Cloud and Datacenter Management Blog

Microsoft Hybrid Cloud blogsite about Management


Leave a comment

Creating Azure Virtual Machine via the Portal #Winserv #Linux #Azure

Microsoft Azure Cloud Services is evolving really fast with New solutions and features every day for your business. In the following step-by-step guide we will see all the options and features when you create a virtual machine in the Azure Cloud. For this you need a Microsoft Azure subscription to start. When you are in the Azure Portal you begin with + Create a Resource and from there you see all the create items. Click on Compute and you will see the picture above what you can create. I’m going to create a Windows Server 2019 datacenter edition Virtual Machine in the Microsoft Azure Cloud. In the Azure Portal is a step by step wizard to help you with your choices.

Basic tab

We start by selecting the right Azure subscription ( if you have Multiple) like a Hub-Spoke model design
you can choose for your deployment. Then select a Resource Group or Create New. I made a new Resource Group called RSG-Winserv.

 

When you go further down, you must give your Virtual Machine a name and select the Microsoft Azure region where your VM will run. I Choose West Europe because I life in the Netherlands. For availability options of the Virtual Machine you can choose out of three options :

  1. No infrastructure redundancy required
  2. Availability zone
  3. Availability set

Availability Zones is a high-availability offering that protects your applications and data from datacenter failures. Availability Zones are unique physical locations within an Azure region. Each zone is made up of one or more datacenters equipped with independent power, cooling, and networking

An Availability Set is a logical grouping capability that you can use in Azure to ensure that the VM resources you place within it are isolated from each other when they are deployed within an Azure datacenter. Azure ensures that the VMs you place within an Availability Set run across multiple physical servers, compute racks, storage units, and network switches

Microsoft Azure got a lot of software operating images, I installed Windows Server 2019 Datacenter but have a look at Browse all Public and Private images :

Small Disk Images

More images like Kali and Red Hat

The next step is the VM Size, the “hardware” requirements of the Virtual Machine. When you choose your VM size you have to know the possibilities and feature set of the Virtual Machine. This article describes the available sizes and options for the Azure virtual machines you can use to run your Windows apps and workloads. It also provides deployment considerations to be aware of when you’re planning to use these resources.

Here is Microsoft Azure showing 250 different VM sizes

In this window you see the following items of the Virtual Machine specs :

  • VM Size
  • Offering
  • Family
  • vCPUs
  • Memory RAM
  • Data Disks
  • Max IOPS
  • Temporary Storage
  •  Premium Disks (Yes or No)
  • Cost / Month Estimated

So pick the right VM Size for your solution to do the job.

Allow Public Internet Inbound Port Rules

If you need this for example a website, then you can set it right away, but you can set it on None and change the Network Security Group (NSG) or Azure App Gateway or Azure Firewall later and keep it Closed for now. I will show this in the NSG later to get RDP access.

Hybrid Benefit

You can enable great savings in Azure with Windows Server Software Assurance by using Azure Hybrid Benefit for Windows Server. Azure Hybrid Benefit for Windows Server allows you to use your on-premises Windows Server licenses and run Windows virtual machines in Microsoft Azure at a reduced cost (i.e. at Linux rates). You can use your licenses for Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016. The Azure Hybrid Benefit for Windows Server is applicable to Windows Server Standard and Datacenter editions as well as other versions obtained via custom images. With Azure Hybrid Benefit for Windows Server, you can save 40 percent or more1 on Windows Server virtual machines by paying only the base compute2 rates—adding value to your Software Assurance investments. The benefit is available across all Azure regions. Read more here

Disks tab

Disk storage is important for performance, that’s why you can choose for Standard HDD,  Standard SSD or
Premium SSD for your OS Disk. When your server need a Data disk, you can add it here or later on.
Here you can read more on Managed disks
What disk types are available in Azure?

Networking tab

Here you create your Virtual Network / subnet with a public IP. You can see here when you choose for a specific Virtual machine, you can not use accelerated networking because It’s not supported by the VM size selection.

Here you can choose for a Load Balancer or a Application Gateway

Azure Application Gateway is a web traffic load balancer that enables you to manage traffic to your web applications. Traditional load balancers operate at the transport layer (OSI layer 4 – TCP and UDP) and route traffic based on source IP address and port, to a destination IP address and port.

