Migrate and/or replace old cert server?
-
@Shuey said in Migrate and/or replace old cert server?:
@Dashrender said in Migrate and/or replace old cert server?:
@Shuey said in Migrate and/or replace old cert server?:
-They installed the Hyper-V role which runs as a console (much like VMware Workstation; type 2 hypervisor)
No actually it doesn't.You lost me here... a Type 1 hypervisor is a "on hardware" hypervisor (exclusively running as the OS, like ESXi). A Type 2 hypervisor is an "on software" hypervisor (like VMware Workstation).
Right. Hyper-V is a Type 1 with KVM, Xen and ESXi.
-
@Shuey said in Migrate and/or replace old cert server?:
-They installed the Hyper-V role which runs as a console (much like VMware Workstation; type 2 hypervisor)
That's incorrect. There is one and only one thing called Hyper-V and it is only a Type 1 hypervisor. This is why you are getting confused when I keep describing why there is no host, because there is truly no host. YOu are assuming that there is an OS on the bare metal, which there is not.
-
@scottalanmiller said in Migrate and/or replace old cert server?:
@Shuey said in Migrate and/or replace old cert server?:
@Dashrender said in Migrate and/or replace old cert server?:
@Shuey said in Migrate and/or replace old cert server?:
-They installed the Hyper-V role which runs as a console (much like VMware Workstation; type 2 hypervisor)
No actually it doesn't.You lost me here... a Type 1 hypervisor is a "on hardware" hypervisor (exclusively running as the OS, like ESXi). A Type 2 hypervisor is an "on software" hypervisor (like VMware Workstation).
Right. Hyper-V is a Type 1 with KVM, Xen and ESXi.
Microsoft confuses people through the method that you use to get to the Type 1 from a standard installed Windows Server, i.e. installing the Hyper-V service. This isn't just installing a service like installing FTP or IIS. It in fact creates a shim under the current OS that is the Hyper-V OS running directly on the hardware, with the previous Windows Server OS now being the first VM.
-
@Shuey said in Migrate and/or replace old cert server?:
@Dashrender said in Migrate and/or replace old cert server?:
@Shuey said in Migrate and/or replace old cert server?:
-They installed the Hyper-V role which runs as a console (much like VMware Workstation; type 2 hypervisor)
No actually it doesn't.You lost me here... a Type 1 hypervisor is a "on hardware" hypervisor (exclusively running as the OS, like ESXi). A Type 2 hypervisor is an "on software" hypervisor (like VMware Workstation).
https://mangolassi.it/topic/5272/somethings-you-need-to-know-about-hyperv
-
@scottalanmiller said in Migrate and/or replace old cert server?:
@Shuey said in Migrate and/or replace old cert server?:
-They installed the Hyper-V role which runs as a console (much like VMware Workstation; type 2 hypervisor)
That's incorrect. There is one and only one thing called Hyper-V and it is only a Type 1 hypervisor. This is why you are getting confused when I keep describing why there is no host, because there is truly no host. YOu are assuming that there is an OS on the bare metal, which there is not.
Before Hyper-V was ever introduced on this server, it was and still is a Windows Server 2008 R2 server. They installed Windows Server 2008 R2 on a bare-metal ProLiant. Then, after several months of having the server running as a DC, SharePoint, a cert server and a file server, they decided that they wanted to make it a VM host as well, so they installed the Hyper-V role and built some VMs inside the Hyper-V console.
-
@Dashrender said in Migrate and/or replace old cert server?:
@scottalanmiller said in Migrate and/or replace old cert server?:
@Shuey said in Migrate and/or replace old cert server?:
@Dashrender said in Migrate and/or replace old cert server?:
@Shuey said in Migrate and/or replace old cert server?:
-They installed the Hyper-V role which runs as a console (much like VMware Workstation; type 2 hypervisor)
No actually it doesn't.You lost me here... a Type 1 hypervisor is a "on hardware" hypervisor (exclusively running as the OS, like ESXi). A Type 2 hypervisor is an "on software" hypervisor (like VMware Workstation).
Right. Hyper-V is a Type 1 with KVM, Xen and ESXi.
Microsoft confuses people though the method that you use to get to the Type 1 from a standard installed Windows Server, i.e. installing the Hyper-V service. This isn't just installing a service like installing FTP or IIS. It in fact creates a shim under the current OS that is the Hyper-V OS running directly on the hardware, with the previous Windows Server OS now being the first VM.
