Top 10 Networking Features in Windows Server 2019: #7 SDN Goes Mainstream

Authors: Greg Cusanza, Schumann Ge

Share On: Twitter      Share On: LinkedIn 

This blog is part of a series for the Top 10 Networking Features in Windows Server 2019! 
-- Click HERE to see the other blogs in this series.

Look for the Try it out sections then give us some feedback in the comments! 
Don't forget to tune in next week for the next feature in our Top 10 list!

If you’ve ever deployed Software Defined Networking (SDN), you know it provides great power but is historically difficult to deploy. Now, with Windows Server 2019, it’s easy to deploy and manage through a new deployment UI and Windows Admin Center extension that will enable anyone to harness the power of SDN.  Even better, these improvements also apply to SDN in Windows Server 2016!

For those of you new to SDN in Windows Server, you might be surprised to learn that it’s included as a key component of the Software Defined Data Center (SDDC), providing software-based network functions such as virtual networking with switching, routing, firewalling with micro-segmentation, third-party appliances, and load balancing, all virtualized and highly optimized for availability and performance.

This enables you to create a datacenter or branch office with lower costs, with increased security, and greater agility to tailor the network to meet the needs of your applications. It’s all included in Windows Server Datacenter edition, so any SDDC deployment from two node hyper-converged systems up to multi-rack data-center deployments benefit from these capabilities…

At no extra cost!

Getting Started

In this post we’ll cover the new steps for setting up your physical network for SDN, deploying SDN with SDN Express and then using the Windows Admin Center to manage the new deployment.

Setting up the physical network

Every SDN system must connect and interface with a physical network, this is not unique to Microsoft’s SDN implementation. We publish a recommended topology for how your physical network should be configured to help bridge the gap between server admin and network admin.

Updates to our best practice topology streamline it down to requiring only two networks to be configured:

  1. A management network for infrastructure communication
  2. A provider network for the virtualized workload traffic.

This separation allows the two networks to be fully isolated, even down to two separate sets of physical networking if you choose, creating a complete boundary between infrastructure and tenant.

To learn more, refer to the Plan a Software Defined Network Infrastructure topic on docs.microsoft.com.

Deploying SDN with ease

Once you have the physical network configured you are ready for deployment.

Note: If you’re using SCVMM for management you must use VMM to perform the deployment, and from then on will use VMM’s integrated and managed SDN environment. When deploying through SCVMM you can use it’s UI, or the automation available through the VMM SDN Express scripts on github.

 

SDN Express is a UI, a PowerShell script and set of modules available on Github to get you up and running quickly.  The new guided UI is able to perform parameter validation so may common errors are detected at input time.  This gives you an immediate opportunity to correct mistakes before deployment begins.

This image animates a walkthrough of the SDN Express wizard.  Fields that show up in red are invalid, initially because they are required, and turn gray as valid data is entered:

You can have the wizard kick off the deployment or use it to create a configuration file for further customization or repeated deployments.

If you open the config file, you’ll find that it’s been greatly streamlined as compared with previous versions of SDN Express, with about a 75% reduction in number of parameters.

SDN Express PowerShell module

If you want further control over deployment, you can use the new SDN Express PowerShell module. This gives you the ability to customize your initial deployment further, or scale out an existing deployment by adding Hyper-V hosts, Load Balancers or Gateways.  Here’s an example of adding a new Hyper-V server; this snippet takes a freshly deployed Hyper-V host and fully enables it for SDN:

import-module .\SDNExpressModule.psm1

$restname = 'SDN.CONTOSO.COM'
$rootcerts = get-childitem "cert:\localmachine\root" 
$hostcert = $rootcerts | ? {$_.Subject -eq "CN=$restname"}

Add-SDNExpressHost -ComputerName 'Host5' -RestName $restname -HostPASubnetPrefix '10.0.0.0/24' -NCHostCert $hostcert -Credential (get-credential)

The full SDN Express deployment and configuration takes about 45 minutes run, but it includes creation of the SDN infrastructure VMs, enabling the necessary roles and performing the configuration on each node. When SDN Express finishes your SDN environment is ready to manage with the preview of the SDN extension for the Windows Admin Center!