Azure Application Gateway

With Azure Load Balancer, you can scale your applications and create high availability for your services. Load Balancer supports inbound and outbound scenarios, provides low latency and high throughput, and scales up to millions of flows for all TCP and UDP applications.
Load Balancer distributes new inbound flows that arrive on the Load Balancer’s frontend to backend pool instances, according to rules and health probes.
Additionally, a public Load Balancer can provide outbound connections for virtual machines (VMs) inside your virtual network by translating their private IP addresses to public IP addresses.
Azure Load Balancer is available in two SKUs: Basic and Standard. There are differences in scale, features, and pricing. Any scenario that’s possible with Basic Load Balancer can also be created with Standard Load Balancer, although the approaches might differ slightly. As you learn about Load Balancer, it is important to familiarize yourself with the fundamentals and SKU-specific differences.

Management tab

When you have deployed your virtual machine, you want to manage it like monitoring and backup for example.
You can do these options also after the Virtual Machine deployment.
Backup of the Virtual Machine can be added when you deploy the VM.

I have a existing Backup Vault called WACvault1

From here you can create your own backup recovery Vault with your Own backup policy and retention times.

The feature provides Azure services with an automatically managed identity in Azure AD. You can use the identity to authenticate to any service that supports Azure AD authentication, including Key Vault, without any credentials in your code. What is managed identities for Azure resources?

Advanced tab

In the advanced tab you can select extensions for your Virtual Machine. These are add-ons and will installed during the deployment. You can now also select Gen 2 VM in Preview. Microsoft Azure has a lot of extensions for your Virtual machine :

List of extensions for your VM

Click on Create for adding Microsoft Antimalware on your VM

Select the options and exclusions

Tags tab

Here you can Tag your deployment

After you apply tags, you can retrieve all the resources in your subscription with that tag name and value. Tags enable you to retrieve related resources from different resource groups. This approach is helpful when you need to organize resources for billing or management. Read more on Tags here

At this moment the validation has passed for deployment with all your settings, but don’t forget to have a look at “Download a template for Automation”  before you hit Create.

Here you can download or save the JSON ARM Template

When you you go Back and click on Create the Virtual Machine, this will deploy the VM in Minutes.

The following Azure items are deployed in RSG-Winserv

Now your Virtual Machine is deployed in Microsoft Azure Cloud and is running, you can have a look at all the features of the Virtual Machine in the Portal.
To connect to the Virtual Machine you have to Manage access for your RDP session via the NSG in my case:

Double click on the NSG

I added a new rule to give my IP-address access to the VM

From here you can access the Windows Server 2019 Datacenter Virtual Machine in Microsoft Azure Cloud.

Management of your Virtual Machine

When your Azure Virtual Machine with Windows Server 2019 is running, you want to monitor the VM and see what is happening inside the Virtual Machine. Azure Monitor Insights can help you with this.

Health State of the VM

Connections

When Microsoft Azure Monitoring is on and running you want have important alerts on your Mobile by sms or
via E-mail notification to take action.

Alerts on Winserv2019 VM

High CPU Alert

Here we make an Alert about the CPU which is going higher then 80% average.

Making an Action group for email notification of the Alert

Action Group made

Alert made for the VM

Alert details

Alert rule is set and running for this Virtual Machine.

Conclusion

  1. You can create every virtual machine you want for your business, Windows Server or Linux..
  2. You can mange your own performance for the VM on demand by selecting the right VM Size.
  3. You can set Networking and High Availability
  4. You can set Disk Performance for your IOPS
  5. You can configure your management settings and dashboard for Monitoring.
  6. Security can be set on different levels.
  7. Backup of the Virtual Machine can be set with the right policy before deployment.
  8. and more…….

And keep watching your Azure Advisor for better changes :

New Advise will come !

and of course there are more features and options on this Virtual Machine, Have a look :

Settings of the VM

Operations and Management of the VM

Support and Troubleshooting of the VM


Leave a comment

How to make the Most out of #Azure Advisor

What is Advisor?

Advisor is a personalized cloud consultant that helps you follow best practices to optimize your Azure deployments. It analyzes your resource configuration and usage telemetry and then recommends solutions that can help you improve the cost effectiveness, performance, high availability, and security of your Azure resources.

With Advisor, you can:

  • Get proactive, actionable, and personalized best practices recommendations.
  • Improve the performance, security, and high availability of your resources, as you identify opportunities to reduce your overall Azure spend.
  • Get recommendations with proposed actions inline.

You can access Advisor through the Azure portal. Sign in to the portal, locate Advisor in the navigation menu, or search for it in the All services menu.

