Virtual Architect

Preparing Host Servers for Hyper-V

Microsoft's hypervisor is stable and solid, but the vulnerability of the underlying operating system requires vigilant updating.

Organizations running server virtualization infrastructures often have to choose which hypervisor to implement. With the release of Windows Server 2008 and Hyper-V, Microsoft has added another hypervisor to a field rife with competitive products. After working extensively with this hypervisor, we've found it a stable and solid implementation for a first release. We've also discovered that, in order to build host server configurations, you must follow some specific caveats or Hyper-V's value to your organization will be diluted.

As most people know, Hyper-V is built on top of Windows Server 2008. For many this is a boon, as they're already familiar with Windows. However, all organizations that plan to deploy Hyper-V in production environments should deploy Hyper-V on Server Core, not full installations. And because Server Core uses command line only, Windows familiarity won't be of much help unless you're familiar with it. Of course, you can always use a full installation of Windows 2008 to manage Server Core hosts remotely, benefiting from the Windows GUI.

Potential Risks
Another factor to consider in Hyper-V deployments is the very nature of Windows itself. Because Windows is the most popular OS in the world, it's constantly under attack. Therefore each deployed server requires constant updating in order to be fully protected from harm.

One advantage of Server Core is it doesn't include Internet Explorer, which deletes a major attack vector. This should considerably limit the potential for malicious code on the server, but won't eliminate it. That means each host server should be updated on a regular basis-fortunately Server Core includes a special update script from the command line. When you update a new Server Core installation, you'll quickly discover that even though Server Core doesn't include IE, it still contains some IE code; note that the first security update applied to a fresh installation is for IE.

Update Requirements
In addition, there are several other updates that must be applied to host systems before you can begin to work with them in a production environment. (A table is included in the online version of this article that specifies the updates.) Download and install each of these updates before you put the server into production, or you'll end up constantly having to reboot the host each time you need another update, which will negatively impact your virtual machines (VMs). Of course, if you're running host servers in a failover cluster-as you should-you can always use Quick Migration to move the VMs to another host, but until you get Windows 2008 R2 doing so will always cause an interruption in service for the VMs (the R2 releases add Live Migration).

Remember you must do two things on your host server configurations:

  • Now that it's available, apply Service Pack 2 (SP2) to make sure the host server parent partition is as up-to-date as possible.
  • Once SP2 is applied, run Windows Update on the server. This will ensure your host servers are completely up-to-date before they're moved into production.

Performing these steps will prepare your servers to work with any of the components Microsoft offers for virtualization management. They include System Center Virtual Machine Manager and System Center Data Protection Manager, both of which require host server updates to be able to work with Hyper-V.

Hyper-V is a good virtualization platform, but because its parent partition runs Windows, it's plagued with required updates. If you choose Hyper-V as your virtualization platform, aim to have your host servers ready and updated well before you load production VMs onto them.

A final note: Because Microsoft regularly releases updates for Hyper-V, the online list is not exhaustive. Click here to check for the latest updates for Hyper-V, even post-SP2.

About the Author

Danielle Ruest and Nelson Ruest, both Microsoft MVPs, are IT professionals focused on technologies futures. They are authors of multiple books, including "Microsoft Windows Server 2008: The Complete Reference" (McGraw-Hill Osborne Media, 2008), which focuses on building virtual workloads with Microsoft's new OS.


comments powered by Disqus

Subscribe on YouTube