Archive

Archive for the ‘Cloud’ Category

VMM 2016 1801 release. Configuration of guest clusters in SDN through VMM has undergone some changes.

February 19, 2018 Leave a comment

enable-floating.png

 

With the release of the update 1801 for System Center VMM 2016, configuration of guest clusters in SDN through VMM has undergone some changes.

With network controller in place, now VMs that are connected to the virtual network using SDN are only allowed to use the IP address that the network controller assigns for communication. Inspired by Azure networking design, VMM enables this feature by emulating the floating IP functionality through the Software Load Balancer (SLB) in the SDN.

 

IMPORTANT: Network Controller does not support floating IP addresses which are essential for technologies such as Microsoft Failover Clustering to work.

 

VMM supports guest clustering in SDN through an Internal Load Balancer(ILB) Virtual IP(VIP).  Guesting clustering is managed through the SDN NC. Before you start, ensure you have set up SDN and deployed NC and SLB

The ILB uses probe ports which are created on the guest cluster VMs to identify the active node. At any given time, the probe port of only the active node responds to the ILB and all the traffic directed to the VIP is routed to the active node

Sources:

 

6 most commom Hyper-V configuration mistakes

February 7, 2018 1 comment

Microsoft MVPs Dave and Cristal Kawula developed an eBook when you’ll find useful information about what not to do when Installing and Configuring Hyper-V .

This eBook focuses on the 6 most important Hyper-V configuration mistakes made today and how to avoid them. You’ll learn about:

  • Common Deployment Mistakes
  • NUMA best practices that won’t affect performance
  • Proper use of Anti-Virus with Hyper-V
  • Proper use of Checkpoints

You can download the ebook here.

The eBook Authors: Dave Kawula – MVP and Cristal Kawula – MVP

 

Categories: Cloud

Key features of the new Microsoft Azure Site Recovery Deployment Planner

December 19, 2017 2 comments

Azure Site Recovery Deployment Planner is now GA with support for both Hyper-V and VMware.

Disaster Recovery cost to Azure is now added in the report. It gives compute, storage, network and Azure Site Recovery license cost per VM.

ASR Deployment Planner does a deep, ASR-specific assessment of your on-premises environment. It provides recommendations that are required by Azure Site Recovery for successful DR operations such as replication, failover, and DR-Drill of your VMware or Hyper-V virtual machines.  

Also, if you intend to migrate your on-premises workloads to Azure, use Azure Migrate for migration planning. Azure Migrate assesses on-premises workloads and provides guidance

 Key features of the tool are:

  1. Estimated Network bandwidth required for initial replication(IR) and delta replication.
  2. Storage type(standard or premium storage) requirement for each VM.
  3. Total number of standard and premium storage accounts to be provisioned.
  4. For VMware, it provides the required number of Configuration Server and Process Server to be deployed on on-prem.
  5. For Hyper-V, it provides additional storage requirements on on-premises.
  6. For Hyper-V, the number of VMs that can be protected in parallel (in a batch) and protection order of each batch for successful initial replication.
  7. For VMware, the number of VMs that can be protected in parallel to complete initial replication in a given time.
  8. Throughput that ASR can get from on-premises to Azure. 
  9. VM eligibility assessment based on number of disks, size of the disk  and IOPS, OS type.   
  10. Estimate DR cost for the target Azure  region in the specific currency.


When to use ASR Deployment Planner and Azure Migrate?

  • DR from VMware/Hyper-V to Azure
  • Migration from VMware to Azure

 

Download the tool and learn more about VMware to Azure Deployment Planner and Hyper-V to Azure Deployment planner.

 

 

 

New Technical Preview for Microsoft Windows Server management experience Project “Honolulu”, released

December 6, 2017 Leave a comment

Modernized, simplified, integrated, and secure experiences. Project “Honolulu” Technical Preview 1711 update is now available!

Some cool new features were release like the Windows 10 client management: You can now add Windows 10 client machines as connections in Honolulu, and manage them with a subset of tools in the “Computer Management” Solution.

For more information on new and removed features check https://blogs.technet.microsoft.com/windowsserver/2017/12/01/1711-update-to-project-honolulu-technical-preview-is-now-available/

 

Automating the deployment of Hyper-V hosts with VMM 2016 with Baremetal deployment

November 30, 2017 1 comment

To deploy a new Hyper-V host from bare metal, the following simple steps are carried out by System Center 2016 Virtual Machine Manager (VMM) :

  1. VMM Discovers the physical computer through out-of-band management (BMC)
  2. VMM Installs an OS image on the physical computer using a previously created physical computer profile.
  3. VMM Enables the Hyper-V role on the physical computer.
  4. VMM Brings the computer under VMM management as a managed Hyper-V host.

