoint. Confirm in the Checkpoints
pane that a checkpoint is added.
4.
In Hyper-V Manager, right-click LON-VM1, and then click Start.
5.
In Hyper-V Manager, right-click LON-VM1, and then click Settings.
6.
Confirm that under IDE Controller 0, Hard Drive is now using a file with a GUID in its name, and
then click OK.
Note: This is a differencing disk, which was created by the checkpoint.
7.
In Hyper-V Manager, double-click LON-VM1.
8.
9.
On the Settings page, enter Pa$$w0rd in Password and Reenter Password fields, and then click
Finish.
10. Sign in as Administrator by using the password Pa$$w0rd.

11. On LON-VM1, right-click the desktop, click New, click Folder, and name the folder Folder1.
12. In Virtual Machine Connection, in the Action menu, click Checkpoint, type Folder1 as Checkpoint
Name, and then click Yes.
13. On LON-VM1, right-click the desktop, click New, click Folder, and then name the folder Folder2.
14. In Virtual Machine Connection, on the toolbar, click the Checkpoint button, type Folder2 as
Checkpoint Name, and then click Yes.
15. On LON-VM1, right-click the desktop, click New, click Folder, and then name the folder Folder3.
16. On LON-HOSTx, open Windows PowerShell.
17. In Windows PowerShell, create a checkpoint for LON-VM1 by running the following cmdlet:
Checkpoint-VM Name LON-VM1 SnapshotName Folder3
18. View the existing checkpoints for LON-VM1 by running the following cmdlet in Windows PowerShell:
Get-VMSnapshot VMName LON-VM1
19. In Hyper-V Manager, confirm that all four checkpoints for LON-VM1 display.
20. Right-click the Folder1 checkpoint, and then click Apply. In the Apply Checkpoint dialog box, click
Apply.
21. On LON-VM1, on the desktop, confirm that there is only single folder displaying, named Folder1.
Right-click the desktop, click New, click Folder, and name the folder Folder1.1.
22. In Hyper-V Manager, right-click LON-VM1, and then click Checkpoint.
23. In Hyper-V Manager, in the Checkpoints pane, right-click the created checkpoint, click Rename, and
then name the folder Folder1.1.
24. On LON-HOSTx, in File Explorer, browse to C:\Shares\Snapshots.
25. In the Snapshots folder, confirm that there are five .xml files and five subfoldersexactly the same as
number of checkpoints for LON-VM1 that you created.
26. In the Snapshots window, in the details pane, click the Date modified column to order content by
the time of creation.
27. Right-click the lowest folder in the details pane, and then click Properties.
28. In the Properties dialog box, confirm that the Size of this folder is 0.
Note: The first checkpoint was created when LON-VM1 was turned off.
29. In the Properties dialog box, click OK.
30. In the Snapshots window, review the size of the other folders.
Note: You created other LON-VM1 checkpoints while the virtual machine was running, so
each of those folders contains the memory content of the virtual machine at the moment the
checkpoint was created.
Task 4: Manage checkpoints

1.
On LON-HOSTx, in Windows PowerShell, view checkpoints for LON-VM1 by running the following
cmdlet:
Get-VMSnapshot VMName LON-VM1
2.
Review the ParentSnapshotName property of each checkpoint to see how checkpoints relate to
each other.
3.
Export the Folder2 checkpoint by running the following cmdlet:

Export-VMSnapshot Name Folder2 VMName LON-VM1 Path C:\Exported
4.
In Hyper-V Manager, in the Virtual Machines pane, verify that the Status column is showing export
progress for LON-VM1.
5.
On LON-HOSTx, in File Explorer, browse to C:\Exported\LON-VM1.
6.
In the LON-VM1 folder, confirm that there is no Snapshots subfolder.
7.
In the details pane, double-click the Virtual Hard Disks folder, and then confirm that it contains two
virtual hard disks, the Differencing.vhd virtual hard disk, and its parent disk Base14A-WS12R2.vhd.
Note: Verify that export of LON-VM1 has finished. If the virtual machine is still exporting,
wait until the export operation finishes.
8.
In File Explorer, in the navigation column, click Exported, in the details pane, right-click LON-VM1,
click Rename, and then type Folder2.
9.
In Windows PowerShell, export complete LON-VM1 by running the following cmdlet:

Export-VM Name LON-VM1 Path C:\Exported
10. You can view the export progress from Hyper-V Manager.
11. In File Explorer, browse to C:\Exported.
12. In the Exported folder, confirm that there is a LON-VM1 subfolder. Double-click the LON-VM1
folder, and then confirm that it contains a subfolder named Snapshots.
13. Double-click Virtual Hard Disks, and then confirm that it contains a Differencing.vhd virtual hard
disk, its parent disk, and all of the differencing virtual hard disks that were created by checkpoints.
14. Close the Virtual Hard Disks window.
15. On LON-HOSTx, in Windows PowerShell, apply the Folder3 checkpoint to LON-VM1 by running the
following cmdlet, and then clicking Y when prompted:
Restore-VMSnapshot Name Folder3 VMName LON-VM1
16. On LON-VM1, on the desktop, confirm that there are three folders named Folder1, Folder2, and
Folder3.
17. In Hyper-V Manager, right-click the Folder2 checkpoint, and then click Settings.
18. In the Settings for Folder2 (checkpoint) window, in the left pane, select several Hardware
components, and then confirm that you cannot modify their settings.
19. In the Management section, in the navigation pane, click Name, in the Description field, type
Folder1 and Folder2 on the desktop, and then click OK.
20. In Hyper-V Manager, right-click the Folder1 checkpoint, and then click Delete Checkpoint Subtree.
In the Delete Checkpoint Tree dialog box, click Delete.
21. In Hyper-V Manager, confirm that all checkpoints for LON-VM1 except the first one are deleted
instantly.
Note: You can follow the merge process of the differencing virtual hard disks in the Status
column of LON-VM1.
22. On LON-HOSTx, in File Explorer, browse to C:\Shares\Snapshots.
23. In the Snapshots folder, confirm that there is single .xml file, and one subfolder.
Note: You deleted all the other checkpoints, and their differencing virtual hard disks were
merged while the LON-VM1 virtual machine was running.
Task 5: Explore Generation ID

1.
On LON-HOSTx, on LON-VM1, in Server Manager, on the Tools menu, click Computer

Management.
2.
In Computer Management, in the navigation pane, click Device Manager.
3.
In Device Manager, in the details pane, expand System devices, and then confirm that the Microsoft
Hyper-V Generation Counter device is present.
Note: This is how a virtual machine presents Generation ID to the operating system.
4.
Close Computer Management.
5.
Turn off LON-VM1.
Results: After completing this exercise, you should have imported virtual machines and worked with
checkpoints.
Exercise 2: Monitoring Hyper-V

Task 1: Use Task Manager
1.
On LON-HOSTx, right-click the taskbar, and then click Task Manager.
2.
In Task Manager, click More Details, and then click the Performance tab.
3.
Sign in to LON-CLx as Adatum\Administrator with the password Pa$$w0rd and click Desktop on
the Start screen.
4.
On LON-CLx, right-click the taskbar, and then click Task Manager.
5.
In Task Manager, click More Details, and then click the Performance tab.
6.
On LON-CLx, open Windows PowerShell.
7.

C:\LabFiles\Mod03\Cpustres.exe
8.
Minimize Windows PowerShell.
9.
In CPU Stress, set the Process Priority Class to High. In the Thread 1 section, set Thread Priority to
10. On LON-CLx, view the Task Manager and confirm that it shows high utilization.
11. On LON-HOSTx, view the Task Manager and confirm that it shows low utilization.
Note: Because each Task Manager is showing utilization of its own virtual environment, the
utilization shown is very different.
12. In CPU Stress, in the Thread 1 section, set Thread Priority to Idle and Activity to Low.
13. On LON-HOSTx, in Task Manager, click Open Resource Monitor. The Resource Monitor opens.
14. On LON-CLx, in Windows PowerShell, run the following command, and then minimize Windows
PowerShell:
15. Confirm that Task Manager on LON-CLx shows very high, almost 100 percent Disk 0 utilization.
Resource Monitor on LON-HOSTx shows only a bit of increased disk activity.
16. On LON-HOSTx, minimize Resource Monitor.
Task 2: Use Performance Monitor to monitor Hyper-V performance

1.
On LON-HOSTx, in Server Manager, on the Tools menu, click Performance Monitor.
2.
In Performance Monitor, in the navigation pane, click Performance Monitor.
3.
In the details pane, on the toolbar, click Add.
4.
In the Add Counters dialog box, expand the Hyper-V Hypervisor Virtual Processor performance
object, click % Guest Run Time. In the Instances of selected object section, click 20409B-LON-CLx,
and then click Add.
5.
Expand the Hyper-V Virtual Storage Device performance object, select and then click Read
Operations/sec. In the Instances of selected object section, click the instance that refers to
20409B-LON-CLx, and then click Add.
6.
Expand the LogicalDisk performance object, click Disk Reads/sec, in the Instances of selected
object section, click C:, click Add, and then click OK.
7.
In Performance Monitor, in the details pane, select only Disk Reads/sec and Read Operations/Sec,
right-click both, and then click Scale Selected Counters.
8.
On LON-CLx, in Windows PowerShell, run the following command:

9.
Minimize Windows PowerShell.
10. On LON-HOSTx, in Performance Monitor, follow how disk access increases in the virtual machine and
on the Hyper-V host while sqlio.exe is running on the virtual machine.
11. On LON-CLx, in CPU Stress, set Process Priority Class to High. In the Thread 1 section, set Thread
Priority to Highest, and set Activity to Busy.
12. On LON-HOSTx, in Performance Monitor, follow how processor utilization increases in both the
virtual machine and on Hyper-V. Notice that the processor on LON-HOSTx is much less utilized than
the processor on LON-CLx.
13. On LON-HOSTx, in Hyper-V Manager, view CPU Usage for the LON-CLx virtual machine.
14. In Hyper-V Manager, right-click LON-CLx, and then click Settings.
15. In Settings for LON-CLx, in the navigation pane, click Processor, type 10 in the Virtual machine
limit (percentage) field, and then click OK.
16. In Hyper-V Manager, confirm that CPU Usage for the LON-CLx virtual machine is considerably lower.
17. On LON-CLx, close both CPU Stress and Task Manager.
18. On LON-HOSTx, close Performance Monitor, Resource Monitor, and Task Manager.
19. In Hyper-V Manager, right-click LON-CLx, and then click Settings.
20. In Settings for LON-CLx, in the navigation pane, click Processor, in the Virtual machine limit
(percentage) field, type 100, and then click OK.
Task 3: Use Resource Metering

1.
On LON-HOSTx, in Windows PowerShell, run the following cmdlet to view if resource metering is
enabled for LON-CLx:
Get-VM 20409B-LON-CLx | Select Name, Status, ResourceMeteringEnabled
2.
Run the following cmdlet to enable resource metering for LON-CLx:

Get-VM 20409B-LON-CLx | Enable-VMResourceMetering
3.
View resource metering data for LON-CLx by running the following cmdlet:
Get-VM 20409B-LON-CLx | Measure-VM
4.
On LON-CLx, in Windows PowerShell, run the following command:

C:\LabFiles\Mod03\Cpustres.exe
5.
6.

C:\LabFiles\Mod03\TestLimit64.exe d 400 c 5
7.
On LON-HOSTx, in Windows PowerShell, run the following cmdlet to view resource metering data for
LON-CLx:
Get-VM 20409B-LON-CLx | Measure-VM
8.
Compare the result with previous results, and then notice the increased use of AvgRAM(M) and
AvgCPU(MHz).
9.
On LON-CLx, close CPU Stress.
10. On LON-HOSTx, in Windows PowerShell, run the following cmdlet to disable resource metering for
LON-CLx:
Get-VM 20409B-LON-CLx | Disable-VMResourceMetering
Results: After completing this exercise, you should have monitored Hyper-V.

L4-35
Module 4: Creating and Configuring Virtual Machine

Networks
Lab A: Creating and Using Hyper-V Virtual

Switches
Exercise 1: Creating and Using Windows Server 2012 R2 Hyper-V Virtual

Switches
Task 1: Verify current Hyper-V network configuration
1.
On LON-HOSTx, start Hyper-V Manager.
2.
In Hyper-V Manager, in the Actions pane, click Virtual Switch Manager.
3.
In the Virtual Switch Manager window, confirm that in the Virtual Switches section, External
Network is the only virtual switch listed.
4.
In the Virtual Switch Manager window, click Cancel.
5.
Minimize Hyper-V Manager.
6.
On LON-HOSTx, on the Start screen, click the Control Panel tile.
7.
In Control Panel, in the Search Control Panel text box, type network, and then click View network
connections.
8.
In the Network Connections window, confirm that two network connections display: Ethernet 2, and
vEthernet (External Network).
9.
Right-click Ethernet 2, and then click Properties.
10. In the Properties dialog box, confirm that only the check box for Hyper-V Extensible Virtual
Switch is selected, and none of the check boxes for the other items are selected. Click Cancel.
11. Right-click the vEthernet (External Network) network connection, and then click Properties.
Confirm that the network connection is using most items, but it is not using Hyper-V Extensible
Virtual Switch, for which the check box is not selected. Click Cancel.
Task 2: Create virtual network adapters in a parent partition

1.
2.

Get-VMNetworkAdapter -All
3.
Verify that the output shows that one network adapter named External Network is present on the
system.
4.

Add-VMNetworkAdapter ManagementOS Name Management
5.
In the Network Connections window, confirm that a new network connection named vEthernet
(Management) is added.
6.
Right-click the vEthernet (Management) network connection, and then click Properties.
7.
In the Properties dialog box, confirm that the network connection is using most items, including
Internet Protocol Version 4 (TCP/IPv4), but that it is not using Hyper-V Extensible Virtual
Switch, and then click Cancel.
8.

Get-VMNetworkAdapter All
9.
Verify that the output shows that the Management network adapter is present on the system.
10. In Windows PowerShell, run the following cmdlets:

Add-VMNetworkAdapter ManagementOS Name Storage
Add-VMNetworkAdapter ManagementOS Name Live Migration
L4-36 Creating and Configuring Virtual Machine Networks
11. In the Network Connections window, confirm that two new network connections named vEthernet
(Storage) and vEthernet (Live Migration) are added.
13. Confirm that there are network adapters named Storage and Live Migration present on the system.
Task 3: Create virtual switches

1.
On LON-HOSTx, maximize Hyper-V Manager.
2.
In Hyper-V Manager, in the Actions pane, click Virtual Switch Manager.
3.
In the Virtual Switch Manager window, in the left pane, confirm that New virtual network switch is
selected.
4.
In the right pane, confirm that External is selected, and then click Create Virtual Switch.
5.
Confirm that New Virtual Switch is added to the left pane.
6.
In right pane, in the Connection type section, confirm that External network is selected.
7.
Verify that you can select Enable single-root I/O virtualization (SR-IOV), but do not select them.
8.
Verify that you can also select Enable virtual LAN identification, but do not enable it.
9.
In the Virtual Switch Manager window, click OK.
10. In the Apply Networking Changes dialog box, click Yes.
11. When the Error applying Virtual Switch Properties changes message displays, expand See details
to view the error description.
12. Review the error message, and then click Close.
Note: The error message is that the physical network adapter is already bound to the
virtual switch, and a physical network adapter can be bound to only one external virtual switch.
13. In the Virtual Switch Manager for LON-HOSTx window, in the Name text box, type Internal Switch.
14. In the Connection type section, click Internal network. Verify that you cannot enable single root I/O
virtualization (SR-IOV) for the internal switch, but that you can select Enable virtual LAN
identification. Do not enable it, and click OK.
15. Maximize the Network Connections window, and confirm that the additional network connection
vEthernet (Internal Switch) is added.
16. Right-click the vEthernet (Internal Switch) network connection, and then click Properties.
17. In the Properties dialog box, confirm that the network connection is using most items, including
Internet Protocol Version 4 (TCP/IPv4). Verify that the network connection is not using Hyper-V
Extensible Virtual Switch, and then click Cancel.
18. In a Windows PowerShell window, run the following cmdlet:
19. Confirm that there is a network adapter named Internal Switch present on the system.
20. Maximize Hyper-V Manager, and in the Actions pane, click Virtual Switch Manager.
21. In Virtual Switch Manager for LON-HOSTx, in the left pane, confirm that New virtual network
switch is selected, in the right pane, click Private, and then click Create Virtual Switch.
22. Verify that in the left pane, New Virtual Switch is added.
23. In the Name text box, type Private Switch. In the Connection type section, confirm that Private
network is selected. Verify that you cannot enable either SR-IOV or virtual local area network (VLAN)
identification for the internal switch, and then click OK.
24. Maximize the Network Connections window, and confirm that when you created the private virtual
switch, no network connection was added.
25. Minimize the Network Connections window.
26. in the Windows PowerShell window, run the following cmdlet:
27. Confirm that no network connection was added when you created the private virtual switch.
28. Maximize Hyper-V Manager, and in the Actions pane, click Virtual Switch Manager.
29. In Virtual Switch Manager for LON-HOSTx, expand the External Network virtual switch, and then
click Extensions.
30. In Virtual Switch Manager for LON-HOSTx, verify that in the right pane, two switch extensions display.
Verify that Microsoft NDIS Capture is not enabled, whereas Microsoft Windows Filtering
Platform is enabled.
31. Expand both the Internal Switch and the Private Switch, and confirm that they have the same
extensions available as the External virtual switch, and that they are configured the same.
32. Click Cancel, and then minimize both Hyper-V Manager and Windows PowerShell.
Task 4: Use Hyper-V virtual switches

1.
On LON-HOSTx, maximize Hyper-V Manager.
2.
In Hyper-V Manager, right-click 20409B-LON-PRODx, and then click Settings.
3.
In Settings for 20409B-LON-PRODx, in the left pane, click Network Adapter, in the Virtual Switch
drop-down list box, click Private Switch, and then click OK.
4.
In Hyper-V Manager, right-click 20409B-LON-TESTx, and then click Settings.
5.
In Settings for 20409B-LON-TESTx, in the left pane, click Network Adapter, in the Virtual Switch
drop-down list box, click Private Switch, and then click OK.
6.
On LON-PRODx, on the taskbar, click the Windows PowerShell icon.
7.

ipconfig
8.
Confirm that LON-PRODx has an IPv4 address of 10.0.0.x5, (where x is 1 if you are using
LON-HOST1, and x is 2 if you are using LON-HOST2).
9.

ping 10.0.0.x6
10. Confirm that four replies are returned.

Note: LON-TESTx has IP address 10.0.0.x6.
11. On LON-HOSTx, in Hyper-V Manager, right-click 20409B-LON-PRODx, and then click Settings.
12. In Settings for 20409B-LON-PRODx, in the left pane, click Network Adapter, in the Virtual Switch
drop-down list box, click Internal Switch, and then click OK.
13. On LON-PRODx, in Windows PowerShell, run the following command:
ping 10.0.0.x6
14. Confirm that this time the destination host is unreachable.

Note: This is because LON-PRODx is connected on a different virtual switch than
LON-TESTx.
15. On LON-HOSTx, maximize the Windows PowerShell window, and run the following command:
ping 10.0.0.x5
16. Confirm that the destination host is unreachable.

