Co nowego w Windows Server „Longhorn”?

Prezentacja na temat: "Co nowego w Windows Server „Longhorn”?"— Zapis prezentacji:

1

2 Co nowego w Windows Server „Longhorn”?
Artur Jedynak Microsoft Polska / Integral Technologies

3 Windows Server “Longhorn” jako serwer aplikacyjny
3/28/2017 9:00 AM Windows Server “Longhorn” jako serwer aplikacyjny Application Server Role – App Server capabilities such as containers, transactions, and messaging Web Server Role – Web Server capabilities (Web pages, etc.) Developer Framework – Such as the .NET Framework base class libraries. Developer capabilities (simple APIs & Workflows, etc.) Operating System Infrastructure - Base capabilities (security, networking, etc.) System operacyjny - infrastruktura Application Server (transakcje, wirtualizacja, messaging) Web Server Role (hosting aplikacji) Developer Framework (API, workflow, komunikacja) © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.

4 .NET Framework 3.0 Windows CardSpace Windows Communication Foundation
Windows Presentation Foundation Windows Workflow Foundation Preinstalowany na Windows Vista Wszystkie edycje Dostępny dla Windows XP i Windows Server 2003 Transition: One of major components of our

5 .NET Framework 3.0 - składniki
Czego potrzebuję ? .NET Framework 3.0 Runtime Components – provide the APIs and assemblies needed to execute a .NET Framework 3.0 application. Depends on the .NET Framework 2.0 Runtime components are supported on Windows XP, Server 2003, Vista, and Longhorn Server SDK provides docs, technology samples, tools (serveral of which you will use later in the labs) Extensions for WF – provides design time support for workflows within Visual Studio Extensions for WPF & WCF – provides templates and design time editing for WPF applications and WCF services

6 Microsoft Application Services - ewolucja
Enterprise Services Managed Code Programming Model Attribute-Based, Declarative Programming XML Application Configuration MTS Component Oriented Application Runtime Declarative Transactions and Security Role Based Authorization Windows Communication Foundation XML Based Messaging Transport Agnostic Service Oriented Claims-Based, Federated Security Host Anywhere Microsoft’s Application Services have also evolved over time to address dynamic challenges with building line of business and web-based applications COM+ Loosely Coupled Events Queued Components Throttling

7 Ewolucja technik komunikacji
-2002 2006-

8 Windows Communication Foundation
3/28/2017 9:00 AM If you’ve been building apps on the windows platform for a few years, then you’ve probably aware that there are several ways to enable communications within or between applications. We’ve had almost as many communications options as data access technologies. Each with it’s own programming model, tools, dependencies, and limitations. For example, from System.Messaging which provided support for MSMQ to Enterprise Services, which enabled developers to build MTS/COM+ components with .NET. WCF Provides a unified programming model and runtime environment for rapidly building secure, reliable software services with managed code. WCF combines several of the best aspects from the past communications technologies. For example…. WCF is THE model for distributed programming on the Windows Platform and beyond. WCF will unify all of the existing technologies shown on the slide and provide a single API to program to. This provides support for reliability, availability, security, and transactions in a single message based technology, that is also interoperable, yet relatively easy to program in .NET. Separation of endpoint/location information from the contract and implementation or behavior of a service. Windows Communication Foundation XML Based Messaging Transport Agnostic Service Oriented Claims-Based, Federated Security Host Anywhere .NET Remoting ASMX Interop with other platforms Extensibility Location transparency Attribute- Based Programming Message- Oriented Programming WS-* Protocol Support Enterprise Services System.Messaging WSE

9 demo

10 EX: Escalate To Manager
Workflow Zestaw zadań reprezentujących działania aktorów... State Machine Workflow External events drive processing order State2 State1 Event Sequential Workflow Sequential structure Prescribes processing order Step1 Step2 Rules + data state drive processing order Rules-driven Activities Rule1 Rule2 Data Step2 Step1 EX: Escalate To Manager EX: Check Inventory Przepływ…. Diagram stanów….

11 Windows Workflow Foundation
3/28/2017 9:00 AM Elastyczne sterowanie Implementacja długotrwałych procesów stanowych Spójny model programowania Windows Workflow Foundation to model programowy, silnik i narzędzia do szybkiej implementacji przepływów … © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.

12 State Machine Workflow Rules-driven Activities
3/28/2017 9:00 AM Elastyczne podejście Sequential Workflow State Machine Workflow Rules-driven Activities Rule1 Rule2 Data Step2 Step1 State2 State1 Event Step1 Step2 Sequential structure Prescribes processing order External events drive processing order Rules + data state drive processing order Prescriptive, formal Automation scenarios Flowchart metaphor Reactive, event-driven Skip/re-work, exception handling Graph metaphor Data-driven Simple Conditions, complex Policies Constrained Activity Group © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.

13 Przetwarzanie zamówienia
On Order Completed Waiting to Create Order On Order Processed Waiting to Create Order On Order Created Order Created Order Created Order Processed On Order Completed On Order Shipped On Order Shipped Order Shipped Order Completed On Order Completed

14 Wykorzystanie w aplikacji
Utwórz Workflow Runtime Utwórz WorkflowInstance Uruchom Workflow private void StartCaseMgtProcess() { WorkflowRuntime workflowRuntime = new WorkflowRuntime(); WorkflowInstance instance = wr.CreateWorkflow(typeof(ManageCaseCreation)); instance.Start(); }

15 Activities - rozszerzalność
Vertical-specific activities & workflows Best-practice IP & Knowledge Domain-Specific Workflow Packages Compliance RosettaNet CRM IT Mgmt Base Activity Library Custom Activity Libraries Compose activities Extend activity Author new activity Out-of-Box Activities On this slide, talk to the fact that while there are built in activities, there are opportunities for developers to create their own libraries through extension (beta 2) or by creating new composite or basic activities. The goal is that there will be vertical and horizontal packages of activities created by ISVs to provide an enormous amount of functionality to other developers. OOB activities, workflow types, base types General-purpose Activity libraries define workflow constructs Create/Extend/ Compose activities App-specific building blocks First-class citizens

16 Model rozszerzania Activity
Designer Activity Behaviors Validator // Companion classes [Designer(typeof(MyDesigner))] [CodeGenerator(typeof(MyCodeGen))] [Validator(typeof(MyValidator))] // Behaviors [SupportsTransaction] [SupportsExceptionHandlers] public class MyActivity: Activity {...} Serializer Code Generator [Talking Points] There are actually several components that make up an activity. These components are collectively referred to as the Activity’s component model. Each component is implemented as a single class. Each of these components is responsible for encapsulating a specific piece of functionality This is the Activity Component Model Our out-of-the-box activities are using the exact same Component Model API The core component and the only one that’s required is the Activity Definition. The Activity Definition defines how the activity is exposed to a parent workflow or parent activity. Validator Can perform both design time and runtime validation (dynamic update scenarios) ToolboxItem Used to determine how the activity should be displayed in the toolbox Code Generator Allows custom code to be generated at compile time InvokeWebService: We code generate the ASP.NET web service components based on Interface, Method & Parameter mappings Required Optional (defaults provided)

17 Activity - wykonanie Executing Canceled Initialized Faulted Closed
Compensating Initialized Faulted Closed Activity Execution Methods Initialize() Execute() Cancel() Compensate() HandleFault() So let’s talk about the execution protocol between the workflow runtime and an activity. This is really the activity lifecycle. An activity can be in one of five states at a given time. State transitions can be caused by either the workflow runtime or by the activity itself. During execution, the workflow runtime will call specific methods on the activity to transition to different states. An activity can also specify what state it is in through the return value of the execute method. When a workflow is started, the runtime calls Initialize on all of the activities. This provides you the ability to perform any startup initialization, such as creating an event handler or listening on a queue. In fact, this is what the EventSink activity does. Later when it’s time for the activity to perform it’s execution logic as part of the workflow, the Execute method is called. At this point the activity is in the Executing state. ActivityExcecutionContext Is a programming abstraction which represents the persistable execution environment in which an activity is executed. Each activity is passed the AEC under which it is being executed as an argument to several of the execution methods during the execution of these methods the activity is said to be Context Bound. You use AECs to: Initialize/Execute/Cancel/Close a child activity Get the services proffered by the hosting application using GetService<T>. Schedule an event for communicating asynchronously with another activity Track data which eventually gets persisted in the host specific tracking repository. To create new child execution contexts, persist, revoke and manage them. Execution behaviors: - Transactions - Sycnchornization - Exception handling Initalize <10% : if you need to setup anything before the workflow starts execution… for example, receive would be setup a correlation data changed subscription… or setup a queue Executing: 100% Execute is called by StartWorkflow() or by Parent Activity Runtime.AddService and then I can call GetService from an ActivityExecutionContext Activity Itself and AEC are what to each method Transition Types Runtime Activity

