There are a myriad of both subtle and fundamental differences in the basic architecture of Windows Server 2008, which could dramatically change not only the way it's used in the enterprise, but also the logical and physical structure of networks where it's the dominant OS.
The abilities to consolidate servers, to manage hardware more effectively, to remotely manage hardware without the graphical traffic, and to radically alter the system security model, could present a more compelling argument for customers to plan their WS2K8 migrations now, than the arguments for moving from Windows 2000 to Server 2003.
Based on the information we gathered last week at WinHEC 2007 in Los Angeles, we decided that rather than list a bunch of mind-jarring new categories and marketing terms that sound like rejected gadgets from the Bat-Cave, we'd select what we believe to be the ten most influential and important new technologies to find their way into WS2K8, with the help of Microsoft software engineers such as Mark Russinovich to explain their relevance. We begin at the end with our #10 entry:
--------------------------------------------------------------------------------
#10: The self-healing NTFS file system. Ever since the days of DOS, an error in the file system meant that a volume had to be taken offline for it to be remedied. In WS2K8, a new system service works in the background that can detect a file system error, and perform a healing process without anyone taking the server down.
"So if there's a corruption detected someplace in the data structure, an NTFS worker thread is spawned," Russinovich explained, "and that worker thread goes off and performs a localized fix-up of those data structures. The only effect that an application would see is that files would be unavailable for the period of time that it was trying to access, had been corrupted. If it retried later after the corruption was healed, then it would succeed. But the system never has to come down, so there's no reason to have to reboot the system and perform a low-level CHKDSK offline."
#9: Parallel session creation. "Prior to Server 2008, session creation was a serial operation," Russinovich reminded us. "If you've got a Terminal Server system, or you've got a home system where you're logging into more than one user at the same time, those are sessions. And the serialization of the session initialization caused a bottleneck on large Terminal Services systems. So Monday morning, everybody gets to work, they all log onto their Terminal Services system like a few hundred people supported by the system, and they've all got to wait in line to have their session initialized, because of the way session initialization was architected."
The new session model in both Vista and WS2K8 can initiate at least four sessions in parallel, or even more if a server has more than four processors. "If you've got a Vista machine where this architecture change actually was introduced, and you've got multiple Media Center extenders, those media center extenders are going to be able to connect up to the Media Center in parallel," he added. "So if you have a media center at home, and you send all their kids to their rooms and they all turn on their media extenders at the same time, they're going to be streaming media faster from their Vista machines then if you had Media Center on a XP machine."
#8: Clean service shutdown. One of Windows' historical problems concerns its system shutdown procedure. In XP, once shutdown begins, the system starts a 20-second timer. After that time is up, it signals the user whether she wants to terminate the application herself, perhaps prematurely. For Windows Server, that same 20-second timer may be the lifeclock for an application, even one that's busy spooling ever-larger blocks of data to the disk.
In WS2K8, that 20-second countdown has been replaced with a service that will keep applications given the signal all the time they need to shut down, as long as they continually signal back that they're indeed shutting down. Russinovich said developers were skeptical at first about whether this new procedure ceded too much power to applications; but in practice, they decided the cleaner overall shutdowns were worth the trade-offs.
#7: Kernel Transaction Manager. This is a feature which developers can take advantage of, which could greatly reduce, if not eliminate, one of the most frequent causes of System Registry and file system corruption: multiple threads seeking access to the same resource.
In a formal database, a set of instructed changes is stored in memory, in sequence, and then "committed" all at once as a formal transaction. This way, other users aren't given a snapshot of the database in the process of being changed - the changes appear to happen all at once. This feature is finally being utilized in the System Registry of both Vista and Windows Server 2008.
"The Kernel Transaction Manager [intends] to make it very easy to do a lot of error recovery, virtually transparently," Microsoft software engineer Mark Russinovich explained. "The way they've done this is with the [KTM] acting as a transaction manager that transaction clients can plug into. Those transaction clients can be third-party clients that want to initiate transactions on resources that are managed by Transaction Resource Manager - those resource managers can be third-party or built into the system."
#6: SMB2 network file system. Long, long ago, SMB was adopted as the network file system for Windows. While it was an adequate choice at the time, Russinovich believes, "SMB has kind of outlived its life as a scalable, high-performance network file system."
