technology

Nano server 2016 Basic configuration

Microsoft developed windows server 2016 with an installation option (Nano server) which is a striped version of an installation offering only the core components of an operating thus remotely administered server operating system optimized for private clouds and data centers. It is similar to Windows Server in Server Core mode but significantly smaller, has no local logon capability, and only supports 64-bit applications, tools, and agents. It takes up far less disk space, sets up significantly faster, and requires far fewer updates and restarts than Windows Server. When it does restart, it restarts much faster.

nano server configuration

 

Nano Server is ideal for a number of scenarios:

  • As a “computer” host for Hyper-V virtual machines, either in clusters or not As a storage host for Scale-Out File Server.
  • As a DNS server
  • As a web server running Internet Information Services (IIS)
  • As a host for applications that are developed using cloud application patterns and run in a container or virtual machine guest operating system

Here are basic configuration information you may need:

To quickly deploy Nano Server in a virtual machine

    1. Copy NanoServerImageGenerator.psm1 and Convert-WindowsImage.ps1 from the \NanoServer folder in the Windows Server Technical Preview ISO to a folder on your hard drive.

    2. Start Windows PowerShell as an administrator, change directory to the folder where you’ve placed these scripts and then import the NanoServerImageGenerator script with Import-Module NanoServerImageGenerator.psm1 -Verbose

    3. Create a VHD that sets a computer name and includes the Hyper-V guest drivers by running the following command which will prompt you for an administrator password for the new VHD:

      New-NanoServerImage -MediaPath <path to root of media> -BasePath .\Base -TargetPath .\NanoServerVM\NanoServerVM.vhd -ComputerName <computer name> -GuestDrivers where

      • <path to root of media> is the path that you provide to the root of the contents of the Technical Preview ISO. For example if you have copied the contents of the ISO to d:\TP4ISO you would use that path.
      • -BasePath specifies a folder that will be created to copy the Nano Server WIM and packages to.
      • -TargetPath specifies the full path, including the filename and extension, where the resulting VHD or VHDX will be created.
      • Computer_name is the computer name you provide for the Nano Server virtual machine you are creating.

      Example: New-NanoServerImage -MediaPath f:\ -BasePath .\Base -TargetPath .\Nano1\Nano.vhd -ComputerName Nano1 –GuestDrivers

      This example creates a VHD from an ISO mounted as f:\. When creating the VHD it will use a folder called Base in the same directory where you ran New-NanoServerImage; it will place the VHD (called Nano.vhd) in a folder called Nano1 in the folder from where the command is run. The computer name will be Nano1 and will have virtual machine drivers installed for running Hyper-V.If you want a Generation 1 virtual machine, generate a VHD image by specifying a .vhd extension for -TargetPath. For a Generation 2 virtual machine, generate a VHDX image by specifying a .vhdx extension for -TargetPath.

      System_CAPS_noteNote
      New-NanoServerImage is supported on Windows 8.1, Windows 10, Windows Server 2012 R2, and Windows Server 2016 Threshold Preview.
    4. In Hyper-V Manager, create a new virtual machine and use the VHD created in Step 3.

    5. Boot the virtual machine and in Hyper-V Manager connect to the virtual machine.

    6. Log on to the Recovery Console (see the “Nano Server Recovery Console” section in this guide), using the administrator and password you supplied while running the script in Step 3.

    7. Obtain the IP address of the Nano Server virtual machine and use Windows PowerShell remoting or other remote management tool to connect to and remotely manage the virtual machine.

To quickly deploy Nano Server on a physical computer

    1. Copy NanoServerImageGenerator.psm1 and Convert-WindowsImage.ps1 from the \NanoServer folder in the Windows Server Technical Preview ISO to a folder on your hard drive

    2. Start Windows PowerShell as an administrator, change directory to the folder where you’ve placed these scripts and then import the NanoServerImageGenerator script with Import-Module NanoServerImageGenerator.psm1 -Verbose.

    3. Create a VHD that sets a computer name and includes the OEM drivers and Hyper-V by running the following command which will prompt you for an administrator password for the new VHD:

      New-NanoServerImage -MediaPath <path to root of media> -BasePath .\Base -TargetPath .\NanoServerPhysical\NanoServer.vhd -ComputerName <computer name> -OEMDrivers -Compute where

      • <path to root of media> is the path to the root of the contents of the Technical Preview ISO. For example if you have copied the contents of the ISO to d:\TP4ISO you would use that path.
      • BasePath is a folder that will be created to copy the Nano Server WIM and packages to. (This parameter is optional.)
      • TargetPath is a folder that will be created where the resulting VHD will be created.
      • Computer_name is the computer name for the Nano Server virtual machine you are creating.

      Example: New-NanoServerImage -MediaPath F:\ -BasePath .\Base -TargetPath .\Nano1\NanoServer.vhd -ComputerName Nano-srv1 -OEMDrivers –Compute -Clustering

      This example creates a VHD from an ISO mounted as f:\. When creating the VHD it will use a folder called Base in the same directory where you ran New-NanoServerImage; it will place the VHD in a folder called Nano1 in the folder from where the command is run. The computer name will be Nano-srv1 and will have OEM drivers installed for most common hardware and has the Hyper-V role and the clustering feature enabled. If the server uses UEFI to boot, change NanoServer.vhd to NanoServer.vhdx.

    4. Log in as an administrator on the physical server where you want to run the Nano Server VHD.

    5. Copy the VHD that this script creates to the physical computer and configure it to boot from this new VHD. To do that, follow these steps:

      1. Mount the generated VHD. In this example, it’s mounded under D:\.
      2. Run bcdboot d:\windows.
      3. Unmount the VHD.
    6. Boot the physical computer into the Nano Server VHD.

    7. Log on to the Recovery Console (see the “Nano Server Recovery Console” section in this guide), using the administrator and password you supplied while running the script in Step 3.

    8. Obtain the IP address of the Nano Server computer and use Windows PowerShell remoting or other remote management tool to connect to and remotely manage the virtual machine.

Joining Domain

New-NanoServerImage offers two methods of joining a domain; both rely on offline domain provisioning, but one harvests a blob to accomplish the join. In this example, the cmdlet harvests a domain blob for the Contoso domain from the local computer (which of course must be part of the Contoso domain), then it performs offline provisioning of the image using the blob:

New-NanoServerImage -MediaPath \\Path\To\Media\en_us -BasePath .\Base -TargetPath .\JoinDomHarvest.vhdx -ComputerName JoinDomHarvest -DomainName Contoso

When this cmdlet completes, you should find a computer named “JoinDomHarvest” in the Active Directory computer list.

You can also use this cmdlet on a computer that is not joined to a domain. To do this, harvest a blob from any computer that is joined to the domain, and then provide the blob to the cmdlet yourself. Note that when you harvest such a blob from another computer, the blob already includes that computer’s name–so if you try to add the -ComputerName parameter, an error will result.

You can harvest the blob with this command:

djoin /Provision /Domain Contoso /Machine JoiningDomainsNoHarvest /SaveFile JoiningDomainsNoHarvest.djoin

Run New-NanoServerImage using the harvested blob:

New-NanoServerImage -MediaPath \\Path\To\Media\en_us -BasePath .\Base -TargetPath .\JoinDomNoHrvest.vhd -DomainBlobPath .\Path\To\Domain\Blob\JoinDomNoHrvestContoso.djoin

In the event that you already have a node in the domain with the same computer name as your future Nano Server, you could reuse the computer name by adding the -ReuseDomainNode parameter.

Injecting Drivers

Nano Server offers a package that includes a set of basic drivers for a variety of network adapters and storage controllers; it’s possible that drivers for your network adapters might not be included. You can use this syntax to have New-NanoServerImage search the directory for available drivers and inject them into the Nano Server image:

New-NanoServerImage -MediaPath \\Path\To\Media\en_us -BasePath .\Base -TargetPath .\InjectingDrivers.vhdx -DriversPath .\Extra\Drivers

System_CAPS_noteNote
In the folder where you keep your drivers, both the SYS files and corresponding INF files must be present. Also, Nano Server only supports signed, 64-bit drivers.

Setting Static IP

To configure a Nano Server image to use static IP addresses, first find the name or index of the interface you want to modify by using Get-NetAdapter, netsh, or the Nano Server Recovery Console. Use the -Ipv6Address, -Ipv4Address, -Ipv4SubnetMask, or -Ipv4Gateway extensions to specify the configuration, as in this example:

New-NanoServerImage -MediaPath \\Path\To\Media\en_us -BasePath .\Base -TargetPath .\StaticIpv4.vhd -InterfaceNameOrIndex Ethernet -Ipv4Address 192.168.1.2 -Ipv4SubnetMask 255.255.255.0 -Ipv4Gateway 192.168.1.1

Joining Nano Server to a Domain

To add Nano Server to a domain online

  1. Harvest a data blob from a computer in the domain that is already running Windows Threshold Server using this command:

    djoin.exe /provision /domain <domain-name> /machine <machine-name> /savefile .\odjblob

    This saves the data blob in a file called “odjblob”.