18 Komunikacja 4 składniki:
Obiekt .NET zarządzany przez runtime występuje jako pośrednik Generuje zdarzenia Proxy dla wychodzących wywołań metod 4 składniki: Local Communication Activities Contract Local Service EventArgs Application Workflow Method Event Workflow Runtime Output ExternalDataExchangeService Input

19 Runtime Services Host Application App Domain Runtime Services SQL
Out of Box Services are provided that support SQL Server 2000 & 2005 PersistenceService stores and retrieves instance state. SQL PersistenceService TrackingService TrackingService manages profiles and stores tracked information. The runtime uses default implementation of these services. But they can be replaced by your own implementations. Out-of-the-box we offer SQL as persistence store for Tracking, State Persistence, and Timer persistence. SchedulerService TransactionService Common resource services for managing threading, timers and creating transactions

20 Workflow Persistence Jak zapamiętać stan przepływu
Utwórz bazę SQL zgodną ze scematem SqlWorkflowStatePersistence Utwórz Workflow Runtime Podaj Connection String Zarejestruj StatePersistenceService Uruchom Workflow private void RunWorkflow() { WorkflowRuntime wr = new WorkflowRuntime(); string connectionstring = "Initial Catalog=Persistence;Data Source=localhost;Integrated Security=SSPI;"; wr.AddService(new SqlWorkflowStatePersistenceService(connectionstring)); wr.CreateWorkflow(typeof(SimpleWorkflow)).Start(); } We need to mention that I’m using our OOB services. They could build their own. Make sure I mention it doesn’t have to be SQL DB.

21 demo

22 Windows CardSpace WS-* Web Services Użytkownik Serwis
One slide introduction to cardspace Dostawca tożsamości

23 Jak to działa User Client Identity Provider (IP) Relying Party (RP)
7 User approves release of token Client 4 User selects an IP 1 Client wants to access a resource Request security token 5 3 Which IPs can satisfy requirements? 2 RP provides identity requirements 6 Return security token based on RP’s requirements 8 Token released to RP Note everything is abstract here – we have said nothing about how we implement this using technology – and that’s the whole point 5) Note that when the user requests a security token they have to authenticate themselves to their identity provider in some way. The IP does not give a token to just anyone who asks (suppose it’s your bank and you ask for info) – you have to have the right to ask for the token. This step of providing credentials while getting a token to identify yourself to the RP confuses some people so make sure you explain it carefully and it is understood. We are at an abstract level here but remember the four methods of authn in CardSpace v1 are X.509, Kerberos, username and password, self-issued token. Any method that can plug in as a X.509 Crypto Service Provider will work. Other methods will be added post-v1. 8) Token is released to RP; RP reads claims and allows access Important: the token format can be absolutely any format. As long as the RP asks for it and the IP can supply it we’re OK – that’s the point of the abstraction. The client does not have to understand the token format and cannot if the IP has encrypted the token so that only the RP can decrypt it. This revelation causes people to ask “how does the user know what’s in the token?” so they can approve its release. There is an optional “display token” which the IP provides to the client (encrypted for the client) which the client can understand. Those paying attention will then ask how do you know the display token == the token: We make the identity provider sign the claims with their key. Therefore, they can't later repudiate the claims and say "We didn't say that." If the machine-readable claims and the human-readable claims don't match, they can be held accountable via human/reputation/legal processes. However, in general, it's impossible for us to check that the machine-readable claims match the human-readable, because the claims can use any encoding whatsoever, and be signed using keys we can't decrypt. It's those very properties that let the Metasystem transmit claims from any individual system used by any identity provider. So the "problem" is completely unsolvable via technical measures, which is OK, because it's completely solvable at a human/reputation/legal level, which is where a lot of the real-world solutions to breach of trust are going to have to reside anyway. There is no way to keep the IP and RP from colluding if they are intent to do so, other than by making what is sent auditable. That is why we bind the display token to the computational token cryptographically. We have discussed this with important privacy and policy thinkers and explained our handling of the situation. Everyone has agreed and supported our approach. We need to get people to understand what it means to have an auditable system with digital signatures. And we need to get people to understand that technology must be combined with policy to solve these problems. How do you put a checksum on a karma rating without involvement of policy and auditing (meaning people define clearly what they are doing and it can be verified that that is what they have done?) Anyway, this is all implementation detail. This slide should keep things general without diving into too much detail. Identity Provider (IP) Relying Party (RP)

