Windows Server 2012 R2 Preview: Your cloud on-ramp is under construction

Big improvements in virtualization and ease of setup—but mind the gaps.

by Sean Gallagher - July 11 2013, 11:46am EST

• Cloud
• Operating Systems
• Productivity
• The Web
• Virtualization
• Windows

Enlarge / The first major update to Windows Server 2012 adds a lot under the hood, as well as some features that will make Windows 8 look a lot more enterprise-friendly.

Sean Gallagher

It's been just under a year since Microsoft released Windows Server 2012. Touted as an operating system built for the cloud, Server 2012 promised some significant improvements to storage, networking, and virtualization services. It tried to strike a balance between the complex and varied needs of its data center customers and the simplicity smaller organizations needed to keep down costs.

Now Microsoft has unveiled the preview of Windows Server 2012 R2. It's not just a "service pack" of bug fixes for last September's release—this is a full update with a raft of further improvements targeted at further knocking down the walls between on-premises servers and private and public clouds. Some of those changes fine-tune the balance between simplicity of management and the enterprise power Microsoft was going for. They continue to enhance the server platform's suitability both as a component of a cloud-computing environment and as an on-ramp to cloud services for small and mid-sized organizations.
Microsoft is also previewing updates to its system management platform System Center 2012 R2 and to Windows Server 2012 Essentials, the "easy deploy" successor to Microsoft's Windows Small Business Server. Among other things, System Center 2012 R2 and Windows Server 2012 together improve Microsoft's support for Linux virtual hosts within a Microsoft-managed environment. And the new version of Server Essentials has bigger ambitions than just the server under your desk—it's been beefed up to appeal to mid-sized businesses and optimized further for deployment in the cloud. Now service providers can offer hosted Windows domains to their customers and give them simple-to-use administrative tools that can be remotely accessed.
All of these pieces fit into what Microsoft has called the "Cloud OS," an over-arching architecture that will connect on-site servers at small and medium businesses and servers in corporate data centers with cloud-based services. It blurs the boundaries between what's yours, what's your service providers', and what runs in Microsoft's software-as-a-service and cloud infrastructure services. So most of the changes to the internals in R2 are focused on enhancements to storage, networking, and virtualization. But there are a few visible changes that will appeal to organizations that aren't necessarily looking to scale out a cloud on their own.
We've been testing Windows Server 2012 R2 Preview for the past few weeks in tandem with Microsoft's expanding cloud service portfolio and a collection of desktop and mobile clients. (We took a brief look at the Windows Desktop Experience in R2 just as the preview was released.) For this first look at what's coming in 2012 R2, we'll focus on some of the features that have the broadest appeal and will have the most direct impact on users. 

Hyper-V, the next generation

The Hyper-V hypervisor is at the heart of Microsoft's push for relevance in the "cloud"—whether in a hosting company's rack space, a private corporate data center, or a server under your desk. There were some major improvements to Hyper-V in the last release of the platform. And Microsoft offered up a free standalone version called Hyper-V Server 2012, which it released at the time of Windows Server 2012's launch (as a sort of loss-leader to draw attention to the platform and away from VMware). But despite the really great licensing deal and the general improvements in Hyper-V, there were still a few gaps in functionality that left it out of contention for many virtualization applications.
There are some significant changes in R2 that help narrow (but perhaps not quite close) those gaps. Replication between Hyper-V servers has been beefed up in terms of speed, frequency, and expanded disaster recovery options. There's also the ability to now set storage quality of service levels for specific VMs to guarantee them specific levels of disk I/O throughput. This way you can give servers supporting databases priority over Web servers in getting disk I/O.
You don't need to be running clustered virtual machines with big databases to get benefits from some of the new features in Hyper-V, however. Some of the most long sought-after improvements coming in R2's Hyper-V are in its support for Linux virtual machines. Linux has run on Hyper-V since 2009, but it's been something of a second-class virtual citizen in Hyper-V land. Yes, it ran. But even in Server 2012, which made big strides with Hyper-V, there wasn't support for remote replication of Linux VMs for disaster recovery.
R2 adds that critical feature, plus a few others that were restricted to Windows VMs in previous releases. These include things like dynamic memory and dynamic resizing of the virtual drives associated with Linux VMs. Previously memory and disk resources for a Linux server were pretty much stuck at whatever you dialed in at configuration. In R2's Hyper-V, you can reclaim un-partitioned space from a virtual SCSI drive or grow any VHD or VHDX virtual SCSI drive dynamically without shutting down the virtual machine. And in R2, enterprise backup tools that are built to work with Hyper-V will be able to directly back up Linux VMs just as they've been able to do with Windows VMs in the past.