Although to be fair, that's how VMware used to install and how Xen still does. It IS confusing, but they copied it from everyone else that existed at the time. To this day, only ESXi has changed this and only KVM never had it by default (and still does something kind of like it anyway.)
-
@Shuey said in Migrate and/or replace old cert server?:
Before Hyper-V was ever introduced on this server, it was and still is a Windows Server 2008 R2 server. They installed Windows Server 2008 R2 on a bare-metal ProLiant. Then, after several months of having the server running as a DC, SharePoint, a cert server and a file server, they decided that they wanted to make it a VM host as well, so they installed the Hyper-V role and built some VMs inside the Hyper-V console.
What you are calling the "Hyper-V Console" is a VM. You are describing the standard "poor" way to install Hyper-V. It doesn't matter how Hyper-V gets installed, a type 1 hypervisor is a type 1 hypervisor. That "console" is a VM on top of Hyper-V. Hyper-V cannot run on top of Windows, it's physically impossible. This is the most common myth around Hyper-V and there are hundreds of posts on SW correcting this.
It's also often listed as the #2 reason (after licensing) that people are confused about Hyper-V and why we used to say that all Hyper-V deployments were caused by confusion.
When you install the "role" of Hyper-V, it takes the previous bare metal Windows install, packages it into a VM, installs Hyper-V beneath it.
-
@scottalanmiller said in Migrate and/or replace old cert server?:
@Dashrender said in Migrate and/or replace old cert server?:
@scottalanmiller said in Migrate and/or replace old cert server?:
@Shuey said in Migrate and/or replace old cert server?:
@Dashrender said in Migrate and/or replace old cert server?:
@Shuey said in Migrate and/or replace old cert server?:
-They installed the Hyper-V role which runs as a console (much like VMware Workstation; type 2 hypervisor)
No actually it doesn't.You lost me here... a Type 1 hypervisor is a "on hardware" hypervisor (exclusively running as the OS, like ESXi). A Type 2 hypervisor is an "on software" hypervisor (like VMware Workstation).
Right. Hyper-V is a Type 1 with KVM, Xen and ESXi.
Microsoft confuses people though the method that you use to get to the Type 1 from a standard installed Windows Server, i.e. installing the Hyper-V service. This isn't just installing a service like installing FTP or IIS. It in fact creates a shim under the current OS that is the Hyper-V OS running directly on the hardware, with the previous Windows Server OS now being the first VM.
Although to be fair, that's how VMware used to install and how Xen still does. It IS confusing, but they copied it from everyone else that existed at the time. To this day, only ESXi has changed this and only KVM never had it by default (and still does something kind of like it anyway.)
I agree that that's how the others did it, and how Xen still does, but I wonder if their Linux (or Linux like) environment leads to a better understanding that it's a control only environment. With Windows, unless you read the licensing you might have no clue that a server is a Hyper-V enabled install.
-
@scottalanmiller said in Migrate and/or replace old cert server?:
@Shuey said in Migrate and/or replace old cert server?:
Before Hyper-V was ever introduced on this server, it was and still is a Windows Server 2008 R2 server. They installed Windows Server 2008 R2 on a bare-metal ProLiant. Then, after several months of having the server running as a DC, SharePoint, a cert server and a file server, they decided that they wanted to make it a VM host as well, so they installed the Hyper-V role and built some VMs inside the Hyper-V console.
What you are calling the "Hyper-V Console" is a VM. You are describing the standard "poor" way to install Hyper-V. It doesn't matter how Hyper-V gets installed, a type 1 hypervisor is a type 1 hypervisor. That "console" is a VM on top of Hyper-V. Hyper-V cannot run on top of Windows, it's physically impossible. This is the most common myth around Hyper-V and there are hundreds of posts on SW correcting this.
It's also often listed as the #2 reason (after licensing) that people are confused about Hyper-V and why we used to say that all Hyper-V deployments were caused by confusion.
When you install the "role" of Hyper-V, it takes the previous bare metal Windows install, packages it into a VM, installs Hyper-V beneath it.
