Windows Server 2016 Preview Download
In a tumultuous week marked by millions of spouses sweating the Ashley Madison leak, and God reaching down to tickle Google with no less than four lightning bolts, Microsoft quietly released Technical Preview 3 (TP3) of both Windows Server 2016 (WS2016) and System Center Configuration Manager (ConfigMan), along with a few other sundries, like an update to the Microsoft Deployment Toolkit (MDT) 2013—which should finally fully support Windows 10.
I'm still digesting the specs on ConfigMan and MDT, but I waded through two 4-hour, in-depth webinars on Windows Server 2016 presented earlier this week by Matt McSpirit, Senior Technical Product Marketing Manager at Microsoft, and Corey Hynes, Microsoft MVP and CEO at Learn on Demand Systems. The webinars on WS2016, even though it's already TP3, were my first real exposure to the new OS (Hey, I've got a life!).
First things first: These sessions were long but extremely valuable, covering all of the Windows Server landmark newness, but with useful depth. Microsoft recorded both sessions and they'll soon be freely available on the Microsoft Virtual Academy website along with the session decks, demos, and resource links. So, if WS2016 is on your radar at all, I highly recommend watching them.
Windows Server 2016 will be generally available by mid-October. Microsoft's Azure Stack hybrid system is hitting Technical Preview today. Sep 26 2016 by Mary Joe Foley at All About Microsoft; It's simple to get that ISO download going, just fill out that basic TechNet form found at this site: Download Windows Server 2016 Evaluation 2016. Windows Server 2019 is built on the strong foundation of Windows Server 2016 – which continues to see great momentum in customer adoption. This will reduce download time of the image by 72%, further optimizing the development time and performance. Kubernetes managing a container host running Windows Server 2019 Preview.
Windows Server Containers
On to the important features: Without doubt, the big news for TP3 is Microsoft's inclusion of Docker-compatible container technology, at both the OS and Hyper-V layers. As the Redmondites pointed out, containers are old news to developers and maybe DevOps ninjas, but they probably haven't been part of most IT admins' thinking. After all, we have virtualization so who needs containers? Well, maybe you.
The best way I can think of to conceptualize containers is as a snapshot of a specific state of the underlying OS that you can fork off and run on its own. So, for example, you could spin up a container based on a basic WS2016 instance, add a container-ready app, tweak with certain settings or permissions, then save the whole shebang to be recalled whenever that OS state is needed in the future.
It's not a virtual machine (VM), just a collection of settings and app pointers that think they're an independent OS and will behave that way when activated—as long as the underlying OS they're running on has all of the features the container needs. This doesn't give you all of the isolation or portability of a full-on VM, but it does scale much more rapidly (think seconds) and can provide much greater density per host. They're not useful for many (maybe even most) of the services expected of an IT department, but they can have great value in dynamic app serving as well as in high-scale dev/test environments.
Where it gets tricky for WS2016 containers is at the Hyper-V layer. Yes, Microsoft is introducing 'Windows Server containers' as well as 'Hyper-V containers' and, no, they're not the same thing. Microsoft fully implemented containers at the OS layer, meaning you can install a physical host OS and build containers from that (Windows Server containers), but it also implemented containers at the Hyper-V hypervisor layer. So now you can have a machine-level OS running Hyper-V and then build containers in a VM being hosted on that box—or two or more.
In fact, you could do that twice, in effect, nesting hypervisors: Server A running Hyper-V hosting a VM that hosts a bunch of containers along with another VM also running Hyper-V that hosts another bunch of containers. Why? The Microsoftees weren't super clear on that, except to say that a Hyper-V container will lose a little in the resource consolidation department while gaining in isolation capabilities, so think specialized hosting and multi-tenant scenarios.
Aside from containers, which were the big news, McSpirit and Hynes showed several other features, most of which had been mentioned in previous TP documentation:
Nano Servers: Yet more mini-me virtualization. Think about a Windows Core-style VM that contains only the bits necessary to perform its specific function. They're quick to build and, because they only carry with them the code they'll need, they can run in less than 200MB rather than in the 3 to 4GB+ space of a typical VM. Additionally, they don't need nearly the reboot cadence of a standard VM because only a small percentage of the code needs to be patched. Microsoft is pitching Nano Servers as the preferred server for foundation fabric services (see below). The downside is, they can't be upgraded or altered once configured and neither Microsoftee knew what the licensing plan for these instances would be—though both suspected there wouldn't be any new mini-me license, just a standard server price tag. Just another push to get you to spring for the Datacenter edition.
Encrypted Virtual Machines: Finally, some more security around your VMs. In this scheme, Microsoft protects Hyper-V VMs using BitLocker, stores the keys in a trusted AD forest, and builds a trust relationship between the VM forest and the key forest (and I do mean forest, not domain). This protects shielded VMs against theft, inspection, or any kind of tampering, though apparently it'll require logo-verified hardware on the server side that needs to have Trusted Platform Module (TPM) silicon and use Unified Extensible Firmware Interface (UEFI).
No-Downtime Updates: Good for those offering mission-critical services or laboring under service-level agreement (SLA) constraints. This amounts to a scheme whereby the host machines and the VMs in a cluster can all be updated to WS2016 without needing to bring down a service. The demo was done manually and largely at the command line via PowerShell, but Microsoft promises more automation by final release.
