Windows Server 2016 leaks reveal Nano Server, protected VM role plans

New leaks reveal a new 'zero footprint' Nano Server and a shielded virtual-machine role are likely to be part of Microsoft's Windows Server 2016 release.
Written by Mary Jo Foley, Senior Contributing Editor

Microsoft's decision against releasing an expected January test build of its next version of Windows Server hasn't stopped the bits or information about the coming release from leaking.

Over the weekend, both the January build of Windows Server 2016 and a slide deck about some of the plans for the coming server release leaked to the Web thanks to WZor.

The slide deck, entitled "Nano Server: The Future of Windows Server Starts Now," describes Nano Server as a "new headless deployment option for Windows Server."

Before delving into the slide deck, here's a quick refresher as to what Microsoft has said and implied lately about Windows Server 2016 -- as well as Azure's coming platform-as-a-service (PaaS) components.

Microsoft recently pushed back the delivery date for its next version of Windows Server to calendar 2016, claiming officials wanted and needed more customer feedback. The next test build of server is now due some time this spring.

There are a lot of moving parts, including built-in container support, coming in Windows Server 2016.


It turns out there also is work happening that will trim down Windows Server 2016, or at least one version of it. On Twitter, Microsoft Distinguished Engineer and father of PowerShell Jeffrey Snover was encouraging server owners to "only install what they need," in terms of features. In hindsight, it looks like Snover's comments may have been hints about the coming Nano Server.

Windows Server Nano Server is focused on providing the best environment for "born in the cloud" applications, such as ASP.NET v.next (ASP.Net 5), PaaSv.2 (Microsoft's next version of its platform-as-a-service offering, which will be microservices-based) and containers, the leaked slide deck says. Server roles and optional features will "live outside" the Nano Server, giving it a zero footprint.

The Nano Server won't need to be constantly administered; remote management and automation will be provided by Core PowerShell and WMI, according to the slides. Core PowerShell is PowerShell refactored to run on the CoreCLR.

Nano Server will be available as a host OS for physical hardware, a guest OS in a virtual machine and/or as a container OS, the slides say. The coming Windows software development kit and Visual Studio 2015 will both target Nano Server.There will be a limited test program for Nano Server in "early 2015," but it won't be part of the next Windows Server preview, which is due some time in the next few months. (It will be in the next release after that, the slides say.)

Not everything will run on Nano Server, such as Fax Server and Remote Desktop Services, but Nano Server will be the "new foundation for all components."

The leaked Windows Server January preview bits include mention of a new role, known as "Host Guardian.".

Recently, I had noticed mention of the Guardian Server role in a description of one of the upcoming Microsoft Ignite conference sessions:

Harden the Fabric: Protecting Tenant Secrets in Hyper-V

In today's environments, hosters need to provide security assurance to their tenants. "Harden the fabric" is a Windows Server and Microsoft System Center vNext scenario, which includes enhancements in Hyper-V, Virtual Machine Manager, and a new Guardian Server role that enables shielded VMs. Technologies which ensure that host resources do not have access to the Virtual Machine or data.

One of my contacts said this new Guardian Server role is an implementation of the Host Guardian Service, which ensures that a protected VM only runs on trusted hosts. In other words, the service will verify that the host is truly trusted.

This Guardian Service will be a new feature of Microsoft's hosting fabric, which I'd bet has to do with the company's increasing hybrid-cloud push, as possibly also the ongoing blurring of the lines between Windows Server and Azure.

Editorial standards