The second generation of virtual machines in Windows Server 2012 R2
Today I would like to elaborate on one of the new features of Hyper-V in Windows Server 2012 R2 , which I mentioned in the overview post , namely, to discuss the second generation of virtual machines (VM). The topic becomes especially relevant with the availability of RTM Windows Server 2012 R2 for TechNet and MSDN subscribers and the upcoming release of the final version of System Center 2012 R2
With the release of Windows Server 2012 R2 in Hyper-V, it became possible to create VMs of two different types or two different generations (Generation 1 and Generation 2). The first generation VMs are virtual machines, well known from previous versions of Hyper-V. Everything that you used to see in the VM settings, plus a number of new settings, you will see in the first generation machines. They have not gone anywhere, you can continue to use them calmly.
But beyond that, you can now create second-generation VMs. This generation reflects the changes that have occurred and continue to occur both in the architecture of the operating system and in the hardware of modern computers. At the turn of Windows 2000, Windows XP, Windows Server 2003, operating systems were designed without taking into account virtualization technologies, which were then only gaining momentum. In order to properly run such OSs inside a virtual machine, it was necessary to create the illusion of launching them on a physical computer. As a result, you had to emulate various hardware, such as: BIOS, interrupt controller, IDE controller, standard I / O ports, etc. You can easily see the list of emulated devices if you look in the Device Manager on the first generation VM.
')
Emulation, on the one hand, leads to additional overhead, above all, to unnecessary processor ticks, on the other hand, each emulated device is an additional rather complex code that potentially expands the surface for attacks.
Over time, the OS began to be designed taking into account the fact that the system can, or even most likely will work in a virtual environment. Such an OS “knows” what runs inside the VM and, both at the boot stage and during its work, relies on the resources provided by the parent partition (the host OS). In other words, the OS already at the start communicates with the hypervisor via the VMBus bus, and does not expect to detect an interrupt controller or a certain type of chipset. Consequently, for such operating systems, you can abandon the inherited emulated devices and improve VM performance. Indeed, in the second-generation DeVise Manager VM, the picture will be different.
Failure to emulate outdated devices changes the “stuffing” of a second-generation VM. In the properties of such VMs you will see something like the following:
From here, the following advantages of the second generation VM can be highlighted:
The table below summarizes the “hardware” changes in the second-generation VMs.
A reasonable question arises, is the speed of operation of a VM of the first and second generations different? When the OS is booted, you probably won't notice any difference in speed. Integration components within the guest OS allow the VM to operate as efficiently as possible. But there are two situations in which the difference can be very noticeable - this is the installation of the guest OS and the VM boot. It is at these stages that equipment emulation is very significant.
As an illustration, I conducted the following experiment: I created two VMs, the first and second generations, respectively; both VMs allocated the same amount of RAM and virtual processors and simultaneously launched the Windows Server 2012 R2 installation inside the VMs created from the same ISO image. This is how the picture looked in the initial phase of the installation (second-generation VM below):
And such a difference could be observed later:
Thus, when deploying a VM, as well as when starting a VM, which, for example, is especially important in VDI scenarios, the difference in performance of a second-generation VM can reach 50% or more.
It is necessary to remember a few points of principle related to the operation of the second generation VM.
As a guest OS in the second generation VMs can only be used:
This is due to the fact that these versions of the OS support the UEFI 2.3.1 specification, which, in particular, implements the Secure Boot technology.
You can create a second-generation VM in the Hyper-V console,
or using the New-VM PowerShell cmdlet, specifying the –Generation 2 key.
It should be borne in mind that the generation is indicated only at the stage of VM creation. In the future, it is impossible to convert VMs from one generation to another just due to the fact that in one case the BIOS is used, in the other - UEFI.
The last aspect that I would like to mention is related to management. Managing hosts with Windows Server 2012 R2 is possible using System Center 2012 R2 Virtual Machine Manager. The currently available preview version of System Center 2012 R2 does not support the second generation of VMs. But in the RTM version of System Center 2012 R2 (and it is just around the corner) this support will be added.
So, a new generation of VMs in Windows Server 2012 R2 is deprived of obsolete emulated devices, supports a number of new features and provides performance gains, especially during the installation and loading of guest OSs. The use of second-generation machines now narrows the list of supported guest OSs, but for other systems, you can still use first-generation VMs that perfectly coexist with second-generation VMs on a single virtualization host.
Additional information on new technologies of Windows Server 2012 R2 can be found on the MVA portal in the “ Jump Start: All about Windows Server 2012 R2 ” course.
Hope the material was helpful!
Why did the second generation of VM appear?
With the release of Windows Server 2012 R2 in Hyper-V, it became possible to create VMs of two different types or two different generations (Generation 1 and Generation 2). The first generation VMs are virtual machines, well known from previous versions of Hyper-V. Everything that you used to see in the VM settings, plus a number of new settings, you will see in the first generation machines. They have not gone anywhere, you can continue to use them calmly.
But beyond that, you can now create second-generation VMs. This generation reflects the changes that have occurred and continue to occur both in the architecture of the operating system and in the hardware of modern computers. At the turn of Windows 2000, Windows XP, Windows Server 2003, operating systems were designed without taking into account virtualization technologies, which were then only gaining momentum. In order to properly run such OSs inside a virtual machine, it was necessary to create the illusion of launching them on a physical computer. As a result, you had to emulate various hardware, such as: BIOS, interrupt controller, IDE controller, standard I / O ports, etc. You can easily see the list of emulated devices if you look in the Device Manager on the first generation VM.
