Some of the most significant new features planned for Windows Server 2016 are not in the latest Technical Preview 2 (TP2). In particular, we’re still awaiting the new containers that will let you adopt flexible Docker-style container management via Hyper-V containers with fixed specification support. This will allow you to ensure that the container stays on the kernel version for which your application is designed, even if you update the host OS.

Some features, like Virtual Secure Modules and the Host Guardian Service that uses them to protect VMs, aren’t fully enabled because you need Azure Pack 2 or System Center 2016 VMM to manage them. The new Azure Stack is required for other features — that’s how Microsoft plans to bring the larger-scale improvements it’s developed for Azure to your data centre. Again, we won’t see that till closer to launch, because you’ll need System Center 2016 or the Microsoft Operations Management Suite (OMS) to manage it.

Ever more minimal shells

The most significant new feature in TP2, and the one that system administrators will want to start getting used to, is the new Nano Server deployment option. This is the minimal-footprint, GUI-less core of Windows Server that Microsoft sees as a key part of the future. It’s also a work in progress: the server team hasn’t finished refactoring it, and it’s not yet tuned for performance. But you’ll want to try it out to understand the direction Windows Server is going.

Installing Nano Server is more problematic at this point than it will be when Windows Server 2016 ships because more tools will be available. Right now, you can’t pick Nano as an option when you install Windows Server. In fact, the only options you see when you run the installer are both Server Core, with and without ‘local admin tools’. That’s what we’ve seen in Windows Server since Server Core was introduced. If you install without the local admin tools, you’re presented with a command prompt instructing you to press Ctrl Alt Del to log on; if you pick admin tools, you get Server Manager and the PowerShell ISE — much like the Server Core MinShell version — and you can then choose to install the desktop or the full Server Graphical Shell.

To get Nano Server you have to build an image from the WIM file that’s in the ISO, using DISM (which makes sense because you’re going to be deploying it to run cloud-style applications and microservices rather than as a server in its own right) — and you have to do that with a Windows Server 2016 TP2 version of DISM (or the one that comes with Windows 10). Don’t wait for Nano Server to look like a familiar Windows Server screen; all you’re going to see is a blank screen, without even a command prompt. But as soon as you see the blue Windows logo, you can connect over PowerShell Remoting (and set an admin password and change the default machine name to something other than MINWINPC).

Windows Management Framework 5, which is included with TP2, has new PowerShell commands that simplify working with Nano Server. For example, you can use Copy-Item to copy files to and from the server with PowerShell. There’s even a command to work with the StorageQoS option we saw in the original Technical Preview, for handling the multi-tenant ‘noisy neighbour’ problem. But there’s only a fraction of the usual PowerShell commands, making it clear that Microsoft doesn’t expect you to use Nano Server for standard server roles (at least not yet).

When Windows Server 2016 ships, you’ll be able to use web-based graphical tools to administer Nano Server — everything from Task Manager to Event Viewer. Those are part of the Azure portal and they’ll be in the Azure Stack, but the server team hasn’t yet determined if it will be able to ship those as part of Windows Server.

Storage, security and virtualisation

As well as looking to the future, TP2 adds some key features for today’s world of virtual machines and clusters. Storage Spaces Direct is a new option for using JBOD enclosures, or even local direct-attached disks, for pooled storage with up to 240 disks per pool (instead of the current limit of 80) using the ReFS file system. There are some clever optimisations that speed up Hyper-V backup and making new VHDX files, and a software storage bus that runs over Ethernet (so you need RDMA-enabled network cards). It’s easy to expand — you just connect another box of disks over Ethernet. While OEMs are going to have specific hardware for Storage Spaces Direct, it works with SATA and NVMe SSDs as well as SAS disks, so you can choose between using the fastest disks you can get hold of, or the cheapest disks available.

And even if you’ve already looked at the Storage Replica block-level replication feature in TP1 (which we now know will only be in Windows Server 2016 Datacentre edition), performance has improved in TP2. There are more major new features in Hyper-V, starting with the Virtual TPM that lets you BitLocker a virtual machine. This will be used to provide the shielded VMs that you’ll be able to set up using System Center VMM 2016 and Azure Stack; the keys are there when you want to run or migrate a VM, but if you don’t have the rights to work with it, you can’t start or connect to the VM. Along with host resource protection, which detects code trying to break out of a potentially malicious VM and limits the resources of the VM, this is part of a much wider security story for virtualising securely in the cloud, once the new tools are available.

More immediately, the ‘just enough administration’ feature from the JEA PowerShell toolkit is now built in; you can choose which PowerShell commands are available to admins by default, and you can turn on more powerful commands temporarily when needed. This takes some planning and plenty of getting used to, but it trades off a little inconvenience for a huge increase in security.

You can also now take advantage of Secure Boot in generation-2 VMs for more supported Linux distributions, as well as for Windows Server images. There’s also a new VHDS file format that adds online resizing and host-based backups to the shared VHDX file format.

The new PowerShell Direct feature is extremely useful (and will be even better when Microsoft makes it work with older versions of Windows Server); it lets you run PowerShell commands inside a VM from the host OS, without remoting or using Hyper-V VM Connect — you just start a PowerShell session flagged with the name of the VM.

But if, like anyone doing DevTest, you’re eagerly waiting for the ability to finally run nested Hyper-V virtual machines, you’ll have to be patient for a little longer as it’s not in this build. And if you’re looking for the Soft Restart option from TP1 that aimed to speed up booting by only booting the OS without reinitialising drivers (and waiting for device firmware), that’s gone: Microsoft isn’t planning to put it in Windows Server 2016.

Technical Preview 2 is a solid improvement on TP1, although it’s still only suitable for evaluation. Microsoft clearly still has a lot of work to do before it ships Windows Server 2016, but already it’s shaping up to offer clear benefits for today’s ‘traditional’ server tasks as well as remaining relevant in the world of cloud and microservices.