Hyper-V Interview Questions

1) Which editions of Hyper-V support dynamic resizing of VHDX attached to a VM?

All editions from 2012 R2 onwards.

2) Is it possible to export VM and checkpoint while the VM is running?

yes, from Server 2012 onwards it is possible

3) What is the function of the Virtual Machine Management Service?
The VMMS service manages the state of the VM's and executes the virtual machine worker processes.

4) Explain VMBUS

In order to understand VMbus we also need to make note of VSP(Virtual Service Providers) and VSC(Virtual Service clients). The VSP sits in the parent partition and VSC in the child partition. When the child partition wants to access hardware resources, its VSC will use the VMBUS to make a request to the VSP  and the VSP will then communicate with the hardware resource.

5) What is the difference between synthetic and emulated hardware?

For certain OS's which are not virtualization-aware Hyper-V will provide emulated hardware. Which will appear to the VM as a standard device like for eg. an Intel 21140 LAN adapter.

Providing an emulated hardware requires additional processing as it runs under the vmwp.exe process. This process executes in the user mode of the parent partition, compared to a synthetic device which runs only in the kernel mode and doesn't have the overhead of physical hardware emulation. Hence a synthetic device will work much more efficiently than an emulated device as it runs in kernel mode as well as uses the VMbus for communication.

6) You want to check the time source for your Hyper-V VM.

w32tm /query /source

7) What is the use of integration services?

After installing the OS in the VM, one of the first task that needs to be accomplished is to install Integration Services. This kind of, informs the VM that it is in a virtualized environment, and allows it to use synthetic devices via the VMbus. Integration services also enable features like time sync, data exchange, backup services, shutdown etc.

8) What is the advantage of using SCSI controller over IDE?

You can have only 2 ide controllers with 2 devices attached, that makes it 4 devices in total. For SCSI we can have 4 controllers. To each controller, we can attach up to 64 hard drives, which makes it a max of 256 hard disks. In windows server, 2012 R2 SCSI controllers also provide additional features like shared VHDX and dynamic resizing of VHDX files.

9) What are the advantages of using a generation 2 VM?

a) Gen 2 VM was introduced in Windows Server 2012 R2

b) It negates the use of emulated devices since mostly synthetic device are used.

c) Uses UEFI which gives us the feature of secure boot.

d) Gen 2 VM can boot from SCSI controller device and also synthetic network adapter.

e) Gen 2 VM only supports Windows Server 2012 and Windows 8 64-bit onwards.

f) Virtual TPM and shielded VM functionality is only available for Gen 2 VM.

10) Can we convert a Gen 1 VM to Gen 2?

No

11) What is the VMCX configuration file in Hyper-V 2016?

starting server 2016 Microsoft made changes to the configuration file which was earlier stored in .xml format. This format was easily editable and on the negative side prone to corruption in case of storage failure and other outages. The new VMCX file is a binary based configuration file which can be modified only through PowerShell and also much stable with reference to storage corruptions.

12. What is a vCPU ?

A server can support multiple sockets and each socket can have a processor with multiple cores. The VM needs to use processor resources which exposed to it using a concept known as a vCPU.
A vCPU is a time-sliced component, which means if I have a 2012 server vm with 2 vCPU and a windows 10 VM with 1 vcpu , then the Windows Server 2012 VM will get double the attention from the processor than the windows 10 VM.

Mirosoft recommendation prior to Windows Server 2012 was 8:1, that is 8 virtual processors for every 1 logical processor. You cannot assign more virtual processors than the logical processors available to a single VM. For eg., if a server has 8 logical processors you cannot assign 12 VCPU to a single VM, the number has to be 8 or below.  Since server 2012 the supportability limits as defined before have now been removed. Hyper-V supports 2,048 virtual processors.

13)Explain Virtual Machine reserve percentage.

Lets take an example here, the hyper-v host has 4 logical processors. The VM has been assigned 1 VCPU. The reservation has been set to 50 %. This means that half of any one of the logical processors capacity will always be available to the VM. In a situation wherein the VM is idle , the reserve capacity can be used by other VM's, but once the VM starts then it get first priority and others will have to wait.

14)Explain relative weight.

This value will only be used in case of resource contention. If you assigned a VM1 relative weight of 50 and VM2 a weight of 100. VM2 will get twice the CPU cycles assuming the number of VCPU is the same.

15)Can we change the number of VCPU while the VM is running ?

No , but the Virtual Machine Reserve(Percentage), Virtual Machine Limit (Percentage), and Relative Weight can be modified while the VM is running.