Note: This is because the virtual network adapter in LON-HOSTx that is connected to the
Internal switch does not have an IP address from the same subnet as LON-PRODx.
17. On LON-HOSTx, maximize the Network Connections window.
18. In the Network Connections window, right-click the vEthernet (Internal Switch) network
connection, and then click Properties.
19. In the vEthernet (Internal Switch) Properties dialog box, click Internet Protocol Version 4
(TCP/IPv4), and then click Properties.
20. In the Internet Protocol Version 4 (TCP/IPv4) Properties dialog box, click Use the following IP
address, in the IP address text box, type 10.0.0.100.
21. In the Subnet mask text box, type 255.255.255.0, click OK, and click Close.
22. On LON-HOSTx, maximize the Windows PowerShell window, and run the following command:
ping 10.0.0.x5
23. Confirm that four replies are returned, which confirms that both LON-HOSTx and LON-PRODx now
have network connectivity.
25. In the Settings for 20409B-LON-PRODx window, in the left pane, click Network Adapter, in the
Virtual Switch drop-down list box, click External Network, and then click OK.
26. On LON-PRODx, in Windows PowerShell, run the following cmdlet:
Set-NetIPInterface InterfaceAlias Ethernet dhcp enabled
Note: This cmdlet configures LON-PRODx to obtain an IP address automatically from a

DHCP server.
27. In Windows PowerShell, run the following command:
ipconfig /all
28. Verify from the output that LON-PRODx has a different IPv4 address, and that it obtained the IP
address from the DHCP server that is running on LON-DC1.
29. Write down the IPv4 address of LON-PRODx.
30. On LON-HOSTx, in Windows PowerShell, run the following command:
ping <IP address of LON-PRODx>
31. Confirm that four replies are returned, which confirms that LON-HOSTx and LON-PRODx have
ping LON-DC1
33. Confirm that four replies are returned, which confirms that LON-DC1 and LON-PRODx have network
connectivity.
Results: After completing this exercise, you should have created and used Hyper-V virtual switches.
Lab B: Creating and Using Advanced Virtual

Switch Features
Exercise 1: Configuring and Using Advanced Virtual Switch Features
Task 1: Configure and use DHCP guard
Note: In this exercise you will see how you can prevent rogue DHCP servers on your
network. Because your partner is also using the same DHCP server, you should synchronize this
task with him or her.
1.
On LON-PRODx, in Windows PowerShell, run the following commands, pressing Enter at the end of
each line:
ipconfig /release
ipconfig /renew
Note: By running these commands, you renew TCP/IP settings on LON-PRODx. Notice
from the output that TCP/IP settings were obtained successfully.
2.
On LON-HOSTx, in Hyper-V Manager, right-click 20409B-LON-PRODx, and then click Settings.
3.
In Settings for 20409B-LON-PRODx, in the left pane, expand Network Adapter, and then click
Advanced Features. In the right pane, click Enable DHCP guard, and then click OK.
4.
each line:
ipconfig /release
ipconfig /renew
Note: Notice that the TCP/IP settings on LON-PRODx renew successfully. This is because
DHCP guard setting on the virtual network adapter has no effect on whether the virtual machine
can obtain TCP/IP settings over that adapter.
Note: The following lab steps will affect your lab partner, so let him or her know that you
will perform the change on the LON-DC1 virtual machine. Your partner should wait until you
finish this change, and then proceed.
5.
On LON-HOST1, in Hyper-V Manager, right-click 20409B-LON-DC1, and then click Settings.
6.
In Settings for 20409B-LON-DC1, in the left pane, expand Legacy Network Adapter, and then click
Advanced Features. In the right pane, click Enable DHCP guard, and then click OK.
7.
each line:
ipconfig /release
ipconfig /renew
Note: Notice that this time the process takes considerably longer, and LON-PRODx is not
able to obtain TCP/IP settings. This is because when you enabled DHCP guard on the virtual
machine where the rogue DHCP server is running, you can no longer get TCP/IP settings from
that virtual machine
8.
On LON-HOST1, in Windows PowerShell, run the following cmdlets, pressing Enter at the end of each
line:
$vmNIC = Get-VMNetworkAdapter -VMName 20409B-LON-DC1
Set-VMNetworkAdapter -VMNetworkAdapter $vmNIC -DHCPGuard Off
Note: By running those cmdlets, you disable DHCP guard on LON-DC1. Now the DHCP
server that is running in that virtual machine can once again offer TCP/IP settings.
Note: Now that you have disabled DHCP guard on LON-DC1, have your partner perform
the steps from step 5 onwards.
Task 2: Configure and use VLANs

1.
On LON-HOSTx, in Hyper-V Manager, right-click 20409B-LON-TESTx, and then click Settings.
2.
In Settings for 20409B-LON-TESTx, in the left pane, click Network Adapter, in the Virtual Switch
drop-down list box, click External Network, and then click OK.
3.
On LON-PRODx, on the Start screen, type Control Panel, and then press Enter.
4.
In Control Panel, in the Search Control Panel text box, type network, and then click View network
connections.
5.
In the Network Connections window, right-click the Ethernet network connection, and then click
Properties.
6.
In the Ethernet Properties dialog box, click Internet Protocol Version 4 (TCP/IPv4), and then click
Properties.
7.
In the Internet Protocol Version 4 (TCP/IPv4) Properties dialog box, click Use the following IP
address. In the IP address text box, type 10.0.0.x5, in the Subnet mask text box, type
255.255.255.0, click OK, and then click Close.
8.
On LON-PRODx, in Windows PowerShell, run the following command:

ping 10.0.0.x6
9.
Confirm that four replies are returned, which confirms that LON-PRODx and LON-TESTx have
11. In Settings for 20409B-LON-PRODx, in the left pane, click Network Adapter, and then in the right
pane, click Enable virtual LAN identification.
12. Verify that 2 is specified as VLAN ID, and then click OK.
ping 10.0.0.x6
14. Confirm that the destination host is no longer reachable.

Note: This is because LON-PRODx is connected to a VLAN different from LON-TESTx. If
your partner is also at this step in the lab, you can ping LON-PRODy (10.0.0.y5). Because it is
configured with the same VLAN and connected to the same network, the command will be
successful.
16. In Settings for 20409B-LON-PRODx, in the left pane, click Network Adapter, in the right pane, clear
the Enable virtual LAN identification check box, and then click OK.
Task 3: Configure and use bandwidth management

1.
On LON-PRODx, on the desktop, on the taskbar, click File Explorer.
2.
In the This PC window, on the navigation pane, expand This PC, expand Local Disk (C:), and then
click Windows.
3.
In the Windows window, in the details pane, right-click the Inf folder, and then click Copy.
4.
In the Windows window, in navigation, click the down arrow, type \\10.0.0.x6\share, and then press
Enter.
Note: You are now connected to a share named Share on the LON-TESTx computer.
LON-TESTx has IP address 10.0.0.x6.
5.
In the share window, right-click in the details pane, and then click Paste.
6.
Make note of the copy speed and how long the process takes.
7.
When the copy process completes, right-click the Inf folder, click Delete, and then in the Delete
Folder dialog box, click Yes.
8.
9.
In the Settings for 20409B-LON-PRODx window, in the left pane, click Network Adapter, in the
details pane, click Enable bandwidth management, in both the Minimum bandwidth and
Maximum bandwidth text boxes, type 10, and then click OK.
10. On LON-PRODx, in the share window, right-click in details pane and then click Paste.
11. In the window that displays the progress of the copy process, confirm that the copy process takes
noticeably longer to complete.
13. In Settings for 20409B-LON-PRODx, in the left pane, click Network Adapter, in the details pane,
clear the Enable bandwidth management check box, and then click OK.
Results: After completing this exercise, you should have configured and used advanced virtual switch
features.
Lab C: Configuring and Testing Hyper-V

Network Virtualization
Exercise 1: Configuring Hyper-V Network Virtualization
1.
On LON-PROD1, on the Start screen, search for and start Windows PowerShell.
2.
In Windows PowerShell, run following three commands, pressing Enter at the end of each line:
ping 10.0.0.16
ping 10.0.0.25
ping 10.0.0.26
3.
Confirm that LON-PROD1 has connectivity with all three virtual machines, LON-TEST1, LON-PROD2
and LON-TEST2.
4.
On LON-HOST1, on the taskbar, click the Windows PowerShell icon.
5.

Get-VMNetworkAdapter VMName 20409B-LON-PROD1 | fl
6.
Confirm that the VirtualSubnetId property has the value 0, which means that virtual subnets are not
being used.
7.

Get-NetVirtualizationLookupRecord
8.
Verify that the output is empty, which confirms that no virtualization lookup record has been defined.
Note: The virtualization lookup record defines which virtual machine is running on which
Hyper-V host, and over which virtualization subnet is achievable.
9.
In Windows PowerShell, run following cmdlet:

Get-NetVirtualizationCustomerRoute
10. Verify that the output is empty, which confirms that the virtualization customer route has yet to be
defined.
11. In Windows PowerShell, run following cmdlet:
Get-NetAdapter
12. For the physical network adapter, under the ifIndex column, write down the Index number.

1.
On LON-TEST2, on the Start screen, search for and start Windows PowerShell.
2.
In Windows PowerShell, run the following three commands, pressing Enter at the end of each line:
ping 10.0.0.15
ping 10.0.0.16
ping 10.0.0.25
3.
Confirm that four replies are returned for each command. This confirms that LON-TEST2 has
connectivity with LON-PROD1, LON-TEST1, and LON-PROD2.
4.
On LON-HOST2, on the taskbar, click the Windows PowerShell icon.
5.

Get-VMNetworkAdapter VMName 20409B-LON-TEST2 | fl
6.
Confirm that VirtualSubnetId property has the value 0, which means that virtual subnets are not in
use.
7.

8.
Confirm that the output is empty, which confirms that no virtualization lookup record has been
defined.
Note: The virtualization lookup record defines which virtual machine is running on which
Hyper-V host, and over which virtualization subnet it is achievable.
9.

10. Verify that the output is empty, which confirms that a virtualization customer route has yet to be
defined.
11. In Windows PowerShell, run following cmdlet:
Get-NetAdapter
12. For the physical network adapter, under the ifIndex column, write down the Index number.
Task 3: Configure Hyper-V network virtualization

1.
On LON-HOSTx, on the Desktop, on the taskbar, click File Explorer.
2.
In the This PC window, in the navigation pane, expand Local Disk (C:), expand LabFiles, and then
click Mod04.
3.
In the details pane, right-click ConfigureNWx.ps1, and then click Edit.
4.
When the file ConfigureNWx.ps1 opens in Windows PowerShell ISE, review the Windows PowerShell
script to see how network virtualization is configured. Review the variables, which are defined at the
start of the script.
5.
In Windows PowerShell ISE, on the toolbar, click Run Script, or press F5. If you run the script on
of your partner physical server network adapter that were recorded earlier.
Task 4: Test Hyper-V network virtualization

1.
On LON-HOSTx, in Windows PowerShell ISE, in the console (lower pane), run the following cmdlet:
2.
Verify that the output shows that virtualization records have been created for the IP addresses of
LON-PRODx and LON-TESTx virtual machines.
3.
In Windows PowerShell ISE, in the console, run following cmdlet:

4.
Verify that the output shows that one virtualization route is defined for the 10.0.0.0/24 subnet, and
with a VirtualizationSubnetID value of either 5001 or 6001.
Note: Only the student who is using LON-HOST1 will perform steps 5 to 8.
5.
In Windows PowerShell ISE, in the console, run the following cmdlet:

Get-VMNetworkAdapter VMName 20409B-LON-PROD1 | fl
6.
Confirm that the VirtualSubnetId property value is 5001, which was configured by the Windows
PowerShell script.
7.
On LON-PROD1, in Windows PowerShell, run the following three commands:

ping 10.0.0.16
ping 10.0.0.25
ping 10.0.0.26
8.
Verify that four replies are returned only from IP 10.0.0.25.
Note: This confirms that LON-PROD1 has connectivity with LON-PROD2, but it does not
have connectivity with LON-TEST1 and LON-TEST2, because those virtual machines are on a
different virtual network (which is sharing the same physical network.
Note: Only the student who is using LON-HOST2 performs steps 9 to 12.
9.
In Windows PowerShell ISE, in the console, run the following cmdlet:

Get-VMNetworkAdapter VMName 20409B-LON-TEST2 | fl
10. Confirm that the property VirtualSubnetId has a value 6001, which you configured with the
Windows PowerShell script.
11. On LON-TEST2, in Windows PowerShell, run the following three commands:

ping 10.0.0.15
ping 10.0.0.16
ping 10.0.0.25
12. Verify that four replies are returned from IP 10.0.0.16.

Note: This confirms that LON-TEST2 has connectivity with LON-TEST1, but it does not have
connectivity with LON-PROD1 and LON-PROD2 computers. This is because they are on a
different virtual network (which is sharing the same physical network.
Task 5: Remove Hyper-V network virtualization
1.
On LON-HOSTx, on the desktop, on the taskbar, click File Explorer.
2.
In the This PC window, in the navigation pane, expand Local Disk (C:), expand LabFiles, and then
click Mod04.
3.
In details pane, right-click RemoveNWx.ps1, and then click Edit.
4.
When the file RemoveNWx.ps1 opens in Windows PowerShell ISE, on the toolbar, click Run Script,
or press F5. If you run the script on LON-HOST1, enter the index number of your physical server
network adapter and the index number of your partners physical server network adapter that you
recorded earlier.
Note: Running this script removes network virtualization.
5.
After network virtualization is removed, confirm network connectivity between the virtual machines
by performing the following steps:
a.
If you are using LON-HOST1, confirm that LON-PROD1 has connectivity with LON-TEST1,
LON-PROD2. and LON-TEST2 by running the following three commands:
ping 10.0.0.16
ping 10.0.0.25
ping 10.0.0.26
b.
If you are using LON-HOST2, confirm that LON-TEST2 has connectivity with LON-PROD1,
LON-TEST1, and LON-PROD2by running the following three commands:
ping 10.0.0.15
ping 10.0.0.16
ping 10.0.0.25
Results: After completing this exercise, you should have configured Hyper-V network virtualization.

L5-47
Module 5: Virtual Machine Movement and Hyper-V Replica
Lab A: Moving Virtual Machine and

Configuring Constrained Delegation
Exercise 1: Moving Hyper-V Storage and Virtual Machines
Task 1: Move virtual machine storage by using the Move Wizard
Note: Before starting with this lab, run the C:\Labfiles\Mod05\Mod05setup.ps1 script to
prepare environment for the lab.
1.
On LON-HOSTx, in Hyper-V Manager, right-click LON-MOVE1, and then click Settings.
2.
In Settings for LON-MOVE1, under IDE Controller 0, click Hard Drive. Confirm that it is using the
LON-MOVE1.vhdx VHD that is stored locally, and then click OK.
3.
In Hyper-V Manager, right-click LON-MOVE1, and then click Move.
4.
In the Move LON-MOVE1 Wizard, on the Before You Begin page, click Next.
5.
On the Choose Move Type page, select the Move the virtual machines storage option, and then
click Next.
6.
On the Choose Options for Moving Storage page, select the Move only the virtual machines
virtual hard disks option, and then click Next.
7.
On the Select Items to Move page, confirm that disk LON-MOVE1.vhdx is selected, and then click
Next.
8.
On the Choose a new location for attached virtual hard disk page, in the Folder text box, type
\\LON-HOSTy\VHDs\LON-MOVE1, and then click Next.
9.
On the Completing Move Wizard page, click Finish.

Note: Because the VHD is dynamically expanding and is small, the move occurs quickly.
10. In Hyper-V Manager, right-click LON-MOVE1, and then click Settings.

11. In Settings for LON-MOVE1, under IDE Controller 0, click Hard Drive. Confirm that
LON-MOVE1.vhdx is stored on a network share.
Note: This confirms that the VHD was moved while the virtual machine was running.
12. In Settings for LON-MOVE1, under Management, click Checkpoint File Location. Confirm that
checkpoints are stored locally, that you cannot change the location, and then click OK.
13. In Hyper-V Manager, right-click LON-MOVE1, and then click Move.
14. In the Move LON-MOVE1 Wizard, on the Before You Begin page, click Next.
15. On the Choose Move Type page, select the Move the virtual machines storage option, and then
click Next.
L5-48 Virtual Machine Movement and Hyper-V Replica
16. On the Choose Options for Moving Storage page, select the Move the virtual machines data to
different locations option, and then click Next.
17. On the Select Items to Move page, review the items that can be moved. Click Clear All, select the
Checkpoints check box, and then click Next.
18. On the Choose a new location for checkpoints page, in the Folder text box, type \\LON-HOSTy
\VHDs\LON-MOVE1, and then click Next.
19. On the Completing Move Wizard page, click Finish.
Note: Because the checkpoint has a small differencing VHD, the move occurs quickly.
20. In Hyper-V Manager, right-click LON-MOVE1, and then click Settings.
21. In Settings for LON-MOVE1, click Checkpoint File Location. Confirm that checkpoints are stored on
the network share, and that they were moved while virtual machine was running, and then click OK.
Task 2: Move virtual machine storage by using Windows PowerShell

1.
On LON-HOSTx, in Hyper-V Manager, right-click LON-MOVE2, and then click Settings.
2.
In Settings for LON-MOVE2, under IDE Controller 0, click Hard Drive.
3.
Confirm that the hard drive is using the LON-MOVE2.vhdx VHD, and that the VHD is stored locally.
4.
In Settings for LON-MOVE2, click Checkpoint File Location. Confirm that checkpoints are stored
locally and that you cannot change the location, and then click OK.
5.
In Windows PowerShell, move LON-MOVE2 storage by running following cmdlet:

Move-VMStorage VMName LON-MOVE2 DestinationStoragePath \\LON-HOSTy\VHDs\LON-MOVE2
6.
Confirm that storage was moved successfully by running following cmdlet:

Get-VM LON-MOVE2 | Select Name, Path, SnapshotFileLocation
7.
In Hyper-V Manager, right-click LON-MOVE2, and then click Settings.
8.
In Settings for LON-MOVE2, under IDE Controller 0, click Hard Drive, and then confirm that
LON-MOVE2.vhdx is now stored on a network share.
Note: Notice that the VHD was moved while virtual machine is running.
9.
Under IDE Controller 0, click Checkpoint File Location.
10. Confirm that checkpoints are stored on the network share and that they were moved while virtual
machine was running, and then click OK.
Task 3: Configure Hyper-V host for live migration

1.
On LON-HOSTx, in Hyper-V Manager, right-click 20409B-LON-PRODx, and then click Move.
2.
In the Move 20409B-LON-PRODx Wizard, on the Before You Begin page, click Next.
3.
On the Choose Move Type page, confirm that Move the virtual machine is selected, and then click
Next.
4.
When the Move Wizard error dialog box opens, click Close.
Note: This dialog box opens because this computer is not configured for live migration.
5.
In the Move 20409B-LON-PRODx Wizard, click Cancel.
6.
7.
In Hyper-V Settings, in the left pane, click Live Migrations.
8.
In the right pane, in the Live Migrations section, click Enable incoming and outgoing live
migrations.
9.
In Hyper-V Settings, select the option for incoming live migration to Use any available network for
live migration.
10. In the left pane, expand Live Migrations, click Advanced Features, and select Use Kerberos to be
used as Authentication Protocol.
11. After reviewing the settings, click OK.
12. In Hyper-V Manager, in the navigation pane, right-click Hyper-V Manager, and then click Connect
to Server.
13. In the Select Computer dialog box, in the Another computer text box, type LON-HOSTy, and then
click OK.
14. Verify that LON-HOSTy is now added to the Hyper-V Manager navigation pane.
Note: Live migration must be enabled on both LON-HOSTx machines before you can
continue with the lab. Ensure that your partner has finished this task before you continue.
Task 4: Move a virtual machine by using Live Migration

1.
2.
In Settings for 20409B-LON-PRODx, under IDE Controller 0, click Hard Drive.
3.
Confirm that it is using 20409B-LON-PRODx.vhd VHD, and that the VHD is stored locally.
4.
Click Checkpoint File Location. Confirm that checkpoints are stored locally, and then click OK.
5.
On LON-PRODx, open Windows PowerShell, run the following command to ping LON-PRODy, which
is running on your partner Hyper-V host:
ping t 10.0.0.y5
6.
On LON-HOSTx, in Hyper-V Manager, right-click 20409B-LON-PRODx, and then click Move.
7.
In the Move 20409B-LON-PRODx Wizard, on the Before You Begin page, click Next.
8.
On the Choose Move Type page, confirm that Move the virtual machine is selected, and then click
Next.
9.
On the Specify Destination Computer page, in the Name text box, type LON-HOSTy, and then
click Next.
10. On the Choose Move Options page, confirm that the Move the virtual machines data to a single
location option is selected, and then click Next.
11. On the Choose a new location for virtual machine page, in the Folder text box, type
C:\Moved\LON-PRODx, and then click Next.
Note: This will start moving the running virtual machine and performing the live migration.
You can monitor the progress of the live migration in Hyper-V Manager, in the Status column.
Here you can also see that LON-PRODx is able to ping LON-PRODy throughout the live
migration.
13. After live migration completes, in Hyper-V Manager, confirm that LON-PRODx is no longer running
on LON-HOSTx.
14. In Hyper-V Manager, in the navigation pane, click LON-HOSTy.
15. In Hyper-V Manager, right-click 20409B-LON-PRODx, and then click Settings.
16. In Settings for 20409B-LON-PRODx, under IDE Controller 0, click Hard Drive, and then confirm that
it is using the C:\Moved\LON-PRODx\Virtual Hard Disks\20409B-LON-PRODx.vhd VHD.
17. In Settings for LON-PRODx, click Checkpoint File Location, confirm that checkpoints are stored in
the C:\Moved\LON-PRODx folder, and then click OK.
18. In Hyper-V Manager, right-click 20409B-LON-PRODx, and then click Move.
19. In the Move 20409B-LON-PRODx Wizard, on the Before You Begin page, click Next.
20. On the Choose Move Type page, confirm that Move the virtual machine is selected, and then click
Next.
21. On the Specify Destination Computer page, in the Name field, type LON-HOSTx, and then click
Next.
22. On the Choose Move Options page, confirm that the Move the virtual machines data to a single
location option is selected, and then click Next.
23. On the Choose a new location for virtual machine page, in the Folder field, type C:\Moved
\LON-PRODx, and then click Next.
25. When the Move Wizard error dialog box displays, review the text explaining that there was an error
during the move operation.
Note: The error occurs because you are managing a remote Hyper-V host, which is not
allowed to delegate your permissions.
Task 5: Configure constrained delegation