You can now configure Linux VMs running in Hyper-V to use dynamic memory. While you still configure a system with a required amount of start-up RAM at setup...

1. 
2. 
3. 
4. 
5. 

Another major update to Hyper-V is for new Windows platforms only. VMs based on Windows Server 2012 and the 64-bit Windows 8 client operating system can now be configured as "Generation 2" virtual machines, a new class of VM that dumps Microsoft's legacy virtual hardware for a more modern architecture. It sounds great, but the benefits to most Hyper-V users will be marginal.
The current generation of production Hyper-V VMs—what Microsoft has now dubbed "Generation 1"— all are based on a software architecture that emulates what is essentially a late 1990s PC. Specifically, they pretend to use an Intel 440BX chipset (designed for the Pentium II) with a mix of PCI and ISA expansion and boot with BIOS with an elderly IDE controller. The 440BX was the king of chipsets back in its day, but its day was 15 years ago.
Microsoft did this because just about every operating system will run on a 440BX-based system. Copying that architecture ensured that the Hyper-V virtual hardware was compatible with real operating systems. But the hardware had some constraints. For example, it supported virtual SCSI controllers but couldn't use them to boot from. Only the emulated Intel IDE was bootable. Generation 1 hardware also included two kinds of network adaptors: a virtual one that required Hyper-V-specific drivers and a hardware-mimicking "legacy" controller that used drivers for the DEC 21140 10/100 Mbps card. The virtual Ethernet device performed better, but the legacy device supported network booting with PXE. And 64-bit versions of Windows don't support the driver for the legacy hardware, so 64-bit versions of Windows consequently can't boot over the network using PXE.
Microsoft hasn't dropped support for such virtual machines—that's what Linux VMs are based on. But Hyper-V's new Generation 2 machines are based on a new emulated system architecture that is essentially legacy-free: they don't include legacy buses like ISA, they don't mimic old Intel IDE controllers, and they don't use BIOS to boot (it's UEFI instead).
They also enable a few things not possible in Generation 1 machines: specifically, they can boot from their (virtual) SCSI controller (in fact, they must—Generation 2 machines don't support IDE/ATA controllers at all), and they can use PXE booting on their (virtual) Ethernet card.
What difference does this make in practice? Microsoft says that Generation 2 machines will boot faster and can install their operating systems faster, though there's apparently little change in normal operational performance. The UEFI firmware also supports (and defaults to) Secure Boot, so it protects virtual machines against certain kinds of boot-level malware.
The biggest advantage of Generation 2 is probably going to be in flexible cloud deployments, where the ability to quickly spin up new VMs, booting them from the network using PXE, is useful. Microsoft's own Azure cloud infrastructure uses PXE booting, for example.
The support for all-SCSI systems might also simplify storage management somewhat. Generation 1 VMs needed at least one IDE virtual hard disk to boot from, in addition to any large SCSI virtual disks for storage. That created a need for at least one additional virtual disk per VM. Unfortunately, that's still the case for all Linux VMs and VMs based on older versions of Windows, as well as 32-bit Windows 8 VMs.

“Enterprise” with training wheels

As you’d expect from a mid-course release, the deployment and management characteristics of R2 are pretty much the same as what we saw with Windows Server 2012 a year ago. However, there have been a few extras stacked into the services available to be run on the Standard and Data Center versions of the OS. One of them is even cribbed directly from Windows Server Essentials, the small-business version of the OS.

