Windows Server 2008: It's going to blow your mind.

So at the end of my Vista week of review, I said I was going to cover why Windows Server 2008 is a completely different beast than we're used to looking at. I know I've mentioned it before, but I'll say it again: I'm a Linux guy. Of course, I know Windows too (after all, being an operating system bigot is no way to get hired in today's world), but I'm always going to try and advocate the use of an open platform. That having been said, no one platform can satisfy the needs of everyone all at once. What works for some, won't work for others. If you're going to host web sites, something for e-commerce or some such thing, I'm going to suggest apache on Linux. If you're looking to administer 40-some Windows XP machines, I'm going to recommend Windows Server. Getting down to the meat of things though, Windows Server 2008 really does more than any previous edition of Windows Server has. What exactly? Keep reading.

Imagine, if you will, a server without a GUI. This server runs Linux, has a bunch of network oriented services, and needs to serve an unknown number of clients at any given time. Top it off with the fact that you won't be logging into it very often. Since a GUI won't be running 100% of the time to support unlikely local logins, you've got all those extra resources for clients.

One of the major problems with Windows Server is that you've always had to run a full GUI while handling services at the same time. If you're not going to touch the box that often, what sense does that make? Enter Windows Server 2008 core; it doesn't have a GUI per-say, but it can if you want it to. You can run certain .NET framework applications on Core. For example, a reduced version of notepad, task manager, etc. You're still running a minimal GUI environment, with access to command prompt as your main interface. From here, you can even launch Power Shell on core (which is by far more exciting to use). A Server Core system will offer definite measurable performance gains in any service you run on it. Add to that the security benefit of a slimmed down operating system, providing a smaller attack surface (less software to attack).

Okay, so core may be cool, but we're not done yet. Remember how I was complaining that it makes no sense to restart so often for non-kernel updates on Vista? Well, it's time for me to give some kudos to Microsoft, as promised. Windows Server 2008 has a drastically reduced need for restarts involving updates. Given that I've been working on a W2k8 server for a month or two now, it's a definite improvement. And while we're on the topic of server reliability, Server 2008 makes use of Self-Healing NTFS. Self-healing NTFS will repair file system related issues on the fly, on an online disk. Previously, such repair required a reboot into a safe mode type environment with something like chkdsk. This isn't something you have to set, it's something that happens automagically (Yes, automagically really is a word). If your system detects corruption, it'll lock down the area of corruption to make it inaccessible while repairing issues. Need to add another CPU to your server? So long as you've got the right hardware, you can just slap it in there without having to reboot. Additionally, assuming your hardware supports it, you can hotswap a CPU on the fly without a reboot as well. Of course, you'll still need at least ONE CPU in there.

Virtual machines are big now. If you need to run multiple different operating systems and you've got a fairly beefy box, there's no reason not to use virtual machines. Previously, we had VMware products for server level virtualization. In Server 2008 comes Microsoft's Hyper-V virtualization system. As its name suggests, it's a hypervisor that sits between your VM's and your hardware at the kernel layer. If you've ever heard of Xen, it's pretty similar in concept and design. Hyper-V can even act as a Xen hypervisor. This is great if you've got a Xen enabled operating system and you want to get all the benefits such a configuration can provide. Running Hyper-V on Server 2k8 Core has some pretty impressive results as well.

A common reason to use Windows Server is for Active Directory. Server 2008 still has active directory, of course. In addition to AD though, you can also set up a "Read-Only" domain controller, or RODC. What use could this be? Well, let's assume you're dealing with a large corporation, and you need to set up a DC at a smaller office. Unfortunately, due to budget constraints and lack of security at the site, a normal domain controller might cause problems upstream. That's where a read-only DC comes in; everything from normal AD is there, except for client passwords. Plus, you have the added benefit of knowing you won't have to replicate changes upstream, thereby reducing bandwidth usage.

Finally, let's talk about clustering. Clustering involves taking several machines and making them behave as a group, or one intelligent machine. In Windows Server 2008, you can cluster physical machines with Hyper-V virtual machines to achieve maximum uptime. Imagine for a moment that you're taking down one machine that exists within a cluster, that is currently hosting your virtual machine in charge of your website. Rather than be concerned about migrating this VM somewhere else, you can just bring it down. The cluster will start the VM elsewhere and you will have prevented any downtime. Not only can you cluster Hyper-V, but you can also make use of Network Load Balancing in your cluster. This means that if that one box with your VM is getting hammered, you can offload some traffic onto another node on the same cluster running the same VM (presumably).

If you're interested in learning some more about what W2k8 server offers, check out these whitepapers. It's definitely worth a look, and may help you decide what you want to run next time you set up a server box. Hopefully I've catered to some of our hardcore Linux readers, and even our hardcore W2k3 server readers in the features I mentioned. Rest assured though, there way more features in there than I can fit on this blog. For the next post, I'll continue the ARP exploit I started a couple months back (Sorry for the delay!)