1.
On LON-HOSTx, open Windows PowerShell.
2.
Install Active Directory administrative tools by running the following Windows PowerShell cmdlet:
Install-WindowsFeature RSAT-AD-AdminCenter
3.
On the Start screen, search for and start Active Directory Users and Computers.
4.
In Active Directory Users and Computers, in the navigation pane, expand Adatum.com, and then
click Computers.
5.
In the details pane, right-click LON-HOSTy, and then click Properties.
6.
In the LON-HOSTy Properties dialog box, click the Delegation tab.
7.
On the Delegation tab, click Trust this computer for delegation to specified services only, and
then click Add.
8.
In Add Services, click Users or Computers, in the Enter the objects to select text box, type
LON-HOSTx, and then click OK.
9.
In Add Services, select both cifs and Microsoft Virtual System Migration Services service types,
and then click OK.
10. In the LON-HOSTy Properties dialog box, on the Delegation tab, confirm that both service types
are listed, and then click OK.
11. Close Active Directory Users and Computers.
12. In Windows PowerShell, purge cached Kerberos tickets on LON-HOSTy to immediately apply
changes by running the following command:
winrs -r:LON-HOSTy klist -lh 0 -li 0x3e7 purge
Task 6: Run live migration from Windows PowerShell

1.
On LON-HOSTx, in Windows PowerShell, move LON-PRODx to your Hyper-V host by running the
following cmdlet:
Move-VM Name 20409B-LON-PRODx DestinationHost LON-HOSTx ComputerName LON-HOSTy
-DestinationStoragePath C:\Moved\LON-PRODx
2.
When live migration starts, in Hyper-V Manager, view the Status column to monitor migration
progress.
3.
After migration finishes, in Hyper-V Manager, confirm that 20409B-LON-PRODx is no longer

running on LON-HOSTy.
4.
In Hyper-V Manager, in the navigation pane, click LON-HOSTx.
5.
In Hyper-V Manager, right-click 20409B-LON-PRODx, and then click Settings.
6.
In Settings for 20409B-LON-PRODx, under IDE Controller 0, click Hard Drive, and confirm that it is
using the C:\Moved\LON-PRODx\Virtual Hard Disks\20409B-LON-PRODx.vhd VHD.
7.
In Settings for 20409B-LON-PRODx, click Checkpoint File Location, confirm that the checkpoints are
stored in the C:\Moved\LON-PRODx folder, and then click OK.
Note: Leave the virtual machines running for the next lab.
Results: After completing this exercise, you should have moved Hyper-V storage and virtual machines.
Lab B: Configuring and Using Hyper-V

Replica
Exercise 1: Configuring and Managing Hyper-V Replica
Task 1: Configure Hyper-V host for incoming replication
1.
On LON-HOSTx, in Hyper-V Manager, in the navigation pane, click LON-HOSTy.
2.
3.
In Hyper-V Settings for LON-HOSTy, in the left pane, click Replication Configuration. In the right
pane, in the Replication Configuration section, click both Enable this computer as a Replica
server, and Use Kerberos (HTTP).
4.
Select Allow replication from any authenticated server.
5.
In the Specify the default location to store Replica files text box, type C:\shares\replicated, and
then click OK.
6.
In the Settings dialog box, click OK.
7.
On the Start screen, search for and start mmc.
8.
In Console1, in the File menu, click Add/Remove Snap-in.
9.
In Add or Remove Snap-ins, click Windows Firewall with Advanced Security. In the Available
Snap-ins section, click Add, and then click Another computer. In the Another computer text box,
type LON-HOSTy, click Finish, and then click OK.
10. In Console1, in the navigation pane, expand Windows Firewall with Advanced Security, and then
click Inbound Rules.
11. In the details pane, right-click Hyper-V Replica HTTP Listener (TCP In), and then click Enable Rule.
12. Close Console1, and in the Microsoft Management dialog box, click No.
Task 2: Enable virtual machine replication

1.
On LON-HOSTx, in Hyper-V Manager, right-click 20409B-LON-TESTx, and then click Settings.
2.
In LON-TESTx Settings, in the navigation pane on the left, expand Network Adapter, and confirm
that the two nodes Hardware Acceleration and Advanced Features display.
3.
In LON-TESTx Settings, in the navigation pane, confirm that there are six settings in the Management
section, and that Replication is not one of available settings, and then click OK.
4.
In LON-TESTx, open a Command Prompt window, and confirm that the virtual machine has an IPv4
address of 10.0.0.x6.
5.
In Hyper-V Manager, right-click LON-TESTx, and then click Enable Replication.
6.
In Enable Replication for LON-TESTx, on the Before You Begin page, click Next.
7.
On the Specify Replica Server page, in the Replica server text box, type LON-HOSTy, and then
click Next.
8.
On the Specify Connection Parameters page, confirm that Use Kerberos authentication (HTTP) is
selected, that Compress the data that is transmitted over the network is enabled, and then click
Next.
9.
On the Choose Replication VHDs page, confirm that LON-TESTx VHD is selected, and then click
Next.
10. On the Configure Replication Frequency page, in the drop-down list box, click 30 seconds, and
then click Next.
11. On the Configure Additional Recovery Points page, click Create additional hourly recovery
points, in the Coverage provided by additional recovery point (in hours) text box, type 10, and
then click Next.
12. On the Choose initial Replication Method page, confirm that both the Send initial copy over the
network and Start replication immediately options are selected, and then click Next.
13. On the Completing the Enable Replication wizard page, click Finish.
14. In Hyper-V Manager, in the navigation pane, click LON-HOSTy.
15. Confirm that 20409B-LON-TESTx is one of the virtual machines on LON-HOSTy, and that it is in the
Off state.
16. In Hyper-V Manager, right-click 20409B-LON-TESTx, click Replication, and then click View
Replication Health.
17. In Replication Health for 20409B-LON-TESTx, review Replication Health.
Note: Because initial replication is most likely not yet completed, the, Replication Health is
in the Warning state.
18. In Replication Health for LON-TESTx, click Close.
19. In Hyper-V Manager, right-click 20409B-LON-TESTx, and then click Settings.
20. In 20409B-LON-TESTx Settings, in the navigation pane, expand Network Adapter, and confirm that
two new nodes that were not present before, Failover TCP/IP and Test Failover, now display.
21. In 20409B-LON-TESTx Settings, in the navigation pane, confirm that there are now seven settings in
the Management section, including Replication, which was not present before, and then click OK.
22. In Windows PowerShell, review replication settings and status by running the following cmdlets, and
pressing Enter at the end of each line:
Get-VMReplication VMName 20409B-LON-TESTx
Measure-VMReplication VMName 20409B-LON-TESTx
23. In Hyper-V Manager, right-click 20409B-LON-TESTx, click Replication, and then click View
Replication Health.
24. In Replication Health for 20409B-LON-TESTx, review Replication Health, and then click Close.
Note: If initial replication has finished, Replication Health will display as Normal.
Task 3: Test Hyper-V Replica failover

1.
On LON-HOSTx, in Hyper-V Manager, in the navigation pane, verify that LON-HOSTy is selected.
Right-click 20409B-LON-TESTx, and then click Settings.
2.
In 20409B-LON-TESTx Settings, in the navigation pane, expand Network Adapter, and then click
Failover TCP/IP.
3.
In 20409B-LON-TESTx Settings, in the details pane, click Use the following IPv4 address scheme
for the virtual machine, enter the following settings, and then click Apply:
o
IPv4 Address: 192.168.10.15
Subnet Mask: 255.255.255.0
Default gateway: 192.168.10.1
Preferred DNS server: 192.168.10.100
4.
In 20409B-LON-TESTx Settings, in the navigation pane, click Test Failover.
5.
In the details pane for Virtual switch, click Private Switch, and then click OK.
Note: If initial replication of LON-TESTx has not yet finished, wait until it finishes.
6.
In Hyper-V Manager, right-click 20409B-LON-TESTx, click Replication, and then click Test Failover.
7.
In Test Failover, click Test Failover.
Note: A checkpoint for 20409B-LON-TESTx is created, and a new virtual machine named
LON-TESTx Test is created.
8.
In Hyper-V Manager, right-click 20409B-LON-TESTx Test, and then click Settings.
9.
In Settings for 20409B-LON-TESTx, click Network Adapter, confirm that it is connected to Private
Switch, and then click OK.
10. In Hyper-V Manager, right-click 20409B-LON-TESTx Test, and then click Start.
11. Double-click LON-TESTx -Test. Verify that the virtual machine connection to LON-TESTx Test
opens.
12. On LON-TESTx - Test, sign in as Administrator with the password Pa$$w0rd. Click Cancel in
Shutdown Event Tracker.
13. On LON-TESTx - Test, on the Start screen, search for and open Command Prompt.
14. In the Command Prompt window, type ipconfig, and then press Enter.
15. Confirm that IP configuration is the same as you configured in Failover TCP/IP for
20409B-LON-TESTx.
16. On LON-HOSTx, in Hyper-V Manager, right-click 20409B-LON-TESTx, click Replication, and then
click Stop Test Failover.
17. In Stop Test Failover, click Stop Test Failover.
18. In Virtual Machine Connection, click Exit.
19. Confirm that both the 20409B-LON-TESTx Test virtual machine and the 20409B-LON-TESTx virtual
machine checkpoint have been deleted.
Task 4: Perform a planned failover

1.
On LON-HOSTx, in Hyper-V Manager, in the navigation pane, click LON-HOSTx.
2.
In Hyper-V Manager, double click 20409B-LON-TESTx.
3.
In LON-TESTx, right-click the desktop, click New, click Folder, and then name the folder Current
State.
4.
In Hyper-V Manager, right-click 20409B-LON-TESTx, click Replication, and then click Planned
Failover.
5.
In Planned Failover, confirm that Start the Replica virtual machine after failover is selected, and
then click Fail Over.
Note: The Planned Failover error displays because the virtual machine is not prepared for
planned failover.
6.
In Planned Failover, click Close, and then click Cancel.
7.
On LON-TESTx, press the Windows key+X, click Shut down or sign out, click Shut down and then
click Continue.
8.
In Hyper-V Manager, right-click 20409B-LON-TESTx, click Replication, and then click Planned
Failover.
9.
In Planned Failover, confirm that Start the Replica virtual machine after failover is selected, and
10. In Hyper-V Manager, in the navigation pane, click LON-HOSTy. Confirm that 20409B-LON-TESTx is in
the Running state.
11. Double-click 20409B-LON-TESTx, and sign in as Administrator with the password Pa$$w0rd.
12. On LON-TESTx, confirm that a folder named Current State displays on the desktop.
Note: With planned failover, all changes from the primary virtual machine are replicated.
13. Right-click the desktop, click New, click Folder, and then name the folder Planned Failover.
14. In Hyper-V Manager, right-click 20409B-LON-TESTx, click Replication, and then click Reverse
Replication.
15. In the Reverse Replication Wizard for 20409B-LON-TESTx, click Next five times, and then click Finish.
16. On LON-TESTx, press the Windows key+X, click Shut down or sign out, click Shut down and then
click Continue.
17. In Hyper-V Manager, verify that 20409B-LON-TESTx is in the Off state.
18. Right-click 20409B-LON-TESTx, click Replication, and then click Planned Failover.
19. In Planned Failover, confirm that Start the Replica virtual machine after failover is selected, and
20. In Hyper-V Manager, in the navigation pane, click LON-HOSTx. Confirm that the
20409B-LON-TESTx state is Running.
21. In Hyper-V Manager, double-click 20409B-LON-TESTx. Verify that a virtual machine connection to
20409B-LON-TESTx opens.
22. On LON-TESTx, sign in as Administrator with the password Pa$$w0rd.
23. On LON-TESTx, confirm that two folders named Current State and Planned Failover display on the
desktop.
24. In Hyper-V Manager, right-click 20409B-LON-TESTx, select Replication and then select Remove
Replication. In the Remove Replication dialog box, click Remove Replication.
25. In Hyper-V Manager, in the navigation pane, click LON-HOSTy. Right-click 20409B-LON-TESTx,
select Delete and in the Delete Selected Virtual Machine dialog box, select Delete.
26. In Hyper-V Manager, in the navigation pane, click LON-HOSTx.
Results: After completing this exercise, you should have configured and managed Hyper-V Replica.

L6-57
Module 6: Implementing Failover Clustering with Hyper-V
Lab: Implementing Failover Clustering with

Hyper-V
Exercise 1: Creating a Hyper-V Failover Cluster
Task 1: Create an Internet small computer system interface (iSCSI) target
1.
On LON-HOSTx, in Server Manager, in the navigation pane, right-click All Servers, and then click
Add Servers.
2.
In Add Servers, in the Name (CN) text box, type LON-SS1, click Find Now, click LON-SS1, click the
right arrow to add LON-SS1 to the Selected section, and then click OK.
3.
In Server Manager, in the navigation pane, click File and Storage Services.
4.
In File and Storage Services, in the SERVERS section, click LON-SS1, and then click iSCSI.
5.
In the iSCSI VIRTUAL DISKS section, click TASKS, and then click New iSCSI Virtual Disk.
6.
In New iSCSI Virtual Disk Wizard, on the Select iSCSI virtual disk location page, click E, and then
click Next.
7.
On the Specify iSCSI virtual disk name page, in the Name text box, type Diskx1, and then click
Next.
8.
On the Specify iSCSI virtual disk size page, in the Size text box, type 10, click Dynamically
expanding, and then click Next.
9.
On the Assign iSCSI target page, click New iSCSI target, and then click Next.
10. On the Specify target name page, in the Name text box, type Lab6-Hostx, and then click Next.
11. On the Specify access servers page, click Add.
12. In the Select a method to identify the initiator dialog box, click Browse, type LON-HOST1, and
then click OK twice.
13. On the Specify access servers page, click Add.
14. In the Select a method to identify the initiator dialog box, click Browse, type LON-HOST2, click
OK twice, and then click Next.
15. On the Enable Authentication page, click Next.
16. On the Confirm selections page, click Create.
17. On the View Results page, click Close.
18. On LON-HOSTx, open Windows PowerShell.
19. In Windows PowerShell, create two new virtual disks and add them to the Lab6-Hostx target by
typing the following cmdlets, and pressing Enter at the end of each line:
New-IscsiVirtualDisk Path E:\iSCSIVirtualDisks\Diskx2.vhdx Size 10GB ComputerName

LON-SS1
New-IscsiVirtualDisk Path E:\iSCSIVirtualDisks\Diskx3.vhdx Size 15GB ComputerName
LON-SS1
Add-IscsiVirtualDiskTargetMapping TargetName Lab6-Hostx Path
E:\iSCSIVirtualDisks\Diskx2.vhdx -ComputerName LON-SS1
Add-IscsiVirtualDiskTargetMapping TargetName Lab6-Hostx Path
E:\iSCSIVirtualDisks\Diskx3.vhdx -ComputerName LON-SS1
L6-58 Implementing Failover Clustering with Hyper-V
20. In Server Manager, on the toolbar, click the Refresh icon. Confirm that virtual disks Diskx2.vhdx and
Diskx3.vhdx display, and are mapped to the Lab6-Hostx target.
Note: Although both students created an iSCSI target, only the Lab6-Host1 iSCSI target
will be used for creating the failover cluster.
Task 2: Connect to an iSCSI target and create volumes

1.
On LON-HOSTx, in Server Manager, click Tools, and then click iSCSI Initiator.
2.
On the Targets tab, select the existing target, and then click Disconnect. If prompted, click Yes.
3.
In the iSCSI Initiator Properties dialog box, in the Target text box, type LON-SS1, and then click
Quick Connect.
4.
In Quick Connect, click the Discovered target with Lab6-Host1 in the name, click Connect, click
Done, and then click OK.
5.
On LON-HOSTx, in Server Manager, in the Tools menu, click Computer Management.
6.
In Computer Management, in the navigation pane, click Disk Management. In the details pane,
confirm that three disks are added, that they have size of 10 GB, 10 GB, and 15 GB, and that they are
all Offline. Notice that these are the virtual disks that you just added on the iSCSI target.
7.
On LON-HOST1, in Computer Management, right-click Disk 3, and then click Online.
8.
Right-click Disk 4, and then click Online.
9.
Right-click Disk 5, and then click Online.
10. Right-click Disk 3, and then click Initialize Disk.

11. In Initialize Disk, confirm that all three disks are selected, and then click OK.
12. Right-click unallocated space on Disk 3, click New Simple Volume, click Next four times, and then
click Finish.
click Finish.
click Finish.
Note: Perform step 15 only on LON-HOST2. Replace the x with the disk number allocated
to the new disks.
15. Perform following steps on the LON-HOST2 computer:
a.
In Computer Management, in the navigation pane, right-click Disk Management, and then click
Refresh.
b.
In Computer Management, right-click Disk x, and then click Online.
c.
d.
e.
Confirm that all three disks have volumes that allocate all the space.
Task 3: Extend iSCSI logical units online

1.
On LON-HOST1, in Server Manager, confirm that iSCSI is selected.
2.
In details pane, right-click E:\iSCSIVirtualDisks\Diskx1.vhdx, and then click Extend iSCSI Virtual
Disk.
3.
In the Extend iSCSI Virtual Disk dialog box, in the New size text box, type 15, and then click OK.
4.
On LON-HOST1, in Computer Manager in the navigation pane, right-click Disk Management, and
then click Refresh.
5.
In the details pane, notice that the disk is extended with 5 GB of unallocated space.
6.
Right-click the partition on the disk, and then click Extend Volume.
7.
In the Extend Volume Wizard, click Next two times, and then click Finish.
8.
In Disk Management, in the details pane, confirm that the partition is expanded to 15 GB. Notice that
you expanded it while it was online, while it was in use.
Task 4: Install the Failover Clustering feature

1.
On LON-HOSTx, in Server Manager, on the Manage menu, click Add Roles and Features.
2.
3.
On the Select installation type page, click Next.
4.
On the Select destination server page, click LON-HOSTx.Adatum.com, and then click Next.
5.
6.
On the Select features page, click Failover Clustering, click Add Features, and then click Next.
7.
On the Confirm installation selections page, click Install.
8.
Click Close to close the Add Roles and Features Wizard.