Software-Defined Storage: The newness here is focused primarily on Storage Spaces Direct, which allows admins to converge separate Just a Bunch of Disks (JBODs) as well as scale-out file servers into a single pool rather than multiple tiers. In Hynes' words, 'Think of it as RAID at the server level or call it shared-nothing clustering.'
Resilient File System (ReFS): It's not new but it's definitely matured in WS2016, with significant performance increases available for management operations such as merges.
Storage Replica: New for WS2016, this technology allows for storage-level synchronous replication across data clusters, including metro-distances, and brings with it immediate node failover with no service disruption.
Unavoidable PowerShell
All of these features sound great, but I was struck by one feature theme that crossed all of them: PowerShell. Hynes had another telling quote, though I'm paraphrasing a bit: 'If you want to be a [Windows] server admin, learning PowerShell is unavoidable so learn to love it.' That's not entirely new messaging from Microsoft but the bluntness is fresh. Bottom line is, Microsoft has put you on notice: PowerShell is no longer just an option.
And, based on the nature of almost every single demo shown during those eight session hours, he's not kidding. True, we're at TP3 so there'll be a lot more graphical user interface (GUI) support by general availability (GA), but try some of these features yourself and you'll see that, even if they get a GUI overlay in the future, they were largely designed with PowerShell in mind. Microsoft is going all-in with the concepts of DevOps and software-defined everything, and PowerShell is the lynchpin of that strategy. If your job description involves managing any significant number of Windows platform machines—servers or client devices—and you actually want to keep that job, well, take a cue from Hynes: Buckle down and learn PowerShell, now.
Fortunately, it really is a powerful technology. Using PowerShell, McSpirit and Hynes managed on-the-fly automation, configured and spun up Nano Servers with one (long) line of code, increased and decreased a running VM's memory, and also connected to VMs suffering from network disruption by logging on and executing PowerShell commands via the VM bus. Which brings me to the next game-changer for me from my eight hours of Windows watching: Software-Defined Networking (SDN).
SDN in Windows Server 2012 R2 was already a fairly complex picture, centering on the Hyper-V Extensible Switch and the Virtual Network Gateway server role. In WS2016, this all gets enhanced, but much of that enhancement comes from what amounts to Windows Server initiating a second network—the Hyper-V network—one level below your current net. Another common phrase used by McSpirit and Hynes was, 'Let the software worry about it.' The software they're talking about is this layer of manageable virtualization logic that sits beneath your IP networks, connects them, and manages traffic and policies between them.
IP Address Management (IPAM), for example, will be able to show a one-console view of all your IP networks, Active Directory (AD) domains, and physical or virtual networks (including Azure-based networks)—even if they have redundant addressing schemes, and manage traffic and resource allocation between them.
Another key enhancement is the introduction of virtualized network functions. You can think of these as appliances (and you can bet you'll be pushed to use Nano Server to deploy them) that perform the functionality of all those boxes you've got wired up in your switch racks today: firewalls, routers, smart switches, and load balancers, to name a few. McSpirit pointed out that most of these 'appliance-ized' capabilities are battle-tested technologies being brought down to Windows Server from Azure (where they've been running for some time), so you don't have to worry as much about converting your infrastructure to newfangled software. I'm going to wait and see on that one, but what is new is how they'll be configured and managed. That will happen via the new WS2016 Network Controller, which sounds like a honking console, a new server role, or probably both.
Using the Network Controller, you'll have full control over your SDN deployment, with the ability to control not only your IP network characteristics (including firewalls, load balancers, and your Windows Server Gateway) but also your Hyper-V fabric layers—and even service performance via smart traffic redirection.
Overall, if you're an enterprise IT admin, this stuff sounds exciting. But the cynic in me gets worried anytime anyone says to me, 'Don't worry your pretty head, let me take care of that for you.' There's a lot of complexity that's being masked by a blanket of virtualized, command-line, code-heavy logic. McSpirit and Hynes painted it as a new trend that will reduce the need for troubleshooting. I'm not so sure. Based on my experience, it sounds like it'll simply shift troubleshooting from wires and blinking lights to a command line—and the aforementioned and ever more unavoidable PowerShell.
Windows Server 2016 Insider Preview Download
Additionally, while shielding VMs with BitLocker is a great step, I would want to hear a lot—a lot!—more about security best practices when it comes to protecting the Network Controller. Right now, someone might compromise my network and grab parts of it—even big parts. But with this Network Controller scheme, it sounds like they could grab all of it, even multiple networks if I'm using the Network Controller to control more than one fabric. That's a lot of eggs for one Microsoft basket. Color me impressed by the vision but as yet unconvinced by the reality.
Obviously, there's a lot more to WS2016 that I've had to gloss over such as virtual support for remote direct memory access (RDMA), enhanced automation, additional sweetness for Linux, PowerShell Web access, and more. Fortunately, McSpirit and Hynes posted a bunch of helpful links (see below), including the TP3 download that will let you explore WS2016 more thoroughly. I'm going to go download some PowerShell tutorials now.
Windows Server 2016 Download Iso 64 Bit Full Version
For more on WS2016 TP3, check out the following resource links: Windows Server 2016 TP3 Evaluation Download, Customer Experience Guides for TP3, MSDN Tutorial on Windows Containers, TechNet TP3 Summary, Introduction to PowerShell Direct, and Channel 9 Storage Spaces Direct videos.