  2. Copy the “odjblob” file to the Nano Server computer with these commands:

    net use z: \\<ip address of Nano Server>\c$

    System_CAPS_noteNote
    If the net use command fails, you probably need to adjust Windows Firewall rules. To do this, first open an elevated command prompt, start Windows PowerShell and then connect to the Nano Server computer with Windows PowerShell Remoting with these commands:

    Set-Item WSMan:\localhost\Client\TrustedHosts “<IP address of Nano Server>”

    $ip = “<ip address of Nano Server>”

    Enter-PSSession -ComputerName $ip -Credential $ip\Administrator

    When prompted, provide the Administrator password, then run this command to set the firewall rule:

    netsh advfirewall firewall set rule group=”File and Printer Sharing” new enable=yes

    Exit Windows PowerShell with Exit-PSSession, and then retry the net use command. If successful, continue copying the “odjblob” file contents to the Nano Server.

    md z:\Temp

    copy odjblob z:\Temp

  3. Open an elevated command prompt, start Windows PowerShell and then connect to the Nano Server computer with Windows PowerShell remoting with these commands:

    Set-Item WSMan:\localhost\Client\TrustedHosts “<IP address of Nano Server>”

    $ip = “<ip address of Nano Server>”

    Enter-PSSession -ComputerName $ip -Credential $ip\Administrator

    When prompted, provide the Administrator password, then run this command to join the domain:

    djoin /requestodj /loadfile c:\Temp\odjblob /windowspath c:\windows /localos

  4. Restart the Nano Server computer, and then exist the Windows PowerShell session:

    shutdown /r /t 5

    Exit-PSSession

  5. After you have joined Nano Server to a domain, add the domain user account to the Administrators group on the Nano Server.

Alternate method to join a domain in one step

First, harvest the data blob from another computer running Windows Threshold Server that is already in your domain using this command:

djoin.exe /provision /domain <domain-name> /machine <machine-name> /savefile .\odjblob

Open the file “odjblob” (perhaps in Notepad), copy its contents, and then paste the contents into the <AccountData> section of the Unattend.xml file below.

Put this Unattend.xml file into the C:\NanoServer folder, and then use the following commands to mount the VHD and apply the settings in the offlineServicing section:

dism\dism /Mount-Image /ImageFile:.\NanoServer.vhd /Index:1 /MountDir:.\mountdir

dism\dism /image:.\mountdir /Apply-Unattend:.\unattend.xml

Create a “Panther” folder (used by Windows systems for storing files during setup; see Windows 7, Windows Server 2008 R2, and Windows Vista setup log file locations if you’re curious), copy the Unattend.xml file to it, and then unmount the VHD with these commands:

md .\mountdir\windows\panther

copy .\unattend.xml .\mountdir\windows\panther

dism\dism /Unmount-Image /MountDir:.\mountdir /Commit

The first time you boot Nano Server from this VHD, the other settings will be applied.

After you have joined Nano Server to a domain, add the domain user account to the Administrators group on the Nano Server.

Using Nano Server Recovery Console

Starting with Windows Server 2016 Technical Preview, Nano Server includes an Recovery Console that ensures you can access your Nano Server even if a network mis-configuration interferes with connecting to the Nano Server. You can use the Recovery Console to fix the network and then use your usual remote management tools.

When you boot Nano Server in either a virtual machine or on a physical computer that has a monitor and keyboard attached, you’ll see a full-screen, text-mode logon prompt. Log into this prompt with an administrator account to see the computer name and IP address of the Nano Server. You can use these commands to navigate in this console:

  • Use arrow keys to scroll
  • Use TAB to move to any text that starts with >; then press ENTER to select.
  • To go back one screen or page, press ESC. If you’re on the home page, pressing ESC will log you off.
  • Some screens have additional capabilities displayed on the last line of the screen. For example, if you explore a network adapter, F4 will disable the network adapter.

In Windows Server 2016 Technical Preview, the Recovery Console allows you to view and configure network adapters and TCP/IP settings, as well as firewall rules.

Managing Nano Server remotely

Nano Server is 100% managed remotely. There is no local logon capability at all, nor does it support Terminal Services. However, you have a wide variety of options for managing Nano Server remotely, including Windows PowerShell, Windows Management Instrumentation (WMI), Windows Remote Management, and Emergency Management Services (EMS).

To use any remote management tool, you will probably need to know the IP address of the Nano Server. Some ways to find out the IP address include:

  • Use the Nano Recovery Console (see the Using the Nano Server Recovery Console section of this topic for details).
  • Connect a serial cable to the computer and use EMS.
  • Using the computer name you assigned to the Nano Server while configuring it, you can get the IP address with ping. For example, ping NanoServer-PC /4.

Using Windows Poweshell remoting

To manage Nano Server with Windows PowerShell remoting, you need to add the IP address of the Nano Server to your management computer’s list of trusted hosts, add the account you are using to the Nano Server’s administrators, and enable CredSSP if you plan to use that feature.

To add the Nano Server to the list of trusted hosts, run this command at an elevated Windows PowerShell prompt:

Set-Item WSMan:\localhost\Client\TrustedHosts “<IP address of Nano Server>”

To start the remote Windows PowerShell session, start an elevated local Windows PowerShell session, and then run these commands:

$ip = “<IP address of Nano Server>”

$user = “$ip\Administrator”

Enter-PSSession -ComputerName $ip -Credential $user

You can now run Windows PowerShell commands on the Nano Server as normal.

System_CAPS_noteNote
Not all Windows PowerShell commands are available in this release of Nano Server. To see which are available, run Get-Command -CommandType Cmdlet

Stop the remote session with the command Exit-PSSession

Using Windows PowerShell CIM sessions over WinRM

You can use CIM sessions and instances in Windows PowerShell to run WMI commands over Windows Remote Management (WinRM).

Start the CIM session by running these commands in a Windows PowerShell prompt:

$ip = “<IP address of the Nano Server>”

$ip\Administrator

$cim = New-CimSession –Credential $user –ComputerName $ip

With the session established, you can run various WMI commands, for example:

Get-CimInstance –CimSession $cim –ClassName Win32_ComputerSystem | Format-List *

Get-CimInstance -CimSession $Cim -Query “SELECT * from Win32_Process WHERE name LIKE ‘p%'”

To Windows Remote Management

You can run programs remotely on the Nano Server with Windows Remote Management (WinRM). To use WinRM, first configure the service and set the code page with these commands at an elevated command prompt:

winrm quickconfig

winrm set winrm/config/client @{TrustedHosts=”*”}

chcp 65001

Now you can run commands remotely on the Nano Server. For example:

winrs –r:<IP address of Nano Server> -u:Administrator -p:<Nano Server administrator password> ipconfig

For more information about Windows Remote Management, see <LINKS>.

To Using Hyper_V on Nano Server

Hyper-V works the same on Nano Server as it does on Windows Server in Server Core mode, with two exceptions:

  • You must perform all management remotely and the management computer must be running the same build of Windows Server as the Nano Server. Older versions of Hyper-V Manager or Hyper-V Windows PowerShell cmdlets will not work.
  • RemoteFX is not available.

In this release, these features of Hyper-V have been verified:

  • Enabling Hyper-V
  • Creation of Generation 1 and Generation 2 virtual machines
  • Creation of virtual switches
  • Starting virtual machines and running Windows guest operating systems
System_CAPS_noteNote
Hyper-V Replica is not supported in this release.

If you want to perform a live migration of virtual machines, create a virtual machine on an SMB share, or connect resources on an existing SMB share to an existing virtual machine, it is vital that you configure authentication correctly. You have two options for doing this:

Failover Clustering

Failover clustering works the same on Nano Server as it does on Windows Server in Server Core mode, but keep these caveats in mind:

  • Clusters must be managed remotely with Failover Cluster Manager or Windows PowerShell.
  • All Nano Server cluster nodes must be joined to the same domain, similar to cluster nodes in Windows Server.
  • The domain account must have Administrator privileges on all Nano Server nodes, as with cluster nodes in Windows Server.
  • All commands must be run in an elevated command prompt.
System_CAPS_noteNote
Additionally, certain features are not supported in this release:

  • You cannot run failover clustering cmdlets on a local Nano Server through Windows PowerShell.
  • Clustering roles other than Hyper-V and File Server.

You’ll find these Windows PowerShell cmdlets useful in managing Failover clusters:

You can create a new cluster with New-Cluster -Name <clustername> -Node <comma-separated cluster node list>

Once you’ve established a new cluster, you should run Set-StorageSetting -NewDiskPolicy OfflineShared on all nodes.

Add an additional node to the cluster with Add-ClusterNode -Name <comma-separated cluster node list> -Cluster <clustername>

Remove a node from the cluster with Remove-ClusterNode -Name <comma-separated cluster node list> -Cluster <clustername>

Create a Scale-Out File Server with Add-ClusterScaleoutFileServerRole -name <sofsname> -cluster <clustername>

You can find additional cmdlets for failover clustering at Microsoft.FailoverClusters.PowerShell.

Using DNS Server on Nano Server

To provide Nano Server with the DNS Server role, add the Microsoft-NanoServer-DNS-Package to the image (see the “Creating a custom Nano Server image” section of this topic. Once the Nano Server is running, connect to it and run this command from and elevated Windows PowerShell console to enable the feature: more Help can be got from Microsoft Tech preview site

 And you can read more of our blogs from here