Note: Both students should finish with this task before you continue.
Task 5: Create a failover cluster

1.
On LON-HOST1, in Server Manager, on the Tools menu, click Failover Cluster Manager.
2.
In the Failover Cluster Manager, in the Actions pane, click Create Cluster.
3.
In the Create Cluster Wizard, on the Before You Begin page, click Next.
4.
On the Select Servers page, in the Enter server name text box, type LON-HOST1, and then click
Add. After the server is added, in the Enter server name text box, type LON-HOST2, click Add, and
then click Next.
5.
On the Validation Warning page, click Next.
6.
In the Validate a Configuration Wizard, on the Before You Begin page, click Next.
7.
On the Testing Options page, click Next.
8.
On the Confirmation page, click Next. Notice that during the validation process, several problems
with the drives are reported.
9.
After all validation tests are performed, view the validation report, and then click Finish.
10. On the Access Point for Administering the Cluster page, in the Cluster Name text box, type
LON-CLUST, and then click Next.
11. On the Confirmation page, click Next.
12. On the Summary page, view the report, and then click Finish.
13. In Server Manager, on the Tools menu, click Active Directory Users and Computers.
14. In Active Directory Users and Computers, in navigation pane, expand the Adatum.com domain, click
the Computers container, and confirm that it contains computer accounts for LON-HOST1,
LON-HOST2, and LON-CLUST, which was added when you created the failover cluster.
15. Close Active Directory Users and Computers.
Task 6: Add a Cluster Shared Volume (CSV)

1.
On LON-HOSTx, open File Explorer, and confirm that on Local Disk (C:), in the details pane, the
ClusterStorage folder displays. Double-click the ClusterStorage folder and confirm that the folder is
empty.
2.
From Server Manager, open Failover Cluster Manager, if necessary.
3.
In Failover Cluster Manager, in the navigation pane, expand LON-CLUST.Adatum.com, expand

Storage, and then click Disks.
4.
Verify that you see three disks.
5.
In the details pane, right-click the first Cluster Disk with Available Storage status if you are on
LON-HOST1 or the second Cluster Disk with Available Storage status if you are on LON-HOST2,
and then click Add to Cluster Shared Volumes.
6.
In File Explorer, confirm that now the ClusterStorage folder contains mounted volumes for Volume1
and Volume2, which were added when you and your partner added disks to the CSV.
7.
Double-click Volumex, and create a new text document with your name in the folder.
8.
In the File Explorer address bar, click ClusterStorage, in the details pane, double-click Volumey, and
confirm that it contains file with your partners name.
Note: If file with your partners name is not in the C:\ClusterStorage\Volumey folder, wait
until your partner creates a file.
Results: After completing this exercise, you should have created a Hyper-V failover cluster.
Exercise 2: Managing a Hyper-V Failover Cluster

Task 1: Configure virtual hard disk sharing
1.
On LON-HOSTx, open Windows PowerShell.
2.
In Windows PowerShell, create two virtual hard disks, one on local storage and one on CSV, by
running following cmdlets:
New-VHD Path C:\Shares\HDD1x.vhdx -SizeBytes 10GB Dynamic
New-VHD Path C:\ClusterStorage\Volumex\HDD2x.vhdx -SizeBytes 10GB Dynamic
3.
Add the virtual hard disks that you created, to the 20409B-LON-PRODx virtual machine by running
following cmdlets:
Add-VMHardDiskDrive VMName 20409B-LON-PRODx ControllerType SCSI Path
C:\Shares\HDD1x.vhdx
Add-VMHardDiskDrive VMName 20409B-LON-PRODx ControllerType SCSI Path
C:\ClusterStorage\Volumex\HDD2x.vhdx
4.
If the 20409B-LON-PRODx virtual machine is running, turn it off.
Note: You cannot modify virtual hard disk sharing settings while the virtual machine is
running.
5.
6.
In Settings, confirm that 20409B-LON-PRODx has two hard disks listed under SCSI Controller:
HDD1x.vhdx, and HDD2x.vhdx.
7.
In LON-PRODx Settings, in the navigation pane, expand HDD1x.vhdx, and then click Advanced
Features.
8.
In details pane, select the Enable virtual hard disk sharing check box, and then click Apply.
Note: The Error applying Hard Disk Drive changes message displays, because local
storage where HDD1x.vhdx is located does not support virtual hard disk sharing.
9.
In the Error pop-up window, click Close, and then in the details pane, clear the Enable virtual hard
disk sharing check box.
10. In the navigation pane, expand HDD2x.vhdx, and then click Advanced Features.
11. In the details pane, click Enable virtual hard disk sharing, and then click OK.
Note: This time you do not get any error, because the virtual hard disk is stored on a CSV.
12. Ensure that 20409B-LON-TESTx is turned off.
13. In Windows PowerShell, add HDD2x.vhdx to LON-TESTx by running the following cmdlet:
Add-VMHardDiskDrive VMName 20409B-LON-TESTx ControllerType SCSI Path
C:\ClusterStorage\Volumex\HDD2x.vhdx
14. In Hyper-V Manager, right-click 20409B-LON-PRODx, and then click Start.

15. Right-click 20409B-LON-TESTx, and then click Start.
Note: You will get an error message, because the virtual machine is already using
HDD2x.vhdx.
16. In the error message pop-up window, click Close.
18. In Settings for 20409B-LON-TESTx, in the navigation pane, expand HDD2x.vhdx, and then click
Advanced Features.
19. In the details pane, click Enable virtual hard disk sharing, and then click OK.
20. Right-click 20409B-LON-TESTx, and then click Start.
Note: Notice that this time LON-TESTx starts without an error, because it is configured with
21. Sign in to both the LON-TESTx and LON-PRODx computers, open Disk Management, and confirm
that a shared virtual hard disk is available as shared storage to both computers.
22. In Hyper-V Manager, right-click 20409B-LON-PRODx, and then click Settings.
23. In Settings for 20409B-LON-PRODx, in the navigation pane, select HDD1x.vhdx under SCSI
Controller and click Remove. Select HDD2x.vhdx under SCSI Controller, click Remove and then
click OK.
25. In Settings for 20409B-LON-TESTx, in the navigation pane, select HDD2x.vhdx under SCSI
Controller, click Remove and then click OK.
Task 2: Create a highly available virtual machine

1.
On LON-HOSTx, in the Failover Cluster Manager, in the navigation pane, right-click Roles, click
Virtual Machines, and then click New Virtual Machine.
2.
In New Virtual Machine, click LON-HOSTx, and then click OK.
3.
In the New Virtual Machine Wizard, on the Before You Begin page, click Next.
4.
On the Specify Name and Location page, in the Name text box, type LON-HAx. Click Store the
virtual machine in a different location, in the Location text box, type C:\ClusterStorage
\Volumex\, and then click Next.
5.
On the Specify Generation page, confirm that Generation 1 is selected, and then click Next.
6.
On the Assign Memory page, select the Use Dynamic Memory for this virtual machine check box,
and then click Next four times.
7.
On the Competing the Virtual Machine Wizard page, click Finish.

Note: The LON-HAx virtual machine is created.
8.
In the High Availability Wizard, on the Summary page, click Finish.
9.
On LON-HOSTx, in Windows PowerShell, add the virtual machine cluster role by running the
following cmdlet:
Add-ClusterVirtualMachineRole VMName 20409B-LON-CLx
10. In the Failover Cluster Manager, confirm that LON-HAx and 20409B-LON-CLx are listed as Roles.
Task 3: Configure a highly available virtual machine

1.
On LON-HOSTx, in the Failover Cluster Manager, right-click LON-HAx, click Change Startup
Priority, and then click Low.
2.
Right-click LON-HAx, and then click Properties.
3.
In the LON-HAx Properties dialog box, on the General tab, confirm that the virtual machine is
configured with the Priority value Low. In the Preferred Owners section, click LON-HOSTx.
Note: Notice that in this section you can order the preferred ownership for the cluster
service.
4.
In the LON-HAx Properties dialog box, click the Failover tab. In the Maximum failures in the
specified period text box, type 2, in the Period text box, type 3, and then click OK.
5.
In Failover Cluster Manager, with LON-HAx selected, click the Resources tab.
6.
On the Resources tab, right-click Virtual Machine LON-HAx, and then click Properties.
7.
In the Virtual Machine LON-HAx Properties dialog box, click the Policies tab. In the Period for
restarts (mm:ss) text box, type 10:00.
8.
Click the Advanced Policies tab, and confirm that LON-HOST1 and LON-HOST2 are selected as
Possible Owners.
9.
Click the Settings tab, confirm that heartbeat monitoring is enabled for LON-HAx, and then
click OK.
Task 4: Configure virtual machine monitoring

1.
On LON-HOSTx, in Windows PowerShell, add a virtual machine cluster role by running the following
cmdlet:
Add-ClusterVirtualMachineRole VMName 20409B-LON-PRODx
2.
On the LON-PRODx virtual machine, on the Start screen, type Control Panel, and then press Enter.
3.
In Control Panel, in the Search Control Panel text box, type Service, and then click View local
services.
4.
In Services, right-click Print Spooler, and then click Properties.
5.
In the Print Spooler Properties dialog box, click the Recovery tab.
6.
On the Recovery tab, for the Second failure drop-down list box, click Take No Action, and then
click OK.
7.
Close both the Services and Service Control Panel windows.
8.
On LON-HOSTx, in the Failover Cluster Manager, click 20409B-LON-PRODx to select it as a cluster

Role.
9.
In the 20409B-LON-PRODx pane, click the Summary tab, and confirm that currently no Monitored
Services are listed.
10. In the details pane, right-click 20409B-LON-PRODx, click More Actions, and then click Configure
Monitoring.
11. In Select Services, click Print Spooler, and then click OK.
12. In the 20409B-LON-PRODx pane, confirm that Print Spooler is listed under Monitored Services.
13. In the details pane, right-click 20409B-LON-PRODx, and then click Settings.
14. In Settings for 20409B-LON-PRODx, in the navigation pane, expand Network Adapter, and then
click Advanced Features. In the details pane, confirm that Protected network is selected, and then
click OK.
Task 5: Move a virtual machine between failover cluster nodes

1.
On LON-HOSTx, in the Failover Cluster Manager, confirm that the Owner node for the LON-HAx
virtual machine is LON-HOSTx.
2.
Right-click LON-HAx, and then click Start.
3.
Right-click LON-HAx, click Move, click Live Migration, and then click Select Node.
4.
In Move Virtual Machine, confirm that LON-HOSTy is selected, and then click OK.
5.
In the Failover Cluster Manager, confirm that Live Migration is moving LON-HAx, and that
LON-HOSTy is now an Owner Node.
6.
On LON-HOSTx, in Windows PowerShell, move the LON-HAx virtual machine back to the LON-HOSTx
node by running the following cmdlet:
Move-ClusterVirtualMachineRole Name LON-HAx Node LON-HOSTx MigrationType Live
Task 6: Destroy a failover cluster

1.
On LON-HOST1, in the Failover Cluster Manager, right-click all Roles, and then click Remove.
2.
In the Remove Virtual Machines pop-up window, click Yes.
3.
In the Failover Cluster Manager, in the navigation pane, right-click LON-CLUST.Adatum.com, click
More Actions, and then click Destroy Cluster.
4.
In the Destroy Cluster pop-up window, click Yes.
5.
Wait until the action is performed, and then close the Failover Cluster Manager.
6.
On LON-HOST1 and LON-HOST2, delete the LON-HAx virtual machine.
Results: After completing this exercise, you should have managed a Hyper-V failover cluster.

L7-65
Module 7: Installing and Configuring Microsoft System

Lab: Installing and Configuring System

Exercise 1: Installing and Configuring System Center 2012 R2 VMM
Task 1: Review the email from Ed Meadows, CIO, A. Datum, Inc.
Email
From: Ed Meadows, CIO, A. Datum Corp.
To: IT department
Subject: Ready to add System Center 2012 R2 Virtual Machine Manager!
I really appreciate the way you have set up our Hyper-V environment! Everything looks great. Now
that we have our virtualization infrastructure in place, I would like you create a test implementation of
System Center 2012 R2 Virtual Machine Manager. To do this, we need to:
1.
Load the software on one of our servers in the London Site. We need at least two physical hosts,
but have plenty of virtual machines on them. Do you recommend putting this on a virtual
machine or physical computer? Please let me know what computers youll be using. Remember
that the test data that you gather will be used to further deploy a much more robust solution
that we will use to build our private clouds.
2.
Make sure that all the prerequisites Microsoft has recommended are met. If there are any
shortfalls, let me know as soon as possible. Create a list of the prerequisites that you will need to
verify.
3.
After you have created the VMM management server and installed a Virtual Machine Manager
console on a desktop client in the Developer department, finish testing the console and ensure
everything works.
4.
Finally, create the local host group and assign at least two physical hosts.
Ed
To create the test implementation, answer the following questions:
How many Microsoft System Center 2012 R2 Virtual Machine Manager (VMM) servers do you need to
deploy in the Adatum environment?
Answer: You only need to deploy one server.
What are the VMM prerequisites that need to be met?

Answer: The following software prerequisites need to be met:
o
Operating System Windows Server 2012 or newer
Microsoft SQL Server - SQL Server 2008 R2 Service Pack 2 (SP2) Standard or newer
Windows Remote Management service enabled and started
Microsoft .NET Framework 4.5
Windows deployment and installation kit Windows Assessment and Deployment Kit (Windows
ADK) for Windows Server 2012 R2
The following hardware prerequisites need to be met:

o
CPU - Pentium 4, 2 gigahertz (GHz) (x64)
Memory - 2 gigabytes (GB)
Disk space - 80 GB
Will you deploy VMM on a single server, or will you separate components onto dedicated servers?
Answer: You should deploy the VMM management server on one computer, and then deploy the
VMM console on both a server and a client computer.
Will you install the VMM server inside a virtual machine or on a physical machine?
Answer: A virtual machine will allow you to use both physical servers as hosts.
What computers will you use, and what will be their roles?
Answer:
o
Answer: VMM management server - LON-VMM1
Physical hosts LON-HOST1 and LON-HOST2
Client VMM console LON-CL1
Task 2: Check for VMM prerequisites, and install VMM
L7-66 Installing and Configuring Microsoft System Center 2012 R2 Virtual Machine Manager
1.
On LON-VMM1, on the taskbar, click Server Manager.
2.
In Server Manager, click the Local Server link.
3.
In the Properties for LON-VMM1 details pane, ensure that LON-VMM1 is in the Adatum.com
domain. Verify that the Operating system version is at least the Standard or Datacenter version of
Windows Server 2012 R2. Confirm that it has at least a 2 GHz Pentium processor, 4 GB of random
access memory (RAM) and 80 GB of disk space available.
4.
Close Server Manager.
5.
On the taskbar, click the Start Screen icon.
6.
On the Start screen, move the mouse pointer directly under the Desktop tile. Click the round white
circle with a white down arrow in it.
7.
In the Apps by name screen, scroll to the right, and then click the SQL Server Management Studio
tile.
8.
In the Microsoft SQL Server Management Studio (Administrator) console, in the Connect to Server
dialog box, click Connect.
9.
In the Object Explorer console, on the left side, note the top tree element labeled LON-VMM1 (SQL
Server 11.0.3000 ADATUM\administrator). This version number, 11.0.3000, corresponds to SQL
Server 2012 SP1.
10. Click the File drop-down list box, and then click Exit.
11. On the taskbar, click the Windows PowerShell icon.
12. In Windows PowerShell, type the following command, and then press Enter:
regedit.exe
13. In the Registry Editor window, click the HKEY_LOCAL_MACHINE subkey. Expand SOFTWARE,
expand Microsoft, expand Net Framework Setup, expand NDP, expand v4, and then expand
Client, and then click 1033.
14. In the Version item, verify that the value in the Data column is 4.5.51641 or higher.
15. Close the Registry Editor window.
services.msc
17. In the Services console, in the Name column, scroll down to Windows Remote Management (WS
Management). If necessary, expand the size of the Name column to see the object name. Verify that
the service has the status of Running, and that the Startup Type is set to Automatic.
18. Close the Services console, and then close Windows PowerShell.
19. On the taskbar, click the File Explorer icon.
20. In the This PC window, double-click the DVD Drive icon.
21. In the VMM folder, verify that installation files display.
Task 3: Install the VMM management server and Virtual Machine Manager console
on LON-VMM1
1.
In File Explorer, in the VMM window, double-click setup.exe.
2.
On the Microsoft System Center 2012 R2 Installation splash screen, click the Install hyperlink.
3.
On the What would you like to do page, click Add features.
4.
In the Microsoft System Center 2012 Virtual Machine Setup Wizard, on the Getting started page,
under the Select features to add section, select the VMM management server check box, and then
click Next.
5.
On the Product registration information page, in the Name text box, type, Administrator, and in
the Organization text box, type A.Datum, Corp. Leave the Product key text box blank, and then
click Next.
6.
Read the Please read this license agreement disclaimer, select the I have read, understood, and
agree with the terms of the license agreement check box, and then click Next.
7.
On the Customer Experience Improvement Program (CEIP) page, click No, I am not willing to
participate, and then click Next.
8.
When the Database configuration page displays, verify that since SQL Server 2012 SP1 is running on
the server, the server name will already display. Leave the Port number box empty, in the Instance
name drop-down list, click MSSQLSERVER. In the Select an existing database or create a new
database area, use the default new database VirtualManagerDB, and then click Next.
9.
On the Configure service account and distributed key management page, in the User name and
domain text box, type ADATUM\SCService, and in the Password: text box, type Pa$$w0rd. Leave
the Distributed Key Management section blank, and then click Next.
10. On the Port configuration page, do not make any changes, and then click Next.
11. On the Library configuration page, select the Create a new library share radio button, and then
click Next.
12. On the Installation summary page, review the text, and then click Install. The Installing features will
now run for several minutes.
13. On the Set up completed successfully page, click Close.
14. On the Microsoft System Center 2012 R2 Installation splash screen, click Close.
15. Close File Explorer.
16. If the Connect to Server page for the VMM console displays, skip forward to step 26. If it does not,
then perform the following steps.
17. On the taskbar, click the Start Screen icon.
18. On the Start screen, move the mouse pointer directly under the Desktop tile, and click the round
white circle with a white down arrow in it.
19. In the Apps by name screen, scroll to the right, right-click the Virtual Machine Manager Console
item, and in the bar at the bottom of the Apps by name screen, click Pin to taskbar.
20. Click any empty area of the Apps by name screen, and when you see a white circle with a white up
arrow in it, click the arrow.
21. On the Start screen, click the Desktop tile.
22. On the desktop, on the taskbar, click the Virtual Machine Manager Console icon.
23. On the Connect to Server page, verify that the Server name text box is set to localhost: 8100.
Verify that the Use current Microsoft Windows session identity check box is selected, and then
click Connect. The default selection, Use current Microsoft Windows session identity, is adequate
as you are signed on as the domain administrator.
24. Wait for the Virtual Machine Manager console to load.
Task 4: Install the Virtual Machine Manager console on LON-CL1

Note: Perform these steps from LON-HOST2. In Hyper-V Manager on LON-HOST2, rightclick Hyper-V Manager in the console tree and select Connect to server. Select Another
computer, and type LON-HOST1 and then click OK. Select and connect to LON-CL1.
1.
On LON-CL1, on the Start screen, click the Desktop tile.
2.
On the desktop, on the taskbar, click the File Explorer icon.
3.
In File Explorer, navigate to \\lon-vmm1.adatum.com\c$\Program Files\Microsoft System Center

2012 R2\Virtual Machine Manager\setup\msi\Client.
4.
In the Client folder, double-click the AdminConsole.msi file. The MSI file opens a pop-up window
stating it is installing, and displaying a progress bar. If it does not encounter an error, then after
installing the Virtual Machine Manager console successfully, it will close itself. If a Security Warning
popup displays, click Run.
5.
After the install pop-up window closes, close File Explorer.
6.
On the taskbar, click the Start Screen icon.
7.
On the Start screen, move the mouse pointer directly under the Desktop tile, and click the round
white circle with a white down arrow icon.
8.
In the Apps by name start screen, scroll to the right until you see the Microsoft System Center 2012
tile area, and then right-click the Virtual Machine Manager Console NEW tile.
9.
In the Command bar at the bottom of the page, click Pin to Taskbar.
10. On your keyboard, press the Windows key.

