Archive

Author Archive

Do you have questions on Containers? #AskBenArmstrong

April 19, 2018 Leave a comment

Fundamentally, Containers are an isolated, resource controlled, and portable runtime environment which runs on a host machine or virtual machine and allows you to run an application or process which is packaged with all the required dependencies and configuration files on its own.

When you containerize an application, only the components needed to run this application and of course the application itself are combined into an image, which are used to create the Containers.

How are you utilising containers? Do you have questions on Containers? On Tuesday, 24th April, Microsoft Program Manager Ben Armstrong, will be answering your questions on Containers. It is a rare opportunity. Don’t miss out.

  • Date and Time: Tuesday, Apr 24, 2018, 4pm CEST (7am PDT / 10am EDT) Duration: Approx. 1 hour
  • Date and Time: Tuesday, Apr 24, 2018, 10am PDT / 1pm EDT (7pm CEST) Duration: Approx. 1 hour

You can also ask questions through twitter until Tuesday by including #AskBenArmstrong.

Webminar

Serial Console access for both #Linux and #Windows #Azure VMs #COM1 #SerialConsole

March 27, 2018 Leave a comment

SerialConsole-PrivatePreviewWindows
Source:
 https://azure.microsoft.com/en-us/blog/virtual-machine-serial-console-access/

Now, you can debug fstab error on a Linux VM for example, with direct serial-based access and fix issues with the little effort. It’s like having a keyboard plugged into the server in Microsoft datacenter but in the comfort of your office.

Serial Console for Virtual Machines is available in all global regions! This serial connection is to COM1 serial port of the virtual machine and provides access to the virtual machine and are not related to virtual machine’s network / operating system state.

All data is sent back and forth is encrypted on the wire.All access to the serial console is currently logged in the boot diagnostics logs of the virtual machine. Access to these logs are owned and controlled by the Azure virtual machine administrator.

You can access it by going to the Azure portal and visiting the Support + Troubleshooting section.

Security Access Requirements

Serial Console access requires you to have VM Contributor or higher privileges to the virtual machine. This will ensure connection to the console is kept at the highest level of privileges to protect your system. Make sure you are using role-based access control to limit to only those administrators who should have access. All data sent back and forth is encrypted in transit.

Access to Serial console is limited to users who have VM Contributors or above access to the virtual machine. If your AAD tenant requires Multi-Factor Authentication then access to the serial console will also need MFA as its access is via Azure portal.

How to enable it:

For Linux VMs: this capability requires no changes to existing Linux VM’s and it will just start working.

For Windows VMs: it requires a few additional steps to enable it:

  1. Virtual machine MUST have boot diagnostics enabled
  2. The account using the serial console must have Contributor role for VM and the boot diagnostics storage account.
  3. Open the Azure portal
  4. In the left menu, select virtual machines.
  5. Click on the VM in the list. The overview page for the VM will open.
  6. Scroll down to the Support + Troubleshooting section and click on serial console (Preview) option. A new pane with the serial console will open and start the connection.

Note: For all platform images starting in March, Microsoft have already taken the required steps to enable the Special Administration Console (SAC) which is exposed via the Serial Console.

 

 

Windows Server 2019 now available in preview

March 21, 2018 Leave a comment

 Capture5

On March 20th 2018, Microsoft announced that Windows Server 2019, which is built on the strong foundation of Windows Server 2016, are now released to Preview. You can get access to the preview build through Microsoft Insiders program.

Windows 2019 will be generally available (GA) in the second half of calendar year 2018.

 

Some tips:

  • The Windows Server vNext Semi-Annual Preview – Build 17623 is Server Core ONLY

 

Capture1.PNG

  • If you downloaded the VHDX version, as the file is compressed, make you sure you remove the compress check in the properties of the file as per below image as it will fail to start the VM if you don’t:

 

  • Capture3

 

  • Download the Windows Server vNext LTSC Preview – Build 17623, if you are looking for the Full GUI version.

Capture

Use the following keys provided by Microsoft (https://techcommunity.microsoft.com/t5/Windows-Server-Insiders/Announcing-Windows-Server-2019-Preview-Build-17623/m-p/173715#M268)

Windows Server 2019 Build 17623  is available in ISO format in 18 languages. This build and all future pre-release builds will require use of activation keys during setup. The following keys allow for unlimited activations:

Datacenter Edition

 6XBNX-4JQGW-QX6QG-74P76-72V67

Standard Edition

 MFY9F-XBN2F-TYFMP-CCV49-RMYVH

 

So, what features to look for in the new in Server 2019:

 

·        Cluster Sets, the new cloud scale-out technology, is a loosely-coupled grouping of multiple Failover Clusters: compute, storage or hyper-converged. Cluster Sets technology will enable virtual machine fluidity across member clusters within a Cluster Set and a unified storage namespace across the “set” in support of virtual machine fluidity.  