Windows Server Essentials, which now has a R2 version in preview, was the successor to Small Business Server. It brought along some interesting features for small networks. But Server Essentials is capped at 25 users, and it didn't support Hyper-V virtualization (though it could be virtualized itself). This made it sort of pointless for larger small or mid-sized organizations that can get away with just a single domain tree and would rather not invest in System Center 2012 or other management tools.
That's where the awkwardly named Windows Server Essentials Experience (WSEE) comes in. Installable in R2 as a server "role," it essentially turns R2 Standard or Data Center into an overgrown Server Essentials—minus the user cap, plus all the other features supported by the "full" server versions. If you're doing a single-domain server deployment, adding WSEE provides a number of canned features to support mobile and remote access both as an on-site server and as a virtual server hosted in a service provider's "cloud."
WSEE adds a second, simplified administrative console, called Dashboard, on top of the existing Server Manager and command-line Power Shell tools. Dashboard doesn’t just manage the server—it is the point of integration for Microsoft's cloud and software-as-a-service offerings, including Office 365, the Microsoft InTune device management service (though the integration in R2 Preview is mostly a link to go obtain the service online), and Windows Azure Backup cloud backup services. It also provides some management of the Windows devices that join its domain, as well as tools that allow users to connect back to the network from anywhere from any Web client (though Windows clients get preferential treatment).

A dash through Dashboard

Windows Server Essentials Experience adds Dashboard, a simplified administrative UI for managing your server, clients, and cloud services. Its front page is a to-do list designed to get small server deployments up to speed quickly.

1. 
2. 
3. 
4. 
5. 
6. 
7. 
8. 
9. 
10. 
11. 

There are a number of things you can't do from the Dashboard effectively because of WSEE's origins as a small business server. There's no managing Hyper-V within Dashboard, for example, since Windows Server Essentials doesn't support virtualization.
But as a lightweight replacement for a system management environment, Dashboard delivers a number of things for free within R2 that significantly improve the ease of deploying some of Windows Server 2012's most user-pleasing features. At the least, the new tools mimic one of R2's new storage features focused on supporting the synchronization of files across a user's work and personal devices in a controlled fashion.

The network is anywhere (sort of)

In Windows Server 2012 and Windows 8, Microsoft made some major tune-ups to remote desktop and remote access. Direct Access connects domain-bound PCs directly to a secure connection to their home network as part of start-up. It has been improved in R2 and Windows 8.1, dealing with issues like connecting from behind Network Address Translation (NAT) firewalls. There have been other enhancements to Remote Access as well. A new feature promised for Server 2012 R2 called Cross Premises Connectivity will provide a way to connect multiple servers together over VPN connections—allowing a local server to act as an on-ramp to remote servers in public or private clouds.

But Direct Access and VPNs don't address the issue of personal PCs, tablets, and other devices that users want to use both in the office and on the road to connect to their work files and corporate applications. R2 attacks the "BYOD" (Bring Your Own Device) issue from two directions. From the small and medium network end, R2 provides a turnkey set of remote access tools as part of Windows Server Essentials Experience called Anywhere Access. For larger enterprises, there's a new storage service bound to IIS called Work Folders that provides for HTTP-based replication of specific shared folders.
Anywhere Access originally shipped with Windows Server Essentials 2012, but it's been given a few tweaks in R2 (in addition to its broader availability across the various versions of R2. It's really two separate remote access tools: a virtual private network (VPN) based on Windows Server's Remote Access Service and a Web-based tool called Remote Web Access that is built on top of components of Remote Desktop and Internet Information Server.
Both services use SSL encryption and require a certificate for the server running them. You can use a certificate provided for your own domain by your domain registrar or use a free Microsoft-provided host name and certificate. We used Microsoft's gateway to dispense with the cost of paying my domain registrar for a certificate for my test server; it worked well, though it caused HTTPS warnings in browsers when using the sites within our local network.
The wizard-driven installation for Access Anywhere, which launches from the WSEE Dashboard application, allows you to choose one or both of the services. It installs the required components for the chosen services and can automatically configure network routers through Universal Plug 'n Play to direct incoming traffic to the server.
The VPN configuration for Access Anywhere is automatically added to PCs that join a WSEE-managed domain through the "Connect" configuration wizard (shown in the gallery below). The wizard is downloaded from a web page on the server, which can be done either from the local network or from the Internet through Access Anywhere's Remote Web Access portal. The installation software also configures Windows 7 and 8 clients with VPN settings to connect remotely to the server.
Remote Web Access offers a different sort of remote access, providing users with a Web-based connection to the file folders they've been given access to on the server as well as the ability to launch Remote Desktop sessions back to their own desktop from a remote device. It's the real BYOD part of the WSEE solution. While the Remote Desktop part doesn't work on Macs or other non-Windows devices, you can get to your files from anything with a browser, including an iPhone. Users can run applications within the corporate network from a Windows tablet or their home computer. And administrators can click on a link to the server to launch a Remote App connection to Dashboard (or alternatively, a Remote Desktop connection to the server itself), giving them the ability to do lightweight network administration tasks from any PC.
The BYOB features of R3's WSEE will also include an updated "My Server" app for Windows 8, Windows 8 RT, and Windows Phone 7 and 8, which gives users remote access to their files and folders in a similar fashion to SkyDrive. (It caches the most recent files used locally for offline use and synchronizes them when connected.) The current versions of these apps don't come with R2 Preview, however, so we were unable to test them.

