Windows Server 2019 contains the most powerful networking capabilities that have ever shipped in a Windows Server release. These features will help to connect resources together between on-premises and Azure public cloud extremely easy. In this post, we will share the new Windows Server 2019 Hybrid Network Features.
Microsoft team has done a wonderful job in Windows Server 2019 for releasing core networking features to support Hybrid Cloud environments such as with Microsoft Azure public cloud.
Below are the four main components that enable hybrid network connectivity and the ability for hybrid connectivity
- Hybrid connectivity
- Host networking
- Server networking
- High accuracy time
Azure hybrid cloud functionality that is natively built into Windows Server 2019 that allows easily making connections and extending networking features to Azure from on-premises nodes.
Following hybrid cloud network features included in Windows Server 2019. All these enhancements greatly improves the ability of the platform to facilitate hybrid networking between on-premises and cloud, specifically Azure environments.
- Azure Network Adapter
- Much improved VPN performance
- Flexible Container Hybrid Networking
- Precision Time Protocol
Connection to Microsoft Azure from on-premises
On-premises workloads are communicating across on-premises and cloud networks and there are some requirements for an on-premises server to communicate with a virtual machine running on an Azure network.For connecting to Microsoft Azure from on-premises, there are several ways this is accomplished , many are listed below
- Public IP – Accessible from anywhere, low cost
- P2S VPN Gateway – Individual machines into Azure via the Internet
- S2S VPN Gateway – Network to Azure over Internet
- Express Route (ER) – Dedicated MPLS connection to Azure.
Azure Network Adapter
Azure Network Adapter is one of the great new features included in Windows Server 2019 which allows to create a Point-to-Site network connection from individual servers that allows effectively extending the server’s ability to communicate with Azure networks. The Azure Network Adapter functionality allows a single-click experience to connect Windows Server 2019 with your Azure Virtual Network by using Point-to-Site functionality.
The Azure Network Adapter makes the entire process extremely easy to configure and contains the following configuration that is handled automatically:
- Takes care of Azure Virtual Gateway creation
- Handles self-signed certificates, or user-generated
- Auto-reconnect is enabled by default
- Connection is persistent when not logged in
The new Windows Admin Center is the new management dashboard utility that allows a powerful way to interact with Windows Server. It provides access to some of the new platform features such as Azure Network Adapter and allows adding these new services and features. Below, we have connected to a Windows Server 2019 server with Windows Admin Center. Navigate to Network > Add Azure Network Adapter to add the new Azure Network Adapter to the Windows Server 2019 installation.
There will a new window will prompt to add Windows Admin Center to Azure before installing the Azure Network Adapter. The Windows Admin Center utilizes an existing connection to Azure that has already been established to install and integrate the Azure Network Adapter.
Much Improved VPN Performance
When thinking about Remote Access performance with and without SDN, Windows Server 2019 has drastic improvements to the throughput achievable with VPN technologies. For IPSEC VPNs, performance has been improved by 3X .
Site-to-site VPN enables many connections between clients and servers. It requires a VPN endpoint, routing configuration on-premises, Remote Access Server (RAS) Role in Windows Server, Azure Virtual Gateway to SDN Virtual Gateway, and requires an Internet routable gateway IP.
Flexible Container Hybrid Networking
Today’s fast-paced development environments and methodologies are making a considerable shift to using container architecture. Containers are allowing organizations to shift from a traditional 3-tier app logic to one that is more focused on microservices. Today’s businesses making use of container technology have the need for flexible container networking moving from tightly-coupled to loosely-coupled components. Containers can be consumed in a variety of ways including Windows containers that use process isolation to make boundaries and also Hyper-V containers that add further boundaries to security isolation using nested virtualization.
Microsoft is providing a huge amount of support for today’s container technologies that are providing organizations with the tools and abilities they need with flexible container networking. Microsoft is providing tremendous support for container scheduling and orchestration technologies such as Kubernetes in both on-premises and Azure-based containers. Additionally, they are providing support for multiple container network interface (CNI) plugins and topologies.
- Azure CNI (container network interface plugin)
- Flannel meta-plugin with win-l2bridge CNI (host-GW)
- Flannel meta-plugin with win-overlay CNI (Overlay) (Beta)
- Kubernetes-OVN CNI (Overlay) – maintained by cloudbase solutions
Windows Server 2019 also provides support for network policy enforcement with Tigera Calico on Windows and container deployments. Network Policies – allow limiting network connectivity between services that need to talk to each other. The flexibility provided by the new Windows Server 2019 container capabilities provides easy load-balancing, service discovery, and security for modernizing existing Windows Server applications with containers (lift-and-shift) or rearchitecting or building new applications using microservice architectures. Organizations can start either on-premises or in the Azure cloud with containers.
Start on-premises:
- service fabric
- docker enterprise edition v1.x
- Vanilla Upstream K8s v1.11
- RedHat OpenShift
Start in Azure:
- Azure Service Fabric
- Azure Container Instance (ACI)
- ACS for Kubernetes
- Azure App Service
- Service Fabric Mesh
Precision Time Protocol
Hybrid environments where some resources are housed on-premises and other are housed in the cloud, time synchronization becomes a greater challenge. With Windows Server 2019, time accuracy has been greatly improved. Precision time protocol has been introduced. On the network, there are things that interfere with the accuracy of time (switches, routers, firewalls, etc). PTP allows switches to participate and insert the latency they have added into their measurement. A Software timestamp is used when packets come in and when they leave which also removes latency when introduced by Windows. Windows Server 2019 also has true Leap Second support.