WS-011 Windows Server 2019/2022 Administration
WS-011 Windows Server 2019/2022 Administration
WS-011 Windows Server 2019/2022 Administration
Server 2019/2022
Administration
Module 5: Hyper-V
virtualization and
containers in Windows
Server
Module overview
In this module, you learn the key features of the Hyper-V server role in Windows Server. You learn how
to configure Hyper-V networking, storage, and how to manage the state of a virtual machine. You also
learn how to secure the Hyper-V host and associated virtual machines using security features
within a guarded fabric provided by Windows Server.
The final lessons of this module introduce you to the concept of using and managing containers
Lessons:
o Lesson 1: Hyper-V in Windows Server
o Lesson 2: Configuring VMs
o Lesson 3: Securing virtualization in Windows Server
o Lesson 4: Containers in Windows Server
o Lesson 5: Overview of Kubernetes
Lesson 1: Hyper-V in
Windows Server
Lesson 1 overview
In this lesson, you learn how to use Hyper-V to implement virtualization. You also learn best practices for
configuring Windows server hosts, and considerations related to deployment scenarios such as
nested virtualization.
Finally, you will learn considerations, requirements, and processes for migrating on-premises
Hyper-V virtual machines to Microsoft Azure
Topics:
o Overview of Hyper-V
o Overview of Hyper-V Manager
o Best practices for configuring Hyper-V hosts
o Overview of nested virtualization
o Migration to Azure VMs
Overview of Hyper-V (1 of 2)
o Portability
o Disaster recovery and backup
o Security
o Optimization
Overview of Hyper-V (2 of 2)
o PowerShell Direct
o Windows Admin Center
Best practices for configuring Hyper-V hosts
Provides the ability to install the Hyper-V role within a guest virtual machine
Requirements:
o Both the Hyper-V host and the guest virtual machine must be Windows Server 2016 or later
o Sufficient amount of static RAM
o Virtual machines must have a configuration version of 8.0 or greater
o Physical host computer mush have an Intel processor with VT-x and Extended Page Tables (EPT)
technology
o MAC address spoofing enabled
Azure Migrate can be used to migrate on-premises workloads, apps, and virtual machines
Azure Migrate provides the following benefits:
o A single migration platform
o Assessment and migration tools
• Azure Migrate: Server Assessment
• Azure Migrate: Server Migration
o Ability to assess and migrate multiple object types:
• Servers
• Databases
• Web applications
• Virtual desktops
• Data
Lesson 2: Configuring VMs
Lesson 2 overview
In this lesson, you learn the concepts related to virtual machine configurations and generation versions. You
also learn VM settings, storage options, and virtual disk types. Finally, you learn about the types of virtual
networks and how to create and manage a virtual machine.
Topics:
o VM configuration and generation versions
o VM settings
o Storage options in Hyper-V
o Virtual hard disk formats and types
o Shared VHDX and VHD Set files
o Overview of Hyper-V networking
o Networking features for Hyper-V
o Manage VM states and checkpoints
o Import and export VMs
o Demonstration: Create and manage a VM
VM configuration and generation versions
Consider the following factors when planning storage for virtual hard disks:
o High-performance connection to storage
o Redundant storage
o High-performance storage
o Adequate growth space
Supported storage types include:
o Fibre channel connections
o Server Message Block (SMB) 3.0 file shares
Virtual hard disk formats and types (1 of 2)
Dynamic The disk only uses the amount of space that needs to be allocated, and
it grows as necessary
NIC
VMQ teaming
Port mirroring
IPsec task
offloading
Hyper-V
Router
networking
guard
SR-IOV
DHCP guard
Network
virtualization Bandwidth
management
Networking features for Hyper-V (2 of 2)
Hyper-V
networking
Manage VM states and checkpoints
Hyper-V supports the concept of a guarded fabric to provide a more secure environment for virtual
machines
In this lesson, you are introduced to the concept of implementing a guarded fabric, including the Host
Guardian Service, guarded host servers, and shielded virtual machines
Topics:
o Guarded fabric
o Attestation modes for guarded fabric
o Host Guardian Service
o Types of protected VMs in a guarded fabric
o General process for creating shielded VMs
o Process for powering-on shielded VMs
Guarded fabric (1 of 2)
Guarded fabric attestation is the process of evaluating and validating the Hyper-V host
By using container technology, you can package, provision, and run applications across diverse
environments located on-premises or in the cloud
In this lesson, you are introduced to the concept of preparing and using Windows containers
Topics:
o What are containers?
o Containers vs. virtual machines
o Overview of container isolation modes
o Manage containers using Docker
o Download container base images
o Run a Windows container
o Manage containers using Windows Admin Center
o Demonstration: Deploy containers by using Docker
What are containers?
Process Isolation:
o “Traditional” isolation mode
o Containers share the same kernel with each other and the host
o Each container has its own user mode
o Does not provide security-enhanced isolation
o Uses the following switch when starting a container using Docker:
–isolation=process
Hyper-V Isolation:
o Each container runs inside of a highly optimized virtual machine
o Each container gains its own kernel and an enhanced level of stability and security
o Also provides hardware-level isolation between each container and the host
o Uses the following switch when starting a container using Docker:
–isolation=hyperv
Manage containers using Docker (1 of 2)
Docker container:
o Application wrapped in a complete file system including:
• Code
• Runtime
• System tools
• Supporting files for the app
o Based upon open standards to run on all major operating systems
o Supports any runtime environment or infrastructure; on-premises or in the cloud
Docker core platform includes:
o Docker Engine
• Runs on Linux, MacOS, or Windows-based operating systems
o Docker Client
• Command line interface to integrate with the engine
• Runs command to build and manage Docker containers
Manage containers using Docker (2 of 2)
Kubernetes is open-source orchestration software used to efficiently deploy, manage, and scale containers
in a hosted environment
In this lesson, you are introduced to the concept of Kubernetes and its benefits for managing container
technology
Topics:
o What is Windows container orchestration?
o Overview of Kubernetes on Windows
o Deploy Kubernetes resources
What is Windows container orchestration?
o Networking
o Service discovery
o Coordinated application upgrades
Overview of Kubernetes on Windows (1 of 2)
Based upon cluster technology where a centralized Master/Control plane is responsible for scheduling
and managing components located on multiple nodes within the cluster
Overview of Kubernetes on Windows (2 of 2)
Kubernetes Pods:
o A workload consisting of one or more
containers disbursed throughout multiple
worker nodes within the cluster
Includes information about the shared storage,
network configuration, and specification on how to
run its packaged containers
Defined as Pod Templates
Deploy Kubernetes resources
Cloud services such Azure Kubernetes Service (AKS) reduce many of the challenges of manually
configuring Kubernetes clusters by providing a hosted Kubernetes environment
Instructor-led labs:
Implementing and
configuring
virtualization in
Windows Server
Creating and configuring VMs
Installing and configuring containers
Lab scenario
A global engineering and manufacturing company with its head office in Seattle, USA. An IT office and data
center are in Seattle to support the Seattle location and other locations.
Contoso recently deployed a Windows Server 2019 server and client infrastructure.
Due to many physical servers being currently underutilized, the company plans to expand virtualization to
optimize the environment. Because of this, you decide to perform a proof of concept to validate how Hyper-
V can be used to manage a virtual machine environment.
Also, the Contoso DevOps team wants to explore container technology to determine whether they can help
reduce deployment times for new applications and to simplify moving applications to the cloud. You plan to
work with the team to evaluate Windows Server containers and to consider providing Internet Information
Services (Web services) in a container.
Lab-review answers
1. In Exercise 1, you created a Hyper-V virtual switch as a Private Network. Describe the impact to your
virtual network by using this type of virtual switch.
The Private Network only allows communication between virtual machines running on the host
machine.
2. In Exercise 2, which command did you use to browse the docker base images from the online
repository?
Docker search Microsoft
Thank you.
Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.
Alternative Proxies: