Every Possible Reason to Migrate to Windows Server 2019, in a Nut-Shell

It is not often that the IT infrastructure is even touched, due to the disruption caused by such projects. This sometimes leaves hardware deployed for decades.

With Windows Server 2016 being relatively young, one would question the need to change to Server 2019 – we might have the answers needed to brave the migration.

Slower migration habits on the server side mean longer spans between Windows Server releases, which in turn mean bigger changes between these releases. With Windows Server 2016 being the first of its kind built on Windows 10 Kernel, changes have been rather… rough. Windows Server 2019 is notably faster, with numerous changes, from security upgrades to hybrid cloud integration features.

This is our compelling argument for you to make the change:

In-place Windows Server 2019 Upgrades

Desktop versions of Windows allowed the migration of apps from say Windows 7 to Windows 8 to Windows 10 without much trouble, whereas Windows Server was only hardware bound or available as a clean installation, which required a blank server or the overwriting of an existing OS. Windows Server 2019 is built on the 2016 version’s core base, so app compatibility is well-maintained.

With the option to upgrade old installations, right back to Server 2012, you can maintain your installation configurations, settings, Active Directory, server roles and much more. Additionally, the Cluster OS Rolling Upgrade enables administrators to upgrade the OS of the cluster nodes from Windows Server 2012 R2 and Windows Server 2016 without halting Hyper-V or the Scale-Out File Server workloads.

“The first thing customers should look at is if in-place OS upgrades work for them or a clean install works,” says Arpan Shah, general manager of Azure at Microsoft. “The hardware requirements have not changed from Server 2016 to 2019, which is why an in-place upgrade is possible.”

The definitive line is whether customers would keep and upgrade or require new hardware, where a clean install would be required. If the first option is more likely, one should evaluate an in-place upgrade strategy.

But Philip Elder, co-owner of MPECS, a consultancy that specializes in high availability solutions and Microsoft MVP, is a little leery of the upgrade process. “With an in-place upgrade I inherit all the baggage that OS has. Am I completely guaranteed it will run down the road and have no issues? If not, then no [to an upgrade], he says.

Elder reports that the Server 2019 speed clocks an impressive 75-80% faster speed, with the same resources assigned to virtual machines on Server 2016, no matter the configuration of the virtual machine or resources in use. “Everything on 2016 takes longer,” he says.

Enhanced security & patching with Windows Server 2019

Shah says Microsoft’s top investment in 2019 is security. Some noteworthy areas of improvement and new features include:

  • Windows Defender ATP agent
  • New Shielded VM improvements
  • Virtual network encryption
  • System Guard Runtime Monitor

Windows Defender Advanced Threat Protection (ATP) has seen a significant upgrade which provides visibility into memory and kernel-level attacker activities, granting the ability to take the appropriate actions on affected machines. Not only does Defender detect and block ransomware, but it has the ability to restore files and data in the instance of an attack.

Shielded VM was introduced on Server 2016 and has since undergone extensive revision, allowing virtual machines such as domain controllers encryption capabilities when they are on disk to prevent attackers from gaining access to these virtual disks. The Active Directory-based attestation for the host guardian service is being deprecated in favor of a host key attestation mechanism, which is easier to configure.

Virtual Network Encryption works hand in hand with Shielded VMs to protect network data which is in motion, preventing snooping or manipulation.

System Guard Runtime Monitor is a newer security system which formed part of the Fall 2018 Windows 10 Creator’s Update, where Microsoft actively reorganized the system integrity features, creating a single runtime which was built into Windows 10 itself. This provides kernel-level process protection and supports hardware-rooted security, such as virtualization-based security, to migrate attacks at a VM level.

Elder adds there is a “huge improvement” in patching over 2016. “There are some issues with patching in 2016 and as a result, patching in 2016 takes a huge amount of time. Every role and feature in ‘19 relative to ‘16 patching speed is exponentially faster in comparison, and so far the patches are actually smaller,” he says.

Server 2019 also rolls in changes for x86 security flaws like Meltdown and Spectre. There was a fix for it in Server 2016 but wasn’t very good, says Elder. “The initial 2016 fixes were very painful. We had a lot of blue screens. In 2019 they have been relatively smooth,” he says.

Storage, Kubernetes and Linux

Server 2016 DataCentre saw the introduction of Storage Spaces Direct (S2D), a a distributed data storage system that allows the local disks of several servers to be organized into fault-tolerant and scalable storage protected from disk and server failure, but this had limitations. One of them was data deduplication, which would not work on Resilient File Systems (ReFS). Server 2019 saw the integration of both, allowing for much greater performance.

Server 2019 also has another impressive added feature – Storage Migration Service. This allows the migration of storage systems, dating back all the way to Windows Server 2003, along with a variety of operating systems, nix Unix and Linux, in a seamless, almost effortless manner.

This Storage Migration Service runs on Server 2019, acting as an orchestrator for inventory, transfer and cutover phases of the migration process, transferring data, shares, configurations, security, file attributes and share permissions on the nodes you choose to migrate.

Server 2019 also features a much improved support for Kubernetes to deploy and scale containers, whereas Server 2016 had Kubernetes as an additional, but this is native. A major factor would also be that these containers are a notable 75% smaller compared to previous versions.

Server 2019 now supports the running of Ubuntu Red Hat Enterprise Linux, and SUSE Linux Enterprise Server inside shielded virtual machines. Additionally, Linux VMs are supported for shielded VM protection.

Azure Stack Hyperconverged

Azure Stack was released by Microsoft after Server 2016, the first version natively supported. It allows customers the potential to run an Azure-like cloud environment from their very own hardware, enabling an Azure environment, within the confines of their own firewall, while simultaneously, the Azure Stack remains fully integrated with the Azure service. You can even move apps between the two.

Azure Stack HCI makes up a part of the Azure Stack product line, as a hyperconverged Windows Server 2019 cluster. It uses validated hardware to run virtualized workloads which can take place on premises, with an option to use these services for cloud-based backups, site recovery and much more. Additionally, these solutions make use of Microsoft validated hardware, ensuring optimal performance and reliability at all times. It’s no surprise that this includes support for technologies such as NVMe drives, persistent memory, and remote-direct memory access (RDMA) networking.

Elder says Azure Stack HCI “is exponentially better in 2019 performance-wise and is significantly faster. The difference in health monitoring systems capabilities is black and white because it’s not there in 2016.”

Highlights for Windows Server 2019

Some other notable features included on Server 2019:

System Insights: This feature brings local predictive analytics capabilities native to Windows Server. Through analyzing Windows Server system data, greater automation of server operations are enabled, reducing operational expenses associated.

Unified Management: Windows Admin Center is a browser-based HCI remote management interface that includes software-defined network configuration and monitoring.

Storage Class Memory: Server 2019 automatically includes the required support for new generation of server hardware and storage class memory, in turn drastically improving overall performance for server applications.

Cluster-Wide Monitoring: This feature monitors memory and CPU usage, storage capacity, IOPS, throughput and real time-latency, allowing clear alerts when an issue arises.

SDN Networking: Software Defined Networking support adds the ability to manage and monitor all relevant networks ans subnets. Also, virtual machines remain connected to virtual networks. Monitoring of SDN infrastructure is also possible. SDN provides a centralized configuration and the management of virtual network devices. Additionally, IPv6 and stack IPv4/IPv6 addressing is now Windows Server 1029 supported, whereas 2016 did not provide support to IPv6, just IPv4.

Persistent Memory Support: Intel’s Optane persistent memory is supported, basically being an SSD with close to DRAM speeds. Server 2019 also provides byte-level access to all non-volatile media, drastically reducing the latency which occurred when storing or retrieving data.

“There’s no reason to hold off,” Elder says. “Anyone that wants to migrate their workloads should, especially the Server 2008 folks.”

Well, there you have it. It sure is a great time for Server Software, especially Microsoft Server 2019. What a time to be alive techies, IT guys and all who find Servers a requisite in their business.