This article explains the new and changed features of Hyper-V on Windows Server 2016 and Microsoft Hyper-V Server 2016.
Compatible with connected standby (new)
When you install the Hyper-V role on a computer that uses the always on/always connect (AOAC) power model, the connected standby power state is now available.
Discrete device Assignment (new)
With this feature, you can have the virtual machine directly access some PCIE hardware devices. Using a device in this way bypasses the Hyper-V virtualization stack, which speeds up access. For more information about supported hardware, see "Discrete device Assignment" in system requirements for Hyper-V on Windows Server 2016.
Encryption support for operating system disks in the 1th Generation virtual machine (new)
You can now use BitLocker Drive Encryption in a 1th generation virtual machine to protect the operating system disk. The new feature key store creates a small private drive to store the BitLocker key for the system drive. This is done instead of using the Virtual Trusted Platform Module (TPM) that is available only in 2nd generation virtual machines. To decrypt a disk and start a virtual machine, the Hyper-V host must be part of an authorized protection structure or have the private key of the Guardian from one of the virtual machines. The key store requires the use of a version 8 virtual machine.
Host resource Protection (new)
This feature helps prevent virtual machines from using more than their system resources by looking for excessive activity levels. This can help prevent the excessive activity of the virtual machine from reducing the performance of the host or other virtual machines. Virtual machines get fewer resources when monitoring detects a virtual machine that is over-active. This monitoring and execution is turned off by default. Use Windows PowerShell to turn it on or off. To open it, run the following command:
Set-vmprocessor Testvm-enablehostresourceprotection $true
Hot Add and remove network adapters and memory (new)
You can now add or remove network adapters while the virtual machine is running, without causing downtime. This applies to 2nd generation virtual machines running the Windows or Linux operating system.
Even if you have not enabled dynamic memory, you can adjust the amount of memory allocated to the virtual machine at run time. This applies to 1th and 2nd generation virtual machines running Windows Server 2016 or Windows 10.
Hyper-V Manager improvements (update)
-
Fallback credential Support-when you connect to other Windows Server 2016 or Windows 10 remote hosts, you can now use a different set of credentials in Hyper-V manager. You can also save these credentials in order to easily log in again.
-
Manage earlier versions-through Hyper-V Manager in Windows Server 2016 and Windows 10, you can manage Windows Server 2012,windows 8,windows server R2 and Windows 8 .1 on the computer that is running Hyper-V.
-
Updated Management Protocol-Hyper-V Manager now communicates with the remote Hyper-V host using the Ws-man protocol, which allows Credssp,kerberos or NTLM authentication. When you use CREDSSP to connect to a remote Hyper-V host, you can do a live migration without enabling restricted delegation in Active Directory. The Ws-man based infrastructure also makes it easier for hosts to manage remotely. The Ws-man is connected by the port 80 that is opened by default.
Integration Services provided through Windows Update (updated)
Updates for Windows Client Integration Services are distributed through Windows Update. For service providers and private cloud hosts, this controls the application of updates to tenants with virtual machines. Tenants can now use a single method to update their Windows virtual machines with all updates, including integration services.
Note: The Vmguest.iso image file is no longer needed, so it is not included in Hyper-V in Windows Server 2016.
Linux Secure Boot (new)
The Linux operating system running on the 2nd generation virtual machine can now enable the secure boot option. Ubuntu 14.04 and later versions are enabled on hosts running Windows Server 2016, SUSE Linux Enterprise Server 12 and later, Red Hat Enterprise Linux 7.0 and later, and CE Ntos 7.0 and later for secure boot. Before you boot a virtual machine for the first time, you must configure the virtual machine to use a Microsoft UEFI certification authority. You can do this from Hyper-V Manager, Virtual Machine Manager, or an elevated Windows PowerShell session. For Windows PowerShell, run the following command:
Set-vmfirmware testvm-secureboottemplate microsoftueficertificateauthority
More memory and processors for 2nd generation virtual machines and Hyper-V hosts (updated)
Starting with version 8, the 2nd generation of virtual machines can use more memory and virtual processors. The host can also configure more memory and virtual processors than previously supported. These changes support new scenarios, such as running an e-commerce large memory database for online transaction processing (OLTP) and Data Warehouse (DW). The Windows server blog recently released performance results for virtual machines with 5.5 TB of memory and 128 virtual processors running a 4 TB memory database. Performance exceeds 95% of the physical server's performance.