Now in order for that to happen, let’s see what pre-requisites you are required to provide first:

  1. DNS and Active Directory
    Create DNS entries and Active Directory account for the machine names.
  2. BIOS

    a. Set up the BIOS on the machine to support virtualization: Configuring the BIOS boot order to boot from (PXE)-enabled network adapter as the first device.
    b. Configure the BMC settings. Configure the logon credentials and IP address settings for the BMC on each computer.
  3. Add a PXE server environment: A PXE server integrated to VMM is required for Bare Metal deployment.
  4. Add resources to VMM library: Add a generalized virtual hard disk with an suitable OS to use as the base image, and driver files that will be added to the during installation of the OS.
  5. Create a Run As account. In VMM create a Run As Account with permissions to access the BMC.
  6. Create Physical Computer profiles: In the VMM library, create one or more physical computer profiles. These profiles include configuration settings, such as the location of the operating system image, and hardware and OS settings.


Now let’s have a look on the step by step to provision a Hyper-V host using Baremetal Deployment:

  1. Click Fabric > Servers > Home > Add > Add Resources > Hyper-V Hosts and Clusters.
  2. In the Add Resource Wizard > Resource location, select Physical computers to be provisioned as virtual machine hosts.
  3. In Credentials and Protocol select the Run As account with permissions to access the BMC. In the Protocol list, click the out-of-band management protocol that your BMCs use. If you want to use Data Center Management Interface (DCMI), click Intelligent Platform Management Interface (IPMI). Although DCMI 1.0 is not listed, it is supported. Make sure the correct port is selected.
  4. In Discovery Scope, enter the single IP address, the IP subnet, or the IP address range that includes the IP addresses of the BMCs

Note:

  • If you specify a single IP address, when you click Next, the computer is restarted.
  • If you specify an IP address range, when you click Next, information about the computer is displayed, and you can confirm that you specified the computer that you meant to.

4a. If you specified an IP subnet or IP address range the Target Resources page appears. Select the BMCs you want to provision as Hyper-V hosts.

  1. In Provisioning Options, click a host group for new Hyper-V hosts. Select the physical computer profile you want to apply.
  2. In Deployment Customization, provide information for each computer that you want to provision as a Hyper-V host:

Note: To remove a BMC from the list, select it and then click Remove.

For each BMC IP address in the list:

    • Click the BMC IP address and specify a unique computer name, without wildcard characters.
    • Select or clear Skip Active Directory for this computer name. The Active Directory check prevents deployment if the computer account already exists.
    • For each BMC IP address in the list:
    • Click on the Network Adapter (on the left) to modify the configuration, or fill in more information. You can specify the MAC address of the management NIC (not the BMC) and static IP settings for this network adapter.
    • To specify an IP address select a logical network and an IP subnet if applicable. If the selected IP subnet includes IP address pool, you can check Obtain an IP address corresponding to the selected subnet. Otherwise, type an IP address that’s within the logical network or its subnet.
    • Configure the adapter settings for each network adapter. You must specify any information that is missing for the adapters.
    • When all information for the listed BMC are completed, click Next.
  1. In Summary, confirm the settings, and then click Finish to deploy the new Hyper-V hosts and bring them under VMM management.

Make sure that all steps in the job have a status of Completed.

  1. To confirm that the host was added click Fabric > Servers > All Hosts > host group, and verify that the new Hyper-V host appears in the group.

 

Note: Nano Server is not a supported OS for infrastructure-related roles like Hyper-V. I recommend that you use Windows 2016 Core Server version

Hyper-V Networking improvements: NAT. and what does it means to you?

October 31, 2017 1 comment

For many years I have been using Hyper-V in my laptop, which is specially useful considering a run many demos and from time to time I speak at conferences that requires you or to have 2 or 3 computers or to run virtualisation in your laptop.

But, to run some demos I needed network in my Virtual Machines, particularly internet connection,  and in most cases that was not easy to accomplish. The trick I used to have: a Internal Virtual Switch assigned to all VM’s and a second External Virtual Switch assigned to a VM acting as a router, running Windows Routing and Remote Access Service, which as you would understand was undermining my demos, by consuming vital resources (memory, cpu…) that I could otherwise assign to VM’s that was actually the demo VM’s.

