Supporting Windows 7 and WIndows Server 2008 R2
Download
Report
Transcript Supporting Windows 7 and WIndows Server 2008 R2
Supporting Windows 7 and
Windows Server 2008 R2 - Core
Base Operating System Enhancements
0
Microsoft Confidential - For Internal and Partner Use Only
Base Operating System Enhancements
Installing Windows 7 and Windows Server 2008 R2
Native Support for Virtual Hard Disks
Windows Kernel changes
File System Changes
Boot Performance
Power Management
Device Management
Service, Task, and Process Management
Console Application Hardening
Windows System Resource Manager (WSRM)
Server Core
Hyper-V Enhancements
1
Microsoft Confidential - For Internal and Partner Use Only
Pg. 1
Core philosophy changes (ThinWin and MinWin)
ThinWin
Terminology used to describe the design philosophy of Windows 7
Reducing the size of the Windows installation footprint
Some binaries have been compressed
Many printer drivers have been removed
Help videos are now online
MinWin
Re-working of the Windows codebase from the ground up
Minimal set of Windows binaries
“Cutlers kernel”
Kernel
Memory manager
Networking
Core APIs
This is intended to be a starting point for re-working the Windows
codebase for efficiency
2
Microsoft Confidential - For Internal and Partner Use Only
Pg. 3
Windows 7 Client Installation
Review of the Windows Vista and Server 2008 installation
process
Windows 7 client installation walkthrough
Setting up a Windows PE Build Environment
Highlighting core differences
Windows 7 client upgrade installations
3
Microsoft Confidential - For Internal and Partner Use Only
Pg. 5
Installation process in Vista and Server 2008
Windows Image format (WIM) was introduced
Allows the instancing of installation files for multiple editions
Installation was product key-driven
Overall process in Windows Vista and Server 2008
Boot from media, or start installation from within media
Accept EULA
Choose installation volume
100MB BDE partition is automatically created (NEW)
Install.wim is exploded to the drive, several reboots occur
Out of Box Experience OOBE process starts and user enters
product key, user name, password, time zone, etc .
This is the only phase that differs from Vista/2008
MUI onscreen keyboard was moved to here
Product key is now entered at the end of setup rather than at the
beginning. EI.CFG will allow for a keyless installation without user
intervention.
4
Microsoft Confidential - For Internal and Partner Use Only
Pg. 5
Windows 7 client installation walkthrough
Phase 1: Downlevel
Used when install is started from within existing installation
Phase 2: WinPE
First phase on clean installations
Install.win is exploded into temp dirs and file copies occur
Phase 3: Specialize
Used for specialize operations during unattended installations
Phase 4: First Boot
OOBE phase
User-specific options are entered
WINSAT phase
5
Microsoft Confidential - For Internal and Partner Use Only
Pg. 6
Windows 7 client installation walkthrough
Clean installation to Netbooks may have special
considerations
No CD or DVD drive
Requires bootable USB thumbdrive (details in the WAIK and on
Page 10 in the training doc)
Install can be done via IMAGEX and an image or running setup
from flat of the installation media
6
Microsoft Confidential - For Internal and Partner Use Only
Pg. 9
Highlighting core differences
Auto creation of 100MB BDE partition
Will not be created if disk has previous volumes
Controlled via unattend.xml if users wish to remove it
Product key prompt is presented at end of OOBE phase
Multi-language changes during installation
Built for APAC markets need for on-screen keyboard but had issues
in Vista. Moved to the end of setup now to alleviate the issue.
Edition-specific media
Controlled with EI.CFG on media, file can be modified or deleted
Setup behavior no longer requires user to choose the edition
Notable servicing changes with Windows 7
WAU upgrades are markedly different, much faster
No user data is migrated, only Windows binaries are changed
7
Microsoft Confidential - For Internal and Partner Use Only
Pg. 13
Windows 7 client upgrade installations
Upgrade considerations
No upgrade path from Beta to RC or RC to RTM
The one exception is that RC to RTM for TAP customers is supported
Windows XP to Windows 7 upgrade considerations
Straight upgrade is not supported
Users must use the Easy Transfer Wizard to create a data store
Transmogrification
Process by which Windows Anytime Upgrades are done
Migration of user data to blackboard is not performed
Windows binaries are the only changes made to the system
Features are turned “off” for old edition and “on” for the new
edition
8
Microsoft Confidential - For Internal and Partner Use Only
Pg. 18
Watch This Video
USMT migration for Windows XP installations
C:\Labfiles\Videos\USMTforXPupgrade.wmv
9
Microsoft Confidential - For Internal and Partner Use Only
Windows 2008 R2 Server Installation
Windows 2008 R2 Server upgrade installations
Windows Server 2008 R2 upgrade walkthrough
Windows 2008 R2 Core installations
Windows installation troubleshooting
Core philosophy changes (ThinWin and MinWin)
10
Microsoft Confidential - For Internal and Partner Use Only
Pg. 24
Windows 2008 R2 Server upgrade installations
Windows Server 2008 R2 upgrade matrix
http://technet.microsoft.com/en-us/library/dd979563(WS.10).aspx
Windows Server 2008 R2 Upgrade Walkthrough
See the training manual for steps
11
Microsoft Confidential - For Internal and Partner Use Only
Pg. 27
Windows installation troubleshooting
Troubleshooting Basics
Note the make and model of the system
Ensure the system meets minimum requirements
Note the edition of the OS being installed and confirm support for
the installation
Ensure that upgrade failures are supported upgrades and not
trying to bypass the upgrade block
Note errors on-screen and in the logs
Capture setupact.log and setuperr.logs at minimum
Make sure to capture the proper logs based on installation phase
Did an installation on the system ever work properly? What
changed since the last successful installation?