So SMB2 finally replaces it. With media files having attained astronomical sizes, servers need to be able to deal with them expeditiously. Russinovich noted that in internal tests, SMB2 on media servers delivered thirty to forty times faster file system performance than Windows Server 2003. He repeated the figure to make certain we realized he meant a 4000% boost.
#5: Address Space Load Randomization (ASLR) Perhaps one of the most controversial added features already, especially since its debut in Vista, ASLR makes certain that no two subsequent instances of an operating system load the same system drivers in the same place in memory each time.
Malware, Mark Russinovich described it (as only he can), is essentially a blob of code that refuses to be supported by standard system services. "Because it's isn't actually loaded the way a normal process is, it would never link with the operating system services that it might want to use," he described. "So if it wants to do anything with the OS like drop a file onto your disk, it's got to know where those operating system services live.
"The way that malware authors have worked around this chicken-and-egg kind of situation," he continued, "is, because Windows didn't previously randomize load addresses, that meant that if they wanted to call something in KERNEL32.DLL, KERNEL32.DLL on Service Pack 2 will always load in the same location in memory, on a 32-bit system. Every time the system boots, regardless of whose machine you're looking at. That made it possible for them to just generate tables of where functions were located."
Now, with each system service likely to occupy one of 256 randomly selected locations in memory, offset by plus or minus 16 MB of randomized address space, the odds of malware being able to locate a system service on its own have increased from elementary to astronomical.
#4: Windows Hardware Error Architecture (WHEA). That's right, Microsoft has actually standardized the error - more accurately, the protocol by which applications report to the system what errors they have uncovered. You'd think this would already have been done.
"One of the problems facing error reporting is that there's so many different ways that devices report errors," remarked Russinovich. "There's no standardization across the hardware ecosystem. So that made it very difficult to write an application, up to now, that can aggregate all these different error sources and present them in a unified way. It means a lot of specific code for each of these types of sources, and it makes it very hard for any one application to deliver you a good error diagnostic and management interface."
Now, with hardware-oriented errors all being reported using the same socketed interface, third-party software can conceivably mitigate and manage problems, reopening a viable software market category for management tools.
#3: Windows Server Virtualization. Even pared down a bit, the Viridian project will still provide enterprises with the single most effective tool to date for reducing total cost of ownership...to emerge from Microsoft. Many will argue virtualization is still an open market, thanks to VMware; and for perhaps the next few years, VMware may continue to be the feature leader in this market.
But Viridian's drive to leverage hardware-based virtualization support from both Intel and AMD has helped drive those manufacturers to roll out their hardware support platforms in a way that a third party - even one as influential as VMware - might not have accomplished.
As Microsoft's general manager for virtualization, Mike Neil, explained at WinHEC last week, the primary reason customers flock to virtualization tools today remains server consolidation. "There's this sprawl of servers that customers have, they're dealing with space constraints, power constraints, [plus] the cost of managing a large number of physical machines," Neil remarked. "And they're consolidating by using virtual machines to [provide] typically newer and more capable and more robust systems."
Consolidation helps businesses to reclaim their unused processor capacity - which could be as much as 85% of CPU time for under-utilized servers. Neil cited IDC figures estimating US businesses have already spent hundreds of billions on processor resources they haven't actually used. It's not their fault - it's the design of operating systems up to now. "So obviously, we're trying to drive that utilization further and further," Neil said.
#2: PowerShell. At last. For two years, we've been told it'll be part of Longhorn, then not really part of Longhorn, then a separate free download that'll support Longhorn, then the underpinning for Exchange Server 2007. Now we know it's a part of the shipping operating system: the radically new command line tool that can either supplement or completely replace GUI-based administration.
Last week at WinHEC, Windows Server programming chief Iain McDonald flat out proclaimed, "If I could set the direction of it, I would like to make PowerShell the default shell for Windows. That's my personal bias."
At TechEd 2007 in Orlando in early June, we'll be seeing some new examples of PowerShell in the WS2K8 work environment - hopefully unhindered now that the product is shipping along with the public Beta 3...at least unless someone changes his mind. We hope that phase of PowerShell's history is past it now.