WinRouter_Fig4.JPG

Other common way to have internet on the Virtual Machines were by creating Connection Sharing (ICS) to connect on a shared Connection.

hypervnat5

Anyway, that is now past, as since Microsoft released Creators Update for Windows 10, you can now create a Hyper-V Virtual Switch with NAT support which enables VM’s to be isolated behind a single IP address assigned to the host. This means that you don’t need to setup an ICS or create a VM to act as a route anymore. Also as Sarah Cooley, Hyper-V PM, pointed out in her post, NAT networking is vital to both Docker and Visual Studio’s UWP device emulators and there are two significant improvements to NAT brought by Windows 10 Creators update :

  1. You can now use for multiple NAT networks (internal prefixes) on a single host.
  2. You can build and test applications with industry-standard tooling directly from the container host using an overlay network driver (provided by the Virtual Filtering Platform (VFP) Hyper-V switch extension) as well as having direct access to the container using the Host IP and exposed port.

BTW, the process is done by using PowerShell. There is no UI for that. In fact, when you create a NAT Virtual Switch, it will appears as Internal Switch in the Hyper-V UI

hypervnat0.PNG

To create the NAT Virtual Switch:

  1. Open the PowerShell console with Admin rights and create an Internal Virtual Switch. In the example below, I am naming the Virtual Switch “vNAT”. You can choose the name you want.

    New-VMSwitch -SwitchName “vNAT” -SwitchType Internal

     

    hypervnat1

  2. After creating the Virtual Switch, you need to configure the NAT gateway. This IP address must be from a new range, which will be defined in the next step. Notice the name of the Interface Alias, which is composed by the prefix “VEthernet ” plus the name of the Virtual Switch created in the previous step enclosed in brackets. I am assigning the IP address 10.1.3.1 as a NAT Gateway IP and using 24 as prefix length (255.255.255.0) which would cater for 254 VM’s.
     New-NetIPAddress -IPAddress 10.1.3.1  –PrefixLength 24  –InterfaceAliasvEthernet (vNAT)”
    hypervnat2.PNG

    You can otherwise utilise the InterfaceIndex instead of InterfaceAlias. For that, you need to find the interface index (ifindex) of the virtual switch previously created by typing

    Get-NetAdapter.

    In my case, the interface index is 68.

    hypervnat7.PNG
    Then executing the following:
    New-NetIPAddress -IPAddress 10.1.3.1  –PrefixLength 24  –InterfaceIndex 68

    You can check if the IP addresses for the NAT default Gateway were assigned by typing:
    Get-NetIPAddress -InterfaceAliasvEthernet (vNAT)”

  3. The next step is to define the NAT network name and its IP address range, that the VM’s with the assigned Virtual Switch will run on. Make sure the IP address created in the previous step is on the range of this network.

    New-NetNAT
    -NameNATNetwork-InternalIPInterfaceAddressPrefix 10.1.3.0/24

    hypervnat3

4.  The next step is to assign the NAT Virtual Switch to the VM’s to use the NAT virtual switch. You can do that by using PowerShell or the UI.

hypervnat4.PNG

  1. The final step is to assign an IP address to the VM’s. You will need to manually configure the network settings for the VM, as the built-in NAT switch doesn’t include a DHCP server for automatic IP address assignment. Assign the default gateway IP address of the private network to the internal VM switch Management Host vNIC.

Note: When the endpoint is attached to a container, the Host Network Service (HNS) allocates and uses the Host Compute Service (HCS) to assign the IP address, gateway IP, and DNS info to the container directly.

hypervnat6.PNG

 

hypervnat8.PNGNote: If you require automatic IP address assignment to your VM’s, it can be easily accomplished by adding a DHCP server role to one of the VM’s. In my case, I added the DHCP role to the Domain Controller VM.

Important: To access the VM’s from the external network, you will need to create NAT rules, translating an external TCP/UDP port on the external interface to the NAT Virtual Switch port.

#The following command, maps the Hyper-V host port 80 to port 81 on VM 10.1.3.2
Add-NetNatStaticMapping -NatName “NATnetwork” -Protocol TCP -ExternalIPAddress 0.0.0.0  -InternalIPAddress 10.1.3.2 -InternalPort 81 -ExternalPort 80

 

If you need to remove the NAT (clean up):

Get-NetNat | Remove-NetNat
Removes existing container networks, vSwitch,  NetNat

 

 

 

Categories: Cloud

Extending Microsoft OMS to monitor Squid Proxy running in Linux with a plugin – part 1/3 #MSOMS

November 24, 2016 1 comment

Since Microsoft released OMS, I have been an early adopter and evangelist for the solution. Not only it is simple to deploy but it gives you a full spectrum of many of the workloads you have either on-premises or in the cloud and it does not matter which cloud. Be it Azure, AWS, Google and many others.

So, as I was advising on OMS for a customer, I found that they were running Squid Proxy servers. The Squid proxy server is one of the most famous proxy servers in the world and it has been utilised for years in many organisations. For that reason I then I decided to look at how OMS could leverage the monitoring for Squid.

squi3

As you can see here: https://github.com/Microsoft/OMS-Agent-for-Linux/tree/master/installer/conf/omsagent.d there are already many plugins for OMS to  monitor Windows and many Linux OS as well, DNS, Network, SQL, MySQL, Postgree, VMware, MongoDB, Security, Audit, Change Tracking and so on.

But, there was no Squid plugin and that’s where I brought back my past years of experience as a developer and although that was a long, long time go, I was able to developer in ruby a Squid plugin for Microsoft OMS.

How I developed it?

PART 1 : LOG Files

  1. I started but investigating the squid log on /var/log/squid/access.log and then I research REGEX expressions to extract information out of it. Below is a extract of it

1479696836.902    134 10.1.1.4 TCP_MISS/301 488 open http://cnn.com/ – HIER_DIRECT/151.101.0.73 –
1479696848.110    242 10.1.1.4 TCP_MISS/400 486 open http://www.sydney.com/ – HIER_DIRECT/54.253.253.77 text/html
1479696860.004    407 10.1.1.4 TCP_MISS/301 636 open http://www.7news.com.au/ – HIER_DIRECT/203.84.217.229 text/html

The initial difficult part for me was of to decouple the date/time to get it on a human readable format. So, after long hours of research and playing along, I decided for the following REGEX :

 REGEX =/(?<eventtime>(\d+))\.\d+\s+(?<duration>(\d+))\s+(?<sourceip>(\d+\.\d+\.\d+\.\d+))\s+(?<cache>(\w+))\/(?<status>(\d+))\s+(?<bytes>(\d+)\s+)(?<response>(\w+)\s+)(?<url>([^\s]+))\s+(?<user>(\w+|\-))\s+(?<method>(\S+.\S+))/
(If you have a better one, please feel free to shot me)

 

  1. I then wrote a squidparserlog.rb in ruby to parse the Squid access.log file and turn it into a OMS format
class SquidLogParserLib
require ‘date’
require ‘etc’
require_relative ‘oms_common’
require ‘fluent/parser’
    def initialize(error_handler)
@error_handler = error_handler
end
    REGEX =/(?<eventtime>(\d+))\.\d+\s+(?<duration>(\d+))\s+(?<sourceip>(\d+\.\d+\.\d+\.\d+))\s+(?<cache>(\w+))\/(?<status>(\d+))\s+(?<bytes>(\d+)\s+)(?<response>(\w+)\s+)(?<url>([^\s]+))\s+(?<user>(\w+|\-))\s+(?<method>(\S+.\S+))/
    def parse(line)
      data = {}
time = Time.now.to_f
      begin
REGEX.match(line) { |match|
data[‘Host’] = OMS::Common.get_hostname
          timestamp = Time.at( match[‘eventtime’].to_i() )
data[‘EventTime’] = OMS::Common.format_time(timestamp)
data[‘EventDate’] = timestamp.strftime( ‘%Y-%m-%d’ )
data[‘Duration’] = match[‘duration’].to_i()
data[‘SourceIP’] = match[‘sourceip’]
data[‘cache’] = match[‘cache’]
data[‘status’] = match[‘status’]
data[‘bytes’] = match[‘bytes’].to_i()
data[‘httpresponse’] = match[‘response’]
data[‘bytes’] = match[‘bytes’].to_i()
data[‘url’] = match[‘url’]
data[‘user’] = match[‘user’]
data[‘method’] = match[‘method’]}
rescue => e
@error_handler.logerror(“Unable to parse the line #{e}”)
end
      return time, data
end   #def
   end   #class
3. Finally, I wrote the squid.conf for OMS
# enhanced parse log with date format , which pass the path for the log to the SquidLogParser and tag it as oms.api.Squid. By doing this, you will end up with 11 custom fields in OMS for the LOG TYPE Squid_CL
<source>
type tail
format SquidLogParser
path /var/log/squid/access.log
pos_file /var/opt/microsoft/omsagent/state/var_log_squid_access.pos
tag oms.api.Squid
log_level error
</source>
squid-fields

 

On my next article I will go through the next part, which is getting Squid Proxy Statistics in OMS, along with the full code.

squid2.png