12
Microsoft Confidential - For Internal and Partner Use Only
Pg. 29
Native Support for Virtual Hard Disks
Benefits
Mobility
Management
Centralized deployment
Offline servicing
Terminology
Host File System
Guest File System
VHD Shim Driver
13
Microsoft Confidential - For Internal and Partner Use Only
Pg. 35
Native Support for Virtual Hard Disks
Architecture
Component
Description
Virtual Disk
Service (VHD
APIs)
Virtual Disk Service (VDS) Object Model wrappers
for the VHD Win32 APIs
VirtDisk.dll
Common library for VHD management APIs
14
Component
Description
Vdrvroot.sys
Root virtual drive enumerator
FsDepends.sys
Nested volume dependency management
Vhdmp.sys
VHD parser and dependency property provider
Microsoft Confidential - For Internal and Partner Use Only
Pg. 36
Native Support for Virtual Hard Disks
Managing VHDs with Disk Management
Managing VHDs with DiskPart
CREATE VDISK FILE="c:\test\test.vhd" MAXIMUM=1000
DiskPart Provides additional capabilities
Select, Attach, Detach
List, Detail; Expand, Compact, Merge
15
Microsoft Confidential - For Internal and Partner Use Only
Pg. 41
Native Support for Virtual Hard Disks
Additional Considerations
Fixed, Dynamically expanding and Differencing disks supported
Requires NTFS on host volume
Network share supported
Cannot mount compressed or encrypted VHD files
Guest volume can be compressed or encrypted
No Paging or Hibernation or crash dump files
Dynamic Disks not supported (host or guest)
Host volume BitLocker supported
Guest volume NOT supported
VSS Support
Supported
Details in Recovery Module
16
Microsoft Confidential - For Internal and Partner Use Only
Pg. 43
Native Support for Virtual Hard Disks
Demo
Create a VHD
17
Microsoft Confidential - For Internal and Partner Use Only
Pg. 293
Lab Exercises
Exercise 1: Create and Extend a Native VHD
18
Microsoft Confidential - For Internal and Partner Use Only
Native Boot Support for Virtual Hard Disks
Benefits
Image Management parity between Virtual and Physical
Deployments
Image Deployment Flexibility (Virtual or Physical computer)
Multiple boot scenarios do not require partition management
Reusable Development and Testing images
Requirements
Windows 7 or Server 2008 R2 only
Physical disk size
(VHD expanded at boot; pagefile will be placed on host volume)
19
Microsoft Confidential - For Internal and Partner Use Only
Pg. 56
Native Boot Support for Virtual Hard Disks
Limitations
No Hibernation
No Nesting
Cannot Boot over SMB share connection
No BitLocker (host or VHD volume)
Cannot Backup the Host and VHD volume together
Differencing VHD and parent VHD must reside on the same local
volume
Must be Windows 7 or Server 2008 R2
Cannot use Removable USB
Must Sysprep generalize before moving to another computer
including Physical to Physical or Virtual.
20
Microsoft Confidential - For Internal and Partner Use Only
Pg. 57
Native Boot Support for Virtual Hard Disks
Manually Deploy a VHD for Native Boot
Create a VHD
Apply a Windows 7 image using ImageX.exe
Clean and partition the destination computer
Copy the VHD with native-boot capabilities
Use BCDBoot to add the VHD to the BCD Configuration
Deploying to a Windows 7/Server 2008 R2 Computer
Create a VHD
Apply a Windows 7 image using ImageX.exe
Copy the VHD with native-boot capabilities
Use BCDBoot to add the VHD to the BCD Configuration
21
Microsoft Confidential - For Internal and Partner Use Only
Pg. 59
Native Support for Virtual Hard Disks
Trouble Shooting
New Event Logs
VDS Logging
22
Microsoft Confidential - For Internal and Partner Use Only
Pg 63
Pg. 294
Lab Exercises
Exercise 2: Deploy and Boot to a Windows 7 VHD
23
Microsoft Confidential - For Internal and Partner Use Only
Core Windows Kernel Changes
Support for more than 64 logical processors
Threadpool changes
Registry Enhancements
Crash dump retention and page file size
Library Loader Enhancements
Unified Caching
Fault Tolerant Heap
Memory Management
Process Reflection
24
Microsoft Confidential - For Internal and Partner Use Only
Pg. 65
Support for more than 64 logical processors
Previous logical core support was defined as being equal to the
bit level of the operating system (32 for x86, 64 for x64).
Windows now supports up to 256 logical processors in R2
Processor groups are used to enable support for more than 64
logical processors
Pg. 66
Groups are a set of up to 64 processors that are treated as a single
scheduling entity. One thread is run per group.
Nodes are a set of up to 64 processors that are in close proximity and
share common resources. Commonly called a NUMA node.
Firmware nodes will be split if larger than a group.
Groups may contain one or more nodes but a node must be fully
contained in one group.
Groups are created on boot, systems with less than 64 logical CPUs will
never have more than one group.
No administrative control over group creation.
Windows 2008 R2 supports up to 256 logical processors in four
groupings of 64
Extended APIC support (xAPIC architecture)
25
Microsoft Confidential - For Internal and Partner Use Only
Threadpool changes: Definitions and background
A threadpool is a collection of worker threads that execute
work in parallel on behalf of an application
Used by applications that are highly parallel
Svchost is a good example of a threadpool user
Benefits
Thread aggregation
Smaller process footprint
Ease of programming and thread management
Persistent threads are threadpool worker threads that are
not recycled
Some code needs to run on a single thread, such as registry
notifications and callbacks
Was eliminated in Windows Vista and Windows Server 2008
26
Microsoft Confidential - For Internal and Partner Use Only
Pg. 68
Threadpool changes: Enhancement Details
New callback priority queues allow for callbacks to execute
in work item priority order.
This allows the work item processing loop to prioritize certain work
over other work.
Threadpools can be assigned a NUMA node preference
Support for more than 64 processors and processor
groups
Persistent thread support has returned
The persistent thread support will help aggregate certain
threadpool users from several threads in a process down to 1
thread per process.
Previously, users of threadpools would create their own pool of
threads to have persistent threads.
27
Microsoft Confidential - For Internal and Partner Use Only
Pg. 68
Registry Enhancements
Improved Locking Mechanism
Changes to WoW64 redirection and reflection
28
Microsoft Confidential - For Internal and Partner Use Only
Pg. 70
Registry Enhancements: Improved Locking Mechanism
Configuration Manager (CM) stores and maintains
configuration info in registry hives
KCB = Key Control Block
Uniquely represents a referenced registry key in the system
KCB table contains hash entries that allow quick reference
to KCBs
Pushlocks are used to lock the KCB table entries
29
Microsoft Confidential - For Internal and Partner Use Only
Pg. 70
Registry Enhancements: Improved Locking Mechanism
Previously
System-wide KCB table was shared among all hives
“Eager” locking method locked more table entries than were really
needed
Per-hive flush locks delayed in-memory registry updates until diskintensive flush operations were completed
Locking mechanism commonly caused deadlock contention and
Event ID 333
30
Microsoft Confidential - For Internal and Partner Use Only
Pg. 70
Registry Enhancements: Improved Locking Mechanism
In Windows 7 and Windows Server 2008 R2
Each hive has its own KCB table
Only KCBs and table entries that are really needed for an operation
are locked
A second per-hive flush lock was added that allowed “dirty” hive
data to be identified in-memory and updates to continue without
having to wait for a flush operation to continue
31
Microsoft Confidential - For Internal and Partner Use Only
Pg. 70
Registry Enhancements: Improved Locking Mechanism
As an example of previous behavior:
A lock held on the BCD hive would cause any calls to the SAM hive
at the same level to fail due to the pushlock being held on the
hive. This would cause deadlock contention on the hive as
requests would continue for the SAM hive.
