One of the main features of Windows Server 2016 is the Nano Server : a lightweight and refactored version of Windows Server 2016 designed for core environments with high demand for availability and performance.
Introduced as the next version of data center computing, Nano server has two core application domains : either as a private cloud infrastructure providing clustered resources (Hyper-V, Storage and so on..) or as an application platform highly optimized for modern distributed and cloud-based apps which leverage containers and micro service architectures.
In this post we will take a look at the main benefits of the Nano Server solution over a classical Server with Desktop Experience as well as the technical administration and features that Nano Server has to offer.
- Nano Server : Goals and Benefits
- Nano Server Installation
- Integration and Remote Administration of Nano Server
- Bringing new Features to Nano Server using Packages
2- Nano Server : Goals and Benefits
Have you ever seen your screen freeze 5 seconds just because you clicked on the Windows explorer icon? Well, Windows solutions provide clean user interfaces with nice visual effects, in addition to various processes and services running applications in background to bring simplicity and improve your experience, but all of this has a cost: performance, maintenance and security.
Microsoft has been pushing on the use of their core servers and Powershell since Windows Server 2012, and the trend is even more true today: Windows Server 2016 is built to run in its core version accessible from administration clients running Remote Server Administration Tools (RSAT) and Powershell Remoting. In this perspective, Group Policy Objects are NOT supported in Nano Server. Instead, it uses the Desired State Configuration (DSC), a more recent, lightweight and flexible solution using Powershell to apply configuration as code.
Below is a quick view of the optimization brought by Nano server:
To highlight the performance of Nano server, Microsoft states that where a Windows Server 2016 with Desktop Experience would take up to 19min to setup, Nano would only take 40s, making it suitable for critical service environnements.
But how can the solution keep this level of performance and flexibility? The answer is simple: if you need to bring a specific feature to the server, you can download and install packages provided by the community directly from the Powershell console. Also, as the graphical stack has been completely removed, the only way to administer a Nano Server is from a Windows 10 or Windows Server 2016 machine. The computer console is simply used as a recovery screen where you can define network settings to get access to the server remotely, including WinRM.
3- Nano Server Installation
The installation process of Nano Server is a bit different from classical servers: you do not simply download an .ISO file, boot from it and proceed to the installation process. The solution is so minimalist that you have to select which package(s) to include in your Nano Server image.
Basically, installation files are embedded into the Windows Server 2016 installation disk: these files will be extracted and processed to create a bootable .vhd or .vhdx that you will import into Hyper-V. The media creation can be performed in 2 ways: Powershell or the Nano Server Image Builder.
Nano Server Image Builder
You can download the Nano Server Image builder directly from Microsoft’s website. Notice that the Windows Assessment and Deployment Kit (ADK) is needed before you can execute it.
- Deployment Tools
- Windows PE
Once the Builder tool is installed, just follow the instructions on the screen to create your image. The tool will give you the resulting Powershell command at the end of the wizard if you want to re-use it later.
As we do not have a Nano server image yet, select “Create a new Nano Server image“
Next we need to specify the path of the installation files. The installation files are in the Windows Server 2016 installation ISO. Although local folders and network shares are supported, the easiest way to access it is by mounting the ISO into the host and specify the drive letter as follow:
Note that the NanoServer folder is located at the root of the installation disk. The NanoServerImageGenerator folder contains the Poweshell scripts if you cannot use the Nano Server Builder. This section will be discussed later.
After this the wizard asks you about the deployment type. The main difference between a VM deployment and a physical deployment is related to drivers : VM images use Guest Drivers while physical installations need OEM Drivers.
The output file determines the VM generations of the resulting virtual machine. To create a generation 2 VM, specify the output file’s extension as .vhdx, otherwise simply choose a basic .vhd file.
Now that we are clear on the deployment itself, let’s populate the Nano Server image with some packages and optional drivers we may need once in production. For demonstration purposes, we will install a simple IIS Web Server on the server.
As a result, duplicating the resulting image will create Nano servers ready for use in few minutes.
Note the Datacenter edition brings the shielded VM support.
Next give the server a name and an administrator password.
Important: You will be given the opportunity to join the on the domain. If you are planning to create multiple servers, you will need to leave the computer name box empty and use the offline domain join method using djoin.exe (Domain Blob file).
The next screen allows you to configure the network settings. Fill the boxes with the appropriate information based on your needs.
We can now launch the creation wizard and get our final image ready for deployment. Notice that the Powershell equivalent is provided if you need to re-use it at a later time.
This section is not intended to explain the syntax of the cmdlet. For complete information about the syntax, please refer to the documentation.
Powershell can also be used to create a Nano Server image without installing any deployment tool or any other piece of software. The Powershell module is also included in the Windows Server 2016 installation media.
Powershell has a built-in security feature that can prevent the execution of script coming from other computers.
Notice that your drive letter may change if you mount you directly import the module from an ISO file.
This modules brings 3 new functions that you can use to create / customize Nano Server images:
We can create the exact same image we created previously with the Nano Server Image Builder with the following command:
|New-NanoServerImage -MediaPath ‘E:\’ -Edition ‘Datacenter’ -DeploymentType Guest -TargetPath ‘C:\Users\Administrator\Desktop\Nano-TEST.vhdx’ -MaxSize 8589934592 -DomainName ‘mockup.adds’ -ReuseDomainNode -InterfaceNameOrIndex ‘1’ -Ipv4Address ‘192.168.19.20’ -Ipv4Dns ‘192.168.19.10’ -Ipv4SubnetMask ‘255.255.255.0’ -Ipv4Gateway ‘192.168.19.1’ -SetupUI (‘NanoServer.IIS’) -ComputerName ‘SRV-NANO-1’ -SetupCompleteCommand (‘tzutil.exe /s “Romance Standard Time”‘) -LogPath ‘C:\Users\Administrator\AppData\Local\Temp\NanoServerImageBuilder\Logs’|
4- Integration and Remote Administration of Nano Server
Virtual Machine Creation
The VHDX created previously can be directly specified as a virtual machine hard disk drive. Here is an example of a command to create the Nano Server VM:
|New-VM -VMName SRV-Nano-1 -Generation 2 -MemoryStartupBytes 512MB -VHDPath ‘C:\Users\Public\Documents\Hyper-V\Virtual hard disks\Nano-TEST.vhdx’ -SwitchName VMSwitch-1|
You may need to adapt the VM name, VHD path and switch name depending on your infrastructure.
The console credentials have been specified during the VHDX creation process (When using the local Administrator account, specify “.” as the domain name).
If you chose to provision the Nano Server in the domain during the VHDX creation process, then your Nano Server should log on to the domain automatically at boot time.
You can verify it with the Get-ADComputer powershell command:
Now that the Nano Server is part of the domain, you can now connect via PSRemoting. By default, only local administrators and users belonging to the “BUILTIN\Remote Management Users” can log in:
You can also manage the Server using the Server Manager. The IIS feature is available through the Server Manager since we selected the package during the image creation.
5- Bringing new Features to Nano Server using Packages
Online packages sources can be installed on the Nano Server to add features by using Package Providers. Package Providers represent different communities developing stuff to be added to a bare-metal installation.
To find a list of Package Providers, just issue the Find-PackageProvider command. “Nuget” is a Package Provider proposed by Microsoft, not installed by default. This package must be installed, as the “Install-Module” cmdlet uses a module included in the “PowershellGet” package, provided by…. Nuget !
Before going any further, install the Nuget Package Provider by issuing the Install-PackageProvider NuGet command. Issuing the “Find-PackageProvider” would also ask you to download and install it.
Use the Find-Package command to get a complete list of the available packages provided by a Package Provider:
|Find-Package -ProviderName NuGet -Source http://www.nuget.org/api/v2|
The Install-Package cmdlet allows you to quickly install a package, making the new feature immediately ready for use. Here is an example with the node.js package from the NuGet Package Provider:
There is still a lot to cover about Nano Server. Introduced as the future of data center computing, the model of this new technology unifies areas of expertise into what we commonly call the “Software Defined” era.
This article is intended to share knowledge. If you find something missing, or that should be improved, I would be pleased to add such information.