Hyper-V Best Practices

Hyper-V Best Practices

When deploying Windows Server as a hypervisor host for virtual machine workloads there are a variety of best practices that should be put in place. Running Hyper-V on Windows has special considerations when it comes to workload. For example, Virtual Machine Queues and Hyper-V Specific hotfixes. This is blog entry serves as an overview of important checks you should ensure are in place.

General Host Considerations

Starting with your base operating system you should strongly consider Windows Server Core. Server Core has a much lower attack surface as well as lower resource utilization and reduced patching requirements. This is important when running a VM workload as it frees up additional resources for your virtual machines. And the reduced patching allows for greater availability of tenant workloads.

Additionally, consider running minimal roles and features on your host operating system. IIS for example should never be installed on a host as it uses valuable resources and also increases your attack surface. If your host will be clustered, obviously, Failover Cluster Manager and Multipath I/O will need to be installed to access shared storage. Any Anti-Virus installed on the host should be configured to ignore Hyper-V specific files like VHDs, aVHDs, VHDx and VSV.

Drivers and Firmware

Ensure that all of the latest drivers and firmware for your hardware are installed on the host operating system. This is critical because inbox drivers included with Windows are not intended for long term use. Many of the features that Hyper-V takes advantage of on the networking layer require the latest and greatest network card drivers. We have seen outdated drivers and firmware cause reduced performance and instability Hyper-V hosts. Hyper-V adds a layer of complexity which is often times more sensitive to driver and firmware versions.

If you’re clustering Hyper-V, put in place a process to be sure that every single one of your nodes is running the same driver revisions and software updates.

Security and Patching

Patching, Updates, and Hotfixes are a crucial component of a successful Hyper-V deployment. You will want to make sure you are fully up to date with Windows hotfixes and make sure that if you plan to use Hyper-V and clustering that you also install all of the roles before scanning for updates to verify you get all of the hotfixes. In addition to this, Microsoft publishes a list of Hyper-V Specific hotfixes that should be installed based on your requirements. It is also best to have an Active Directory in place for authentication on your hosts. This ensures that any activity can be tracked on a per named user basis. This also allows you to push down policies and configurations to your Hyper-V hosts in a centralized manner.

Configurations

The proper configuration of Hyper-V can make or break your deployment. There are many settings that can bring down your virtual machines or host operating systems if not managed properly.

Networking

Out of all the configuration settings discussed thus far, networking should be given a high level of attention. When utilizing 10G networking Virtual Machine Queues should be enabled and configured. VMQ is a hardware virtualization technology used for the efficient transfer of network traffic on a Virtualized Operating System. If not configured correctly, or left disabled on a 10G network adapter it can cause major bottlenecks on the host and even lead to blue screens.

Additionally, SMB Multichannel can be used for increased throughput of your host cluster and cluster shared volume traffic. In order to utilize it you need to have in place:

  • Two physically cabled network ports (they can be on the same card)
  • Each interface must be in a different subnet. (This is not a requirement on Server 2016, which can utilize the same subnet for SMB Multichannel)

Furthermore, you can constrain multichannel to only use specific interfaces.

Virtual Machines

When configuring VM automatic start and stop actions keep in mind that the “Save the virtual machine state” setting will utilize a significant amount of space on your host volumes. As a standard consider using “Shut down the guest operating system” as your default stop action.

When you plan to utilize snapshots be cautious of disk space and I/O overhead. You can easily end up in a low disk space issue which could potentially bring down all of your virtual workloads.

Conclusion

Hyper-V running on a Windows host has special considerations and is more sensitive to configuration drift and driver mismatches than your standard Windows server. Be sure to build in tools and process to verify all of your hosts are fully up to date and all hosts in your cluster are of matching configuration levels. Hyper-V when built with these best practices in mind is an incredibly stable, high performance alternative to other Virtualization technologies.

There are many guides available that do technical deep dives on this subject. Here are a few:

Comments

Your browser is out-of-date!

Update your browser to view this website correctly. Update my browser now

×