32
Microsoft Confidential - For Internal and Partner Use Only
Pg. 70
Registry Enhancements: Improved Locking Mechanism
An example of the new locking mechanism
This user profile hive has its own KCB table and doesn’t share it with other
hives
Each KCB has its own lock reducing the need to acquire a lock on the table
entry
33
Microsoft Confidential - For Internal and Partner Use Only
Pg. 71
Registry Enhancements: WoW64 redirection and reflection
Background
Wow64 provides an emulation environment
for 32-bit applications to run seamlessly on
64-bit Windows platforms
Wow64 provides separate registry “views” to
32-bit and 64-bit applications, avoiding
conflicts potentially caused by sharing
architecture-specific data
Part of the registry will be shared by both
Part will be split, usually at Wow6432Node key
It transparently “redirects” applications to the
proper locations depending on the
architecture of the application.
Values in 32-bit and 64-bit portions of the
registry are synchronized using “reflection”
34
Microsoft Confidential - For Internal and Partner Use Only
Pg. 72
WoW64 Registry redirection and reflection
How it worked in previous versions of windows:
Redirection
Registry split policy of “Split by default” meant that an entire hive
might be split even if only one subset of keys actually needed to be
The resulting registry footprint was quite large
Reflection
Used to keep COM-specific keys synchronized.
At times this would cause data inconsistency in the registry because
reflection was not atomically performed at the time the key was
written.
How it works now:
Redirection
The registry key split policy has been changed to “shared by default”
Now only those keys that contain bit-specific data are split
Reflection
Has been completely eliminated
35
Microsoft Confidential - For Internal and Partner Use Only
Pg. 73
Crash dump retention and page file size: History
Windows XP, Windows Server 2003, and earlier
Paging file required to reside on boot volume
Complete memory dump required paging file = RAM + 50 mb
Dump copied to memory.dmp location during next boot
Getting a complete memory dump when needed was sometimes a
problem because of paging file size on boot volume
Windows Vista and Windows Server 2008
New dedicated dump file could be on any volume
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashCon
trol
DedicatedDumpFile (full path to dump file location)
DumpFileSize (dump file size in mb)
Dump filter driver can be applied
For compression or encryption of dump file for example
36
Microsoft Confidential - For Internal and Partner Use Only
Pg. 75
Crash dump retention and page file size: Windows 7
Default paging file size now equal to RAM
Intent is to reduce disk footprint, especially on small mobile
devices
Default dump option is kernel only
Automatically increased to RAM + 300 mb when complete
memory dump option is selected if system-managed
Automatically decreased to RAM when changed to kernel-only or
small memory dump if system-managed
37
Microsoft Confidential - For Internal and Partner Use Only
Pg. 77
Crash dump retention and page file size: Windows 7
Memory dump retention
Crash dumps are not retained for client SKUs
that are not joined to a domain if free space <
25 gb
Can be overridden by:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Control\CrashControl\AlwaysKeepMemoryDump
Server SKUs – always retain
Domain member – always retain
Dump is uploaded to Microsoft before being
deleted depending on Windows Error
Reporting options chosen by customer
Determine dump
file retention
AlwaysKeep
MemoryDump
=1?
Yes
No
Yes
Server SKU
?
No
Joined to a
domain
?
Yes
No
free space
>= 25 GB
?
Yes
No
Delete
38
Microsoft Confidential - For Internal and Partner Use Only
Retain
Pg. 78
Crash dump retention and page file size: Windows 7
Minidump file retention
Review
Small memory dumps do not overwrite the last one
New ones are created with new name: MiniMMDDYY-nn.dmp
“MMDDYY” is the date on which the dump was produced
“nn” represents the instance of a minidump produced on that date
A growing number would be retained indefinitely
In Windows 7 and Server 2008 R2
The number on minidumps retained can be controlled by a registry
key
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl
\MinidumpsCount
Default = 50
Intent is to reduce the disk footprint
39
Microsoft Confidential - For Internal and Partner Use Only
Pg.79
Library Loader Enhancements
Library Loader
Determines the right load order and resolves dependencies
Loads and unloads DLLs for processes and threads
Loader Lock is used to synchronize data structures and code
paths
Using a single global lock can cause hangs and lock contention
Single lock has been split into 3 single-purpose locks
Module list lock
Links lock
Per-DLL callout lock
Load count is used to determine if a DLL is in use
Previously there was no mechanism for shutting down a DLL’s internal
worker threads at DLL unload time
At process exit time there was no way to arrive at a consistent state
and then have the DLLs unloaded and the process terminated
Load count of DLLs now split into internal & external reference counts
Internal reference counts are used to manage references to the DLL by
internal worker threads
External reference counts are all references made by external processes
40
Microsoft Confidential - For Internal and Partner Use Only
Pg. 80
Pg. 82
Unified Caching
In Vista and Server 2008 we added:
SuperFetch – Caches frequently used data in unallocated DRAM
based on historical user activity. (temporary, read-only)
ReadyBoost – Caches frequently used data in free space on a
single flash based device. (temporary, read-only)
ReadyDrive – Caches read and write data in NVRAM found on a
disk drive, or a device that simulates one (long term read-write)
Limitations
ReadyBoost was limited to 4 gb, and one device at a time
Various caches were disjointed
Cache had to be repopulated after boot or resume
No compression
41
Microsoft Confidential - For Internal and Partner Use Only
Pg. 82
Unified Caching
In Windows 7 and Windows Server 2008 R2
All NVRAM is treated as a single, continuous cache regardless of
the size, form factor, and device performance characteristics
Intelligent caching on multiple devices through tighter integration
with Superfetch
Caches are persisted across boots, hibernation, and standby
Minimizes cache repopulation
Improves boot performance
ReadyBoost support for NVRAM is no longer limited to 4 GB
Up to 32 GB supported now
Multiple cache devices can be used simultaneously
Up to 8
See the master training document for the detailed caching
architecture
42
Microsoft Confidential - For Internal and Partner Use Only
Fault Tolerant Heap (FTH)
Heap corruption issues are a common cause of user-mode
application crashes
Generally caused by poor application coding practices
It can take a long time for such code to be corrected by Independent
Software Vendors (ISVs)
What FTH does
Mitigates heap misuse patterns found to be the most frequent by
applying shims
Dynamically determines when to apply mitigations
Monitors the effectiveness of attempted mitigations and disables them
if they are not working
Provides support for multiple mitigation methods:
From Microsoft through Watson
Using manual scenarios such as via the Application Compatibility Toolkit
Autonomously
Returns diagnostic data about heap corruption error patterns to
Microsoft, and ultimately to Independent Software Vendors
43
Microsoft Confidential - For Internal and Partner Use Only
Pg. 88
Fault Tolerant Heap (FTH)
Four Application states in FTH:
State
Description
Untracked
The application has not crashed in a way consistent with possible heap corruption as defined by the Rule List.