The Advisor dashboard displays personalized recommendations for all your subscriptions. You can apply filters to display recommendations for specific subscriptions and resource types. The recommendations are divided into four categories:

Azure Advisor Overview

High Availability Advise

Azure Advisor on Security

Here you find the Microsoft Azure Advisor Website with all the information

Conclusion:

The Microsoft Azure Cloud is always on the move with better features, Security, and Cost efficiency.
Azure Advisor will help you with all the changes and great features to keep you secure and up-to-date and lower your Cloud solution cost if possible.
Have a look at Azure Advisor and get your new Advise in your Microsoft Azure Subscription!


Leave a comment

What is Microsoft Azure Sentinel? #SIEM #AI #Analytics #Azure #Security #ContainerInsights

Building on the full range of existing Azure services, Azure Sentinel natively incorporates proven foundations, like Log Analytics, and Logic Apps. Azure Sentinel enriches your investigation and detection with AI, and provides Microsoft’s threat intelligence stream and enables you to bring your own threat intelligence.

Microsoft Azure Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution. Azure Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Read more about Azure Sentinel Preview here

Run a Log Analytics query from Azure Sentinel and use Bookmarks to Hunt

Configure your own Data-Connector to Azure Sentinel Workspace

Read here more about Connecting data sources

Happy Hunting


Leave a comment

#Microsoft Azure Central Monitoring for your Team #Dashboards #Azure #ContainerInsights #Apps

Full Screen Monitoring

When you install Azure Virtual Machines or Kubernetes Clusters in the Microsoft Cloud, It’s important to monitor your workload and keep your IT department in Control for the Business. Metric alerts in Azure Monitor work on top of multi-dimensional metrics. These metrics could be platform metrics, custom metrics, popular logs from Azure Monitor converted to metrics and Application Insights metrics.

When you have important alerts, you want to take action based on your rules.

Take action on Alerts

Make your Own rules based on Alerts.

IT Department of a company has most of the time different teams with each having it’s own responsibility of workloads in the Microsoft Cloud. For example, the Servicedesk is supporting the Business and they like to see if all the Services are up and running for the Business. The Infrastructure Team wants the same, but on deep level components of the Services like Memory, Network, Storage, CPU, Performance, Availability and more. The Technical Application Team is interested if the application is running and working with all the Interfaces, Databases, and/or Azure Pipelines.

Each Team can build there own Azure Dashboard(s) in the Microsoft Cloud.

Here I Have made an easy example of my Windows Server 2019 Virtual Machines and my Azure Kubernetes Cluster in One Microsoft Azure Dashboard :

You can Start from Azure Monitor Metrics

Or you can Start from the Virtual Machine Blade here.

When you have your Azure Monitor metrics ready with the right information then you can create it in your Azure Dashboard for your Team.

 

Select another Dashboard.

Create your Own Dashboard.

Now we have the first VM with CPU percentage in the Azure Dashboard.

Here I have added More Virtual Machines to the Same Metric Chart.

When you have Azure Kubernetes Cluster to monitor :

From here you can Add Container Insights information into your Azure Dashboard :

Adding Azure Monitor Container Insights of KubeCluster01

The Azure Monitor Container Insights logs for your Dashboard information, with Pin to Dashboard.

 

When you right click with your mouse on the dashboard, you can edit your dashboard with more Azure Resources
from the tile Gallery. Here you can read more about creating your Own Azure Dashboard with Action Rules.

Azure Monitor for containers is a feature designed to monitor the performance of container workloads deployed to either Azure Container Instances or managed Kubernetes clusters hosted on Azure Kubernetes Service (AKS). Monitoring your containers is critical, especially when you’re running a production cluster, at scale, with multiple applications.
Azure Monitor for containers gives you performance visibility by collecting memory and processor metrics from controllers, nodes, and containers that are available in Kubernetes through the Metrics API. Container logs are also collected. After you enable monitoring from Kubernetes clusters, these metrics and logs are automatically collected for you through a containerized version of the Log Analytics agent for Linux and stored in your Log Analytics workspace.

 

Read here more about Azure Container Insights with Live Logs.

Follow and Join the community on LinkedIn

JOIN Azure DevOps Community 

JOIN Containers in the Cloud Community 

JOIN Azure Monitor and #Security Community 


Leave a comment

Don’t Miss this Awesome #Microsoft BUILD 2019 Event! #Azure #Cloud #MSBuild

Download the Mobile App here

Seattle May 6-8, 2019

Watch live as technology leaders from across industries share the latest breakthroughs and trends, and explore innovative ways to create solutions. After the keynotes, select Microsoft Build sessions will stream live—dive deep into what’s new and what’s next for developer tools and tech.