24 Jak ? Web Services! Encapsulation? Negotiation? Claims Transformation?
SOAP + WS-Security Negotiation? WS-SecurityPolicy + WS-MetadataExchange Claims Transformation? Security Token Web Service and WS-Trust User Experience? Identity Selector Security token format: Anything RP wants and IP can provide Security tokens are opaque to the user, just attach ‘em to a SOAP message using WS-Security == encapsulated Emphasize that all the protocols are open and available as per

25 IIS 7 Configuration & Admin Tool Core Server Diagnostics Compatibility
Store IIS and ASP.NET settings in web.config XCopy web settings along with content Core Server Build new IIS modules on full-fidelity APIs Use native (C/C++) or Managed (C#, VB .NET) code Diagnostics Extend trace logging with your own events Control state of Sites, Apps, AppPools, AppDomains Compatibility Classic ASP applications just work ASP .NET v1.1 and v2.0 applications just work Security Reduce attack surface through componentization Enumerate the improvements to configuration that helps in securing a site, provides true xcopy deployment of web apps and has rich, extensible UI support for managing settings.

26 Modularna budowa Modular Pipeline Modularny UI
Funkcjonalność w modułach Usuwasz lub zamieniasz Redukcja powierzchni kontaktu Większa wydajność Własne moduły native lub managed .NET do wszystkiego Modularny UI Własne strony konfiguracyjne (Winforms) Integrate application configuration with IIS? Does this refer to the fact that web.config is used for both ASP.NET and IIS7?

27 IIS6 Request Processing
Implementacja monolityczna instalujesz wszystko lub nic… Authentication NTLM Basic Anon … Determine Handler CGI Static File ASP.NET ISAPI PHP … Send Response Rozszerzalność tylko przez ISAPI… Log Compress

28 IIS7 Request Processing
Funkcjonalność podzielona na ok. 40 modułów... Authentication Authentication NTLM Basic Anon Authorization … Moduły włącza się w potok przetywarzania requestu… ResolveCache Determine Handler CGI … Static File ExecuteHandler Moduły rozszerzają funkcjonalność poprzez implementację API. ISAPI … … UpdateCache Send Response SendResponse Log Compress

29 Integracja z .NET Globalne moduły Nowe APIs do zarządzania IIS 7
Forms Authentication URL Authorization .NET Caching .NET Role and Membership Providers Nowe APIs do zarządzania IIS 7 Możliwe wdrożenie Xcopy

30 IIS6 ASP.NET Ograniczenia runtime Widziane tylko requesty ASP.NET
Duplikacja funkcji Authentication NTLM Basic Anon … Determine Handler CGI Authentication Forms Windows Map Handler ASPX Trace … aspnet_isapi.dll Static File ISAPI … Send Response Log Compress

31 IIS7 ASP.NET Moduł Zintegrowany Uruchamiany jako ISAPI Authentication
Basic Moduł Uruchamiany jako ISAPI Zintegrowany moduły / handlery .NET włączone w potok Przetwarza wszystkkie requesty Anon Authentication Authorization ResolveCache … aspnet_isapi.dll Static File Authentication ExecuteHandler Forms Windows … … ISAPI ASPX UpdateCache Map Handler Trace SendResponse Compress … … Log

32 WAS/IIS7 - architektura
Applicationhost.config Application Pool Application Application Pool Application Application Pool Application Application Pool Application Application Pool Application Application Pool Application Web.config Web.config W3SVC Windows Activation Service Web.config HTTP Mgr Config Mgr Niezależność od protokołu Nie wymaga IIS Aplikacje WCF ! Process Mgr WAS provides the same rich activation and hosting model for TCP and Named Pipes as was available for HTTP traffic in IIS 6. WAS is pulled out of IIS in this release and can be used without IIS. This is huge for some ISVs as they are not allowed to depend on IIS. The real focus for this training is that this provides a great hosting model for WCF apps with the benefits of IIS. Focus on activation, configuration, identity, error logging, etc. HTTP.SYS HTTP.SYS WCF Net.TCP Listener WCF Net.Pipe