Tracked
The application has crashed at least once as a potential FTH candidate and is being tracked to determine if the
crash velocity has been exceeded.
Enabled
Mitigation has been enabled for the application, either because Watson responded that it should be, or
because the crash velocity has been met. On subsequent runs of the application the FTH shim will be applied
until the status changes to disabled.
Disabled
Mitigation will not be applied, either because Watson responded that it should not be, or because previous
mitigation attempts have been determined to be unsuccessful.
Watson might say to enable or disable mitigation immediately
Untracked apps become tracked when a suspicious crash occurs
App. is enabled and shim applied after crash velocity in registry is met
App. is monitored and shim removed if it didn’t help
Every 7 days FTH “forgets” about apps with no recent activity
FTH settings and application states are stored in the registry
HKLM\Software\Microsoft\FTH
Can be disabled by group policy
44
Microsoft Confidential - For Internal and Partner Use Only
Pg. 96
Pg. 298
FTH Lab Exercise
Exercise 3: Examining Fault Tolerant Heap Behavior
45
Microsoft Confidential - For Internal and Partner Use Only
Memory Management Enhancements
There were numerous enhancements. Most notable is:
Working Set Trimming improvements
On 64-bit versions of Server 2003, the size of the working set of
system cache could potential grow to consume all of RAM
Improvements:
The number of levels that can describe the age of working set pages
increased from 4 to 8. This allows for richer aging information and more
diverse trimming policies.
The distribution of aged pages is better-tracked to enable better trimming
decisions.
Rapidly growing working sets are monitored closely so that optimal
trimming can be accomplished in a timely fashion.
Excess is typically trimmed from large working sets rather than from very
small ones, reducing the inequitable effect that low memory situations
had on smaller processes
The system cache has been separated into 3 distinct working sets to
prevent the individual expansion of one from causing the trimming of
others.
46
Microsoft Confidential - For Internal and Partner Use Only
Pg. 104
Process Reflection
Set of APIs allow a diagnostic system to transparently
capture snapshots of a running process for offline analysis
without affecting the running process
Resource Exhaustion Detection and Resolution (RADAR) is
the only consumer of this feature so far
47
Microsoft Confidential - For Internal and Partner Use Only
Pg. 107
File System Updates: Flash Media Enhancements
Terminology
Flash sector/page size: This is the minimum unit of a write or read
operation.
Flash block size: This is the minimum unit of an erase operation.
Wear Leveling: Each block in a flash memory device has a finite
number of erase-write cycles. To increase the longevity of the flash
device, writes and erases should be spread as evenly as possible over
all of the blocks on the device.
Delete Notifications
NTFS notification of a deallocated cluster. Allows for flash devices to
proactively perform wear leveling
Scheduled Defrag Automatically Disabled on devices detected
as Solid State Devices (SSD)
Superfetch is disabled for most SSD devices.
If the system disk is an SSD, and the SSD performs adequately on
random reads and doesn’t have performance issues with random
writes or flushes, then Superfetch, boot prefetching, application launch
prefetching, ReadyBoost and ReadDrive will all be disabled
Can be confirmed with the WINSAT diskformal test
48
Microsoft Confidential - For Internal and Partner Use Only
Pg. 108
File System Updates: Enhanced Oplocks Support
Native oplocks (implemented since Windows 3.1):
Level 2 (shared): multiple readers in a stream and no writers, supports client
side read caching
Level 1 (exclusive): client stream with exclusive access where client controls
buffering, supports read and write caching
Batch (exclusive): client stream open to a server where locally the client has
closed the stream, allows for read and write caching and handle caching.
Filter (exclusive): allows application and system filters a way to open and read
stream data. Allows for a way to “back out” when trying to access identical
streams. Supports read and write caching.
New Windows 7 Oplocks
Read (shared): multiple readers of a stream with no writers. Supports read
caching.
Read-Handle (shared): multiple readers of a stream with no writers, able to stay
open when the client closes the stream. Support read and write caching.
Read-Write (exclusive): client exclusive access with arbitrary buffering.
Supports client read and write caching.
Read-Write-Handle (exclusive): client exclusive access, able to stay open when
the client closes the stream. Support read,write and handle caching
49
Microsoft Confidential - For Internal and Partner Use Only
Pg. 110
File System Updates: Enhanced Oplocks Support
New Windows 7 OpLocks:
Provide greater flexibility for the caller to express caching
intentions
Allow oplock breaks and upgrades
Upgrade = modification of the oplock state from one level to a level of
greater caching; for example, upgrading a Read oplock to a ReadWrite oplock
50
Microsoft Confidential - For Internal and Partner Use Only
Pg. 110
File System Updates: Chkdsk Improvements
Makes use of block cache
Configured to use system memory
Test results shows an average 50% performance
improvement
Chkdsk Time in Minutes
80
70
Time in Minutes
60
50
40
Windows Server 2008
30
Windows 7
20
10
0
2
4
8
16
System Memory (GB)
51
Microsoft Confidential - For Internal and Partner Use Only
Pg. 112
File System Updates: Performance Improvements
Pg. 113
8.3 File Name changes
New algorithm allows for better name generation which results in less
name collisions
8.3 name creation can be disabled for volumes
Ability to remove 8.3 names from the system
fsutil 8dot3name strip
Large Quantity File Creation Improvements
MFT now uses cached IO instead of synchronous IO to extend the MFT.
Improves performance for large quantity of file creation
New Multi-Threaded Robocopy Option
Robocopy /MT improves remote and high latency transfers
Local File Copy Improvements
Memory and cache manager improvements for local file copy can
improve copy performance by up to 37% (dependant on file size)
Support for software mirroring
Available through disk management
52
Microsoft Confidential - For Internal and Partner Use Only
Pg. 115
Boot Performance Enhancements
Previously in the boot process, system start drivers had to
be completely loaded before the session 0 process could
start loading the operating system for the user.
Even though pre-fetching was occurring, the boot process
to be slow and inefficient, particularly on newer fast
storage such as SSD.
PowerOn
(BIOS
Post)
Boot
Loader
Boot
Start
Drivers
System Start Drivers
Session 0 Start
Services,
Explorer,
etc.
Load / Enumerate
Load
Init
Disk Prefetching
(time)
53
Microsoft Confidential - For Internal and Partner Use Only
Boot Performance Enhancements (cont’d)
In Windows 7 codebase, the enumeration of system start
devices is done in parallel to the start of session 0.