#1: Server Core. Here is where the world could really change for Microsoft going forward: Imagine a cluster of low-overhead, virtualized, GUI-free server OSes running core roles like DHCP and DNS in protected environments, all to themselves, managed by way of a single terminal.
If you're a Unix or Linux admin, you might say we wouldn't have to waste time with imagining. But one of Windows' simple but real problems as a server OS over the past decade has been that it's Windows. Why, admins ask, would a server need to deploy 32-bit color drivers and DirectX and ADO and OLE, when they won't be used to run user applications? Why must Windows always bring its windows baggage with it wherever it goes?
Beginning with Windows Server 2008, the baggage is optional. As product manager Ward Ralston told BetaNews in an interview published earlier this week, the development team has already set up Beta 3 to handle eight roles, and the final release may support more.
What's more, with the proper setup, admins can manage remote Server Core installations using a local GUI that presents the data from the GUI-less remote servers. "We have scripts that you can install that enable [TCP] port 3389," Ralston told us, "so you can administer it with Terminal Services. [So] if you're sitting at a full install version and let's say I bring up the DNS, I can connect to a Server Core running DNS, and I can administer it from another machine using the GUI on this one. So you're not just roped into the command line for all administration. We see the majority of IT pros using existing GUIs or using PowerShell that leverages WMI [Windows Management Instrumentation] running on Server Core, to perform administration."
PowerShell can run on Server Core...partially, Iain McDonald told us. It won't be able to access the .NET Framework, because the Framework doesn't run on Server Core at present. In that limited form, it can access WMI functions.
But a later, more "component-ized" version of .NET without the graphics functionality may run within Server Core. This could complete a troika, if you will, resulting in the lightest-weight and most manageable servers Microsoft has ever produced. It may take another five years for enterprises to finally complete the migration, but once they do...this changes everything.
下一页为中文翻译版本
Windows Server 2008的变化既有细微的方面,也有根本性的。服务器整合、硬件的高效管理、远程的硬件无图形界面操控,彻底改变的系统安全模式,这些都是WS2K8的大卖点。在上周Los Angeles举行的WinHEC 2007上,通过微软软件工程师Mark Russinovich等的协助,我们拟定出了一份WS2K8中最具影响力上的新技术列表。下面我们从第10条开始介绍:
#10:具有自修复功能NTFS文件系统(The self-healing NTFS file system)
