Cloud and Datacenter Management Blog

Microsoft Hybrid Cloud blogsite about Management


Leave a comment

Windows Terminal with #AzureCLI Cloud Shell and #AI Knowledge Base

Windows Terminal with Azure Cloud Shell CLI

Microsoft Azure Artificial Intelligence (AI) is going fast in the Cloud, It can support you with the tools you use like Azure CLI for example to manage Azure resources. But AI can support you in Security too, like Microsoft Security Copilot

Microsoft security CoPilot Create a visual to explain.

But I was busy with Windows Terminal in Windows 11 Insider Preview Build and Azure Cloud Shell.
First getting the latest Build of Azure CLI in my Windows Terminal :

az upgrade

Installing Azure CLI 2.48.1

Click on Install

Click on Finish

For the Changes you need to Restart your machine.

After the reboot we have the Newest Azure CLI Version 2.48.1

Login Azure with Windows Terminal.

I’m connected with Azure via Windows Terminal Azure Cloud Shell.

Here I’m checking if I have a Connection with Azure AI-examples :

az ai-examples check-connection

Connection was successful.

The Azure AI knowledge base made me find examples ๐Ÿ™‚

When a command is incomplete or wrong, the AI knowledge base is doing
a suggestion and gives a link to Microsoft docs.

Conclusion

This is where I Like Microsoft Azure Artificial Intelligence (AI) to make my IT Management easier and faster to do the job.
It’s supporting me in my work and not doing things I don’t like. It’s going fast with AI and It’s important to keep it in Control for doing IT Management tasks.


Leave a comment

Microsoft Azure Arc Extensions Updates #AzureHybrid #AzureArc #AzOps

Azure Arc Extensions

Keep your Azure Arc extensions up-to-date


Leave a comment

Azure Arc and Windows 11 Insider Preview Build Update #WindowsInsiders #WIMVP #AzureHybrid

Microsoft Azure Arc

Microsoft Azure Arc Services is a bridge that extends the Azure platform to help you build applications and services with the flexibility to run across datacenters, at the edge, and in multicloud environments. Develop cloud-native applications with a consistent development, operations, and security model. Azure Arc runs on both new and existing hardware, virtualization and Kubernetes platforms, IoT devices, and integrated systems. Do more with less by leveraging your existing investments to modernize with cloud-native solutions.

Azure Arc Control Plane

So with this Awesome Microsoft Feature Azure Arc, I have connected my Windows Insiders Domain mvplab.local servers like a Windows Server Insider Domain Controller, Windows Server Insider Cluster with a SQL Instance on it and Windows 11 Insider Preview Build in the Beta Channel domain joined. Here you can find how to install the Azure Arc Agent on your Servers

Microsoft Azure Arc comes with great features like Azure Security with Cloud Defender to keep your Azure Arc enabled Servers as secure as possible. Azure Policies is very handy to keep your IT governance on every Server the same. With inventory and Change tracking you are in control to get the right information of your machines. Monitoring your Azure Arc enabled servers with Insights and Log analytics is very powerful. But for now I’m going to use Updates feature of Azure Arc enabled Windows 11 Insider Preview Build machine.

Important :ย  I’m working with Windows Server Insider preview Build and Windows 11 Insider Preview Build.
They are for testing purpose only and not for production environments!
Of course you can use Windows Server 2019 / 2022 or Windows 10 / 11 Build with Azure Arc ๐Ÿ™‚

Here we have Windows 11 Insider Preview Build with new Updates in the Beta Channel.
Click on One time Update

I’m going to update this Azure Arc enabled Windows 11 Insider preview Build once manually but you can schedule updates also and use Update Management Center.

Select the Machine and Click on Next

Here you can select the updates or exclude updates.
Then Click on Next

Here you can set the Reboot option and
Maintenance Window in minutes.
Click on Next

Review and Click on Install

Install Updates Request is submitted.

At Updates of your Azure Arc enabled Machine you can open
Update Management Center

Here you can see the Complete Overview of the Updates on your Machines.
Left under you see the 3 updates for the Windows 11 Insider Beta Build.

When you Click on the left panel on Machines you get this status overview.

When you click on History you will see the status in progress.

Updates are running on the Machine.

But with the Azure Resource Graph Explorer you can also
see when the updates are succeeded.