11. On the Start screen page, click the Desktop tile.
12. On the desktop, on the taskbar, click the Virtual Machine Manager Console icon.
13. On the Connect to Server page, in the Server name text box, type LON-VMM1.adatum.com:8100,
and then click Connect.
14. When the console displays, navigate around to observe that is the same Virtual Machine Manager
console as is installed on LON-VMM1.
15. Close the Virtual Machine Manager console and sign out of LON-CL1.
Results: After completing this exercise, you should have installed System Center 2012 R2 VMM.
Exercise 2: Managing Hosts and Host Groups
Task 1: Set the default domain group policy to allow domain members to become
hosts
1.
On LON-DC1, in Server Manager, click Tools, and then click Group Policy Management.
2.
In the Group Policy Management Console, in the console tree, expand Forest: Adatum.com, expand
Domains, and then expand Adatum.com. Under Adatum.com, right-click Default Domain Policy,
and then click Edit.
3.
In the Group Policy Management Editor, maximize the window.
4.
In the console tree, under Computer Configuration, expand Policies. Navigate to the following
location: Administrative Templates\Network\Network Connections\Windows Firewall
\Domain Profile.
5.
In the Domain Profile details pane, double-click Windows Firewall: Allow inbound file and printer
sharing exception.
6.
In the Windows Firewall: Allow inbound file and printer sharing exception pop-up dialog box,
click Enabled, in the Options box, type an asterisk (*), and then click OK.
7.
In the Domain Profile details pane, double-click Windows Firewall: Allow ICMP exceptions.
8.
In the Windows Firewall: Allow ICMP exceptions pop-up dialog box, select the Enabled radio
button, in the Options area, select the Allow inbound echo request check box, and then click OK.
9.
In the Domain Profile details pane, double-click Windows Firewall: Define inbound port
exceptions.
10. In the Windows Firewall: Define inbound port exceptions pop-up dialog box, select Enabled. In
the Options area, by Define port exceptions, click Show.
11. In the Show Contents pop-up dialog box, under Value, type 5985, and then click OK twice.
12. In the Group Policy Management Editor console tree, under Administrative Templates, expand
Windows Components, select and expand Windows Remote Management (WinRM), and then
click WinRM Service.
13. In the WinRM Service details pane, double-click the Allow remote server management through
WinRM setting.
14. In the pop-up dialog box, click the Enabled radio button, in the Options area, in both the IPv4 and
IPv6 text boxes, type an asterisk (*), and then click OK.
15. Close the Group Policy Management Editor, and then close the Group Policy Management Console.
16. On LON-HOST1, on the desktop, on the taskbar click the Windows PowerShell icon.
17. In the Windows PowerShell window, type the following command, and then press Enter:
gpupdate /force
18. When both computer and user policies update successfully, close the Windows PowerShell window.
19. Repeat steps 16-17 on LON-HOST2.
Task 2: Add LON-HOST1 and LON-HOST2 to VMM

1.
On LON-VMM1, from the desktop, on the taskbar, click the Virtual Machine Manager Console icon.
2.
3.
In the Virtual Machine Manager console, click the VMs and Services workspace.
4.
In the console tree, right-click All Hosts, and then click Add Hyper-V Hosts and Clusters.
5.
In the Add Resource Wizard, on the Resource Location page, click the Windows Server computers
in a trusted Active Directory domain option (it should be the default), and then click Next.
6.
On the Credentials page, select the Manually enter the credentials radio button. While the default
is Use an existing Run As account, which has a Browse button to find the account, the Run As
account has to have local administrator permissions on the host machine being assigned. In the User
name text box, type ADATUM\Administrator, in the Password text box, type Pa$$w0rd, and then
click Next.
7.
On the Discovery Scope page, note the two radio buttons, Specify Windows Server computers by
names, and Specify and Active Directory query to search for Windows Server computers. In the
Computer names text box, type lon-host1.adatum.com, and then click Next.
8.
On the Target resources page, in the Discovered computers section, select the
lon-host1.adatum.com check box, and then click Next.
9.
When the Virtual Machine Manager pop-up window displays warning you that if Hyper-V is not
enabled on the selected server, the VMM will do so, click OK.
10. On the Host Settings page, note that the Host group drop-down list box has only one option, All
Hosts. Note the check box that says Reassociate this host with this VMM environment. Selecting
this check box moves hosts that have been assigned to a different VMM management server and
assigns them to this one. Make no changes, and click Next.
11. On the Summary page, in the upper left, click the View Script button.
12. In Notepad, review the Windows PowerShell cmdlets that display. These are the cmdlets necessary to
run a script in Windows PowerShell to add the LON-HOST1 host to this VMM management server.
This script can be very useful for documenting your work or to create another host, perhaps at a later
time.
13. In Notepad, click File, and then click Save As.
14. In the Save As window, under This PC, click Documents. In the File name text box, type
AddHost.ps1, in the Save as type drop-down list box, click All Files (*.*), and then click Save.
15. Close Notepad.
17. A Jobs pop-up window displays, which shows all the individual steps being taken to add the host. The
final step entitled, Add virtual machine host takes the longest. It will spend a few moments at
several percentages of job completion.
18. When the job finishes, close the Jobs window. In the Jobs pop-up window, a yellow triangle might
display, with the text Add virtual machine host Completed w/ info. This occurs because Multipath
I/O is not enabled for known storage arrays. This is expected.
19. In the VMs and Services console tree, under All Hosts, verify that Lon-host1 now displays.
20. To add LON-HOST2, on the taskbar, click the Windows PowerShell icon.
cd documents
notepad AddHost.ps1
23. In the Notepad window, click Format, and then click Word Wrap.
24. Examine the script, and note the two variables that are created and the cmdlets they are based on.
25. Review the Add-SCVMHost cmdlets and the various parameters that it calls.
26. Modify the ComputerName parameter to identify lon-host2 rather than lon-host1.
27. On the File menu, click Save, and then close Notepad.
./addhost.ps1
29. In the Windows PowerShell credential required pop-up, in the User name text box, type
ADATUM\administrator, in the Password text box, type Pa$$w0rd, and then click OK.
30. Wait for Windows PowerShell to display a number of parameters and values in columnar form, and
then close Windows PowerShell.
31. In the Virtual Machine Manager console, in the VMs and Services console tree, under All Hosts, verify
that you now see LON-HOST2. Select LON-HOST2, on the ribbon, click the Folder tab, and then
click Properties. Review each of the pages in the lon-host2.adatum.com Properties dialog box.
32. Close the lon-host2.adatum.com Properties dialog box, and then close the Virtual Machine
Manager console.
Task 3: Create a LocalGroup host group, and then add LON-HOST1 and LON-HOST2
to the LocalGroup host group
1.
On LON-VMM1, on the desktop, on the taskbar, click the Virtual Machine Manager Console icon.
2.
In the Virtual Machine Manager console, on the Connect to Server page, click Connect.
3.
4.
In the VMs and Services console tree, click All Hosts.
5.
On the ribbon, on the Home tab, click Create Host Group. Verify that in the console tree, under All
Hosts, a new folder named New host group displays. Highlight this folder, type LocalGroup, and
then press Enter.
6.
In the VMs and Services console tree, click lon-host1, and then on the ribbon, click the Host tab.
7.
On the ribbon, click Move to Host Group.
8.
In the Move Host Group pop-up dialog box, in the Parent host group: drop-down list box, click
LocalGroup, and then click OK.
9.
In the VMs and Services console tree, right-click lon-host2, and then click Move to Host Group.
10. In the Move Host Group pop-up dialog box, in the Parent host group drop-down list box, click
LocalGroup, and then click OK.
Task 4: Configure LocalGroup properties

1.
Right-click LocalGroup, and then click Properties.
2.
In the LocalGroup Properties dialog box, in the Properties pages, configure the following:
3.
a.
On the General page, in the Description text box, add the description The local group of
virtualization hosts the A. Datum IT department is using.
b.
On the Host Reserves page, clear the Use the host reserves settings from the parent host
group check box. In the Disk space, amount text box, change the values from 1% to 2%.
c.
On the LocalGroup Properties page, click OK.
Close the VMM Console, and sign out of LON-VMM1.
Results: After completing this exercise, you should have created and configured hosts and host groups.

L8-73
Module 8: Managing the Network and Storage Infrastructure

in Microsoft System Center 2012 R2 Virtual Machine
Manager

Exercise 1: Implementing a Network Infrastructure
Task 1: Configure logical networks
1.
On LON-VMM1, in Microsoft System Center 2012 R2 Virtual Machine Manager (VMM), launch the
Virtual Machine Manager console.
2.
In the Virtual Machine Manager console, click the Fabric workspace, in the Navigation pane, click
Networking, and then on the on the ribbon, click Create Logical Network.
3.
In the Create Logical Network Wizard, on the Name page, in the Name text box, type Adatum UK,
and then in the Description text box, type Adatum (London) logical network.
4.
Click One connected network, click Allow new VM networks created on this logical network to
use network virtualization, and then click Next.
5.
section, click All Hosts.
6.
In the Associated VLANs and IP subnets area, click Insert row, in the VLAN text box, type 0, and
then in the IP subnet text box, type 192.168.1.0/24.
7.
Click the Network Site Name text box, select and delete the automatically generated site name, and
then type Docklands.
8.
Repeat step 5, 6 and 7, using the following details:
9.
VLAN: 0
IP Subnet: 192.168.2.0/24
Network Site Name: Gatwick
Click Next, and then click Finish.

11. On the ribbon, click Create IP Pool.
12. In the Create Static IP Address Pool Wizard, on the Name page, in the Name text box, type
Docklands IP Pool, select the logical network Adatum UK, and then click Next.
13. On the Network site page, click Use an existing network site, ensure that Docklands is selected,
14. On the IP address range page, review the options, and then click Next.
15. On the Gateway page, review the options, and then click Next.
16. On the DNS page, review the options, and then click Next.
17. On the WINS page, review the options, and then click Next.
20. Create another IP pool called Gatwick IP Pool. Use the Adatum UK logical network, and use the
Gatwick Network site.
21. On the ribbon, click Create, and then click Hyper-V Port Profile.
L8-74 Managing the Network and Storage Infrastructure in Microsoft System Center 2012 R2 Virtual Machine Manager
22. In the Create Hyper-V Port Profile Wizard, on the General page, in the Name text box, type Adatum
UK Uplink.
23. Click Uplink port profile, in the Load balancing algorithm drop-down list box, click Hyper-V port,
24. On the Network configuration page, under Network sites, click Docklands, click Gatwick, click
Enable Hyper-V Network-Virtualization, and then click Next.
27. On the ribbon, click Create Logical Switch.
28. In the Create Logical Switch Wizard, on the Getting Started page, click Next.
29. On the General page, in the Name text box, type Adatum UK, in the Description text box, type
Adatum production hosts logical switch, and then click Next.
30. On the Extensions page, leave the default extensions, and then click Next.
31. On the Uplink page, click Add, ensure that the Adatum UK uplink is selected, click OK, and then
click Next.
32. On the Virtual Port page, click Add.
33. On the Add Virtual Port page, click Browse.
34. On the Select a Port Profile Classification page, click Medium Bandwidth, and then click OK.
35. Click Include a virtual network adapter port profile in this virtual port, click the Native virtual
network adapter port profile, click Medium Bandwidth Adapter, click OK, and then click Next.
Task 2: Connect a host server with a logical network

1.
In the Fabric workspace click to expand Servers, click All Hosts, and then click
lon-host1.adatum.com.
2.
On the ribbon, click Properties.
3.
In the Properties dialog box, click Hardware, and then locate and click the logical network
associated with your network card (this will be connected to External Network.) On the right, click
the Adatum UK logical network, read the warning about VLANs, click OK, and then click OK again.
4.
In the Fabric workspace, expand Servers, click All Hosts, click lon-host1.adatum.com, and then on
the ribbon, click Properties. Click Virtual Switches, click New Virtual Switch, and then click New
Logical Switch.
5.
An error message displays stating that VMM cannot create a virtual switch without any physical
network adapters. At this point, if you have another network card, you can assign the logical switch to
a physical adapter.
6.
In the error message pop-up window, click OK.
7.
In the Properties dialog box, click Hardware, and then scroll down and expand Network adapters.
machine placement and management use. Click the Logical network, and on the right, under Logical
network connectivity, you can assign the logical networks and IP subnets,
8.
Click Cancel, and then click Yes to close the warning.
Task 3: Configure network virtualization

1.
In the Virtual Machine Manager console, click the VMs and Services workspace, and then on the
ribbon, click Create VM Network.
2.
On the Name page, in the Name text box, type Adatum North, ensure that Adatum UK is selected
as the logical network, and then click Next.
3.
On the Isolation page, click Isolate using Hyper-V network-virtualization, and then click Next.
4.
On the VM Subnets page, click Add, in the Name text box, type Adatum Finance, and then in the
Subnet text box, type 192.168.4.0/24.
5.
On the VM Subnets page, click Add, in the Name text box, type Adatum Engineering, in the
Subnet text box, type 192.168.5.0/24, and then click Next.
6.
On the Connectivity page, review the message, and then click Next.
7.
On the Summary page review the summary, and then click Finish.
8.
9.
In the Virtual Machine Manager console, click the VMs and Services workspace, and then on the
ribbon, click Create VM Network.
10. On the Name page, in the Name text box, type Adatum South, ensure that Adatum UK is selected
as the logical network, and then click Next.
11. On the Isolation page, click Isolate using Hyper-V network-virtualization, and then click Next.
12. On the VM Subnets page, click Add, in the Name text box, type Adatum Warehouse, and then in
the Subnet text box, type 192.168.4.0/24.
13. On the VM Subnets page, click Add, in the Name text box, type Adatum Logistics, in the Subnet
text box, type 192.168.5.0/24, and then click Next.
14. On the Connectivity page, review the message, and then click Next.
15. On the Summary page, review the summary, and then click Finish.
17. In the VMs and Services workspace, click VM Networks, click Adatum North, and then right-click
and click Create IP Pool.
18. On the Name page, in the Name text box, type Adatum Finance VM Network IP Pool. Ensure that
the VM Network is set to Adatum North, and that the VM subnet is set to Adatum Finance
(192.168.4.0/24), and then click Next.
19. On the IP address range page, note that the first IP address in the range is reserved. Leave the
default settings, and then click Next.
20. On the Gateway page, click Next.
21. On the DNS page, click Next.
22. On the WINS page, click Next.

25. In the VMs and Services workspace, click VM Networks, click Adatum South, and then right-click
and click Create IP Pool.
26. On the Name page, in the Name text box, type Adatum Logistics VM Network IP Pool. Ensure that
the VM Network is set to Adatum South, and that the VM subnet is set to Adatum Logistics
(192.168.5.0/24), and then click Next.
27. On the IP address range page, note that the first IP address in the range is reserved. Leave the
default settings, and then click Next.
28. On the Gateway page, click Next.
29. On the DNS page, click Next.
30. On the WINS page, click Next.
Task 4: Connect virtual machines to a virtual machine network

1.
2.
Click All Hosts, right-click 20409B-LON-TEST1, and then click Properties.
3.
In the Properties dialog box, click Hardware Configuration and then click Network Adapter 1.
4.
Click Connected to a VM network and then click Browse.
5.
In the Select a VM Network dialog box, select Adatum North and click OK. In VM Subnet field,
select Adatum Finance and then click OK.
6.
Right-click 20409B-LON-PROD1, and then click Properties.
7.
In the Properties dialog box, click Hardware Configuration and then click Network Adapter 1.
8.
Click Connected to a VM network, and then click Browse.
9.
Click Adatum South, and then click OK.
10. Ensure that the VM Subnet is set to Adatum Logistics, and then click OK.
11. Click 20409B-LON-TEST1, and then on the ribbon, click Power On.
12. Click 20409B-LON-PROD1, and then on the ribbon, click Power On.
13. Click 20409B-LON-TEST1, on the ribbon, click Connect or View, and then click Connect Via
Console.
14. In the Virtual Machine Viewer window, click Ctrl-Alt-Del.
15. On the sign-on screen, type Pa$$w0rd, and then press Enter.
16. In the Server Manager console, click Local Server, and then click 192.168.10.15,IPv6 enabled.
17. In the Network Connections window, right-click Ethernet, and then click Properties.
18. In the Ethernet Properties dialog box, click Internet Protocol Version 4, and then click Properties.
19. In the Internet Protocol Version 4 (TCP/IPv4) Properties dialog box, click Obtain an IP address
automatically, click Obtain DNS server address automatically, click OK, and then click Close.
20. In the Networks dialog box, click Yes.
21. Right-click Ethernet, and then click Status.

22. In the Ethernet Status dialog box, click Details.
23. Verify that the IPv4 Address is set to an address from the Adatum Finance VM Network IP Pool that
you configured earlier, and that it is in the 192.168.4.0/24 range.
24. In the VMM console, ensure that in the VMs and Services workspace, All Hosts is selected,, and then
click 20409B-LON-PROD1. On the ribbon, click Connect or View, and then click Connect Via
Console.
25. In the Virtual Machine Viewer window, click Ctrl-Alt-Del.
26. On the sign-in screen, type Pa$$w0rd, and then press Enter.
27. In the Server Manager console, click Local Server, and then click 10.0.0.15, IPv6 Enabled.
28. In the Network Connections window, right-click Ethernet, and then click Properties.
29. In the Ethernet Properties dialog box, click Internet Protocol Version 4, and then click Properties.
30. In the Internet Protocol Version 4 (TCP/IPv4) Properties dialog box, click Obtain an IP address
automatically, click Obtain DNS server address automatically, click OK, and then click Close.
31. In the Networks dialog box, click Yes.
32. Right-click Ethernet, and then click Status.
33. In the Ethernet Status dialog box, click Details.
34. Verify that the IPv4 Address is set to an address from the Adatum Logistics VM Network IP Pool
that you configured earlier, and is in the 192.168.5.0/24 range.
35. In the Server Manager console, in the Tools menu, click Windows PowerShell.
36. In the Windows PowerShell window, use the ping command to verify the IP address of
20409B-LON-TEST1 that you learned in step 23. This should not be possible because networks
are virtualized.
37. In the VMM console, ensure that the All Hosts node in the VMs and Services workspace is selected.
38. Click 20409B-LON-TEST1, and then on the ribbon, click Shut Down.
39. In the Virtual Machine Manager console, click Yes.
40. Click 20409B-LON-PROD1 and then on the ribbon, click Shut Down.
41. In the Virtual Machine Manager console, click Yes.
Results: After completing this exercise, you should have created and configured a new virtual network,
configured network virtualization, and connected virtual machines to a virtual machine network.

Exercise 1: Implementing a Storage Infrastructure
Task 1: Install the SMI-S storage provider
1.
On LON-VMM1, in the Virtual Machine Manager console, on the ribbon, click PowerShell.
2.
When the Windows PowerShell prompt displays, type the following Windows PowerShell command
set the iSCSI Target Server local administrator credentials:
$Cred = Get-Credential
3.
In the Windows PowerShell credential request dialog box, in the User name text box, type
adatum\administrator, in the Password text box, type Pa$$w0rd, and then click OK.
4.
In the Windows PowerShell window, type the following script:

$Runas = New-SCRunAsAccount Name iSCSIRunas Credential $Cred
5.
In the Windows PowerShell window, add the Internet small computer system interface (iSCSI) storage
provider by typing the following script:
Add-SCStorageProvider -Name "Microsoft iSCSI Target Provider" -RunAsAccount $Runas ComputerName "LON-SS1.adatum.com" -AddSmisWmiProvider
Task 2: Deploy block storage

1.
2.
On the Select Provider Type page, click SAN and NAS devices discovered and managed by a
SMI-S provider, and then click Next.
3.
Click the Protocol drop-down list box, and then click SMI-S WMI. In the Provider IP address or
FQDN text box, type lon-ss1.adatum.com, and then click Browse.
4.
On the Select a Run As account page, click iSCSIRunas, and then click OK.
5.
6.
7.
On the Select Storage Devices page, click Create Classification, and in the Name text box, type
Gold. In the Description text box, type 15K SAS Drives, and then click Add.
8.
Click Create Classification, and in the Name text box, type Silver. In the description text box, type
7K SATA Drives, and then click Add.
9.
Select the iSCSITarget: LON-SS1:C check box, and then in the Classification drop-down list box,
click Silver.
10. Select the iSCSITarget: LON-SS1:E: check box, in the Classification drop-down list box, click Gold,
11. On the Summary page, click Finish, and wait for the job to finish.
12. When the job finishes, close the Jobs window.
13. On LON-VMM1, in the Virtual Machine Manager console, click Fabric.
14. In the Fabric navigation pane, click Storage, and then on the ribbon, click Create Logical Unit.
15. In the storage pool drop-down list box, click iSCSITarget: LON-SS1:E, in the Name field, type
LON-APP1_C, in the Size (GB): text box, clear the existing value, type 20, and then click OK.
16. In the Fabric navigation pane, click Classifications and Pools. Verify that you can see the new logical
unit number (LUN) listed.
Task 3: Add file storage to VMM

1.
2.
3.
In the Provider IP address or FQDN: field, type lon-svr1.adatum.com, and then click Browse.
4.
On the Select a Run As account page, click Create Run As Account.
5.
In the Name box, type Administrator. In the User name box, type Adatum\Administrator in the
Password and Confirm password text boxes, type Pa$$w0rd, and then click OK.
6.
In the Select a Run As Account box, click Administrator, and then click OK.
7.
8.
9.
On the Select Storage Devices page, click Next.