·        Failover Cluster without NTLM authentication, which allows failover clusters to be deployed in environments where NTLM has been disabled.

·        Shielded VM’s Offline mode, Alternate HGS and Shielded Linux support, which allows you to run HyperV shielded virtual machines on hosts that suffer intermittent connectivity to their Host Guardian Service (HGS).  The fallback HGS will allow you to configure a second set of URLs for Hyper-V to try if it can’t reach the primary HGS server.

·        Shielded VM’s Alternate HGS, which allows you to run HyperV shielded virtual machines on hosts that suffer intermittent connectivity to their Host Guardian Service (HGS).  The fallback HGS will allow you to configure a second set of URLs for Hyper-V to try if it can’t reach the primary HGS server. 

·        Shielded VM’s Offline mode, which takes the high availability promise for shielded VMs one step further and allows you to continue to start up a shielded VM even if the host’s primary and fallback HGSs can’t be reached.

·        Shielded VM’s Shielded Linux support, for customers that run mixed-OS environments, Microsoft now supports Ubuntu, Red Hat Enterprise Linux, and SUSE Linux Enterprise Server Shielded virtual machines.

·        Encrypted Network in SDN, which provides simple to configure DTLS-based encryption using the Network Controller to manage the end-to-end encryption and protect data as it travels through the wires and network devices between the hosts., enabling the VM to VM traffic within the VM subnet to be automatically encrypted as it leaves the host and prevents snooping and manipulation of traffic on the wire.  This is done without requiring any configuration changes in the VMs themselves.

· Performance history for Storage Spaces Direct, which allow Administrators of Storage Spaces Direct get easy access to historical performance and capacity data from their cluster.

·        Windows Defender Advanced Threat Protection, ,which provides deep platform sensors and response actions, providing visibility to memory and kernel level attacker activities and abilities to take actions on compromised machines in response to incidents such as remote collection of additional forensic data, remediating malicious files, terminating malicious processes etc.

·        Windows Defender ATP Exploit Guard ,which is new set of host intrusion prevention capabilities, designed to lock down the device against a wide variety of attack vectors and block behaviours commonly used in malware attacks:

To DOWNLOAD, Join the program to ensure you have access to the bits.

For more details on this preview build, check out the Release Notes

Source : https://cloudblogs.microsoft.com/windowsserver/2018/03/20/introducing-windows-server-2019-now-available-in-preview/

Modernize your workload with #AKS #Kubernets #Containers #MicroServices

March 16, 2018 Leave a comment

When comes to Application Modernisation, we can’t argue that Containers are leading the way.  With Containers you can wrap up an application into its own isolated box meaning that app will have no knowledge of any other applications or processes that exist outside of its box.

With Containers, you can wrap up a monolithic application or create a more modern approach: a microservice-based architecture, in which the application is built on a collection of services that can be developed, tested, deployed, and versioned independently, which is perfect for mission-critical application scenarios.

image6
Monolithic deployment versus the microservices approach. Image Source: Microsoft Docs (https://docs.microsoft.com/en-us/dotnet/standard/microservices-architecture/architect-microservice-container-applications/microservices-architecture)

If you own the app source code and are on a optimisation path, I would recommend the microservices approach, which allows agile changes and rapid iteration allowing you to change specific areas of complex, large, and scalable applications. But if do not have the source code or breaking the application code in to small pieces it is not feasible, you still can look at Containers as away to modernize the app. Either way, you also need to consider: Automation, Management, High-Availability, Networking, Scalability, Upgrades and Monitoring requirements.

Automating and Managing Containers:

The task of automating and managing a large number of containers and how they interact is known as orchestration. Azure offers two container orchestrators: Azure Container Service (AKS) and Service Fabric.

Azure Container Service (AKS) makes it simple to create, configure, and manage a cluster of virtual machines that are preconfigured to run containerized applications. This enables you to maintaining application portability through Kubernetes and the Docker image format.

Azure Service Fabric is a distributed systems platform that makes it easy to package, deploy, and manage scalable and reliable microservices and containers. Service Fabric addresses the significant challenges in developing and managing cloud native applications.  Service Fabric reresents the next-generation platform for building and managing these enterprise-class, tier-1, cloud-scale applications running in containers.