 

Watch the livestream here: https://www.microsoft.com/en-us/build

  • Discover and experience new ways to build, modernize, and migrate your applications. Get hands-on experiences with tools like Azure Kubernetes Service (AKS) that can help you dynamically scale your application infrastructure.
  • Quickly and easily build, train, and deploy your machine learning models using Azure Machine Learning, Azure Databricks, and ONNX. Uncover insights from all your content—documents, images, and media—with Azure Search and Cognitive Services.
  • Join Microsoft for hands-on learning to discover how tools like Visual Studio live share can help you collaborate with your peers instantly.
  • Come learn how to build an end-to-end continuous delivery pipeline that is fast and secure with Azure DevOps technologies. Spend less time maintaining your toolset and more time focusing on customer value.
  • Understand how frameworks like Xamarin and .NET can help you reach customers on all platforms. Learn how to use the same languages, APIs, and data structures across all mobile development platforms.
  • Learn how mixed reality helps you bring your work and data to life when you need it, and where you need it. Start building secure, collaborative mixed reality solutions today using intelligent services, best-in-class hardware, and cross-platform tools.
  • Learn to connect your devices to the cloud using flexible IoT solutions that integrate with your existing infrastructure. Collect untapped data and form valuable insights that help you create better customer experiences and generate new streams of revenue.

Book your Microsoft Build 2019 sessions via the BUILD Scheduler

Vision Keynote by CEO Satya Nadella

 

 

Windows Insider Program

Azure DevOps

Azure Monitor

Containers

Have a good look which sessions to follow because there are 431 sessions 👍🚀

JOIN Azure DevOps Community

https://www.linkedin.com/groups/12139259/ 

JOIN Containers in the Cloud Community

https://www.linkedin.com/groups/13539967/ 

JOIN Azure Monitor and Security Community https://www.linkedin.com/groups/13517115/ 


Leave a comment

#Azure Monitor in Action Investigating Production Issues Follow @Azuremonitor

Microsoft Azure Monitor in Action

In this episode, Isaac Levin (@isaac2004) joins us to share how the developer exception resolution experience can be better with Azure Monitor and Snapshot Debugger. The discussion talks about what Azure Monitor is and an introduction to Snapshot Debugger, and quickly goes into demos showcasing what developers can do with Snapshot Debugger.

More information about Azure Monitor on Microsoft Docs

What’s is Application Insights?

Application Insights is an extensible Application Performance Management (APM) service for web developers on multiple platforms. Use it to monitor your live web application. It will automatically detect performance anomalies. It includes powerful analytics tools to help you diagnose issues and to understand what users actually do with your app. It’s designed to help you continuously improve performance and usability. It works for apps on a wide variety of platforms including .NET, Node.js and Java EE, hosted on-premises, hybrid, or any public cloud. It integrates with your DevOps process, and has connection points to a variety of development tools. It can monitor and analyze telemetry from mobile apps by integrating with Visual Studio App Center.

Follow Azure Monitor on Twitter

JOIN the Azure Monitor & Security Community on LinkedIn


Leave a comment

Inside Azure Management (Preview) Free E-Book #Azure #Cloud #Management #MVPBuzz

Inside Azure Management

This Awesome Inside Azure Management E-book is a must have with Great content !

Chapter 1 – Intro
Chapter 2 – Implementing Governance in Azure
Chapter 3 – Migrating Workloads to Azure
Chapter 4 – Configuring Data Sources for Azure Log Analytics
Chapter 5 – Monitoring Applications
Chapter 6 – Monitoring Infrastructure
Chapter 7 – Configuring Alerting and notification
Chapter 8 – Monitor Databases
Chapter 9 – Monitoring Containers
Chapter 10 – Implementing Process Automation
Chapter 11 – Configuration Management
Chapter 12 – Monitoring Security-related Configuration
Chapter 13 – Data Backup for Azure Workloads
Chapter 14 – Implementing a Disaster Recovery Strategy
Chapter 15 – Update Management for VMs
Chapter 16 – Conclusion

It’s all about Azure Management in the Cloud written by Great Microsoft MVP’s.
Download the Free Inside Azure Management E-book here

 

Follow the Authors here :  Tao Yang, Stanislav Zhelyazkov, Pete Zerger, and Kevin Greene, along with Anders Bengtsson, CSA for Microsoft.

Thank you for all the work guys and Congrats on this Awesome E-Book ! 😉