We can see below that the system start drivers and the
enumeration of the first session is happening in the same
window, reducing the time needed for the session to start
loading explorer, thereby increasing boot performance.
54
Microsoft Confidential - For Internal and Partner Use Only
Pg. 121
Power Management changes
Architecture
Power management functionality has been decoupled from the PnP
service
New Power service has been added to Windows 7 codebase
Controls all power management operations and without reliance on PnP
Allows for cleaner shutdowns and faster restarts
Configuration and Management
Configuration is still done via control panel and POWERCFG
POWERCFG has new added functionality
New –ENERGY report option in POWERCFG
Initiates and energy report for the targeted system
Report is saved as an HTML
-REQUESTS allows you to see applications and devices that are preventing
a machine from automatically powering off
-REQUESTSOVERRIDE allows you to override a process or service
generated by –REQUEST to allow a system to sleep properly
-H –SIZE to specify Hibernation file size
Wake Timer changes
Windows 7 does not wake for scheduled tasks by default.
Configurable in the user interface.
55
Microsoft Confidential - For Internal and Partner Use Only
Pg. 122
Pg. 299
Lab Exercise
Exercise 4: Power Management: Reporting
56
Microsoft Confidential - For Internal and Partner Use Only
Pg. 124
Core Parking
Scheduler is used to dynamically set
a processor idle based on the power
profile being used
Scheduler dynamically determines
when and where a thread should run
and can choose not to use a
processor even if there is a ready
thread that could run on the CPU.
Cores are parked in pre-Nehalem
processors, Nehalem processors and
later allow parking of a socket.
Can be tracked with the perfmon
counter \Processor\Parking Status
57
Microsoft Confidential - For Internal and Partner Use Only
Core Parking Operation
Intelligent Timer Tick
Intelligent timer ticks allow for longer durations before an
application processor is woken.
Processor is only woken in the event of a hardware IRQL or timer
expiration
59
Microsoft Confidential - For Internal and Partner Use Only
Pg. 127
Pg. 127
Timer Coalescing
Timer coalescing allows for the Windows kernel to group multiple
software timers and expire them all at the same time
Helps decrease the idle duration of the application processors
Helps improve average processor idle time
Staying idle requires minimizing timer interrupts
Before, periodic timers had independent cycles even when period was the
same
New timer APIs permit timer coalescing
Application or driver specifies tolerable delay
Timer system shifts timer firing to align periods on a coalescing interval:
50ms, 100ms, 250ms, 1s
60
Microsoft Confidential - For Internal and Partner Use Only
Device Management Changes
Multi-function device support
Device Experience Platform and Device Center
Silent on-demand device installation
Concurrent Device Installation
Driver Servicing changes
New group policy for uninstallation of devices
61
Microsoft Confidential - For Internal and Partner Use Only
Pg. 167
Multi-function device support
Previously, multi-function devices were seen as devnodes.
Devices could have more than one devnode, but there was
no way to bind all of the devnodes together
An example of this would be a Bluetooth phone. The device might
have a camera device, sound device, and several other devnodes in
one device presented to Windows.
Devices are now grouped by ContainerID. ContainerIDs
are unique instances of a single device that is common to
all devnodes. There are two types of ContainerIDs:
Explicit: Bus drivers with multi-function aware devnodes. They
assign ContainerIDs to child devnodes during enumeration
Heuristic: Devices without bus assigned ContainerIDs.
ContainerIDs are assigned by PnP
62
Microsoft Confidential - For Internal and Partner Use Only
Pg. 167
Device Experience Platform and Devices and Printers
Device and Printers is new to Windows 7 codebase
“One stop shop” for consumers to configure and manage
devices for the entire system.
Allows management of specific device functions based on
device type
Utilizes WMIS (Windows Metadata and Internet Services)
to collect and populate device information on the system.
Controlled via Group Policy for environments which wish
to disable specific features of the center due to security
concerns.
63
Microsoft Confidential - For Internal and Partner Use Only
Pg. 168
Silent on-demand device installation
New devices were mostly “attended” events
Users had to insert driver disks or manually search for
drivers for unknown devices on Windows Update
Windows 7 uses silent device installation
Device is attached to the system
PnP detects the device and invokes DRVINST
DRVINST attempts to locate the best driver based on path. Default
order is:
Windows Update
DriverStore
DevicePath
Device installation completes without user intervention
Devices can still be installed manually if needed
Configurable via Group Policy and registry
64
Microsoft Confidential - For Internal and Partner Use Only
Pg. 171
Concurrent Device Installation
Pg. 173
Vista used serialized device installation where PnP maintained a queue
of pending device install entries and enumerated and installed them
based on their position in the queue. This was due to only one worker
thread being allocated for device installation.
Windows 7 codebase introduces concurrent device installation. Device
installs are done in parallel. Worker threads are now spun up as
needed for device installation but are capped at 4 per core.
Device installation timeouts still apply for DRVINST. Timeout is 5
minutes.
65
Microsoft Confidential - For Internal and Partner Use Only
Driver Servicing changes
Pg. 175
In Windows Vista, the DriverStore was allowed to grow
exponentially based on the number of times a driver was
updated. All drivers were staged or installed in the DriverStore
directory.
In Windows 7, the servicing stack controls device installation for
in-box drivers. Drivers are staged and installed to the
component store instead of the DriverStore and then reflected to
the proper location as seen in the screenshot below.
This reduces the window need for installation of drivers that
require reboots due to improper handling within the file system
and registry. TxF (Transactional File System) and TxR
(Transactional Registry) now control the file and registry
handling to increase robustness.
66
Microsoft Confidential - For Internal and Partner Use Only
Driver Servicing (cont.)
Device reboot window in Windows Vista. Note the nonTxF registry and file operations that contribute to data in
the no-boot window prior to shutdown in the figure
below.
Non-critical drivers are not grouped into the first TxF
transaction which could lead to data loss.
67
Microsoft Confidential - For Internal and Partner Use Only
Pg. 177
Driver Servicing (cont’d)
Device install reboot window in Windows 7 eliminates the
reboot window altogether and packages the file and
registry changes into TxF transactions which can be
managed in the event of a failure, allowing for rollback of
the failed transactions and eliminating the reboot window.
68
Microsoft Confidential - For Internal and Partner Use Only
Pg. 177
New group policy for uninstall of devices
Additional group policies have been added for device
uninstall
New policy allows for the uninstall of devices that are
disallowed under current group policy.