33 demo

34 Platforma transakcyjna
Kernel Transaction Manager (KTM) Transakcje dostępne na poziomie jądra Dostarcza usług transakcyjnych serwisom takim jak TxF Może komunikować się z DTC Transactional NTFS (TxF) Transakcje + NTFS Transactional Registry (TxR) Transakcyjny rejestr CLFS… First, let’s dive into the new Transactional Platform that we have as part of Longhorn Server. ****************************************************************************************************** Outline Transactional NTFS (TxF) Integrates transactions directly into the NTFS file system Transactional Registry (TxR) Integrates transactions directly into the Registry Kernel Transaction Manager (KTM) Makes transactions available as kernel objects Provides transaction management services to system components such as TxF Can communicate with DTC to enable distributed transactions Leverages the new Common Log File System (CLFS) Information What is Transactional NTFS? Transactional NTFS is an enhancement to NTFS that allows all file operations on an NTFS file system volume to be performed within the scope of a transaction. This is made possible by a new transaction infrastructure in the kernel that allows operating system services to participate in transactions via the new Kernel Transaction Manager. What scenarios does this enable? Transactional NTFS is also fully capable of communicating with the MS Distributed Transaction Coordinator, meaning that TxF operations can participate in transactions that are leveraging any other Resource Manager that DTC is capable of working with. What does this mean to you? It means that you can now have an application that not only encompasses database calls, but also operations to the file system as well (think of Document Management solutions). With transaction enhancements being made to the new SMB 2.0 protocol, you can also now contain distributed file operations within a transaction as well. Resources – Documentation Videos/Webcasts [Video] Vista TxF - [Webcast] Revolution Vista TxF - Blogs Jim Johnson – Jason Olson – What is the Transactional Registry? The Transactional Registry (TxR) is an enhancement to the Registry that allows all registry operations to be performed within the scope of a transaction. This is made possible by a new transaction infrastructure in the kernel that allows operating system services to participate in transactions via the new Kernel Transaction Manager. What scenarios does this enable? The Transactional Registry (TxR) is also fully capable of communicating with the MS Distributed Transaction Coordinator, meaning that TxR operations can participate in transactions that are leveraging any other Resource Manager that DTC is capable of working with. What does this mean to you? It means that you can now have an application that not only encompasses database calls, operations to the file system, as well as operations to the Registry. What is the Kernel Transaction Manager? The Kernel Transaction Manager (KTM) is a transaction management service. It makes transactions available as kernel objects and provides transaction management services to system components such as Transactional NTFS (TxF). KTM is scalable; it will work on both large-scale applications and small-scale applications. KTM provides isolation across all types of operations, allowing a consistent view of data. You can use the transaction scope to “bracket” the sections of your application, providing atomicity for some operations and not others. KTM helps with concurrency problems. It does not affect performance, and it is available everywhere. KTM can be used to provide transactions for file management scripts and backups. During backups, KTM can provide a consistent snapshot between the registry, file system, and databases. What scenarios does this enable? The Kernel Transaction Manager enables the development of applications that use transactions. The transaction engine itself is within the kernel, but transactions can be developed for kernel- or user-mode transactions, and within a single host or among distributed hosts. Transaction-aware applications have complete flexibility in the granularity with which they use transactions. For example, it is possible for an application to access some files under transactional control and access others using operations that are not part of a transaction.