Update Management Center after successful running updates

Updates Done for Azure Arc enabled Windows 11 Insider Beta Build.

Now I have got the Newest Windows 11 Insider Preview Build in the Beta Channel at this moment

Conclusion

You have seen how easy it is to work with Microsoft Azure Arc services to manage your Virtual Machine with Updates, when you have lot of Virtual Machines / Servers to manage you can configure them once and do this automatically via schedule tasks for every month. Now I can manage my on-prem Servers / machines in the same way I do the Microsoft Azure Virtual Machines.
So this was only Updates, but you can do the same for Security and keep your machines secure by default with the same Azure policies on your machines for IT Governance. Hope you see the benefits of Azure Hybrid and please start your own journey.
When you have a test environment, please consider the Microsoft Windows Insider program for Windows 11 Insider Builds and for Windows Server Insider Build to work with the newest features and getting experience before GA becomes available.

ย JOIN the Azure Hybrid Community Group on LinkedIn

 


Leave a comment

Welcome to the ITOpsTalk GitHub Repo! #Azure #Winserv #ITOps

ITOps Talk GitHub Repo

GitHub has become the central location for open-source projects, samples, and even content โ€“ but primarily focused on developers. This new repository will focus on you: The ITPro/Ops person managing the environment in your company, keeping the lights on, supporting end-users or other IT teams.

The Microsoft Modern Infrastructure Cloud Advocates are responsible for the content on this repo, but sharing your handy script samples on this repo would be Awesome to manage Modern Azure Infrastructure, Azure Stack HCI, Windows Servers, Hyper-V, Containers and more. Have a look at the announcement on Microsoft tech community, Sharing together to make IT Better ๐Ÿ˜‰

Microsoft Announcing the ITOpsTalk GitHub repo โ€“ A central location for IT/Ops related samples


Leave a comment

#Microsoft Azure Arc enabled Servers managed with Windows Admin Center in #Azure #AzureHybrid #MVPBuzz

Microsoft Azure Hybrid Management

With Windows Admin Center in the Azure portal you can manage the Windows Server operating system of your Arc-enabled servers, known as hybrid machines. You can securely manage hybrid machines from anywhereโ€“without needing a VPN, public IP address, or other inbound connectivity to your machine.

With Windows Admin Center extension in Azure, you get the management, configuration, troubleshooting, and maintenance functionality for managing your Arc-enabled servers in the Azure portal. Windows Server infrastructure and workload management no longer requires you to establish line-of-sight or Remote Desktop Protocol (RDP)โ€“it can all be done natively from the Azure portal. Windows Admin Center provides tools that you’d normally find in Server Manager, Device Manager, Task Manager, Hyper-V Manager, and most other Microsoft Management Console (MMC) tools.

In the following steps we will install Azure Windows Admin Center (Preview) on a Microsoft Azure Arc enabled Server from the Azure Portal.

Click on Windows Admin Center (Preview) on the Left side.
Then click op Setup

Set the port.
Click on Install

Installing extension Windows Admin Center

At the Activity log you can follow the installation.

and See the Quick Insights

No Problems here ๐Ÿ˜‰

Let’s Connect

Sign in with your Username and Password

 

Running Windows Admin Center from the Azure Portal.

Azure Windows Admin Center of the Azure Arc enabled Server.

PowerShell session remote on the Azure Arc enabled Server.

Events of the Azure Arc enabled Server.

Conclusion

With Microsoft Azure Windows Admin Center and Azure Arc enabled Servers you can manage your servers from anywhere.
You got all the benefits of Microsoft Azure Hybrid features. Try it yourself, Windows Admin Center is still in preview and for testing only.
You can experience this awesome Azure Hybrid solution before it goes in production ๐Ÿ˜‰

 


Leave a comment

Azure Arc enabled Server Insights #AzureHybrid #AzureArc #Winserv #Azure

Microsoft Azure Arc enabled Server Insights

Azure Arc-enabled servers lets you manage Windows and Linux physical servers and virtual machines hosted outside of Azure, on your corporate network, or other cloud providers. VM insights monitors the performance and health of your virtual machines and virtual machine scale sets, including their running processes and dependencies on other resources. It can help deliver predictable performance and availability of vital applications by identifying performance bottlenecks and network issues.