Modernize existing .NET applications with Azure cloud and Windows Containers Guide/eBook

Microsoft released a guide to help learn how you could move your existing .NET Framework server-applications directly to the cloud by modernizing specific areas, without re-architecting or recoding entire applications. You can download this eBook in multiple formats, too:

.PDF format: https://aka.ms/liftandshiftwithcontainersebook
.MOBI (Kindle) format: https://aka.ms/liftandshiftwithcontainersebookmobi
.EPUB (eReader) format: https://aka.ms/liftandshiftwithcontainersebookepub

For more detailed Information on Containers and Microservices, check out :

 

 

Categories: Cloud

Now Available: Virtual Machine Manager 2016 book

February 28, 2018 1 comment
9781785881480

VMM 2016 book

Virtual Machine Manager (VMM) 2016 is part of the System Center suite to configure and manage private clouds.

Now available: System Center 2016 Virtual Machine Manager Cookbook – Third Edition

The book will be your best companion for day-to-day virtualization needs within your organization, as it takes you through a series of recipes to simplify and plan a highly scalable and available virtual infrastructure. You will learn the deployment tips, techniques, and solutions designed to show users how to improve VMM 2016 in a real-world scenario. The chapters are divided in a way that will allow you to implement the VMM 2016 and additional solutions required to effectively manage and monitor your fabrics and clouds. We will cover the most important new features in VMM 2016 across networking, storage, and compute, including brand new Guarded Fabric, Shielded VMs and Storage Spaces Direct. The recipes in the book provide step-by-step instructions giving you the simplest way to dive into VMM fabric concepts, private cloud, and integration with external solutions such as VMware, Operations Manager, and the Windows Azure Pack.

vmm-table of contents.PNG

By the end of this book, you will be armed with the knowledge you require to start designing and implementing virtual infrastructures in VMM 2016.

The book has been updated to reflect the updates available on VMM 2016 1801 release.

What You Will Learn

  • Plan and design a VMM architecture for real-world deployment
  • Configure fabric resources, including compute, networking, and storage
  • Create and manage Storage Spaces Direct clusters in VMM
  • Configure Guarded Fabric with Shielded VMs
  • Create and deploy virtual machine templates and multi-tier services
  • Manage Hyper-V and VMware environments from VMM
  • Enhance monitoring and management capabilities
  • Upgrade to VMM 2016 from previous versions

Authors

  • Roman Levchenko
  • Edvaldo Alessandro Cardoso

Order your Copy

You can order your copy of the VMM 2016 book here

 

Monitoring Virtual Machine Manager Jobs from OMS Log Analytics #VMM #OMS

February 26, 2018 1 comment
vmm-analytics-log-analytics-screenImage Source: Harsh Vardhan Verma

Wondering how you could use Microsoft OMS to have a single view of the jobs’ status across multiple VMM instances?

Well, you can now deploy an open-source solution that can be included in your OMS workspace called Virtual Machine Manager Analytics . This solution brings in the job data of your on-premises VMM instances to the log analytics in OMS. VMM admins can then use this versatile platform to construct queries for searching the relevant data and creating data visualizations.

The Virtual Machine Manager Analytics solution comes with some built-in reports with preconfigured data visualizations so you can easily get started with frequently used queries, such as:

  • Distribution of failed jobs across VMM instances to easily scope down the broken instances.
  • Distribution of failures over time to find sudden spikes, and to help with correlating the cause and failures.
  • Distribution of failed jobs and errors to help with identifying the most error-prone jobs and the cause.
  • Distribution of the job runtime across different runs to identify the sluggish and error-prone jobs.

Additionally, the VMM jobs data in OMS Log Analytics can be correlated with the data from other OMS solutions for better debugging and auto resolution with Azure automation Runbooks

vmm-analytics-runbook-custom-timerangeImage Source: Francesco Molfese
Categories: Cloud

VMM 2016 1801 release. Configuration of guest clusters in SDN through VMM has undergone some changes.

February 19, 2018 1 comment

enable-floating.png

 

With the release of the update 1801 for System Center VMM 2016, configuration of guest clusters in SDN through VMM has undergone some changes.

With network controller in place, now VMs that are connected to the virtual network using SDN are only allowed to use the IP address that the network controller assigns for communication. Inspired by Azure networking design, VMM enables this feature by emulating the floating IP functionality through the Software Load Balancer (SLB) in the SDN.

 

IMPORTANT: Network Controller does not support floating IP addresses which are essential for technologies such as Microsoft Failover Clustering to work.

 

VMM supports guest clustering in SDN through an Internal Load Balancer(ILB) Virtual IP(VIP).  Guesting clustering is managed through the SDN NC. Before you start, ensure you have set up SDN and deployed NC and SLB

The ILB uses probe ports which are created on the guest cluster VMs to identify the active node. At any given time, the probe port of only the active node responds to the ILB and all the traffic directed to the VIP is routed to the active node

Sources: