Back in 2011 at the Build Conference in Anaheim, California, Microsoft promised a plethora of new features for the new version of Windows Server 2012 Hyper-V. I was very skeptical and doubted that the final release would have all the promised goodies, but I’ve been proven wrong before. When Windows Server 2008 Hyper-V came out, I thought Microsoft would never be a serious competitor in this market. The product was so crude that we avoided presenting it as an alternative to VMware to any of our customers. Period. Later, Windows Server 2008 R2 Hyper-V introduced substantial improvements that made it more competitive but it still trailed VMware.

Windows Server 2012 Hyper-V represents a significant leap forward. All the new features and functionalities that Microsoft promised in Anaheim came true.

This is the first of a series of articles on Windows Server 2012 Hyper-V. We will review Windows Server 2012 Hyper-V technical requirements, different installation options and initial virtual network configuration using the Microsoft Management Console (MMC) for Hyper-V. Other management tools available for working with Hyper-V include the System Center Virtual Machine Manager (SCVMM), the Failover Cluster Manager and Windows PowerShell. We will have a separate article on managing a group of Hyper-V servers using SCVMM, Failover Cluster Manager, and Windows PowerShell.

Windows Server 2012 Hyper-V Technical Requirements

  • * 64-Bit Processor – Hyper-V requires an x64 processor; Windows Server 2012 is only available on 64-bit processors. Once Hyper-V is up and running, it is possible to run virtual machines with either 32-bit or 64-bit operating systems installed.
  • * CPUAssisted Virtualization – The host computer must have a processor that supports assisted virtualization. In some cases it may be necessary to turn on this feature in the server BIOS settings. On Intel CPUs this is called VT-x. For AMD the name is AMD-V.
  • * Data Execution Prevention (DEP) – This is another BIOS configuration setting that must be enabled for Hyper-V to operate successfully. DEP is known as XD bit (Execute Disable bit) on Intel processors. On AMD processors it is referred to as the NX bit (No execute bit). This is really a security feature designed to protect against possible buffer overrun attacks. Memory with data is tagged to prevent the processor from running malicious code that a hacker may write as instruction into data memory.
  • * Second Level Address Translation (Optional) – This feature is NOT required to implement Windows Server 2012 Hyper-V. However processors with SLAT support boost the execution of memory intensive applications such as Microsoft Exchange, SQL, and Remote Desktop Services. Second Level Address Translation allows Hyper-V to offload the mapping of virtual machine memory to the server’s physical memory; this process lessens the burden on the host’s CPU and increases virtual machine memory performance. SLAT is a requirement to run Client Hyper-V on Windows 8 computers. Client Hyper-V is a desktop application with the look and feel of the Hyper-V server management console but without server functionality like Hyper-V replica, storage migration, live migration, clustering, etc.

Installing the Windows Server 2012 Hyper-V Role using DISM and Windows PowerShell

It’s possible to install the Hyper-V role using the Deployment Image Servicing and Management (DISM) tool, Windows PowerShell or Server manager. On a server core installation you will need to use DISM or Windows PowerShell; you can also add the Hyper-V role remotely from another Windows Server 2012 computer or from a Windows 8 client using the Remote Server Administration tools (RSAT).

Using the Deployment Image Servicing and Management (DISM tool), we can verify that the Hyper-V role is not installed yet by typing the following line from the command prompt:

C:>dism /online /get-features /format:table | find /I “Hyper”

Microsoft-Hyper-V – This is the actual role that provides the services necessary to create and manage virtual machines and their resources. This allows you to run multiple virtual machines and their operating systems simultaneously.

RSAT-Hyper-V-Tools-Feature – This Management package includes GUI and command-line tools for managing Hyper-V.

Microsoft-Hyper-V-Management-Clients – Hyper-V GUI Management Tools will allow you to access the Hyper-V Manager snap-in and the Virtual Machine Connection tool.

Microsoft-Hyper-V-Management-PowerShell – It is possible to manage and automate many Hyper-V tasks by using this module. Many new cmdlets have been added to allow administrators to manage Hyper-V using PowerShell scripts.

On a server core installation of Windows Server 2012, the Hyper-V Management Tools and Snap-ins cannot be run, unless you change to the minimal-shell option.

To install just the Hyper-V role, you would type the following line from the command prompt:

C:>dism /online /enable-feature /Featurename:Microsoft-Hyper-V

After rebooting, you should be able to verify that the Hyper-V role has been installed by typing:

C:>dism /online /get-features /format:table | find /I “Hyper”

.

Using Windows PowerShell is another option to install the Hyper-V role.

First, let’s verify that the Hyper-V role and features have not been added to this server by typing the following command from the shell:

PS C:>Get-WindowsFeature *hyper* | ft –AutoSize (Note: the “ft –AutoSize” is to better format the command output, but it is not necessary to get the results.)

To install the role or any of the Hyper-V related features, you can use the PowerShell Install-Windows Feature cmdlet. Here is an example of installing the Hyper-V role and the management tools

PS C:>Install-WindowsFeature Hyper-V –IncludeManagementTools -restart

After rebooting, you can verify that the Hyper-V role and features have been installed.

Installing Windows the Server 2012 Hyper-V Role using Server Manager

Using Server Manager is our third option to add the Hyper-V role to a Windows Server 2012. The Server Manager console opens by default when logging on to a newly installed Windows server 2012. Let’s follow the process step by step:

  1. In the Server Manager console, on the Manage menu, click Add Roles and Features.
  2. In the Add Roles and Features Wizard, on the Before you begin page, click Next.
  3. On the Select installation type page, click Role-based or feature-based installation, and then click Next.
  4. On the Select destination server page, ensure that the server name where you want to install the role is selected (in our case that is InfoSec-Win12), and then click Next.
  5. On the Select Server Roles page, select Hyper-V.
  6. In the Add Roles and Features Wizard dialog box, click Add Features.
  7. On the Select Server Roles page of the Add Roles and Features Wizard, click Next.
  8. On the Select features page, click Next.
  9. On the Hyper-V page, click Next.
  10. On the Create Virtual Switches page, select one or more network adapters that you want to make available for your virtual machines connections. If you do not select a network adapter here, you can always configure them later once the Hyper-V installation is complete. Click Next.
  11. On the Virtual Machine Migration page, click Next. (This is a brand new feature on Hyper-V that we will cover in a future article.)
  12. On the Default Stores page, review the location of Default Stores, and then click Next. (In previous versions of Hyper-V, by default virtual machines were created on the system drive. Having the option to change the default stores for the virtual machines and the virtual hard disks during the installation process is a welcome addition to the process. As in previous versions, these settings can also be changed after the installation is complete by using the Hyper-V Manager console.)
  13. On the Confirm Installation Selections page, select Restart the destination server automatically if required.
  14. In the Add Roles and Features Wizard dialog box, review the message about automatic restarts, and then click Yes.
  15. On the Confirm Installation Selections page, click Install.

Once the installation completes, the server reboots and all the Hyper-V management tools are available to access and configure the server. Now that we have a Hyper-V host up and running, let’s start with the initial virtual networking infrastructure

There are numerous new networking features in Windows Server 2012 Hyper-V specially designed to improve the network performance and functionality of virtual machines. These new features include network virtualization, bandwidth management, Dynamic Host Configuration Protocol (DHCP) guard, router guard, virtual machine queue, IP Security (IPSec) offloading and single-root I/O virtualization (SR-IOV). We will dedicate one of our articles in this Hyper-V series to these new features.

Virtual Switches

You use the Virtual Switch Manager to create and manage virtual switches.

Virtual switches are used to control how network traffic flows between virtual machines running on the Hyper-V host and between virtual machines and the outside networks. Windows Server 2012 Hyper-V supports three types of virtual switches:

External

An external virtual switch maps to a physical network adapter on the Hyper-V server to allow the virtual machines to have access to a physical network. If you have installed the Wireless LAN service on the Hyper-V host, it is possible to map an external virtual switch to a wireless adapter.

Internal

An internal switch allows the virtual machines to communicate with each other and with the Hyper-V server but they cannot communicate with the physical network.

Private

This type of virtual switch enables the virtual machines to communicate with each other, but there is no mapping to any physical network adapter in the parent partition. With these switches the virtual machines can communicate with each other but not with the host computer or with other computers on external networks.

Let’s proceed with the virtual networks configuration by creating these three different types of switches.

Configure an External Switch

  1. In Hyper-V Manager, on the Actions pane, click Virtual Switch Manager.
  2. In the Virtual Switch Manager dialog box, click New virtual network switch. Ensure that External is selected, and then click Create Virtual Switch.
  3. In the Virtual Switch Properties area of the Virtual Switch Manager dialog box, specify the following information, and then click OK:
  • Name: InfoSec Network
  • External Network: Mapped to the host computer’s physical network adapter.

If you clear the option to Allow management operating system to share this network adapter, the physical network adapter will be available only for virtual machines and will not be accessible by the Hyper-V server. This configuration would isolate virtual machine network traffic from the host network traffic.

  • In the Apply Networking Changes dialog box, review the warning, and then click Yes.
  • Configure a Private Switch

    1. In Hyper-V Manager, on the Actions pane, click Virtual Switch Manager.
    2. Under Virtual Switches, select New virtual network switch. Then, under Create virtual switch, select Private, and then click Create Virtual Switch.
    3. In the Virtual Switch Properties section, configure the following settings, and then click OK:
    • Name: Private Network
    • Connection type: Private network

    Configure an Internal Switch

    1. In Hyper-V Manager, on the Actions pane, click Virtual Switch Manager.
    2. Under Virtual Switches, select New virtual network switch. Then, under Create virtual switch, select Internal, and then click Create Virtual Switch.
    3. In the Virtual Switch Properties section, configure the following settings, and then click OK:
    • Name: Internal Network
    • Connection type: Internal network

    Windows Server 2012 Hyper-V Virtual Local Area network (VLAN) Integration

    You can configure VLAN identifiers for the virtual network adapters attached to a virtual machine. When you configure this setting, the virtual machine will only be able to communicate on the designated VLAN. Virtual machines with the same VLAN identifier can communicate with each other, but cannot communicate with any other virtual machine or physical computer that belongs to a different VLAN, unless a layer 3 device is configured to allow inter-VLAN routing traffic. Configuration of VLAN identifiers for the virtual machine network adapter is possible regardless of whether the network adapter is connected to a private, internal or external virtual switch.

    Besides the virtual network adapter configuration, you can also configure a VLAN identifier for internal or external virtual switches. Virtual LAN identifiers are not supported for private virtual switches. When you configure a VLAN identifier for the virtual network, all communications sent on the network adapter will be available on the designated VLAN only. With this setting you isolate the network traffic that is sent to and from that virtual switch on the Hyper-V server to a restricted VLAN.

    This article evaluated the main technical requirement to install and run Windows Server 2012 Hyper-V with different installation options including DISM, PowerShell and the Server Manager. After the Hyper-V installation we configured the initial network environment by adding external, private and internal virtual switches. Managing Windows server 2012 Hyper-V virtual machines, storage options, advanced networking, clustering, and migrations are other important topics that will be covered in future articles. Stay tuned.