Policy is defined in
AdminTemplates\System\DeviceInstallation\DeviceInstallationRestricti
ons\Prevent installation of devices that match this device ID
The “Also apply to matching devices that are already installed”
must be checked for the policy to be active
Additional policies include:
Prevent metadata retrieval from the internet
Do not create system restore point when new device driver
installed
Do not send a Windows Error Report to request additional
software for a device
Specify driver search order.
69
Microsoft Confidential - For Internal and Partner Use Only
Pg. 179
Unified Background Process Manager (UBPM)
Windows includes several process managers that have
been added over time to manage background processes
Service Control Manager
Task Scheduler
Windows Management Instrumentation
DCOM Server Process Launcher
These perform similar jobs such as activating and deactivating
processes, yet they are mostly isolated from each other
This can cause problems
Decreased system reliability
Decreased performance
Increased engineering and support costs
70
Microsoft Confidential - For Internal and Partner Use Only
Pg. 180
Pg. 180
UBPM
Introducing UBPM
Goals
Move common process lifecycle management from existing process
managers to a unified process lifecycle manager
Eventually eliminate some redundant process managers
Provides a trigger-based activation platform to manage the
lifecycle of background processes for UBPM-registered clients
For Windows 7 and R2, the only process managers registered as UBPM
clients are Service Control Manager and Task Scheduler service
Architecture
UBPM.dll is hosted in-process by clients that use it
Services.exe
Taskhost.exe
UBPM is an RPC server that provides 2 sets of APIs
1 set for trigger providers, such as the PnP Manager
1 set for trigger consumers, or clients, such as the Service Control
Manager and Task Scheduler service.
71
Microsoft Confidential - For Internal and Partner Use Only
Pg. 181
UBPM
UBPM starts an ETW session and enables each registered provider
GUID in the session.
It also implements an ETW real-time consumer that listens for the preregistered trigger provider events and notifies the trigger consumers
when they occur.
72
Microsoft Confidential - For Internal and Partner Use Only
Service Control Manager Enhancements
SCM has been enhanced to allow services to be started
only when they are required and to reduce the number of
services that use the Automatic startup type
Registered as a UBPM client
Benefits
Improved system boot performance
Improved system shutdown performance
Reduction in system attack surface
Reduction in service footprint for scenarios where the service features
are not in use
73
Microsoft Confidential - For Internal and Partner Use Only
Pg. 182
Service Control Manager Enhancements
Pg. 183
Demand Start of a service when a specific event occurs
A service can register to be started or stopped on supported
events, referred to as triggers.
Starting a service that is based on a trigger is called a Trigger Start.
Demand Start of a service by using SCM client API or COM
service activation
A service can be started on demand by calling an SCM client API or
by COM service activation when a client application requires
functionality that is provided by the service.
Stopping a service when idle
A service can stop itself if it determines that it has been idle for a
specified amount of time.
74
Microsoft Confidential - For Internal and Partner Use Only
Trigger Start Services
Common triggers
IP address - start on the first IP address arrival and stop on the last
IP address departure
Hardware device - start when a specific hardware device is
connected to the system
Bluetooth management service
Domain-joined - start if joined to a domain and stop if not joined
to a domain
Windows Time service
Group policy - start if a Group Policy change is detected
Custom - Service developers can design their own custom trigger
events that can be raised from either user mode or kernel mode
API support for service triggers
SCM client APIs have been updated to let service installers add,
update, and query service trigger information.
75
Microsoft Confidential - For Internal and Partner Use Only
Pg. 184
Trigger Start Services
SC.exe supports service triggers
Configuring service triggers
sc <server> triggerinfo [service name] <option1> <option2>...
Sc triggerinfo MyService start/networkon stop/networkoff
Querying service trigger info
sc <server> qtriggerinfo [service name]
76
Microsoft Confidential - For Internal and Partner Use Only
Pg. 186
Trigger Start Services
For all services that specify trigger actions, a TriggerInfo
subkey is created in the service configuration key
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\<Service Name>
For trigger-start services, the Start value should be 3 for
Manual startup
During boot SCM checks services for their start type and ignores
the triggerinfo value if the start type is Automatic
77
Microsoft Confidential - For Internal and Partner Use Only
Pg. 187
Pg. 189
Task Scheduler
Two Task Scheduler engines now
TaskEng.exe (legacy)
Unchanged
Responsible for activating legacy tasks
Manually-created and executed tasks use this engine
TaskHost.exe
Hosts UBPM-registered tasks
An instance is spawned for each unique security context required by
running tasks
UBPM manages in-box tasks
UBPM.dll resides in SvcHost.exe that hosts Task Scheduler service
78
Microsoft Confidential - For Internal and Partner Use Only
Pg. 190
Task Scheduler
Task Scheduler and UBPM divide task-related
management:
Managed by Task Scheduler:
XML parsing
Security
Storage
Public API
Managed by UBPM:
Triggers
Settings
Constraints
Actions
79
Microsoft Confidential - For Internal and Partner Use Only
Pg. 190
Task Scheduler
SchedulingEngineKnob registry value can control which
Task Scheduler engine is used for task execution
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule
Task Scheduler reads and applies the SchedulingEngineKnob value
when the Task Scheduler service starts
This is when Task Scheduler registers its tasks with UBPM
Note: This registry key is for internal testing only and is not to be
exposed to customers
80
Microsoft Confidential - For Internal and Partner Use Only
Pg. 191
Console Host
Conhost.exe - new host process for console applications, such
as cmd.exe
Primary purpose is to harden console applications
Side benefits:
Potentially improved performance for heavy console application users due
to new multi-threading design
Isolation of console applications improves overall system stability by
reducing the chance of a problem in csrss causing a blue screen
Separation of security context for console applications gives better control
over elevation of privileges
Moves message handling for console applications from
csrss.exe to new conhost.exe process
Runs in the security context of the console application instead
of csrss.exe, which runs as Local System
Reduces the risk from “Shatter Attacks”
Shatter Attacks attempt to exploit vulnerabilities in message-handling
code in order to run code in csrss.exe as Local System
81
Microsoft Confidential - For Internal and Partner Use Only
Pg. 194
Console Host: How it works
In previous versions of
Windows:
All GUI activity on behalf of
console applications was
brokered by csrss.exe
When a console application
wanted to receive characters, it
called a console API
implemented in kernel32.dll
Kernel32 made an LPC call to
csrss.exe
Csrss.exe checked the input
queue associated with the
console window hWnd and
returned the appropriate
character-mode input through
kernel32 back to the console
application.