')
Emulation, on the one hand, leads to additional overhead, above all, to unnecessary processor ticks, on the other hand, each emulated device is an additional rather complex code that potentially expands the surface for attacks.
Over time, the OS began to be designed taking into account the fact that the system can, or even most likely will work in a virtual environment. Such an OS “knows” what runs inside the VM and, both at the boot stage and during its work, relies on the resources provided by the parent partition (the host OS). In other words, the OS already at the start communicates with the hypervisor via the VMBus bus, and does not expect to detect an interrupt controller or a certain type of chipset. Consequently, for such operating systems, you can abandon the inherited emulated devices and improve VM performance. Indeed, in the second-generation DeVise Manager VM, the picture will be different.
What are the advantages of a second generation VM?
Failure to emulate outdated devices changes the “stuffing” of a second-generation VM. In the properties of such VMs you will see something like the following:
From here, the following advantages of the second generation VM can be highlighted:
- Secure Boot (Secure Boot) VM . Instead of the standard BIOS, firmware based on the UEFI specification is used and safe VM loading is supported as part of this specification, which prevents the OS from being damaged at startup. Secure Boot can be disabled.
- Boot from a virtual SCSI disk or SCSI-DVD . The virtual IDE controller is completely absent from second-generation machines.
- "Hot" resizing the boot partition . Hot adding and resizing (including reducing) virtual SCSI disks is also possible for the first generation VMs. But since the second generation VMs are able to boot from SCSI, then for them you can change the size, including the boot partition, on the fly.
- Network boot using a synthetic network adapter is faster than using a Legacy Network Adapter in a first-generation VM.
The table below summarizes the “hardware” changes in the second-generation VMs.
| Legacy Devices Removed | Replacement Devices | Enhancements |
|---|---|---|
| IDE Controller | Virtual SCSI Controller | Boot from VHDx (64TB max size, online resize) |
| IDE CD-ROM | Virtual SCSI CD-ROM | Hot add / remove |
| Legacy bios | UEFI firmware | Secure boot |
| Legacy nic | Synthetic NIC | Network boot with IPv4 & IPv6 |
| Floppy & DMA Controller | No floppy support | |
| UART (COM Ports) | Optional UART for debugging | Faster and more reliable |
| i8042 keyboard controller | Software based input | No emulation - reduced resources |
| PS / 2 keyboard | Software based keyboard | No emulation - reduced resources |
| PS / 2 mouse | Software based mouse | No emulation - reduced resources |
| S3 video | Software based video | No emulation - reduced resources |
| PCI Bus | VMBus | |
| Programmable Interrupt Controller (PIC) | No longer required | |
| Programmable Interrupt Timer (PIT) | No longer required | |
| Super I / O device | No longer required |
A reasonable question arises, is the speed of operation of a VM of the first and second generations different? When the OS is booted, you probably won't notice any difference in speed. Integration components within the guest OS allow the VM to operate as efficiently as possible. But there are two situations in which the difference can be very noticeable - this is the installation of the guest OS and the VM boot. It is at these stages that equipment emulation is very significant.
As an illustration, I conducted the following experiment: I created two VMs, the first and second generations, respectively; both VMs allocated the same amount of RAM and virtual processors and simultaneously launched the Windows Server 2012 R2 installation inside the VMs created from the same ISO image. This is how the picture looked in the initial phase of the installation (second-generation VM below):
And such a difference could be observed later:
Thus, when deploying a VM, as well as when starting a VM, which, for example, is especially important in VDI scenarios, the difference in performance of a second-generation VM can reach 50% or more.
Features of use of VM of the second generation
It is necessary to remember a few points of principle related to the operation of the second generation VM.
As a guest OS in the second generation VMs can only be used:
- Windows Server 2012
- Windows Server 2012 R2
- 64-bit version of Windows 8
- 64-bit version of Windows 8.1
This is due to the fact that these versions of the OS support the UEFI 2.3.1 specification, which, in particular, implements the Secure Boot technology.
You can create a second-generation VM in the Hyper-V console,
or using the New-VM PowerShell cmdlet, specifying the –Generation 2 key.
It should be borne in mind that the generation is indicated only at the stage of VM creation. In the future, it is impossible to convert VMs from one generation to another just due to the fact that in one case the BIOS is used, in the other - UEFI.
The last aspect that I would like to mention is related to management. Managing hosts with Windows Server 2012 R2 is possible using System Center 2012 R2 Virtual Machine Manager. The currently available preview version of System Center 2012 R2 does not support the second generation of VMs. But in the RTM version of System Center 2012 R2 (and it is just around the corner) this support will be added.
So, a new generation of VMs in Windows Server 2012 R2 is deprived of obsolete emulated devices, supports a number of new features and provides performance gains, especially during the installation and loading of guest OSs. The use of second-generation machines now narrows the list of supported guest OSs, but for other systems, you can still use first-generation VMs that perfectly coexist with second-generation VMs on a single virtualization host.
Additional information on new technologies of Windows Server 2012 R2 can be found on the MVA portal in the “ Jump Start: All about Windows Server 2012 R2 ” course.
Hope the material was helpful!
Source: https://habr.com/ru/post/194884/
All Articles