12. On LON-VMM1, click Fabric, and on the ribbon, click Create File Share.
13. On the Create File Share page, in the Name text box, type SVR1_Gold.
14. In the Classification drop-down list box, click Gold.
15. In the Local path text box, type C:\SVR1_GOLD, and then click Create.
Task 4: Assign and allocate storage

1.
On LON-VMM1, click Fabric, click All Hosts, click lon-host1.adatum.com, and then on the ribbon,
click Properties.
2.
Click Host Access, and then click Browse. Click Administrator, and then click OK.
3.
Click OK again to accept the changes.
4.
Click lon-host1.adatum.com, and then, on the ribbon, click Properties.
5.
Click Storage.
6.
On the Storage page, click Add, and then click Add File Share.
7.
Click the File share path drop-down list box, click \\lon-svr1.adatum.com\SVR1_Gold, and then
click OK.
8.
On LON-VMM1, click Fabric, and then click Storage.
9.
On the ribbon, click Allocate Capacity, and then click Allocate Storage Pools.
10. In the Available storage pools section, click iSCSITarget LON-SS1:E, click Add, click OK, and then
click Close.
11. In the Virtual Machine Manager console, click the VMs and Services workspace.
12. On the ribbon, on the Home tab, click Create Virtual Machine and then in the list click Create
Virtual Machine.
13. On the Select Source page, click Create the new virtual machine with a blank virtual hard disk,
14. On the Identity page, in the Virtual machine name text box, type LON-APP1, and then click Next.
15. On the Configure Hardware page, scroll down, under Network Adapters, click Network
Adapter 1, on the right, and then click Connected to a VM network.
16. Ensure that the VM network is Adatum North, click the VM Subnet drop-down list box, click
Adatum Finance, and then click Next.
17. On the Select Destination page, click Next.
18. On the Select Host page, ensure that lon-host1.adatum.com is selected, and then click Next.
19. On the Configure Settings page, in the Virtual machine path text box, type C:\Program Files
\Microsoft Learning\20409\Drives, and then click Next. (Note: this path may differ on your host.)
20. On the Add Properties page, click Next.
21. On the Summary page, review the settings, and then click Create.
22. Confirm that the Create Virtual Machine job completed successfully.
24. On LON-VMM1, click VMs and Services, click All Hosts, right-click LON-APP1, and then click
Migrate Virtual Machine.
25. In the Migrate VM Wizard, on the Select Host page, ensure that lon-host1.adatum.com is selected,
26. On the Select Path page, in the Storage location for VM configuration text box, type
\\lon-svr1.adatum.com\SVR1_Gold, click Automatically place all VHDs with the configuration,
27. On the Select Network page, leave the default settings, click Next, and then click Move.
28. Check the job status.
Results: After completing this exercise, you should have implemented a storage infrastructure.

Exercise 1: Managing Infrastructure Updates
Task 1: Integrate Windows Server Update Services (WSUS) with VMM
1.
2.
In the navigation pane, expand the Servers node, expand the Infrastructure node, and then click
Update Server.
3.
Right-click Update Server, and then click Add Update Server.
4.
In the Add Windows Server Update Services Server dialog box, in the Computer name text box,
type LON-WSUS, and then in the TCP/IP port text box, type 8530.
5.
Select the Enter a user name and password option. In the User name text box, type
Adatum\Administrator, in the Password text box, type Pa$$w0rd, and then click Add.
6.
In the Jobs window, click the Add Update Server job. On the Summary and Details tabs, monitor
the status of the configuration job.
7.
Note: Status is expected to be Completed w/ Info.
8.
With the Update Server node selected, verify that LON-WSUS.adatum.com displays in the results
pane, and that the Agent Status column displays Responding.
Task 2: Perform a manual synchronization with WSUS from VMM

1.
2.
In the navigation pane, expand the Servers node, expand Infrastructure, and then click Update
Server.
3.
In the Update Servers pane, right-click LON-WSUS.Adatum.com, and then click Synchronize.
4.
In the Jobs window, when the job displays an error message, close the Jobs window.
Note: An error is expected because there is no Internet connection. However, this will not
affect the rest of the lab exercise.
Task 3: Create the update baseline in VMM

1.
2.
Baselines.
3.
On the Home page, in Create group, click Create and then click Baseline.
4.
In the Update Baseline Wizard, in the Name text box, type LON Base1, click Next, and then click
Add.
5.
In the Add Updates to Baseline window, select all of the Updates, and then click Add.
6.
In the wizard click Next. Select the All Hosts and LON-VMM1.Adatum.com check boxes, and then
click Next.
7.
View the Summary, and then click Finish.
8.
In the Jobs window, select the Change properties of a baseline job.
9.
10. When the job displays as Completed, close the Jobs window.
11. With the Update Baselines node selected, verify that LON Base1 displays in the Baselines pane,
with Assignments set to 2.
Task 4: Assign an existing baseline in VMM
1.
2.
Baselines.
3.
On the Baselines pane, right-click LON Base1, and then click Properties.
4.
In the LON Base1 Properties dialog box, on the left side bar, click the Assignment Scope tab, select
the LON-WSUS.Adatum.com check box, and then click OK.
5.
On the Home page, click Jobs, click History, and verify that the status of job Change properties of
a baseline lists as Completed.
6.
Click back to the Library workspace.
7.
In the Library workspace, with the Update Baselines node selected, verify that LON Base1 displays
in the Baselines pane with Assignments set to 3.
Task 5: Scan for update compliance in VMM

1.
2.
In the navigation pane, click the Servers node, and then on the Home page, click Compliance.
3.
In the Results pane, select LON-WSUS.Adatum.com, and then on the Home page, click Scan.
4.
In the Results pane, verify that the Operational Status changes to Scanning.
5.
When the status changes again, verify that the Compliance Status changes to Compliant.
Results: After completing this exercise, you should have added and configured an Update Server to
manage infrastructure updates.

L9-83
Module 9: Creating and Managing Virtual Machines by

Using Microsoft System Center 2012 R2 Virtual Machine
Manager
Lab: Creating and Managing Virtual

Machines by Using System Center 2012 R2
Exercise 1: Creating a Virtual Machine and Modifying Its Properties
Task 1: Create a new virtual machine with the VMM console in Microsoft System
1.
On LON-VMM1, on the taskbar, click the Virtual Machine Manager Console icon.
2.
3.
In the Virtual Machine Manager Console, click the VMs and Services workspace.
4.
In the VMs and Service console tree, expand All Hosts, expand LocalGroup, and then click
LON-HOST1.
5.
On the ribbon, click the Home tab, click the Create Virtual Machine drop-down list box, and then
click Create Virtual Machine.
6.
In the Create Virtual Machine Wizard, on the Select Source page, click Create the new virtual
machine with a blank virtual hard disk, and then click Next.
7.
On the Identity page, in the Virtual machine name text box, type Win2012Lab9.
8.
In the Description text box, type Lab 9 exercise, create virtual machine, and then click Next.
9.
Under Network Adapters, click Network Adapter1.
10. In the Connectivity section, click Connected to a VM network, click Browse, in the pop-up window,
click External Network, click OK, and then click Next.
11. On the Select Destinations page, accept both the default Place the virtual machine on a host
option, and the Destination: All Hosts drop-down list-box selection, and then click Next.
12. On the Select Host page, give VMM a moment to rate the hosts. Highlight lon-host2.adatum.com,
13. On the Configure Settings page, under Virtual Machine path, type E:\Program Files\Microsoft
Learning\20409\, and then click Next. (Note that the actual drive letter may differ on your host
machine.)
15. On the Summary page, in the Confirm the settings section, click the View Script button.
16. Verify that Notepad opens and displays the Windows PowerShell script used to create the virtual
machine, with cmdlets with parameters for all the options you have chosen.
17. In Notepad, on the File menu, click Save As.
18. In the Save As pop-up window, name the file CreateWin8Lab9.ps1 in the Documents library. Be
sure to use the quotation marks, as this will save the extension as it is written, rather than saving it
with the .txt extension.
19. In the Save as type drop-down list box, click All Files (*.*), and then click the Save button.
20. Close Notepad.
21. Click the Create button.
22. Verify that the job starts, with multiple steps to create the virtual machine.
23. Verify that a Jobs pop-up window displays.
24. When the last job is completed, close the Jobs pop-up window.
25. In the console tree, under VMs and Services, under All Hosts, and under LocalGroup, click
LONHOST2.
26. In the VMs details pane, verify that Win2012Lab9 displays on this host.
27. Close the Virtual Machine Manager Console.
Results: After completing this exercise, you should have created a virtual machine and modified its
properties.
Exercise 2: Cloning a virtual machine

Task 1: Clone a virtual machine
L9-84 Creating and Managing Virtual Machines by Using Microsoft System Center 2012 R2 Virtual Machine Manager
1.
On the LON-VMM1 desktop, on the taskbar, click the Virtual Machine Manager Console icon.
2.
In the Virtual Machine Manager Console, on the Connect to Server page, click Connect.
3.
Verify that after a moment, the Virtual Machine Manager Console displays.
4.
In the workspace area, in the lower left section, click VMs and Services.
5.
LON-HOST1.
6.
In the VMs detail pane, click 20409B-LON-SVR2. Ensure the Virtual Machine tab is also selected.
7.
On the ribbon, click the Create drop-down list, and then click Clone.
8.
In the Create Virtual Machine Wizard, on the Identity page, in the Description box, type Clone of
the LON-SVR2 virtual machine, and then click Next.
9.
On the Configure Hardware page, click Next.
10. On the Select Destination page, click Next.
11. On the Select Host page, notice that VMM rates the hosts. In the Placement window where the two
hosts are listed, click lon-host2.adatum.com, and then click Next.
12. On the Select Path page, type F:\Program Files\Microsoft Learning\20409\, and then click Next.
(Note the actual drive letter may differ on your host machine.)
13. On the Select Networks page, click Next.
15. On the Summary page, click Create.
16. Verify that a Jobs pop-up window displays, and is populated with several steps detailing the cloning
of the virtual machine.
17. After about 10 minutes, verify that the cloned virtual machine is created.
19. In the VMM console, return to the VMs and Services console tree, expand All Hosts, expand
LocalGroup, and then click LON-HOST2.
20. In LON-HOST2, verify that 20409B-LON-SVR2 displays. This is the cloned virtual machine.
Task 2: Use Sysprep on the clone of LON-SVR2

1.
LON-HOST2.
2.
In the VMs detail pane, click 20409B-LON-SVR2, and on the ribbon, click Power On.
3.
After approximately 60 seconds, right-click 20409B-LON-SVR2, point to Connect or View, and then
click Connect via Console. If prompted, type Adatum\Administrator with the password of
Pa$$w0rd.
4.
In the Virtual Machine Viewer window, click the Ctrl-Alt-Del icon, and then sign in as
Adatum\Administrator with the password Pa$$w0rd.
5.
On the taskbar, right-click the Start button, and then click Windows PowerShell (Admin).
6.
In the Administrator: Windows PowerShell window, type cd c:\Windows\System32\Sysprep, and

then press Enter.
7.
Type .\Sysprep /generalize, and then press Enter.
8.
In the System Preparation Tool 3.14 pop-up window, select the Generalize check box.
9.
In the Shutdown Options drop-down list box, click Reboot, and then click OK.
10. Verify that the Sysprep is working pop-up window displays. Note that Sysprep will take approximately
five minutes to run.
11. When Sysprep finishes, the virtual machine will restart.
12. In the Virtual Machine Viewer window, on the File menu, click Exit.
13. In the Virtual Machine Manager Console, return to the VMs and Services workspace, and then click
LON-HOST2.
14. Click 20409B-LON-SVR2, and on the ribbon, click Power Off. Click Yes.
15. Click 20409B-LON-SVR2, and on the ribbon, click Delete. Click Yes.
16. Close the VMM console, and sign out of LON-VMM1.
Results: After completing this exercise, you should have cloned a virtual machine.
L10-87
Module 10: Configuring and Managing the Microsoft System

Center 2012 R2 Virtual Machine Manager Library and Library
Objects
Lab: Configuring and Managing the

Microsoft System Center 2012 R2 Virtual
Machine Manager Library and Library
Objects
Exercise 1: Configuring and Managing the Virtual Machine Manager
Library
Task 1: Examine the Library workspace defaults, and create the shared folders on the
virtualization host computers
1.
2.
3.
4.
5.
In the console tree, click and expand the Library Servers node. You should see the VMM
management server, LON-VMM1.Adatum.com. This is because the VMM management server is
always added to a library server when you install Microsoft System Center 2012 R2 Virtual Machine
Manager (VMM).
6.
On LON-HOST1 and LON-HOST2, perform the following tasks:

a.
On LON-HOST1, on the taskbar, click the File Explorer icon.
b.
In the This PC window, click Local Disk (C:).
c.
On the ribbon, on the Home tab, click the New folder icon. In the text box, type Host1Library,
and then press Enter.
d.
Right-click Host1Library, click Share with, and then click Specific people.
e.
In the File Sharing window, in the drop-down list, select Everyone, click Add, and then click
Share.
f.
In the File Sharing window, click Done.
g.
Close File Explorer.
h.
On LON-HOST2, on the taskbar, click the File Explorer icon.
i.
In the This PC window, click Local Disk (C:).
j.
On the ribbon, on the Home tab, click the New folder icon. In the text box, type Host2Library,
and then press Enter.
k.
Right-click Host2Library, click Share with, and then click Specific people.
l.
In the File Sharing window, in the drop-down list, select Everyone, click Add, and then click
Share.
m. In the File Sharing window, click Done.

n.
Close File Explorer.
o.
Switch back to LON-VMM1.
L10-88 Configuring and Managing the Microsoft System Center 2012 R2 Virtual Machine Manager Library and Library Objects
Task 2: Add LON-HOST1 and LON-HOST2 as Virtual Machine Manager library servers
1.
In the Virtual Machine Manager console, click the Library Servers node. On the ribbon, on the Home
tab, click the Add Library Server icon.
2.
In the Add Library Server Wizard, on the Enter Credentials page, select Enter a username and
password. In the User name text box, type ADATUM\administrator, in the Password text box, type
Pa$$w0rd, and then click Next.
3.
On the Select Library Servers page, in the Computer name text box, type Lon-host1, and then click
Add. Repeat this for Lon-Host2.
4.
In the Selected servers window, notice that you see both hosts. At the bottom of the page, click Next.
5.
On the Add Library Shares page, in the Select library shares to add details pane, select the
Host1Library and Host2Library check boxes.
6.
On the Add Library Shares page, note the Add Default Resources check boxes to the right. This
adds the ApplicationsFrameworks folder to the share. Also, note the Show hidden shares check box
at the bottom of the page. By selecting this check box, the shares that were created as hidden will
display.
7.
Select both the Add Default Resources check boxes, and then click Next.
8.
On the Summary page, note the View Script button. Clicking it will bring up Notepad with the
Windows PowerShell cmdlets linked together in a script that will re-create all the selections that you
made in the wizard. This very useful file can help you document your administrative actions and recreate your environment.
9.
At the bottom of the Summary page, click the Add Library Servers button.
10. When the Jobs window opens, notice the two Add library server jobs. It will take about two minutes
to complete these jobs. When both jobs complete, close the Jobs window.
Task 3: Examine the library server shared folder resources, and create an additional
subfolder on LON-HOST1
In the Virtual Machine Manager console, return to the Library workspace and review the new library
servers that you have added to the Library Servers node in the console tree by expanding each library
server and its library.
1.
In the ApplicationsFrameworks node of the Host1Library, in the Physical Library Objects details
pane, click SAV_x86_en-US_ string-of-numbers.cr. Note that the values found in the string of
numbers will vary over time.
2.
On the ribbon, on the Custom Resource tab, click Properties.
3.
In the Properties dialog box, click View equivalent resources. Examine the items in the window,
and then click Cancel.
4.
Click the Dependencies page. Notice that no dependencies display, but if this custom resource had
dependencies, they would be listed here. This information is useful when determining whether to
delete an object to see if it is still dependent or being depended upon by another object.
5.
On the Dependencies page, click Cancel.
6.
In the VMM console, in the console tree, right-click Host1Library, and then click Explore.
7.
In the Host1Library window, click the Home tab, and then click New folder. In the New folder text
box, type ISOs, and then press Enter.
8.
Open the ISOs folder, and then create a text file named Test.iso. In the Rename box, click Yes.
9.
Close the Host1Library window.
10. Return to the Library workspace in the VMM console, and examine the Host1Library window again.
The ISOs folder should now display. If not, right-click Host1Libary, and then click Refresh.
Exercise 2: Creating and Managing Profiles and Templates

Task 1: Create the Guest OS Profile
1.
2.
In the console tree, select and expand the Profiles node.
3.
In the console tree, click the Guest OS Profiles node.
4.
On the Home tab, click the Create icon, and on the shortcut menu, click Guest OS Profile.
5.
In the New Guest OS Profile Wizard, on the General page, in the Name text box, type LabGuestOS,
and then in the Description text box, type Lab creating a GuestOS profile.
6.
In the New Guest OS Profile box, click the Guest OS Profile page.
7.
On the Guest OS Profile page, in the General Settings section, under Operating System, click the
down arrow, and then click 64-bit edition of Windows Server 2012 Standard.
8.
Click the Identity Information section, and in the Computer name text box, type
WS2012-Core###.
9.
Click the Admin Password item, and then in the details pane, click Specify password of the local
administrator account. In the Password and Confirm text boxes, type Pa$$w0rd.
10. In the New Guest OS Profile Wizard, click OK. In the Profiles details pane, LabGuestOS now displays.
Task 2: Create the Hardware Profile

1.
In the console tree, click the Hardware Profiles node.
2.
On the Home tab, click the Create icon, and then on the shortcut menu, click Hardware Profile.
3.
In the New Hardware Profile Wizard, on the General page, in the Name text box, type
LabHWProfile, and in the Description text box, type Lab creating a hardware profile.
4.
In the New Hardware Profile box, select the Hardware Profile page.
5.
On the Hardware Profile page, in the Compatibility section, select the Hyper-V check box.
6.
In the central console tree, click Memory. In the Memory details pane, select Dynamic, and then in
the Maximum memory area, overtype the value shown with 1024.
7.
Scroll down in the center console tree, and then click Network Adapters, Network Adapt. In the
Network Adapter 1 details pane, select Connected to a VM network. In the VM network area, click
the Browse button. In the pop-up window, click External Network, and then click OK.
8.
In the New Hardware Profile Wizard, click OK. Notice that the LabHWProfile now displays.
Task 3: Create a virtual machine template
L10-90 Configuring and Managing the Microsoft System Center 2012 R2 Virtual Machine Manager Library and Library Objects
1.
In the console tree, select and expand the Templates node.
2.
Click the VM Templates node. On the ribbon, on the Home tab, click the Create VM Template icon.
3.
In the Create VM Template Wizard, on the Select Source page, note the Use an existing VM
template or a virtual hard disk stored in the library option. To the right of this option, click
Browse.
4.
In the Select VM Template Source window, click Blank Disk Small.vhdx, and then click OK.
5.
On the Select Source page, click Next.
6.
On the Identity page, in the VM Template name text box, type LabVMTemplate, in the
Description text box, type Lab creating a VM template, and then click Next.
7.
On the Configure Hardware page, click the Hardware profile list box, click LabHWProfile, and
then click Next.
8.
On the Configure Operating System page, click the Guest OS profile drop-down list box, click
LabGuestOS, and then click Next.
9.
On the Application Configuration page, click the Application profile drop-down list box, click
None do not install any applications, and then click Next.
10. On the SQL Server Configuration page, click the SQL Server profile drop-down list box, click None
no SQL Server configuration settings, and then click Next.
11. On the Summary page, click Create.
12. Review and then close the Jobs window.
13. In the Templates details pane, click and then review LabVMTemplate.
14. On the ribbon, on the Template tab, note that you can enable and disable, export, and even delete a
template.
15. Click the Properties icon.
16. In the Properties dialog box, note that the Hardware and OS Configuration pages no longer point
to the profiles created earlier, but are the full settings that you placed in the profiles. Note the
additional pages that are available. Notice that you can create custom Properties, and on the
Settings page, assign self-service Quota points.
17. Notice also on the Dependencies page that the template is dependent on the Blank Disk
Small.vhdx virtual hard disk that you selected earlier. Notice also that there are no validation errors
and that on the Access page, you can assign other self-service users and roles.
18. Click the Cancel button.
L11-91
Module 11: Managing Clouds in Microsoft System Center