82
Console Application
(e.g., cmd.exe)
LOCAL LOCAL
USER SYSTEM
csrss.exe
console
LPC: Ask/Get I/O
GUI Input Events
(Window messages)
kernel32.dll
User
Kernel
win32k.sys
Microsoft Confidential - For Internal and Partner Use Only
Pg. 195
Console Host: How it works
In Windows 7 and Server R2:
The console message-handling code runs in a new process, conhost.exe
Conhost.exe runs in the same security context as the console process it is
hosting
Instead of issuing an LPC request to CSRSS, the request goes to conhost.exe
LOCAL LOCAL
USER SYSTEM
Console Application
(e.g., cmd.exe)
csrss.exe
Kernel32.dll
Conhost.exe
LPC:
Ask /
Get I/O
No Windows
messages
User
Kernel
win32k.sys
83
Microsoft Confidential - For Internal and Partner Use Only
Console Host: How it works
A conhost.exe process is spawned for each top-level console
application
An indefinite number of child processes can share the same conhost.exe
with the top-level process
Conhost.exe has a process handle to each process in the tree
Conhost.exe communicates with each process in the tree individually using
LPC
32-bit and 64-bit applications can be intermixed in a console
application tree
LPC transparently handles architecture differences between processes
84
Microsoft Confidential - For Internal and Partner Use Only
Pg. 195
Console Host: Troubleshooting
Basic troubleshooting
Determine whether the issue is specific to just one application
Launch simple console applications such as cmd, nslookup, and telnet
Obtain simultaneous process dumps of root console application,
affected child processes, and the associated conhost.exe process
Distinguishing instances of Conhost.exe from each other
Process Explorer
Resource Monitor
Right-click root console application process and choose “Analyze Wait
Chain”
Potential Issues
Race conditions
Application compatibility issues
Failure to instantiate conhost.exe
85
Microsoft Confidential - For Internal and Partner Use Only
Pg. 198
Pg. 301
Lab Exercise
Exercise 5: Examining Console Host relationships
Process Explorer:
C:\Labfiles\ProcExp
86
Microsoft Confidential - For Internal and Partner Use Only
Windows System Resource Manager (WSRM) Enhancements
Review of WSRM concepts
Allows administrators to manage server processor and memory
resources by allocating a portion of each resource to specific
processes running on a server
Purpose is to reduce the ability of processes and users to interfere
with each other and to provide more consistent and predictable
application response
Common usage is on Remote Desktop Servers
Configured by creating or modifying
Process Matching Criteria
Resource Allocation Policies
Calendar Rules
Conditional Policies
87
Microsoft Confidential - For Internal and Partner Use Only
Pg. 203
Windows System Resource Manager (WSRM) Enhancements
Enhancements in Windows 7 and Windows Server 2008 R2
Computer Groups
Dynamic Fair Share Scheduling (DFSS)
Selective Export/Import
88
Microsoft Confidential - For Internal and Partner Use Only
Pg. 203
WSRM Enhancements: Computer Groups
Computer Groups allow admin to create hierarchy of
computers with similar WSRM configuration needs
Used for exporting local WSRM settings directly to an
entire branch of the hierarchy tree
Computers within groups must be domain members
No limit on depth of nested groups
Individual computers are always leaf objects
Drag & Drop and Cut & Paste are allowed
Export using Computer Groups automatically imports
directly to computers in target group(s)
89
Microsoft Confidential - For Internal and Partner Use Only
Pg. 206
WSRM Enhancements: DFSS
Dynamic Fair Share Scheduling
“Static” scheduling
Used a constant per-thread quota value.
Quota was aggregated across all threads for a user.
CPU was often under-utilized
Would not adjust automatically as the load changed
DFSS
Dynamically scales quota based on load and # of sessions
Aggregates thread quotas based on sessions, not just users
Ensures a consistent user experience across sessions
Minimizes under-utilization of CPU
SYSTEM threads & threads in Session 0 are exempt from fair share
scheduling to ensure they will never be blocked
90
Microsoft Confidential - For Internal and Partner Use Only
Pg. 207
WSRM Enhancements: DFSS
Configuration Options
In WSRM administrators can specify a fairness weight for sessions
of specific users and groups.
By default, when the feature is enabled all sessions will start with
an average weight of 5, which provides equal distribution of CPU
usage.
Administrators can subsequently assign higher or lower weights
for users or groups.
Weighted_Remote_Sessions Resource Allocation Policy
Premium user = 9
Standard user = 5
Basic user = 1
91
Microsoft Confidential - For Internal and Partner Use Only
Pg. 209
WSRM Enhancements: DFSS
Enabling DFSS
Enabled automatically when Remote Desktop Services is installed
Can be enabled manually
HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Quota
System\EnableCpuQuota = 1
Can be disabled in Group Policy
Computer Configuration\
Administrative Templates\
Windows Components\
Remote Desktop Services\
Remote Desktop Session Host\
Connections\
Turn off Fair Share CPU Scheduling
92
Microsoft Confidential - For Internal and Partner Use Only
Pg. 221
WSRM Enhancements: Selective Export/Import
Export/Import of WSRM configuration objects was
previously “all or nothing”
New Export/Import allows admin to choose which objects
to export/import, and how to resolve import conflicts
Override existing objects
Do not export/import duplicate objects
Replace duplicate objects with exported objects
Rename existing objects for duplicate items
Rename exported/imported objects for duplicate items
“Check Conflicts” option now allows import simulation to
preview potential conflicts before actually importing
Renaming of duplicates only occurs when the name is a
duplicate and not all of the properties are the same
93
Microsoft Confidential - For Internal and Partner Use Only
Pg. 211
Pg. 303
Lab Exercise
Exercise 6: Exporting WSRM settings using Computer
Groups
94
Microsoft Confidential - For Internal and Partner Use Only
What’s New in Server Core?