Nested Virtualization (New)
This feature enables you to use a virtual machine as a Hyper-V host and create a virtual machine in that virtual host. This can be particularly useful for developing and testing environments. To use nested virtualization, you need to:
Run at least Windows Server 2016 or Windows 10 on the physical Hyper-V host and virtual host.
Processors with Intel Vt-x (embedded virtualization is currently available only for Intel processors).
Network function (new)
The new network features include:
-
Remote Direct Memory access (RDMA) and switch embedded combination (SET). You can set RDMA on a network adapter that is bound to a Hyper-V virtual Switch, regardless of whether set is used. Set provides a virtual switch with some of the same functionality as NIC bindings.
-
Virtual machine multi-queue (VMMQ). Increase VMQ throughput by assigning multiple hardware queues to each virtual machine. The default queue becomes a set of queues for a virtual machine, and traffic propagates between queues.
-
The quality of Service (QoS) of the software-defined network. Manages the default traffic category through the virtual switch within the default class bandwidth.
Production checkpoints (new)
A production checkpoint is a "point-in-time" image of a virtual machine. These provide a way for you to apply a checkpoint that conforms to the support policy when the virtual machine runs production workloads. Production checkpoints are based on the customer's internal backup technology, rather than the save state. For Windows virtual machines, use Volume Snapshot service (VSS). For Linux virtual machines, the file system buffers are refreshed to create checkpoints that are consistent with the file system. If you want to use checkpoints based on the saved state, select a standard checkpoint instead. (Note: The new virtual machine uses production checkpoints as the default setting.) )
Rolling Hyper-V cluster upgrade (new)
You can now add a node running Windows Server 2016 to a Hyper-V cluster that is running a node in Windows Server R2. This allows you to upgrade the cluster without stopping the machine. The cluster runs at the Windows Server R2 functional level until you upgrade all the nodes in the cluster and use the Windows PowerShell cmdlet update-clusterfunctionallevel to update the cluster functional level. (Note: After you update the cluster functional level, you cannot return it to Windows Server R2. )
For Hyper-V clusters that have a functional level of Windows Server R2 for nodes that are running Windows Server R2 and Windows Server 2016, be aware of the following:
-
manage the cluster from a node running Windows Server 2016 or Windows 10 Hyper-V and virtual machines.
-
You can move a virtual machine between all the nodes in the Hyper-V cluster.
-
You can enable the new Hyper-V feature.
Shared virtual hard disk (update)
You can now adjust the shared virtual hard disk (. vhdx file) for the guest cluster without downtime. A shared virtual hard disk can grow or shrink when the virtual machine is online. Guest clusters can now also protect shared virtual hard disks by using Hyper-V replicas for disaster recovery.
Enables replication on the collection. Enabling replication on a collection can only be exposed through the WMI interface. For more detailed information, see the documentation for the Msvm_collectionreplicationservice class. You cannot manage replication of collections through the PowerShell cmdlet or UI. The VM should be located on the host of the Hyper-V cluster to access the collection-specific features. This includes shared VHDs-shared VHDs on stand-alone hosts that are not supported by Hyper-V replicas.
Follow the guidelines for sharing VHDs in the virtual hard disk sharing overview, and make sure that your shared VHD is part of the guest cluster.
A collection with a shared VHD but no associated guest cluster cannot create a reference point for the collection (regardless of whether the shared VHD is included in the reference point creation).
Shielded virtual machine (new)
Shielded virtual machines use a variety of features that make it difficult for Hyper-V administrators and malicious software on the host to check, tamper with, or steal data from the state of a shielded virtual machine. The data and state are encrypted, the Hyper-V administrator cannot see the video output and disk, and the virtual machine can only run on a known health host determined by the host Guardian server.