2012 R2 Virtual Machine Manager
Lab: Managing Clouds in Microsoft System

Exercise 1: Creating a Private Cloud
Task 1: Review the scenario and the email from Ed Meadows, and then answer the
questions
Review the scenario and the email from Ed Meadows, and then answer the following questions:
1.
How many private clouds do you need to create?
Answer: You will need to create two private clouds: one for the Development department, and the
other for the Research department.
2.
How many user roles should you create?
Answer: You should create two user roles: one for the Development department, and the other for
the Research department.
3.
How will you fulfill the requirement to ensure that the resources are not overwhelmed?
Answer: You must use the Quotas for the named cloud settings.
Task 2: Create the Development private cloud

1.
2.
When the LON-VMM1 desktop displays, on the taskbar, click the Virtual Machine Manager Console
icon.
3.
4.
In Microsoft System Center 2012 R2 Virtual Machine Manager (VMM), in the Virtual Machine
Manager console, in the Workspace area, on the lower left, click VMs and Services.
5.
On the ribbon, click the Create Cloud button. This will bring up the Create Cloud Wizard.
6.
In the Create Cloud Wizard, on the General page, in the Name text box, type DevCloud, in the
Description text box, type Cloud for the Development Department, and then click Next.
7.
On the Resources page, in the Select the resources for this cloud area, select the LocalGroup
check box, and then click Next.
8.
On the Logical Networks page, note the logical networks that are available. In the Logical networks
pane, select the External Network check box, and then click Next.
9.
On the Load Balancers page, click Next.
10. On the VIP Templates page, click Next.
11. On the Port Classifications page, select the following check boxes, and then click Next: Host
management, Guest Dynamic IP, Medium bandwidth, Low bandwidth and High bandwidth
12. On the Storage page, in the Storage classifications pane, select the Local Storage check box, and
then click Next.
13. On the Library page, click Next.
L11-92 Managing Clouds in Microsoft System Center 2012 R2 Virtual Machine Manager
14. On the Capacity page, clear the Memory (GB): check box, and then in the Assigned Capacity text
box, type 8. Clear the Storage (GB) check box, and then in the Assigned Capacity text box, type
1000. Clear the Virtual machines check box, in the Assigned Capacity text box type 3, and then
click Next.
15. On the Capability Profiles page, select the Hyper-V check box, and then click Next.
17. When the Jobs window displays, wait for it to finish the Create new Cloud task, and then close this
window.
18. In the console tree, under VMs and Services, under the Clouds node, click DevCloud.
19. On the ribbon, click the Overview button. Review the Cloud summary in the details pane, and verify
that it contains the capacity values that you just changed.
Task 3: Create the Research private cloud

1.
In the Virtual Machine Manager console, in the Workspace area, on the lower left, click VMs and
Services.
2.
On the ribbon, click Create Cloud. This will bring up the Create Cloud Wizard.
3.
In the Create Cloud Wizard, on the General page, in the Name text box, type ResCloud, in the
Description text box, type Cloud for the Research Department, and then click Next.
4.
On the Resources page, in the Select the resources for this cloud area, select the LocalGroup
check box, and then click Next.
5.
On the Logical Networks page, In the Logical networks pane, select the External Network check
box, and then click Next.
6.
On the Load Balancers page, click Next.
7.
On the VIP Templates page, click Next.
8.
On the Port Classifications page, select the following check boxes, and then click Next: Host
management, Guest Dynamic IP, Medium bandwidth, Low bandwidth and High bandwidth.
9.
On the Storage page, in the Storage classifications pane, select the Local Storage check box, and
then click Next.
10. On the Library page, click Next.
11. On the Capacity page, clear the Virtual CPUs: check box, and then in the Assigned Capacity text
box, type 2. Clear the Memory (GB) check box, and then in the Assigned Capacity text box, type 8.
Clear the Storage (GB) check box, and then in the Assigned Capacity text box, type 1000. Clear the
Virtual machines check box, in the Assigned Capacity text box, type 3, and then click Next.
12. On the Capability Profiles page, select the Hyper-V check box, and then click Next.
13. On the Summary page, at the bottom of the page, click the Finish button.
14. When the Jobs window displays, wait for the Create New Cloud task to finish, and then click Close.
15. In the console tree, under VMs and Services, under the Clouds node, click ResCloud. On the ribbon,
click the Overview button.
16. In the details pane, in the Cloud summary area, verify that the values for ResCloud contain the
capacity values that you changed.
Results: After completing this exercise, you should have created a private cloud based in a host group,
and you should have reviewed its properties.
Exercise 2: Working With User Roles

Task 1: Create the Development department user role
1.
In the Virtual Machine Manager console, in the workspace area in the lower left, click Settings.
2.
In the Settings console tree, expand the Security node, and then click User Roles.
3.
On the Home tab, click the Create User Role button.
4.
In the Create User Role Wizard, on the Name and description page, in the Name text box, type
DevRole, in the Description text box, type User role created for the Development Department,
5.
On the Profile page, select the Application Administrator (Self-Service User) radio button, and
then click Next.
6.
On the Members page, click the Add button.
7.
In the Select Users, Computers, or Groups pop-up, in the Enter the object names to select
(examples) text box, type Development, and then click OK.
8.
Verify that on the Members page, in the Members window pane, ADATUM\Development displays,
9.
On the Scope page, in the Scope: pane, select the DevCloud check box, and then click Next.
10. On the Quotas for the DevCloud cloud page, at the bottom of the page, in the Member level
quotas section, in the Virtual Machines row, clear the Use Maximum column check box. In the
Assigned Quota column, type 1, and then click Next.
11. On the Networking page, click the Add button.
12. In the Select VM Networks pop-up, select the External network, click OK, and then, click Next.
13. On the Resources page, at the bottom of the page, in the Specify user role data path, click the
Browse button.
14. In the Select Destination Folder pop-up, click the MSSCVMMLibrary node, click OK, and then click
Next.
15. On the Permissions page, in the Select the permitted actions for this user role section, under the
Name column, select all of the check boxes, clear the Receive and Share check boxes, and then click
Next.
16. On the Run As accounts page, click Next.
17. On the Summary page, in the Confirm the settings section, review the selections, and then click
Finish.
18. When the Jobs pop-up window displays, wait for all of the jobs to complete, and then close the
window.
19. In the Settings console tree, in the Security node, under User Roles, in the User Roles details pane,
click the DevRole object. On the ribbon, click the Properties button.
20. In the DevRole Properties dialog box, review the various properties, and then click Cancel.
Task 2: Create the Research department user role

1.
In the Virtual Machine Manager console, in the workspace area, in the lower left, click Settings.
2.
In the Settings console tree, expand the Security node, and then click User Roles.
3.
On the Home tab, click Create User Role.
4.
In the Create User Role Wizard, on the Name and description page, in the Name text box, type
ResearchRole, in the Description text box, type User role created for the Research Department,
5.
On the Profile page, verify that the Application Administrator (Self-Service User) radio button is
6.
On the Members page, click the Add button.
7.
In the Select Users, Computers, or Groups pop-up, in the Enter the object names to select
(examples) text box, type Research, and then click OK.
8.
On the Members page, in the Members pane, verify that ADATUM\Research displays, and then click
Next.
9.
On the Scope page, in the Scope pane, select the ResCloud check box, and then click Next.
10. On the Quotas for the ResCloud cloud page, in the Member level quotas section, in the Virtual
Machines: row, clear the Use Maximum column check box, in the Assigned Quota column, type 1,
11. On the Networking page, click Add.
12. In the Select VM Networks pop-up, click External network, click OK, and then click Next.
13. On the Resources page, click the Browse button.
14. In the Select Destination Folder pop-up, click the Host1Library node, click OK, and then click Next.
15. On the Permissions page, in the Select the permitted actions for this user role section, under the
Name column, select all the check boxes, clear the Receive and Share check boxes, and then click
Next.
16. On the Run As accounts page, click Next.
17. On the Summary page, observe the Confirm the settings section, review the selections, and then
click Finish.
18. When the Jobs pop-up window displays, wait for all the jobs to complete and then close the window.
19. In the Settings console tree, in the Security node, under User Roles, verify that the ResearchRole
object displays in the User Roles details pane. Click ResearchRole, and then on the ribbon, click the
Properties button.
20. In the ResearchRole Properties dialog box, review the various properties, and then click Cancel.
Results: After completing this exercise, you should have created several user roles, explored different
configuration options, and then connected VMM as a member of different roles to confirm which actions
they can perform.
Exercise 3: Deploying Virtual Machines to a Private Cloud

machines as a Development department User
1.
Sign in to LON-CL1 as adatum\ben with a password of Pa$$w0rd. (You may have to wait a moment
while the users profile is created.)
2.
On the Start screen, move the mouse pointer directly under the Desktop tile. When a round white
circle with a white down arrow in it displays, click it.
3.
tile area. Select and then right-click the Virtual Machine Manager Console tile. In the Command bar
at the bottom of the page, click Pin to Taskbar.
4.
On the keyboard, tap the Windows key.
5.
On the Start screen page, click the Desktop tile.
6.
On the desktop, on the taskbar click the Virtual Machine Manager Console icon.
7.
In the Connect to Server pop-up, in the Server name text box, type
LON-VMM1.adatum.com:8100, and then click Connect.
8.
When the Virtual Machine Manager console displays, maximize it, if it is not already maximized.
9.
Note that throughout the console, the objects available to select are very different, or are missing
entirely. This is because Ben is only an Application Administrator.
10. In the Workspace area, in the lower left, click VMs and Services, expand Clouds, and then click
DevCloud.
11. In the Virtual Machine Manager console, on the ribbon click the Create Virtual Machine button, and
then select Create Virtual Machine from the menu.
12. In the Create Virtual Machine Wizard, on the Select Source page, select the Create the new virtual
machine with a blank virtual hard disk radio button, and then, click Next.
13. On the Identity page, in the Virtual machine name text box, type 1stDevCloudVM. In the
description text box, type First virtual machine in the DevCloud, and then click Next.
14. On the Configure Hardware page, in the Compatibility section, select the Hyper-V check box, and
then click Next.
15. On the Select Destinations page, accept the default Deploy the virtual machine to a private
cloud radio button, and then click Next.
16. On the Select Cloud page, wait a moment for VMM to select a destination. Using the mouse,
highlight DevCloud, and then click Next.
18. On the Summary page, click the Create button.

19. When the job starts, notice that there are multiple steps to create the virtual machine.
20. When the Jobs pop-up window displays, wait until the last job completes, and then close the Jobs
pop-up.
21. In the console tree, under VMs and Services, under Clouds, under DevCloud, in the VMs details
pane, verify that 1stDevCloudVM is the only virtual machine on this host.
22. Attempt to make another virtual machine, using the steps above, but change the name to
2ndDevCloudVM and the description to Second virtual machine in the DevCloud.
23. When you reach the Select Cloud page in the Create Virtual Machine Wizard, the task will fail.
24. Review the Details area below. Click the Ratings Explanation tab, and note the line that says, The
operation results in a violation of the virtual machine count quota for the private cloud.
25. Click the Cancel button. In the Create Virtual Machine Wizard pop-up, click Yes.
26. With the DevCloud selected, right-click 1stDevCloudVM, and then click Delete. In the confirmation
pop-up, click Yes.
28. Sign out of LON-CL1.
machines as a Research department user
1.
Sign in to LON-CL1 as adatum\hani with a password of Pa$$w0rd. You may have to wait a moment
2.
On the Start screen, move the mouse pointer directly under the Desktop tile. When a round white
circle with a white down arrow in it displays, click it.
3.
tile area. Select and then right-click the Virtual Machine Manager console tile. In the Command
bar at the bottom of the page, click Pin to Taskbar.
4.
On the keyboard, tap the Windows key.
5.
On the Start screen page, click the Desktop tile.
6.
On the desktop, on the taskbar click the Virtual Machine Manager Console icon.
7.
In the Connect to Server pop-up, in the Server name text box, type
LON-VMM1.adatum.com:8100, and then click Connect.
8.
When the Virtual Machine Manager console displays, maximize it, if it is not already maximized.
9.
Note that in the Virtual Machine Manager console, the objects available to select are very different, or
missing entirely. That is because Hani is only an Application Administrator.
10. In the Workspace area in the lower left, click VMs and Services, expand Clouds, and select
ResCloud.
11. In the VMM console, on the ribbon, click the Create Virtual Machine button and then select Create
Virtual Machine from the menu.
12. In the Create Virtual Machine Wizard, on the Select Source page, select the Create the new virtual
machine with a blank virtual hard disk radio button, and then click Next.
13. On the Identity page, in the Virtual machine name text box, type 1stResCloudVM. In the
description text box, type First virtual machine in the ResCloud, and then click Next.
14. On the Configure Hardware page, in the Compatibility section, select the Hyper-V check box, and
then click Next.
15. On the Select Destinations page, accept the default Deploy the virtual machine to a private
cloud radio button, and then click Next.
16. On the Select Cloud page, give VMM a moment to select a destination. Using the mouse, highlight
ResCloud, and then click Next.
18. On the Summary page, click the Create button.
19. When the Jobs pop-up window displays, wait for the job to complete, and then close the Jobs pop-up
window.
20. In the console tree, under VMs and Services, under Clouds, and under ResCloud, in the VMs details
pane, verify that 1stResCloudVM is the only virtual machine on this host.
21. Attempt to make another virtual machine, using the steps above, but change the name to
2ndResCloudVM and the description to Second virtual machine in the ResCloud.
22. When you reach the Select Cloud page in the Create Virtual Machine Wizard, the task will fail.
Review the Details area on this page, and click the Ratings Explanation tab. Note the line that says,
The operation results in a violation of the virtual machine count quota for the private cloud.
23. Click the Cancel button. In the Create Virtual Machine Wizard pop-up, click Yes.
24. With ResCloud selected, right-click 1stResCloudVM, and then click Delete. When the confirmation
pop-up displays, click Yes.
26. Sign out of LON-CL1.
Results: After completing this exercise, you should have used the VMM console to create virtual machines
as a Development department user, and as a research department user.
L12-99
Module 12: Managing Services in Microsoft System Center

2012 R2 Virtual Machine Manager and App Controller
Lab: Managing Services in Microsoft System

and App Controller
Exercise 1: Creating a Service Template
Task 1: Open the Virtual Machine Manager Service Template Designer with a new
service template
1.
2.
On the desktop, on the taskbar, click the Virtual Machine Manage Console icon.
3.
4.
In Microsoft System Center 2012 R2 Virtual Machine Manager (VMM), in the Virtual Machine
Manager console, on the lower left, click the Library workspace.
5.
On the ribbon, on the Home tab, click Create Service Template.
6.
In the New Service Template dialog box, in the Name field, type Lab 12 Service Template,
and then in the Release text box, type 1. In the Patterns section, click Single Machine, and then
click OK.
7.
In the Virtual Machine Manager Service Template Designer console, note the name selected. Note
that Lab 12 Service Template is part of the overall name, because this is what you are currently
designing, and the numeral 1 is the release version.
8.
Note the Designer canvas area, which is the central part of the console. Note that this part of the
console has the various blocks connected to each other. The text that appears dimmed, highlighted
with a large down arrow, gives advice on how you can drag-and-drop various virtual machine
templates into the designer. You can do this either in the blank canvas area to make a new tier or
onto the existing template to replace its tier.
Task 2: Use the Service Template Designer to modify a single tier virtual machine
1.
In the Virtual Machine Manager Service Template Designer, click the Single Tier box, highlighted
with a red circle with an exclamation mark. Note the text below that explains why it has this warning,
which is because the template does not include a virtual hard disk or virtual machine network.
2.
Right-click the Single Tier name text and then from the drop-down list box, click Properties.
3.
In the Single Tier properties dialog box, configure the various pages in the properties, as follows:
a.
On the General page, in the Name text window, type Lab12ServiceVM. Provide the name and
description; prevent the virtual machine from migrating automatically; allow it to be scaled out;
and create and availability set for the tier.
b.
On the Hardware Configuration page, use the following settings:

i.
In the Compatibility section, select the Hyper-V check box.
ii.
In the console tree, directly under Bus Configuration, click IDE Devices. Click the green plus
sign entitled New, click Disk, and then in the Virtual Hard Disk details area, click Browse.
L12-100 Managing Services in Microsoft System Center 2012 R2 Virtual Machine Manager and App Controller
iii.
In the Select a virtual hard disk pop-up dialog box, click SmallCore.vhd, and then click OK.
iv.
In the Hardware Configuration console tree, scroll down, and then in the Network Adapters
section, click Network Adapt Not connected.
v.
In the Network Adapter 1 (Legacy) details pane, click the Connected to a VM network
option, and then click Browse.
vi.
In the pop-up window, click External Network, and then click OK.
Use the Hardware page to set the various hardware configurations that you would configure for
any new virtual machine in the VMM console.
c.
On the OS Configuration page, in the Operating system drop-down list, click 64-bit edition of
Windows Server 2012 Standard. Note that you can configure the name of the computer, the
local administrator password, the product key, and a time zone. Note the Roles and Features
area. Add roles and features here that can be run on a Windows Server. Also, note that you can
join a domain, and that it shows you are in a workgroup currently. Note the Scripts area, where
you can provide Answer File and even Run Once commands.
d.
On the Application Configuration page, note that the Application profile list has three
sections under it: OS Compatibility, Applications, and Scripts. In the Compatible operating
systems available details pane, in the OS Compatibility area, note that you can select none, one,
some, or all check boxes. Select the 64-bit edition of Windows Server 2012 Standard check
box. In the console tree of the Application Configuration page, click Applications. In the
Application profile list at the top of the page, click None do not install any applications.
Note that clicking this make all previously viewed items on the page appear dimmed.
You use the Application Configuration page to add applications and scripts that will run on the
virtual machine.
e.
On the SQL Server Configuration page, note that by default, the SQL Server profile list is set to
None no SQL Server configuration settings.
f.
On the Custom Properties page, note that you can add various custom properties.
g.
On the Settings page, note that you can specify the number of points to apply towards an
owners virtual machine quota, when a virtual machine is assigned to a self-service user.
h.
On the Dependencies page, because this is a default template, note that no dependencies have
been found.
i.
On the Validation Errors page, note that any errors would be listed.
j.
4.
In the Service Template Designer canvas area, use the mouse to drag the External Network box
down beside the NIC 1 box.
5.
Do not close the VMM Service Template Designer.
Results: After completing this exercise, you should have created a service template by using the Service
Template Designer.
Exercise 2: Deploying a Service and Updating a Service Template

Task 1: Deploy the service
1.
In the Service Template Designer, on the Home tab, click the Save and Validate icon, and then click
the Configure Deployment icon next to it.
2.
In the Select name and destination pop-up dialog box, in the Name text box, type Lab 12 Service,
in the Destination drop-down list box, ensure that DevCloud is selected, and then click OK.
3.
When the Deploy Service Lab 12 Service console displays, if you see a pink shaded area in the
middle of the screen that indicates that it could not find a host, then click Refresh Preview on the
ribbon.
4.
Verify that the Designer pane in the center window shows that the service starts in DevCloud. Under
the Service Tier icon, click the random name, and then in the bottom center window, in the VM
name and Computer Name boxes, type Lab12ServiceVM.
5.
On the ribbon, click the Deploy Service icon.
6.
In the Deploy service pop-up window, click Deploy.
7.
In the Jobs window, verify that the Create Service Instance job displays and is running. This will take
approximately 30 minutes to complete.
8.
When the job completes, close the Jobs window.
9.
In the VMs and Services workspace, in the VMs and Services console tree, expand Clouds, and then
select DevCloud.
10. In the ribbon, in the Show tab, select VMs. In the VMs details pane, note that the Lab12ServiceVM
virtual machine is running, and then leave it running.
Task 2: Create an update for the service template

1.
In the Virtual Machine Manager console, open the Library workspace.
2.
In the console tree, expand Templates, and then click Service Templates.
3.
In the Templates details pane, right-click the Lab 12 Service Template service template, and then
click Properties.
4.
On the Lab 12 Service Template Properties page, click the Access page in the console tree, and
then in the Access details pane, click Add.
5.
In the Select Users pop-up, select the DevRole check box, and then click OK twice.
Note: Due to the ongoing creation of the Lab12ServiceVM virtual machine from Task 1
above, step 5 may take longer than expected or fail. If that happens, you cannot run Exercise 4,
Task 1.
Task 3: Update the service template

1.
In the VMs and Service workspace, on the Home tab, click Services.
2.
In the Services details pane, click Lab 12 Service Template. You may have to expand the size of the
Template Name column to see the full name of the items listed.
3.
On the Service tab of the ribbon, click Set Template.
4.
In the Change Service Template for Lab 12 Service window, on the Updated Service Template page,
under Select how to update the service, click Replace the current template with an updated
template for the service, and then click Browse.
5.
In the Select a Service Template Wizard, click Lab 12 Service Template, Release 1, click OK, and
then click Next.
6.
In the Settings page, verify that No settings to configure displays, and then click Next.
7.
On the Update Method page, in the drop-down list box, ensure that Apply updates to existing
virtual machines in-place is selected, and then click Next.
8.
On the Updates review page, select the Apply the updates to the service immediately after this
wizard completes check box, and then click Next.
9.
10. When the Jobs window displays, wait until the servicing job completes, and then close the Jobs
window.
Results: After completing this exercise, you should have configured service deployment, and then
deployed the service. You also should have modified the template, and then updated the service.
Exercise 3: Configuring App Controller

Task 1: Connect App Controller to VMM
1.
On LON-VMM1, click to the Start screen, and then click App Controller.
2.
In Windows Internet Explorer, on the App Controller sign-in webpage, type

Adatum\Administrator as the User name and Pa$$w0rd as the Password, and then click Sign In.
3.
On the Overview page, under Private Clouds, click Connect a Virtual Machine.
4.
On the Add a new VMM connection page, provide the following settings, and then click OK:
5.
Connection name: Adatum
Server name: LON-VMM1.adatum.com
Verify that the App Controller webpage loads with data displaying under the Private Clouds
section.
Task 2: Load App Controller on LON-CL1

1.
Sign in to LON-CL1 as adatum\administrator with the password Pa$$w0rd.
2.
On the Start screen, click the Desktop tile.
3.
In the Taskbar, click the File Explorer icon.
4.
In File Explorer, right-click This PC in the console tree, and then select Properties.
5.
In the console tree of the System window, click Remote settings.
6.
In System Properties, ensure that you are in the Remote tab, and then in the Remote tab, click the
Select Users button.
7.
In the Remote Desktop Users pop-up window, click the Add button.
8.
In the Select Users and Groups pop-up window, in the text box, type adatum\ben; adatum\hani,
and then click the Check names button.
9.
In the Multiple Names Found pop-up window, select Ben Martens, and then click OK four times.
10. Close the System window, and then sign out of LON-CL1.
11. Sign in to LON-CL1 as adatum\ben with the password Pa$$w0rd.
12. On the Start screen, click the Desktop tile, and then on the taskbar, click the Internet Explorer icon.
13. Maximize the Internet Explorer window, and in the address bar, type
https://lon-vmm1.adatum.com/and then press Enter.
14. In the There is a problem with this websites security certificate, click the Continue to this
website hyperlink.
15. On the bar on the bottom that specifies Microsoft Silverlight is not compatible, click Run Control,
and then click Continue to this website.
16. On the App Controller web portal page, in the User name text box, type adatum\ben, and in the
Password text box, type Pa$$w0rd, and then click Sign In.
Task 3: Explore the functionality of the App Controller web page

1.
On the App Controller Overview web portal page, in the Status area, under Private Clouds, click
the 1 Virtual Machine Manager cloud hyperlink.
2.
In the Clouds area of the console tree, verify that DevCloud displays.
3.
Click the Internet Explorer back arrow.
4.
On the App Controller Overview web portal page, in the Status area, under Private Clouds, click
the X (where X is a number 0-n) Virtual Machine hyperlink.
5.
If a virtual machine exists, perform the following steps:

a.
Write down the name of the virtual machine.
b.
Return to LON-VMM1.
c.
In the VMM manager console, remain signed on as Adatum\administrator, and then click the
VM and Services workspace.
d.
In the VMs details pane, find and right-click the virtual machine from step a.
e.
Click Delete, and then click Yes two times in the Virtual Machine Manager pop-up windows.
f.
Return to LON-CL1, where you are signed on as Adatum\Ben.
g.
In the Virtual Machines detail pane of App Controller, click the Refresh icon, which is highlighted
with a green circular arrow. The virtual machine should not appear in the list.
6.
In the console tree, click the Library node. Review the additional console tree that now displays in the
middle of the screen. Verify that the details pane to the right displays the Lab 12 Service Template
that you created in Exercise 1.
7.
In the main console tree, click the Jobs item that shows the different jobs that have been run in the
App Controller. If no jobs have been performed, the details pane will be empty.
8.
Do not close or sign out of the App Controller page.
Results: After completing this exercise, you should have configured App Controller to connect to a
private cloud.
Exercise 4: Deploying a Virtual Machine in App Controller

Task 1: Deploy the Lab 12 Service Template
1.
On the App Controller Overview web portal page, in the console tree, click Library.
2.
In the middle console tree that appears, click the Templates node. In the details pane to the right,
right-click Lab 12 Service Template, and in the drop-down list box, click Deploy.
3.
In the New Deployment design view window, in the Cloud box, click the Configure hyperlink.
4.
In the Select a cloud for this deployment window, notice that DevCloud is the only cloud to display,
and then click OK.
5.
Notice that in the design view, two more boxes are added: Service, and Machine Tier with an
Instance box in it. Note that both the Service and Instance box have a Configure hyperlink. In the
Service box, click the Configure hyperlink.
6.
In the Properties of Lab 12 Service Template window, in the Service name box, type
AppCServiceDevCloud, and then click OK.
7.
In the Instance box, click the Configure hyperlink.
8.
In the Properties of new virtual machine window, note that you cannot change the virtual machine
name, and then click OK. The computer name will be generated randomly.
9.
In the New Deployment window, in the lower-right corner, click Deploy. Click the VMM service
deployment started hyperlink
10. In the Jobs node, wait for the job to finish. It may take approximately 15 to 20 minutes to finish the
deployment. If the service instance takes longer than 15 minutes, switch to the host machine that is
hosting the new service, and then in the Hyper-V console, view the virtual machine.
11. While you are waiting for the job to finish, open the LON-VMM1 virtual machine, and then in the
VMM console, click the Jobs workspace.
12. In the console tree, click the Running node. Verify that you see a Create Service Instance that is
running. Because this job takes a long time to finish, do not wait for it to finish, but proceed to the
next step.
13. Switch back to LON-CL1, and in the App Controller console tree, click the Virtual Machines node.
After several minutes, you will see a new virtual machine with a name of a long string of letters and
numbers, which is the randomly generated name. Verify that the virtual machine has a status of
Running.
14. On the App Controller web portal page, on the upper right, click the Sign out hyperlink.
15. Close Internet Explorer, and then sign out of LON-CL1.
16. On LON-VMM1, close all open windows, and then sign out of LON-VMM1.
Results: After completing this exercise, you should have deployed a virtual machine by using App
Controller.
L13-105
Module 13: Protecting and Monitoring Virtualization

Infrastructure
Lab: Monitoring and Reporting

Virtualization Infrastructure
Exercise 1: Implementing Microsoft System Center 2012 R2 Operations
Manager Agents
Task 1: Deploy Operations Manager agents using the Operations console
1.
On LON-OM1, from the taskbar, click the Operations Manager console icon.
2.
In the Operations console, click the Administration workspace, and then above the Monitoring
workspace, click Discovery Wizard.
3.
In the Computer and Device Management Wizard, on the Discovery Type page, ensure that
Windows computers is selected, and then click Next.
4.
On the Auto or Advanced page, click Advanced Discovery, and then click Next.
5.
On the Discovery Method page, click Browse for, or type-in computer names, in Computer
names text box, type LON-HOST1.adatum.com, and then click Next.
6.
On the Administrator Account page, click Discover. It may take up to 20 minutes for discovery to
occur.
7.
On the Select Objects to Manage page, click LON-HOST1.adatum.com, and then click Next.
8.
9.
Wait for the task to complete successfully, and then click Close.
Task 2: Deploy Operations Manager agents manually

1.
On LON-OM1, in the Operations console, click the Administration workspace.
2.
In the Administration navigation pane, click Settings, right-click Security, and then click Properties.
3.
In the Properties dialog box, click Review new manual agent installations in pending
management view, and then click OK.
4.
Switch to LON-VMM1.
5.
On LON-VMM1, right-click the Start hint, and then click Run.
6.
In the Open text box, type the following address, and then click OK:
\\lon-om1\c$\Program Files\Microsoft System Center 2012 R2\Operations Manager
\Server\AgentManagement\amd64\momagent.msi
7.
In the Microsoft Monitoring Agent Setup Wizard, on the Welcome page, click Next.
8.
On the Notice page, click I Agree.
9.
On the Destination folder page, click Next.
10. On the Agent Setup Options page, review the options, and then click Next.
11. On the Management Group Configuration page, in the Management Group Name text box, type
Adatum, in the Management Server text box, type LON-OM1, and then click Next.
12. On the Agent Action Account page, click Next.

13. On the Microsoft Update page, click Next.
14. On the Ready to Install page, click Install.
15. When the agent finishes installing, click Finish.
16. Switch to LON-OM1.
L13-106 Protecting and Monitoring Virtualization Infrastructure
17. On LON-OM1, in the Operations Manager console, in the Administration workspace, under Device
Management, click Pending Management.
18. Click LON-VMM1.adatum.com, and then click Approve.
19. In the Manual Agent Install window, read the information, and then click Approve.
Results: After completing this exercise, you should have deployed Operations Manager agents to a
virtualization host and to a virtual machine.
Exercise 2: Configuring Operations Manager Monitoring Components

Task 1: Configure notifications
1.
In the Operations Manager console, click the Administration workspace, and under Notifications,
click Channels.
2.
In the Task pane, click New, and then click Email (SMTP).
3.
In the E-mail Notification Channel window, on the Description page, click Next to accept the default
channel name and description.
4.
On the Settings page, click Add.
5.
In the Add SMTP Server window, enter the following information, and then click OK:
o
Port number: 25
6.
On the Settings page, in the Return address text box, type SCAlerts@adatum.com, and then click
Next.
7.
On the Format page, click Finish to accept the default message format.
8.
9.
In the Operations Manager console, in the Administration workspace, under Notifications, click
Subscribers.

11. In the Notification Subscriber Wizard, on the Description page, in the Subscriber Name text box,
type Administrator, and then click Next.
12. On the Schedule page, click Always send notifications, and then click Next.
13. On the Addresses page, click Add to create a new subscriber address.
14. In the Subscriber Address Wizard, on the General page, in the Address name text box, type
Work E-mail, and then click Next.
15. On the Channel page, in the Channel Type box, click E-mail (SMTP).
16. In the Delivery address for the selected channel text box, type administrator@adatum.com, and
then click Next.
17. On the Schedule page, click Always send notifications. Click Finish twice, and then click Close.
18. In the Operations Manager console, in the Administration workspace, under Notifications, click
Subscriptions.
20. In the Notification Subscription Wizard, on the Description page, in the Subscription name text box,
type Windows Server 2012 R2 notifications, and then click Next.
21. On the Criteria page, in the Conditions area, select the raised by any instance in a specific group
check box.
22. In the Criteria description area, click specific.
23. In the Group Search window, in the Filter by text box, type 2012, and then click Search.
24. Click Windows Server 2012 Computer Group, click Add, and then click OK.
25. On the Criteria page, click Next.
26. On the Subscribers page, click Add.
27. In the Subscriber Search window, click Search, click Administrator, click Add, and then click OK.
28. On the Subscribers page, click Next.
29. On the Channels page, click Add.
30. In the Channel Search window, click Search, click SMTP Channel, click Add, and then click OK.
31. On the Channels page, click Delay sending notifications if conditions remain unchanged for
longer than (in minutes), type 10, and then click Next.
33. Click Close.
34. Close the Operations Manager console.
Results: After completing this exercise, you should have deployed and configured monitoring
components including management packs, notifications, and reports.
Exercise 3: Configuring Operations Manager Integration with System

Center 2012 R2 Virtual Machine Manager (VMM)
Task 1: Integrate Operations Manager and VMM
1.
On LON-VMM1, on the desktop, on the taskbar, click the File Explorer icon.
2.
In File Explorer, expand drive D, expand SCOM, and then double-click setup.exe.
3.
In the Operations Manager window, click Install.
L13-108 Protecting and Monitoring Virtualization Infrastructure
4.
On the Select features to install page, select the Operations console check box, and then click
Next.
5.
On the Select installation location page, click Next.
6.
On the Proceed with Setup page click Next.
7.
On the License terms page, review the license, click I have read, understood and agree with the
license terms, and then click Next.
8.
On the Help improve Operations Manager page, click No, I am not willing to participate for
both Customer Experience Improvement Program and Error Reporting, and then click Next.
9.
On the Microsoft Update page, click Off, and then click Next.
10. On the Installation Summary page, click Install.

11. Clear the Start the Operations Manager console when the wizard closes check box, and then click
Close.
12. Close all open windows.
13. On LON-VMM1, launch the VMM console.
14. In the Connect to Server dialog box, click Connect.
15. Click the Settings workspace, in the navigation pane, click System Center Settings, right-click
Operations Manager Server, and then click Properties.
16. In the Add Operations Manager Wizard, on the Introduction page, read the requirements for
integration, and then click Next.
17. On the Connection to Operations Manager page, in the Server name text box, type
lon-om1.adatum.com, review the options, leave the defaults, and then click Next.
18. On the Connection to VMM page, in the User name text box, type adatum\scservice, in the
Password text box, type Pa$$w0rd, and then click Next.
20. In the Jobs window, click New Operations Manager connection, and wait for the job to complete.
This takes approximately ten minutes.
21. When the job completes, close the Jobs window.
Task 2: Test Performance and Resource Optimization PRO) integration

1.
In the VMM console, click the Settings workspace, in the navigation pane, click System Center
Settings, right-click Operations Manager Server, and then click Properties.
2.
In the Add Operations Manager Wizard, on the Connection Details page, under the Diagnostics
section, click Test PRO.
3.
When the Test PRO Tips window displays, click OK to close the window, and then click OK again.
4.
In the PRO window, click the PRO Diagnostics alert, review the information, and then close the PRO
window.
5.
In the VMM console, click the JOBS workspace, click the PRO diagnostics job, and monitor the
progress of the job. The expected status is completed.
Task 3: Work with virtualization reports

1.
On LON-OM1, click the Operations Manager console on the taskbar. In the Operations Manager
console, click the Reporting workspace, and then in the Reporting navigation pane, click Microsoft
System Center Virtual Machine Manager 2012 R2 Reports.
2.
In the right pane, right-click Host Utilization, and then click Open.
3.
Expand the report window.
4.
Review the From and To criteria, which should be First day of this month Today and the current
time and time zone. On the right, click Add Group. In the Group Name drop-down list box, ensure
Contains is selected, in the Filter text box, type all hosts, and then click Search.
5.
Under the Available items section, click All Hosts, click Add, and then click OK.
6.
On the top left, click Run.
7.
When the report finishes loading, click and expand the Description, and then review the report.
8.
In the report, click File, review the export options, and then click Close.
Task 4: Perform advanced monitoring: Fabric dashboard and cloud health

1.
2.
In the Monitoring navigation pane, expand Microsoft System Center Virtual Machine Manager,
expand Cloud Health Dashboard, and then click Cloud Health.
3.
Review the state and details of the DevCloud, then in the navigation pane, click Fabric Health
Dashboard,
4.
Review the Fabric Health Dashboard.
5.
Close the dashboard, and then close the Operations console.
Results: After completing this exercise, you should have configured the integration of Operations
Manager with VMM. You should have installed the Operations Manager console, imported management
packs, and verified the effects of the integration.

20409B ENU TrainerHandbook

Transféré par

Informations du document

Titre original

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

20409B ENU TrainerHandbook

Transféré par

Droits d'auteur :

Formats disponibles

M I C R O S O F T

MCT USE ONLY. STUDENT USE PROHIBITED

Server Virtualization with Windows Server

Server Virtualization with Windows Server Hyper-V and System Center

MCT USE ONLY. STUDENT USE PROHIBITED

Product Number: 20409B

MCT USE ONLY. STUDENT USE PROHIBITED

MICROSOFT LICENSE TERMS

MCT USE ONLY. STUDENT USE PROHIBITED

a. If you are a Microsoft IT Academy Program Member:

MCT USE ONLY. STUDENT USE PROHIBITED

b. If you are a Microsoft Learning Competency Member:

MCT USE ONLY. STUDENT USE PROHIBITED

If you are a MPN Member:

d. If you are an End User:

MCT USE ONLY. STUDENT USE PROHIBITED

LICENSED CONTENT BASED ON PRE-RELEASE TECHNOLOGY. If the Licensed Contents subject

MCT USE ONLY. STUDENT USE PROHIBITED

modify or create a derivative work of any Licensed Content,

work around any technical limitations in the Licensed Content, or

MCT USE ONLY. STUDENT USE PROHIBITED

DISCLAIMER OF WARRANTY. THE LICENSED CONTENT IS LICENSED "AS-IS" AND "AS

This limitation applies to

LIMITATION DES DOMMAGES-INTRTS ET EXCLUSION DE RESPONSABILIT POUR LES

MCT USE ONLY. STUDENT USE PROHIBITED

MCT USE ONLY. STUDENT USE PROHIBITED

Server Virtualization with Windows Server Hyper-V and System Center

Server Virtualization with Windows Server Hyper-V and System Center

MCT USE ONLY. STUDENT USE PROHIBITED

Slavko Kukrika Content Developer

Dave Franklyn Content Developer

Orin Thomas Subject Matter Expert

Mitch Garvis Technical Reviewer

Lesson 2: Overview of System Center 2012 R2 Components

Lesson 3: Evaluating the Current Environment for Virtualization

Lesson 4: Extending Virtualization to the Cloud Environment

Lab: Evaluating the Environment for Virtualization

Module 2: Installing and Configuring the Hyper-V Role

Lesson 2: Managing Hyper-V

Lesson 3: Configuring Hyper-V Settings

Lesson 4: Hyper-V Host Storage and Networking

Lab: Installing and Configuring the Hyper-V Role

Module 3: Creating and Managing Virtual Hard Disks, Virtual Machines,

Lesson 2: Creating and Configuring Virtual Machines

Lesson 3: Installing and Importing Virtual Machines

Lesson 4: Managing Virtual Machine Checkpoints

Lesson 5: Monitoring Hyper-V

Lesson 6: Designing Virtual Machines for Server Roles and Services

Lab B: Creating and Managing Checkpoints and Monitoring Hyper-V

Module 4: Creating and Configuring Virtual Machine Networks

Lab A: Creating and Using Hyper-V Virtual Switches

Lesson 2: Advanced Hyper-V Networking Features

Lab B: Creating and Using Advanced Virtual Switch Features

Lesson 3: Configuring and Using Hyper-V Network Virtualization

Lab C: Configuring and Testing Hyper-V Network Virtualization

Module 5: Virtual Machine Movement and Hyper-V Replica

Lesson 2: Implementing Virtual Machine Movement

Lab A: Moving Virtual Machine and Configuring Constrained Delegation

Lesson 3: Implementing and Managing Hyper-V Replica

Lab B: Configuring and Using Hyper-V Replica

MCT USE ONLY. STUDENT USE PROHIBITED

Server Virtualization with Windows Server Hyper-V and System Center

Server Virtualization with Windows Server Hyper-V and System Center