Ready to give it a shot!? Try out the new SDN Express now!

Try out the new SDN Express

You can get SDN express today from the Microsoft SDN repository on Github. Just download the SDN repository, navigate to SDNExpress/scripts and run the SDNExpress.ps1 file from a Windows Server 2016 or 2019 computer. It will guide you the rest of the way.

SDN in Windows Admin Center

About Windows Admin Center

If you haven’t tried out Windows Admin Center yet, you’re really missing out. Windows Admin Center is an evolution of Windows Server in-box management tools; it’s a single pane of glass that consolidates all aspects of local and remote server management. Windows Admin Center is a locally deployed, browser-based app for managing servers, clusters, hyper-converged infrastructure, and Windows 10 PCs. It comes at no additional cost beyond Windows and is ready to use in production. In the first 6 months since announcement, more than 25,000 customers deployments have been managed by Windows Admin Center.

Using Windows Admin Center for SDN management

SDN has been integrated with the Hyper-Converged Cluster experience in Windows Admin Center. By adding a Network Controller to your Hyper-Converged cluster, you can manage your SDN resources and infrastructure through a single application.

Important: A hyper-converged cluster is required to use the SDN extension for the Windows Admin Center.

Here’s how easy it is to add a hyper-converged cluster with a Network Controller to the Windows Admin Center:

Virtual network management

Once you’ve added SDN to your hyper-converged environment, you can create, modify and configure virtual networks and their subnets. You can also view the VMs connected to the virtual network subnets.

This is a view of the virtual networks list:

This is only the beginning! We are working to bring full end-to-end virtual network management to the SDN extension for Windows Admin Center.

Connecting a virtual machine

The next step is connecting a new virtual machine to your brand new virtual network. During this process the Windows Admin Center detects that the virtual switch you are connecting to has SDN enabled and provides you with the ability to select the SDN networks that are available.

Here you can see the virtual network adapter settings which detect that SDN is in place and show the appropriate options for selecting a virtual network and subnet:

SDN infrastructure management

Being able to manage your SDN infrastructure is a critical aspect of operating SDN infrastructure. Due to the resiliency built into Windows Server SDN individual component failures will not impact your workloads, so you need an easy way to see when something is unhealthy.

With the SDN Monitoring extension you can monitor the state of the SDN services and infrastructure in real-time. You can view detailed information about the health of your Network Controller, Software Load Balancers, Virtual Gateways, and hosts.  You can also monitor consumption of your Virtual Gateway Pools, Public IP Pools, and Private IP Pools.

This is the summary view. It is the best place to look to understand the overall health of your system:

Drilling into the Network Controller panel you can get additional information about the health of individual Network Controller services and Hyper-V hosts:

On the Load Balancer panel you can also see the health of individual components of the Software Load Balancer as well as the utilization of your load balancer virtual ip (VIP) pools so you will know if you are about to run out of IP addresses:

And finally, the gateway panel shows you the status of each gateway pool and the health of the individual gateway VMs that make up the pool.  At Risk indicates that one of your gateway VMs is unhealthy, but due to the redundancy built into the pool, it is not yet affecting any of the workload traffic.  Unless corrected, one additional failure will likely impact the ability to host workloads:

 

As mentioned previously, there is much more on the way! Please stay tuned for more features as we build out the complete set of SDN features in the Window Admin Center.


Ready to give it a shot!? Try out SDN with the Windows Admin Center now!

Registered Insiders may download the Windows Admin Center Preview containing what you see 
here directly from the Windows Server Insider Preview download page, under the Additional 
Downloads dropdown. 

If you have not yet registered as an Insider, see Getting Started with Windows Server on 
the Windows Insiders for Business portal.

Stay tuned to this blog series for more on SDN in Windows Server 2019!

This post highlights the efforts we are taking to make SDN easier to deploy through SDN Express and manage through the Windows Admin Center, but there are also a number of features that we’ve added to SDN in Windows Server 2019 that we’ll highlight in some of the later blog posts in this series, so stay tuned!

Thanks!

Greg Cusanza and Schumann Ge