Oh snap! I had no idea! I'm still trying to wrap my head around it.... So there's never an instance where someone installs Server 2008 on a physical box, and then later adds the Hyper-V role? You HAVE to build a bare-metal Hyper-V box first and install your server OS in it BEFORE you can then add the Hyper-V role?
update Oh, I just re-read your post. It takes the previous bare-metal WINDOWS install, and turns THAT into a VM!
-
@Dashrender said in Migrate and/or replace old cert server?:
@scottalanmiller said in Migrate and/or replace old cert server?:
@Dashrender said in Migrate and/or replace old cert server?:
@scottalanmiller said in Migrate and/or replace old cert server?:
@Shuey said in Migrate and/or replace old cert server?:
@Dashrender said in Migrate and/or replace old cert server?:
@Shuey said in Migrate and/or replace old cert server?:
-They installed the Hyper-V role which runs as a console (much like VMware Workstation; type 2 hypervisor)
No actually it doesn't.You lost me here... a Type 1 hypervisor is a "on hardware" hypervisor (exclusively running as the OS, like ESXi). A Type 2 hypervisor is an "on software" hypervisor (like VMware Workstation).
Right. Hyper-V is a Type 1 with KVM, Xen and ESXi.
Microsoft confuses people though the method that you use to get to the Type 1 from a standard installed Windows Server, i.e. installing the Hyper-V service. This isn't just installing a service like installing FTP or IIS. It in fact creates a shim under the current OS that is the Hyper-V OS running directly on the hardware, with the previous Windows Server OS now being the first VM.
Although to be fair, that's how VMware used to install and how Xen still does. It IS confusing, but they copied it from everyone else that existed at the time. To this day, only ESXi has changed this and only KVM never had it by default (and still does something kind of like it anyway.)
I agree that that's how the others did it, and how Xen still does, but I wonder if their Linux (or Linux like) environment leads to a better understanding that it's a control only environment. With Windows, unless you read the licensing you might have no clue that a server is a Hyper-V enabled install.
If you mean to say "people using Linux are more likely to know their OS than people using Windows", then yes. That's the same logic that I use for why running Linux and getting support is so much easier than running Windows and getting support is... because the average Windows support person doesn't know Windows that well, even if that is their focus. Whereas the average Linux person tends to know quite about more (about both.) So hence, even though there are fewer Linux support people out there, it is generally far easier to get Linux support than Windows.
-
@Shuey said in Migrate and/or replace old cert server?:
Oh snap! I had no idea! I'm still trying to wrap my head around it.... So there's never an instance where someone installs Server 2008 on a physical box, and then later adds the Hyper-V role? You HAVE to build a bare-metal Hyper-V box first and install your server OS in it BEFORE you can then add the Hyper-V role?
You are getting closer. But not quite. You DO add the Hyper-V role, but it is not a role. It lifts Windows up and replaces it. It LOOKS like it is adding a role, it does this in the interface to make it all seem "easy" to the end user. But it is replacing your entire system under the hood.
So you don't have to install Hyper-V first, just like you don't have to install Xen first. You install Windows (or Linux) and then tell Hyper-V (or Xen) to install under the OS that you put there. That OS that you installed becomes the first VM on your system and the hypervisor goes onto the bare metal.
-
In both cases, Hyper-V and Xen, the hypervisor has no interface AT ALL. What you see on the box is always the first VM. ESXi was like this until recently. It used to only show you the first VM (which it installed itself and was a Linux VM.) Today ESXi and KVM have both opted for local consoles on the hypervisor itself so they can do this. While Hyper-V and Xen maintain the "console from a VM" design.
-
@scottalanmiller Thanks for the enlightenment Scott! I can't believe I JUST NOW found out how Hyper-V really works, lol. Better late than never :D.
-
@Shuey said in Migrate and/or replace old cert server?:
@scottalanmiller Thanks for the enlightenment Scott! I can't believe I JUST NOW found out how Hyper-V really works, lol. Better late than never :D.
No problem. Hyper-V has engendered so much confusion, it's no wonder people are always lost about it. Especially if you aren't using it but only know it historically and use VMware yourself.