16) Your Hyper-V host has more than 32 virtual processors, sometimes you notice that a VM hangs immediately after logging on. What will you do to fix the issue.

check if the processors have got into C3 sleep state, this is normally used to save power when the processor is not doing anything. it may happen that all the processors wake up at the same time and get into contention. solution - disable c3 state using the following

reg.exe add HKLM\System\CurrentControlSet\Control\Processor /v
Capabilities /t REG_DWORD /d 0x0007e066

17) Can we migrate a VM on a host running Intel processor to a host running AMD ?

No, this is not supported. but migrating between  processor versions in the same family is supported by enabling Processor compatiblity option.

18) Which editions of Hyper-V support Dynamic memory ?
Dynamic Memory is supported from Windows Server 2008 R2 sp1 onwards.

19) You want to perform an in-place upgrade of your Hyper-V server, which are the supported versions for an in-place upgrade to Server 2016 ?

For an in-place upgrade, we need atleast Server 2012 R2

20) My current virtual machine is has hardware version 4 (server 2012), can i run the same on Server 2016 ?

No, the VM version needs to be upgraded . Server 2016 only supports VM version 5 (server 2012 R2) and VM version 8 (server 2016)

21) You need to resize the hard disk of the VM , but currently, the VM has checkpoints, is it possible to resize the VM disk ?

No, delete the checkpoints and then resize

22) Explain SR-IOV

you can use this feature, when you want your VM to access the host NIC card directly bypassing the vSwitch and other layers that might slow down the performance. All hyper-v features like snapshots,live-migration et. can be used except Hyper-V extensible switch and NIC teaming. SRV-IOV has to be supported by the host NIC card and motherboard. It has to be first enabled on the vSwitch level and also at the individual VM NIC card level. SR-IOV can only be enabled during vSwitch creation and cannot be enabled later.

23. What is NUMA ?

The concept of NUMA(Non-uniform memory access) applies to Hyper-V host whose motherboards have multiple processors, hence these processors may also have access to RAM which may local to the processor or RAM which may even be far away from the processor. Each processor alongwith its locally accessible memory forms a NUMA node. Its always recommended that an app restricts itself to using memory in the same NUMA node. In a situation wherein it accesses memory outside its NUMA node, this concept is called NUMA spanning.

Understanding the difference between BLOB and General Purpose Storage Accounts

• Blob storage account is exactly what it says, it can be used only for used for storing Blobs.

• General purpose storage accounts are more versatile, they can support blobs, files, queues & tables. You can use General purpose storage accounts to create block, append and page blobs (note-Page blobs are used for Virtual Machine Disk)

• Blob storage account only supports block and append blobs, hence the conclusion that if you want to create virtual machines, you cannot use Blob storage accounts.
  
  
• Azure cloud uses the concept of Hot and Cool access tier, general purpose storage accounts only support Hot access tier, while Blob storage account supports Hot as well as cool access tier.

Understanding the ADDS service in the services console

·        Introduced in Windows Server 2012, the AD DS service can be stopped to perform certain maintenance operations without the need to reboot the domain controller into DSRM. The following operations can be performed   while the AD DS service is stopped :

·        Performing offline defragmentation of the ADDS database.

·        Moving the AD database files to another location.

·        Performing a nonauthoritative restore. However, in order to perform an authoritative restore, you still need to get to DSRM mode.

Azure Interview Questions

1) What are management groups in Azure?

Azure management groups reside above subscriptions. You organize subscriptions into containers called “management groups” and apply conditions to the management groups. For example, you can apply policies to a management group that limits the regions available for virtual machine (VM) creation. This policy would be applied to all management groups, subscriptions, and resources under that management group by only allowing VMs to be created in that region.

2) What is an Azure Subscription?

Subscriptions help you organize access to cloud service resources. They also help you control how resource usage is reported, billed, and paid for. Each subscription can have a different billing and payment setup, so you can have different subscriptions and different plans by department, project, regional office, and so on. Every cloud service belongs to a subscription, and the subscription ID may be required for programmatic operations.

3) What are the different ways to get an Azure subscription?

You can get an Azure Subscription using the following:

a)       Enterprise Agreement

b)       Reseller (Open Licensing Program)

c)        Microsoft Partners

d)       Personal Free Trial Account

4) What is an Azure Enterprise Agreement?

Any Enterprise Agreement1 customer can add Azure to their agreement by making an upfront monetary commitment to Azure. That commitment is consumed throughout the year by using any combination of the wide variety of cloud services Azure offers from its global datacenters. Enterprise agreements have a 99.95% monthly SLA.