在WS2K8中,将会有一个新增的系统服务来在后台检测文件系统的错误,以及在服务器运行状态下进行直接修复。如果检测服务正在修复损坏的磁盘结构,对应用程序来讲,受到的影响只是存储在这些区域上的文件暂时无法访问,在修复结束后即可重新访问。系统是永远不会关闭的,没有必要重启来做CHKDSK这样的操作。
#9:并行会话的创建(Parallel session creation)
在Server 2008之前的操作系统中,会话的创建是串行的方式。也就是说,当多个用户同时登录终端系统时会造成系统的瓶颈,造成用户排队等待会话的初始化。在Vista及WS2K8中的新会话模块,至少可以同时初始化4个会话,如果有4块以上的处理器,还可以增加更多。Vista下的Media Center就是一个很好的例子,如果你在多个不同的房间同时启动Media Center就会发现,速度要比XP下的Media Center更流畅。
#8:关机服务(Clean service shutdown)
关机已经是Windows的“历史性问题”了。在XP中,一旦关机开始后系统就会启动一个20秒的计数器,超时后会询问用户是否结束应用程序。在服务器系统中,该计数器是应用程序的生命之钟。而在WS2K8下,这20秒的倒计时被一个专门的服务所取代了,该服务会向需要关闭的程序不间断的送达关机信号,直至程序回应自己确实已退出。
#7:内核事务管理器(Kernel Transaction Manager)
这对开发人员们来说是个好消息,就算无法完全排出,也能在最大程度上减少多个线程访问同一系统资源(注册表、文件系统等)时的死锁问题。拿数据库系统来说,交互指令都会按次序插入内存队列,并最终一次性的来进行“落实”。这一功能,最终被加入了Vista和Windows Server 2008。内核事务管理器的目的在于从某些错误中恢复,这个管理器允许事务客户端的插入(plug into),事务客户端通过这样的方式来使用内核事务管理器所管理的资源。
#6:SMB2 网络文件系统(SMB2 network file system)
SMB在很久很久以前就成为了Windows自带的网络文件系统。随着现在的多媒体文件体积日渐巨增,对服务器的要求也相应的增加了。在微软的内部测试中SMB2的速度比Windows Server 2003中的网络文件系统要快3到4倍。
#5:地址空间的随机加载(Address Space Load Randomization;ASLR)
ASLR或许是Vista中最具争议的一项功能,它直接导致了同一操作系统在每次启动时加载系统驱动的(内存)位置都会不同。微软的解释是,这项功能不会影响普通的系统服务,所以不必担心应用程序无法链接到需要使用的服务。恶意软件的作者经常利用早期Windows版本在固定内存地址加载文件的缺陷,也就是说他们能够知道在32位的XP SP2下,哪里装载着KERNEL32.DLL,并随意的进行访问。因为,不管任何机器在任何时候启动,这个DLL都在同一个地方呆着。而现在,系统会在启动时从256个随机位置中选取一个,并附加16M空间的(正或负)偏移,恶意软件能找到这些位置的机会可以说是相当的渺茫。
#4:Windows 硬件错误体系(Windows Hardware Error Architecture;WHEA)
没错,微软的确在将Windows错误进行标准化,确切的理解可以是,应用程序向系统报告错误的一种协议。在过去,设备报告其错误的方式相当的繁杂,没有既定的标准。直至今日,要编写一个按照统一模式来整理和显示各种错误的程序也是极其困难的,因为不同的错误源有不同的错误代码。现在,所有硬件产生的错误都有了统一的报告接口,这对第三方厂商来说绝对是一个好消息。
#3:虚拟服务器(Windows Server Virtualization)
就算是已经被削减了功能,Viridian依然是一个高效和减少成本的好东西。感谢VMware,虚拟机到目前为止依然是一个开放的市场。或许今后几年,VMware还会继续领跑。Viridian的到了Intel和AMD的支持,这使得Viridian具备了VMware这样第三方产品所不具备的硬件支撑平台。虚拟机不仅能更全面的发挥客户服务器的能力,还可以节省空间、能源、成本等等,此外,虚拟机对整合系统的兼容性、健壮性增强也有不言而喻的好处。现在的情况是,多数服务器85%的CPU时间都是被浪费掉了的。把这些不计其数的处理器资源利用起来,可谓是意义重大。
#2:全新的命令行工具(PowerShell)
过去的两年,我们得到的消息是:PowerShell将会是Longhorn的组件,但并非真正意义上的组件,而是一个可以免费下载并支持Longhorn的工具。现在我们已经明确的了解到,PowerShell这个全新的命令行工具,将会作为对图形管理界面的一个补充而随系统一起发布。在上周的WinHEC上,来自微软的Windows Server程序主管Iain McDonald甚至这么来评价PowerShell,”如果我有权决定的话,我更倾向于把PowerShell作为Windows的默认界面“。
#1:核心服务器(Server Core)
想像一下吧,微软的服务器未来:低开销的集群、虚拟化、无GUI界面的DHCP或是DNS服务器,这些全部由一个终端来进行控制。如果你是Unix或者Linux的管理员,你或许会觉得不屑一顾。然而,这个问题却是过去10年间Windows作为服务器的一大硬伤。一台不必运行任何应用程序的服务器需要32位显示色么?需要DirectX、ADO和OLE么?为何Windows非要给自己加上不必要的负担?时至今日,在Windows Server 2008中,这样的负担终于成为了可选项目。微软的专家称,Beta 3版的Server 2008已经可以担当8种不同的角色,而最终版本还会更多。在适当的配置下,管理员可以通过本地的GUI界面来管理远程Server Core服务器的安装,并且使用3389(TCP)端口开甚至通过DNS来进行对Server Core的各种管理。在加入”组件化“的.NET支持后(目前Server Core不支持.NET框架),我们将看到PowerShell、WMI(Windows Management Instrumentation)、.NET Framework这三驾马车的协同作战,微软有史以来操控性最强的服务器系统即将呈现在我们的眼前。