-
@scottalanmiller said in Migrate and/or replace old cert server?:
@Dashrender said in Migrate and/or replace old cert server?:
@scottalanmiller said in Migrate and/or replace old cert server?:
@Shuey said in Migrate and/or replace old cert server?:
@Dashrender said in Migrate and/or replace old cert server?:
@Shuey said in Migrate and/or replace old cert server?:
-They installed the Hyper-V role which runs as a console (much like VMware Workstation; type 2 hypervisor)
No actually it doesn't.You lost me here... a Type 1 hypervisor is a "on hardware" hypervisor (exclusively running as the OS, like ESXi). A Type 2 hypervisor is an "on software" hypervisor (like VMware Workstation).
Right. Hyper-V is a Type 1 with KVM, Xen and ESXi.
Microsoft confuses people though the method that you use to get to the Type 1 from a standard installed Windows Server, i.e. installing the Hyper-V service. This isn't just installing a service like installing FTP or IIS. It in fact creates a shim under the current OS that is the Hyper-V OS running directly on the hardware, with the previous Windows Server OS now being the first VM.
Although to be fair, that's how VMware used to install and how Xen still does. It IS confusing, but they copied it from everyone else that existed at the time. To this day, only ESXi has changed this and only KVM never had it by default (and still does something kind of like it anyway.)
I should add, that while VMWare used to and Xen still does using a DOM 0, I don't think they ever had you install a full OS, then turn around and enable something to make the Type 1 hypervisor become enabled. If you did an install, it was simply there.
-
@Dashrender said in Migrate and/or replace old cert server?:
@scottalanmiller said in Migrate and/or replace old cert server?:
@Dashrender said in Migrate and/or replace old cert server?:
@scottalanmiller said in Migrate and/or replace old cert server?:
@Shuey said in Migrate and/or replace old cert server?:
@Dashrender said in Migrate and/or replace old cert server?:
@Shuey said in Migrate and/or replace old cert server?:
-They installed the Hyper-V role which runs as a console (much like VMware Workstation; type 2 hypervisor)
No actually it doesn't.You lost me here... a Type 1 hypervisor is a "on hardware" hypervisor (exclusively running as the OS, like ESXi). A Type 2 hypervisor is an "on software" hypervisor (like VMware Workstation).
Right. Hyper-V is a Type 1 with KVM, Xen and ESXi.
Microsoft confuses people though the method that you use to get to the Type 1 from a standard installed Windows Server, i.e. installing the Hyper-V service. This isn't just installing a service like installing FTP or IIS. It in fact creates a shim under the current OS that is the Hyper-V OS running directly on the hardware, with the previous Windows Server OS now being the first VM.
Although to be fair, that's how VMware used to install and how Xen still does. It IS confusing, but they copied it from everyone else that existed at the time. To this day, only ESXi has changed this and only KVM never had it by default (and still does something kind of like it anyway.)
I should add, that while VMWare used to and Xen still does using a DOM 0, I don't think they ever had you install a full OS, then turn around and enable something to make the Type 1 hypervisor become enabled. If you did an install, it was simply there.
They did that, they just did it all under the hood so you didn't notice. Same way that XenServer and Hyper-V (non-role) do today.
-
I just checked the list of issued certs on the server and the last entry (180530) was on May 23rd of 2016... I wonder why it stops there.... I can't think of anything on the server or the rest of the network for that matter that would've caused it to end in May...
I'd really like to figure out how to safely test this role in a disabled state, but I don't know how to disable it without completely removing the role :D.
-
@Shuey said in Migrate and/or replace old cert server?:
I'd really like to figure out how to safely test this role in a disabled state, but I don't know how to disable it without completely removing the role :D.
Just suspect the VM.... oh wait, not a discrete VM. One of the many reasons why that is important
Sorry, had to go there.
-
@scottalanmiller said in Migrate and/or replace old cert server?:
@Shuey said in Migrate and/or replace old cert server?:
I'd really like to figure out how to safely test this role in a disabled state, but I don't know how to disable it without completely removing the role :D.
Just suspect the VM.... oh wait, not a discrete VM. One of the many reasons why that is important
Sorry, had to go there.
LOL, touche!
-
@scottalanmiller said in Migrate and/or replace old cert server?:
@Shuey said in Migrate and/or replace old cert server?:
I'd really like to figure out how to safely test this role in a disabled state, but I don't know how to disable it without completely removing the role :D.
Just
suspectsuspend the VM.... oh wait, not a discrete VM. One of the many reasons why that is importantSorry, had to go there.
FTFY