35 Infrastruktura System.Tx LTM WCF SMB2 MSMQ SQL KtmRm KtmW32 DTC KTM
Managed System.Tx LTM WCF SMB2 MSMQ SQL KtmRm KtmW32 DTC Native *************************************************************************************************************** Script As I mentioned before, the new Kernel Transaction Manager is a technology that leverages the Common Log File System to enable new technologies like Transactional NTFS and Transactional Registry. (click) KTM exposes the KtmW32 API up into User Mode for applications to use if they want to leverage KTM features. Also, to allow KTM to be used strictly as a Resource Manager (to enable other superior Transaction Managers to be used), there is a new Windows Service called KtmRm which exposes KTM as a Resource Manager. Currently, DTC leverages this new service when it is managing transactions that contain enlistments Using the new Transactional NTFS or Transactional Registry. It is important to note that the new Lightweight Transaction Manager [LTM] (the in-process MSDTC proxy dll) is a lot more smarter than it used to be with the .NET Framework 2.0 and the addition of System.Transactions. Now, if there is only a single resource being managed with System.Transactions (like a single SqlConnection, single Transacted File, etc.), the Transaction Manager functionality will be kept in-process by the new LTM and use a simple Single-Phase Commit process. A transaction will only be promoted out to DTC if there is a second durable enlistment that is registered with the transaction manager. Once that happens, promotion to DTC happens and a Two-Phase commit model is then used. As you can see here, any communication that needs to be made with the Kernel Transaction Manager is made through the new KtmW32 Win32 API that is exposed by the Kernel Transaction Manager. Since we are leveraging the power of DTC as a transaction manager, TxF can Interop with basically any Technology that DTC can communicate with. This includes, but is not limited to: SQL, MSMQ (Transacted Queues), SMB2 (for distributed file operations), and WCF and Web Services via WS-AtomicTransaction. Typical Questions What happens if I have already gotten a KTM handle and created a Transacted File before the promotion to DTC occurs? If the KTM handle for the transaction has already been obtained through IKernelTransaction, a superior enlistment is created on KTM thru the new KtmRm service and a subordinate enlistment is made against MSDTC by the KtmRm service. So the MSDTC service becomes superior to KTM and will perform the Two-Phase-Commit protocol with KTM. Kernel KTM CLFS NTFS Registry

36 Transakcyjny NTFS ? Transakcyjny NTFS = Transactions + NTFS
*************************************************************************************************************** Script So, what is Transactional NTFS? Simply put, Transactional NTFS brings the concept of Transactions to NTFS. (click) When we say “Transactional” NTFS, we are talking about fully ACID transactions in the purest sense of the word. Transactional file operations in Transactional NTFS are fully Atomic, Consistent, Isolated, and Durable. By ensuring the atomicity and consistency of transactions, we can help reduce the number of coding errors that can occur in error handling, as well as reducing software-induced data corruption. Even with all the Transactional enhancements to NTFS, it is important to keep in mind that these have been added on top of NTFS. Under the hood, the NTFS on-disk structure does not change at all. So, Transactional NTFS is still NTFS. In fact, the transactional features of Transactional NTFS have a “pay-to-play” model. If you are not using transactions, NTFS behaves exactly like NTFS because, well, it is NTFS. Typical Questions What is the performance impact of Transactional NTFS? First of all, you have to remember the “pay-to-play” model for Transactional NTFS. If you are not using transactions, there is no performance impact whatsoever. If you are using Transactional NTFS, the development team has done studies that show the impact and overhead of Transactional NTFS being in the 1%-2% range. Perhaps noticeable for the largest of loads, but ultimately not noticeable at all (especially if your application is not constrained by the file system in the first place).

37 Windows Virtualization
3/28/2017 9:00 AM Windows Virtualization Management tools VM 2 “Child” VM 1 “Parent” Virtualization Platform and Management *********************************************************** SCRIPT Windows Virtualization consists on a solution for virtualized environments that will be integrated into Windows Server “Longhorn”. It consists of a Windows Hypervisor, which is a thin layer on the OS dedicated to take advantage of the functionalities offered by hardware virtualization technology, like Intel VT and AMD-V. The Virtual Machines will then run on the Hypervisor. This means, instead of running an application that simulates the Virtual Machines, they will have a more direct interaction with the OS and, consequently, with the hardware. This will significantly improve the performance of your Virtual Machines. Microsoft is expecting this to promote virtualization. So, in order to reach new levels of virtualization the management capabilities have to match technology improvements. On top of all this we will have the entire family of System Center Management solutions, and, in particular for the virtualization technology, the System Center Virtual Machine Manager. POTENTIAL QUESTIONS NOTES Windows Hypervisor Powerful virtualization built into the Windows platform © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

