During a recent Hyper-V build out in my lab I decided to try my hands at installing Hyper-V on the core version of Windows versus the full version of Windows. The specific benefits I expected from core include: (benefits taken from: http://msdn.microsoft.com/en-us/library/ee391628(v=vs.85).aspx)
1) Reduced servicing
2) Reduced management
3) Reduced attack surface
4) Less disk space required
Additionally I was hoping to see a decrease in the memory footprint which would allow me to add more virtuals onto a system running core instead of the full version of Windows.
My test lab included two identical Windows 2008 R2 SP1 hardware configurations running an I7 processor with 24 gb of memory. HyperV03 was installed with a full version of Windows and HyperV04 was installed on a core version of windows.
My testing results for the 4 benefits listed above:
1) On both servers I have had a total of about 80 updates applied since I started this test (not including forefront endpoint definition updates).
2) Management on the core server itself is reduced – as you don’t often want to log into the server to manage it. This however realistically moves the management to other servers or to other tools such as CoreConfig to manage the server. Once Hyper-V was functional on this system, I was able to use SCVMM almost exclusively to manage the core Hyper-V system.
3) I see the logic that the attack surface is reduced – less code to attack means less surface to attack but I can’t provide any specific details here yet. More below.
4) On my core system I saw a significant decrease in disk space usage with 6.2 gb in the Windows directory versus 16.6 gb in the Windows directory for the full version of windows.
Memory test results:
The memory tests I were the primary item I was interested in because the only reason I had to expect extra available memory was the decrease in the attack surface which would hopefully result in a decrease of the number of processes and services running on the system. For this test I shut down all virtuals running on both of my Hyper-V servers and compared their available memory and the number of processes running on the server.
HyperV03: (Full Windows)
The full version of Windows was running a total of 59 processes, using 7% of physical memory and had a total of 21913 mb of free memory.
The core version of Windows was running a total of 45 processes (14 less), using 7% of physical memory (identical) and had a total of 22120 mb of free memory (207 mb of additional free memory).
While running on core did decrease the number of processes from 59 down to 45 this did not have any significant impact on the amount of free space in a server especially one with 24 gb of available memory.
Management of core:
Management of the core version of Windows is another big item to factor into the decision whether to use it on Hyper-V or not. While you can still RDP into the core version, most of the commonly used utilities to configure the Operating System are not available. The shift that occurred with me on core was to use other Windows servers to manage my core system as management of it locally required a very different approach than I am used to as a Windows administrator of full Operating Systems. Additionally other items were more complex to manage such as configuration for DPM:
As an example for DPM I had to manually install the agent, attach it and set it’s configuration as shown below:
Patch management can be done through Configuration Manager, but for checking patches and performing common actions I highly recommend the Core Configuration 2.0 tool available on codeplex: http://coreconfig.codeplex.com/
However, once the server was configured and patched and running Hyper-V I was able to manage it from that point forward using System Center Virtual Machine Manager and at some points I actually forgot that one of the servers was running the core version of Windows.
Summary: Hyper-V running on core versus running on a full version of Windows? Here’s my assessment:
1) Reduced servicing – The number of updates which have been applied on both servers were similar over a period of several months.
2) Reduced management – Management work is done far less often on the actual core Operating System.
3) Reduced attack surface – Based upon the number of processes alone this is a logical conclusion.
4) Less disk space required – Confirmed with approximately 10 gb less space used in the Windows directory alone.
And my two items I wanted to check:
5) Memory footprint – No significant decrease on memory required unless it is a server with a very small amount of memory available to use.
6) Management complexity – It is more complex to manage a windows core server if you (like me) are not used to managing it.
So, my summary of the summary – If it’s important to decrease your attack surface or you have critical space issues definitely look into core but you need to go into it with your eyes wide open that management of core is a different beast especially up to the stage where SCVMM can take over management of the system.