(Note: As of technical Preview 5, shielded virtual machines are compatible with Hyper-V replicas.) To replicate a shielded virtual machine, the host to which you want to replicate must be authorized to run the masked virtual machine. )
Boot order priority for clustered virtual machines (new)
This feature gives you more control over which clustered virtual machines are started or restarted first. This makes it easier to start a virtual machine that provides services before a virtual machine that uses these services. Defines the collection, places the virtual machine in the collection, and specifies the dependencies. Use Windows PowerShell cmdlets to manage these sets, such as New-clustergroupset,get-clustergroupset and add-clustergroupsetdependency.
Storage quality of Service (QoS) (update)
You can now create storage QoS policies on scale-out file servers and assign them to one or more virtual disks on a Hyper-V virtual machine. As storage load fluctuates, storage performance is automatically re-adjusted to meet the policy.
Virtual machine configuration file Format (update)
The virtual machine configuration file uses the new format to read and write configuration data more efficiently. This format also reduces the likelihood of data corruption if a storage failure occurs. The virtual machine configuration data file uses the. vmcx file name extension, and the run-time state data file uses the. vmrs file name extension. (Note: the. vmcx file name extension represents a binary file.) Editing. vmcx or. vmrs files is not supported. )
Virtual machine configuration version (update)
This version represents the virtual machine configuration, saving state and compatibility with the Hyper-V version of the snapshot file. Version 5 virtual machines are compatible with Windows Server R2 and can be run on Windows Server R2 and Windows Server 2016. A virtual machine that is introduced in Windows Server 2016 cannot run in Hyper-V on Windows Server R2.
If you move or import a virtual machine to a server that is running Hyper-V from Windows Server R2 on Windows Server 2016, the configuration of the virtual machine is not automatically updated. This means that you can move the virtual machine back to the server that is running Windows Server R2. However, this also means that you cannot use the new virtual machine functionality until you manually update the version of the virtual machine configuration.
Attention:
After you update the version, you cannot move the virtual machine to a server that is running Windows Server R2.
You cannot downgrade the configuration to a previous version.
The Update-vmversion Small command is blocked at the Hyper-V cluster when the cluster functional level is Windows Server R2.
Virtualization-based security for 2nd generation virtual machines (new)
Virtualization-based security reinforces features such as device Guard and credential guard, providing the operating system with better protection against malicious software attacks. Virtualization-based security applies to 2nd generation customer virtual machines starting from version 8.
Windows container (New)
Windows containers allow many standalone applications to run on a single computer system. They are built quickly, with a high degree of scalability and portability. There are two types of container runtimes available, each of which has varying degrees of application isolation. Windows Server containers uses namespaces and process isolation. Hyper-V containers use lightweight virtual machines for each container.
Key features include:
-
Support for websites and applications that use HTTPS
-
Nano servers can host Windows Server and Hyper-V containers
-
Ability to manage data through container shared folders
-
Ability to restrict container resources
Windows PowerShell Direct (new)
This allows you to run Windows PowerShell commands through the host in the virtual machine. Windows PowerShell Direct runs between the host and the virtual machine. This means that it does not require network or firewall requirements and that it works regardless of your remote management configuration.
Windows PowerShell Direct is an alternative to the existing tools that Hyper-V administrators use to connect to virtual machines on a Hyper-V host:
-
Remote administration tools, such as PowerShell or Remote Desktop
-
Hyper-V Virtual Machine Connection (VMConnect)
These tools work well, but there is a tradeoff: vmconnect is reliable, but can be difficult to automate. Remote PowerShell is powerful, but can be difficult to establish and maintain. As hyper-V deployments grow, these tradeoffs may become more important. Windows PowerShell Direct solves this problem by providing a powerful script and automation experience, as simple as using Vmconnect.
What's new in Windows Server 2016-hyper-v 2016