Introduced with Windows Server 2008
Reduced Attack Surface
Additional stability
If Server Core had existed
Windows 2000 is ~60% reduction
Windows Server 2003 is ~40% reduction
Windows Server 2008 to date is:
~35% reduction if accepting all patches
~65% reduction if applying only necessary patches
~65% elimination of reboots
95
Microsoft Confidential - For Internal and Partner Use Only
Pg. 247
Server Core – Major Changes
.NET Framework in Server Core
Subset of .NET 2.0
Subset of .NET 3.0
Windows Communication Framework (WCF)
Windows Workflow Framework (WF)
Subset of .NET 3.5
WF additions from 3.5
LINQ
Subset of ASP.NET support for IIS
PowerShell
Server Manager cmdlets
Best Practice Analyzer (BPA) cmdlets
File Server Resource Manager (FSRM)
Certificate Server
96
Microsoft Confidential - For Internal and Partner Use Only
Pg. 247
Server Core – Core Architecture
97
Microsoft Confidential - For Internal and Partner Use Only
Pg. 248
Server Core – Initial Configuration
Server core configuration easier
Sconfig.cmd included
Domain/Workgroup membership
Computer Name
Adding a local administrator
Configuring Remote Management
Windows Update settings
Downloading and installing Updates
Enable/Disable remote desktop
Network settings (to set Static or DHCP options)
Date and Time
CEIP Participation
The following commands are also included for ease of use
Log off User
Restart Server
Shut Down Server
Exit to command Line
98
Microsoft Confidential - For Internal and Partner Use Only
Pg. 254
Server Core – Installing Features
DISM
New Command Line Tool to Add/Remove Roles and Features
Shows install status
Better error reporting than Ocsetup
Allows multiple features to be installed from a single command
line
Ex. C:\> DISM /online /Enable-Feature
/FeatureName:<FEATURENAME> /FeatureName: <FEATURENAME>
PowerShell – Must be installed using DISM first
Requires installation of FeatureName ServerManager-PSHCmdlets
Get-WindowsFeature
Add-WindowsFeature
99
Microsoft Confidential - For Internal and Partner Use Only
Pg. 256
Server Core – Remote Management
Server Manager
Connect from Full UI or Windows 7 client with RSAT tools installed
Requires PowerShell, ServerManager CmdLets
PowerShell Remote Session
Open a PowerShell Prompt
Ex. Enter-PSSession <MACHINENAME> -Credential <DOMAIN\USER>
100
Microsoft Confidential - For Internal and Partner Use Only
Pg. 262
Server Core – iSCSIcpl added
Added iSCSICpl applet to help in configuring iSCSI Initiator
101
Microsoft Confidential - For Internal and Partner Use Only
Pg. 267
Pg. 305
Lab Exercise
Exercise 7: Configure Server Core Machine using
sconfig.cmd
102
Microsoft Confidential - For Internal and Partner Use Only
What’s New in Windows Server 2008 R2 Hyper-V?
Enhanced Processor Support
Support extended to 64 physical processor cores (from 16) with an 8:1
consolidation ratio.
This means that each logical physical processor can support up to 8 virtual
processors within Hyper-V. This is limited to 384 virtual processors.
There is still a limit of 4 virtual processors per virtual machine.
Coordinated CPU Core Parking
Virtual processors will park virtual cores when the corresponding logical processor is
parked
Support for Second-Level Address Translation (SLAT) to improve performance
and reduce processor load
Enhanced Networking Support
Full TCP Offload support for VMs
VMDq (Virtual Machine Device Queues) Support
Jumbo Frame Support
Hot Add/remove of VHD’s and Pass-Through disks
Requires attaching to VM Guest SCSI controller
Live Migration
Moving running Virtual Machines between Hyper-V servers without dropping
connections or stopping the VM
Requires the Failover Cluster Feature
103
Microsoft Confidential - For Internal and Partner Use Only
Pg. 269
Pg. 307
Lab Exercise
Exercise 8: Add Additional Storage to a Virtual Machine
104
Microsoft Confidential - For Internal and Partner Use Only
What’s New in Microsoft Hyper-V Server 2008 R2?
Contains same virtualization feature-set as Hyper-V in
Windows Server 2008 R2
Server Core-like bare metal virtualization platform
Additional Processor and Memory support
8-socket physical systems and up to 32 cores
1 TB of RAM
Updated Hyper-V Configuration Utility
Renamed to sconfig.cmd
Simplifies the most common initial configuration tasks
Failover Clustering
Not included in the initial release of Hyper-V Server
Live migration
Powershell
105
Microsoft Confidential - For Internal and Partner Use Only
Pg. 278
What’s New in Microsoft Hyper-V Server 2008 R2?
Updated Hyper-V Server Configuration Utility
Remote Management Configuration
Failover Clustering Configuration
Additional options for Updates
106
Microsoft Confidential - For Internal and Partner Use Only
Pg. 281
Deploy Microsoft Hyper-V Server 2008 R2 on a USB Drive
New OEM-only feature exclusively for Microsoft Hyper V Server
2008 R2.
Microsoft Hyper-V Server 2008 R2 supports the ability to boot
from a fixed (i.e. non-removable) USB storage device
Traditional USB “memory sticks”, “thumb drives”, etc. do not meet the
non-removable requirement.
Removable devices are listed under the Portable Devices
category in Device Manager and are labeled Removable in the
Disk Management tool.
Changes in Microsoft Hyper-V Server R2 to Support USB-Boot
Disable Paging to reduce wear
Must be done manually when image is created
Timeout for boot device is increased
PollBootPartitionTimeout registry value set to 30000
USB drivers are loaded during boot instead of on demand
107
Microsoft Confidential - For Internal and Partner Use Only
Pg. 284
Deploy Microsoft Hyper-V Server 2008 R2 on a USB Drive
Requirements
USB drive must be exposed over Universal Serial Bus (USB) 2.0 as a
standard mass storage device (Class 08h), and the platform
firmware (i.e. BIOS) must support the capability to boot from USB
USB drive must report itself as a non-removable device to the
system
Recommendations
Minimum 8GB capacity for the USB device
To allow for updates, etc.
Appropriate flash device for expected workload
MS provides baseline write profiles to OEMs
Dedicated USB Enhanced Host Controller Interface (EHCI)
At a minimum, dedicate a single, non-nested USB port
108
Microsoft Confidential - For Internal and Partner Use Only
Pg. 285
Deploy Microsoft Hyper-V Server 2008 R2 on a USB Drive
Steps to create a Microsoft Hyper-V Server 2008 R2 image
and place it on a non-removable USB storage device.
Prerequisites and preparation
Create a VHD
Apply a Hyper-V Server image to the VHD
Prepare the USB storage device
Copy files to the USB storage device
Prepare the VHD and USB device for boot
Disable paging
Refer to courseware for more detailed step-by-step instructions.
109
Microsoft Confidential - For Internal and Partner Use Only
Pg. 287
Pg. 309
Lab Exercise
Exercise 9: Configure and Manage Microsoft Hyper-V
Server 2008 R2
110
Microsoft Confidential - For Internal and Partner Use Only
Questions?
111
Microsoft Confidential - For Internal and Partner Use Only
© 2009 Microsoft Corporation. All rights reserved.
This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
Microsoft Confidential - For Internal and Partner Use Only
© 2009 Microsoft Corporation. All rights reserved.
Microsoft Confidential - For Internal and Partner Use Only
This training package content is proprietary and confidential, and is intended only for users described in the training materials. This content
and information is provided to you under a Non-Disclosure Agreement and cannot be distributed. Copying or disclosing all or any portion
of the content and/or information included in this package is strictly prohibited. Some elements of this document are subject to change.
This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS
SUMMARY. Microsoft is a registered trademark of Microsoft Corporation in the United States and/or other countries. Other product and
company names mentioned herein may be the trademarks of their respective owners.
September/2009
113