5) What are three roles related to Azure accounts and subscriptions?

a)   Account Administrator

b)  Service Administrator

c)  Co-administrator

(Please note the above roles were available in the initial release of Azure, you are now required to use RBAC)

6) What is an Azure policy?

Azure policies are used to define rules over your resources, for example you can define a policy that states that VM’s can only be deployed in South East Asia region or ensure that VM’s with public IP cannot be created and many more.

7) I have VM’s in spread out in 2 resource groups, can I add them to the same availability set?

No, the VM’s should be in the same resource group.

8) In what format are Azure policy definitions created and how can I get more information about them?

Azure policy definitions are created in JSON template format, if you require more information, refer to Azure Policy Definitions Structure

https://docs.microsoft.com/en-us/azure/governance/policy/concepts/definition-structure

9) What is a policy definition initiative?

A policy definition initiative is used to group policies into a single unit.

10)  Your organization has defined a Azure policy to ensure compliance. How often will the resources be scanned for policy compliance?

The resources will be scanned every 1 hour for policy compliance.

10) What is VNET peering?

Using VNET peering we can two VNET’s together without using the public internet or any type of gateways.

11) What are the benefits of VNET peering

a)  The ability to communicate between 2 different VNET’s

b) Vnet peering enables high bandwidth, low latency connectivity between two VNET’s

12) What are the pre-requisites for VNET peering?

The IP address space on both the peered networks should be unique.

13)  Can I join my client computer to Azure AD as well as On-premises Active Directory?

Yes, it is possible and this functionality is known as a hybrid join.

14) I require to sync my on-premises Active Directory users to Azure AD. Which tool can I use for the same?

Azure AD connect

15) Your organization mandates that the custom domain name used in Azure Ad and on-premises should be the same, what will you configure on the on-premises Domain Controller to facilitate the same?

Configure an UPN suffix in the on-premises domain using the same name as the Azure AD custom domain.

16) What is the standard policy for account lockout in AD azure?

The account will lockout after 10 invalid attempts by default

17) Can we have multiple Azure AD sync Servers connecting to the Azure AD on the cloud?

No, this is a one-to-one ratio. A single user on-premises cannot sync to multiple Azure Ad directories. Same is vice-versa, one Azure AD connect cannot connect to multiple directories on premises.

18) Can users in an Azure AD appear as contacts in another Azure AD?

No

19) Can we have a single forest with multiple domain using AD connect to the Cloud Azure AD?

Yes, this is a supported scenario.

20) You want to manage the Azure AD connect sync process, which tool will you use for the same?

Synchronization service manager and get-ADsynscheduler, set-adsyncscheduler and start-adsynccycle from Powershell

21) What are the types of storage available in Azure?

Azure types of storage are Standard which includes BLOB, Table, queue and files and Premium storage which is used for Virtual machine disks only.

22)  You have created a BLOB with the type-Append, can it now be changed to page BLOB ?

No, once a BLOB type has been defined , it cannot be changed.

23)   What are the 3 BLOB types supported by Azure?

Block, Page and Append BLOB.

(Page BLOB are used for Virtual Machine Disks , they are 512 byte pages , optimized for read/write access.

24)   What is the use of selecting Block size in a BLOCK BLOB?

It is useful for tools like AZCOPY wherein a large amount of data has to be transported in parallel over low bandwidth. Data will be sent in blocks simultaneously and assembled back at the Azure cloud.

25)   Can we read/write/delete as we do in normal data operations in the case of Append BLOB?

No, append blob only supported adding blocks, updating and deleting of existing blocks cannot be done.

26) Explain premium storage in Azure

Premium storage uses SSD disks and can be used only for Page Blobs.

27)  What are the different types of storage tiers in Azure?

Hot, Cool and Archive

28) What is the basis on which pricing can be calculated with reference to Azure Storage?

Azure Data storage pricing is calculated on the following factors

a)     Data Storage which means actual capacity, data at rest.

b)     Cost of reading/writing/modifying/retrieving data.

c)     Egress charges ie Outbound data, data being downloaded from Azure

d)     Geo-replication options

Install the Hyper-V role on Windows Server 2016

Hyper-V is a virtualization product which is built into most Microsoft Server and Client Operating Systems today.

The following are the Hardware requirements for installing Hyper-V

1.     You will need a 64-bit processor with SLAT (Second Level Address Translation), most processors ie. Core i3/i5/i7/Xeon have this feature.

2.     Ensure that you have enabled Virtualization support in the BIOS/UEFI

Once you have met the above requirements you are now ready to install Hyper-V, in this example, we are using Windows Server 2016 standard edition.

Open the Server Manager Window and click on “Add roles and features”

On the “Add Roles and Features Wizard” page click next 

Select “Role-based or feature-based installation” and click next

Ensure that select your server from the pool, in case you see multiple servers, select the correct server and click next.

Select Hyper-V from the list of roles

On the “Select Features” page, click next

On the above page click Next

On the Create Virtual Switches page you will see your HOST nic card, in a situation where you see multiple NIC’s , select the one that you want to use to communicate with the production network or to other clients on the Network, for more information on Hyper-V switches click here.

Select your NIC card and click next.

In case you need the Live Migration feature select “Allow this Server…” , my suggestion is not to select it now, you can always configure it later.

Select the default location for the Virtual Hard disk files and configuration files. If you are in a test lab environment then leave it to default, if in production then change the path to a proper storage location.

Select the option “restart the destination Server automatically if required”

Once the Server restarts, open Server Manager and you will see the HYPER-V Manager option, click on it.

You have now installed Hyper-V on Windows Server 2016

Step-by-Step Configuring an Additional Domain Controller in Windows Server 2016

In this article, we will configure an Additional Domain Controller sometimes also known as ADC. An ADC is usually configured for redundancy. In a situation wherein your Main Domain Controller fails, the ADC can service authentication requests and it also helps in load balancing access to Active Directory.

As always, ensure that your Server has a proper name and a valid IP address. Join the Server to the domain, but this is not a strict requirement.

Ensure that the Active Directory Domain Services role is installed, for instructions on the same click here

After the Active Directory Domain Services Roles is installed, click on Promote this server to a domain controller 

On the Deployment Configuration page select “Add a domain controller to an existing domain” and click on next.

On the domain controller options page, make sure that only DNS Server and Global Catalog Server is selected, type in the DSRM password, this can be any password that you choose and click next. (make sure that the password has alphabets, special characters and numbers )

On the DNS delegation page, click next 

Do not select the option “Install from media” and click next. To learn about “install from media” click here.

Select the location of the Database, logs and SYSVOL folder.  The usual recommendation is to store the Database and logs on separate drives for performance and recoverability purposes. In case you want to know the details of the Active Directory folders click here.

On the review options page, click next

Allow the computer to restart

Once the computer restarts, open Server Manager and  click on Tools -  Active Directory users and computers

Go to the Domain Controllers OU and you will see the new Domain Controller that you have just configured.

You have now configured an Additional Domain Controller 

The New Azure Certification Path

The Azure certification track is now divided into 3 tracks: Admin, Developer and Solution Architect.

 Ø The Microsoft Certified: Azure Administrator Associate certification consists of the following exams

      a)     AZ-100: Microsoft Azure Infrastructure and Deployment Exam
      b)    AZ-101: Microsoft Azure Integration and Security Exam

 Ø Microsoft Certified: Azure Developer Associate certification consists of the following exam

      a)     AZ-203: Developing Solutions for Microsoft Azure

Note: Microsoft did release 2 exams in 2018, Az-200 and Az-201 but  these exams have been retired and replaced with Az-203

 Ø Microsoft Certified: Azure Solutions Architect Expert consists of the following exams

      a)     AZ-300: Microsoft Azure Architect Technologies Exam
      b)    AZ-301: Microsoft Azure Architect Design Exam

The following is the topic coverage of Azure Administrator Associate certification:

AZ-100: Microsoft Azure Infrastructure and Deployment focusses on the following major objectives:

•       Manage Azure subscriptions and resources (15-20%)

•       Implement and manage storage (20-25%)

•       Deploy and manage virtual machines (VMs) (20-25%)

•       Configure and manage virtual networks (20-25%)

•       Manage identities (15-20%)

AZ-101: Microsoft Azure Integration and Security covers a number of different technologies and concepts:

•       Evaluate and perform server migration to Azure (15-20%)

•       Implement and manage application services (20-25%)

•       Implement advanced virtual networking (30-35%)

•       Secure identities (25-30%)

The following is the topic coverage of Azure Developer Associate certification

AZ-203: Developing Solutions for Microsoft Azure focusses on the following major objectives:

•       Develop Azure Infrastructure as a Service Compute Solutions (10-15%)

•       Develop Azure Platform as a Service Compute Solutions (20-25%)

•       Develop for Azure storage (15-20%)

•       Implement Azure security (10-15%)

•       Monitor, troubleshoot, and optimize Azure solutions (15-20%)