A "wizard" launched from the Windows Server Essentials Experience Dashboard automates all of the steps in configuring Anywhere Access's VPN and Web Remote Access services. It can interact directly with some domain registrars to obtain a certificate for its SSL security, or you can opt to use a free SSL gateway domain from Microsoft. You can choose to have both VPN and Web Remote Access or either of them by themselves.

1. 
2. 
3. 
4. 
5. 
6. 
7. 
8. 
9. 
10. 

The Web Remote Access file access and My Server apps are lightweight versions of what Microsoft is providing in Work Folders, a feature that will be supported in the Windows 8.1 client update. Work Folders are designed to allow users to have access to specific shared file folders from both domain-registered Windows systems and from their personal devices without having to join them to the domain.
Work Folders is set up on the server side as a feature of R2's file server role, but it requires Internet Information Server to be installed on the server supporting the shared folders. A secure HTTP connection is used to retrieve files from the remote folders and synchronize changes back to the server. On the Windows 8.1 client side, it's configured through a Work Folders control panel.
Unfortunately, you can't have it both ways quite yet. Installing Work Folders on a server running Windows Server Essentials Experience on the R2 Preview broke both services. That's a reflection of the gaps remaining between the ease of a WSEE installation and the full-bore powers of Server 2012 R2. Rather than actually leveraging the underlying features of the "grown up" version of Server 2012 R2, the WSEE features use canned versions of them that can't always be managed effectively outside of the Dashboard management tool.

Mind the gaps

Another example in Server R2 of where the gap between the "easy button" of WSEE ends and the world of System Center 2012 management tools (and less guided Windows administration adventures begin) is Storage Pools. This is the storage software technology introduced in Windows Server 2012 and Windows 8 (where it's usually referred to as Storage Spaces). It allows for a collection of physical drives to appear as a single aggregated physical drive or for drives to be mirrored for fault tolerance. Storage Pools are supposed to allow external SATA drive collections to be used as a low-cost alternative to a storage area network and to make it easier to expand server file storage without taking disks offline.
WSEE manages Storage Pools through the Windows Control Panel as Storage Spaces. We had a 4-terabyte Storage Pool created in Server Manager on Server 2012 and upgraded it to work with Server 2012 R2. It appears as a Storage Space drive in WSEE's Dashboard. However, as a result of being configured originally for a different server, the Storage Pool keeps getting dropped by the R2 server every time it reboots, requiring us to go back into Server Tools and re-attach the drive. If doing remote administration with Dashboard, all we can see is that the drive is "inaccessible because of user action" and we can't re-connect it.
That's because the work that Microsoft has done to make R2 more accessible to small and medium businesses with WSEE, while more widely useful and less fragile than in the original release of Windows Server Essentials, is still mostly a solution-on-rails. It hems in admins as much as it helps them. Some of the conflicts may be resolved by the time Server 2012 Release 2 is officially available, but others will still require some serious system management mojo to navigate around. 
Fortunately (if that's the right word), Microsoft is timing the release of System Center 2012 R2, the next iteration of its system management platform, to coincide with the release of Windows Server 2012 R2. And despite its gaps and its failings, Server 2012 R2 will certainly make Windows 8 and Hyper-V a bit more attractive to a broader range of business customers—even if they still hate the Start screen.