38 Virtual Server 2005 Architektura
Host OS Guest OS Provided by: Microsoft Virtual Server WebApp IIS Virtual Server Service Guest Applications Virtual Server ISV Ring 3: User Mode OEM Ring 1: Guest Kernel Mode User Mode VM Additions Windows (NT4, 2000, 2003) Kernel Mode *********************************************************** SCRIPT Host OS Kernel Mode: At the very bottom Windows Hardware, you then have Windows Sever 2003 (the host operating system) and you also have the VMM (Virtual Machine Monitor) Host OS User Mode: you have IIS which servers the UI web server app and the VSS does things as provide emulation of devices (SCSI controller, NIC cards, etc) Guest OS: the dotted line between the Host and Guest is isolation…each OS gets its own address space. Ring 1:, Guest Kernel mode is one of the things that are just created to virtualize the x86 architecture which was never designed to be virtualizable. There are around 20 instructions that make it very difficult to virtualize. At the guest kernel mode, “unnatural acts” are done in order for it to be virtualizable. Ring compression is done to fool the OS in thinking it is running in Ring 0 when it really is running on Ring 1. Once the OS is installed, the VM Additions are installed in the OS, what it does is that it patches those dangerous instructions that would break and blue screen the OS if it tried to be Virtualizable Ring 3, they run just like they would in normal user mode One thing to know: the I/O architecture is not as efficient…I am running IE, need access to a network card, what happens is that it goes through the VMM Kernel goes all the way up in the emulated NIC and then back down to the physical NIC…that’s a lot of context switching from user mode to kernel mode just to browse a web page POTENTIAL QUESTIONS Why is the guest OS system fooledin thinking it is running in RIng0? NOTES Windows Server 2003 or XP Ring 0: Kernel Mode Kernel VMM Kernel VMM Kernel Designed for Windows Server Hardware

39 Windows Virtualization: Architecture
3/28/2017 9:00 AM Windows Virtualization: Architecture Parent Partition Child Partitions Provided by: Windows ISV OEM Virtualization Virtualization Stack VM Worker Processes VM Service WMI Provider Applications User Mode Virtualization Service Clients (VSCs) Windows Kernel Enlightenments VMBus Virtualization Service Providers (VSPs) Windows Kernel Server Core IHV Drivers *********************************************************** SCRIPT With VT and Pacifica, the story is different You now have a hypervisor, it’s a thin layer of SW that runs right on top of the HW. It runs below the OS, on top of the HW. It allows you to create partitions, memory resources, CPU resources, no drivers On top of the HV you now have the Server Core, which is a stripped down version of Longhorn, very small footprint which provides security is better, resources needed go down dramatically You have VSPs You have the VM Service which provides hardware emulation VM Worker Processes are virtual processors for our VMs VMI Provider, today it is used with COM, switching to WMI for customer support There are no Ring 1 Partitions, it is now running Kernel Mode POTENTIAL QUESTIONS NOTES Kernel Mode Windows hypervisor “Designed for Windows” Server Hardware © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

40 PowerShell – NOWY Shell
Get-Help Get-Command Get-PSDrive Get-Member

41 Windows PowerShell Snapin
Rejestruje CmdLets Providers Hosting Applications Dodatki do istniejącego shella PSSnapin Rejestruje wszystkie cmdlets/providers w jednostce kompilacji CustomPSSnapin Rejestruje tylko wybrane How do I get the PowerShell SDK?

42 Windows Eventing 6.0 Event Manifest Event Provider LOG Events
Metadata Channel Event Manifest Events LOG Channel Configuration Event log Configuration Repository Provider Metadata “Event log Configuration Repository” happens to be in the registry today, in the future it will probably be somewhere else. Channels may eventually point elsewhere, but today mainly point to logs. Management Tool

43 Windows Eventing 6.0 - możliwości
Logs NT Event Log Global and Private Logs Log Security Event Publishers: Schematized events from user and kernel mode Describe and register the structure and constant values of events The auto-generation of system properties in the event Event Consumers: Event Discovery Queries Subscriptions Event Forwarding Configuration & Maintenance: Security Configuration Log Configuration Save Queries Clear Log New features for eventing components.

44 IT Pro Customer Delivery Specialist Restaurant Manager http://
Key messages: Connected application Multiple user experiences Four different perspectives: Customer, Restaurant Manager, Delivery Specialist, IT Pro