In the following steps you see more Azure Arc Insights of this On-premises domain controller.

Azure Arc Insights Performance monitor

Here you see by default performance counters in a dashboard of the Azure Arc enabled Server :

  • CPU Utilization
  • Available Memory
  • Logical Disk IOPS
  • Logical Disk MB/s
  • Max Logical Disk Used %
  • Bytes sent rate
  • Bytes received rate

In the right corner you can show your own workbooks.

Azure Arc Insights Map dependencies

I really like this feature to see more Insights of your dependencies with this map. See if there are any communication issues
in your solution is great!

Here you see connections of the Azure Arc enabled domain controller from on-premises.

You even can see if you have Malicious Connections in your process, here they are all green ๐Ÿ™‚

Azure Arc Insights Map Changes
You can Investigate Changes

Azure Arc Insights Map Alerts
Here you can Investigate the Alerts.

Azure Arc Insights Overview
Make your own Data Collection Rule.

Here is the Data Source MSVMI-HybridIT
Here you can configure your resources with the Data Sources.

Create your own Data Collection endpoint for your Azure Arc enabled Server

Create your endpoint and select your Tag

with Tags you can set the Owner or cost number on the data collection endpoint.

When It’s ready you can here select the Data collection endpoint for your Server.

We only have Performance Counters, so we will add more Data Sources.

Here you can see some default Data sources.
I select Windows Event Logs.

Here you can configure the event logs and levels to Collect.

I selected only these.
Click on Next : Destination>

Select the right destination.
Then Click on Add Data Source

Here you have your Data Sources

More information :

Microsoft Azure Monitor Overview

Microsoft Azure Arc docs

Azure Arc JumpStart

Azure Arc JumpStart YouTube Videos

Azure Arc on GitHub

Azure Arc on Tech Community

 


Leave a comment

Keep your Azure Arc Server extensions up-to-date #AzureHybrid #HybridIT #Azure

Microsoft Azure Arc enabled Servers

When you have your Servers Azure Arc enabled, you will work with Azure Arc extensions to work with Azure hybrid features like Defender for Cloud, Azure Monitor, Windows Admin Center and more. For each Azure Arc extension you can get updates, and it’s important to keep them up-to-date for new functionality and security. You have Azure Arc extensions for Windows Servers but also for Linux Servers.
Some of the Azure Arc extensions will automatic upgrade when you have enabled it and some must go manually from the Azure Portal.
More information about Azure Arc extensions you can find them here

In the next steps you will see the Update management of the Azure Arc enabled extensions :

Here I update one extension.

Inside the WindowsOsUpdateExtension

Here you can see that the WindowsOsUpdateExtension is up-to-date
and Status Succeeded

On the right of this screenshot you see Automatic Upgrade and some extensions are enabled, but some are not supported.
That’s why it’s important to check these updates.

Here you can see in the Status that two Azure Arc extensions are updating

And sometimes it failed to update.
But you can see what you can do best with this failed Status.

Here you see the error message and the Tips.
And when you can’t fix it yourself you can make a Support ticket right away.

Here you can see that all the Azure Arc extensions are updated successfully

So I selected all my Azure Arc enabled Servers and updated them all.

Conclusion

With Microsoft Azure Arc enabled Servers you have do some IT management to keep your Azure Arc extensions up-to-date.
I did this without rebooting Servers, just from the Azure Portal update Azure Arc extension.
Here you find more information about Microsoft Azure Arc for Azure Hybrid IT

Join Azure Hybrid Community Group on LinkedIn


Leave a comment

Thank you #Community and #Microsoft for this Awesome Year 2022! Happy Holidays

What a Year 2022!!

I like to thank you Community for Supporting, Sharing and Reading New Microsoft technologies on my Blog, Twitter, Facebook and
LinkedIn Community Groups ๐Ÿ’— I wish you all happy Holidays, Merry Christmas and a Healthy New Year 2023 may the Best Wishes comes true ! ๐ŸŽ„๐Ÿฅ‚

I’m very proud and Honoredย  on the Microsoft Global MVP Awards 2022-2023 !

  • MVP Award for Cloud and Datacenter Management
  • MVP Award for Windows Insiders
  • MVP Award for Azure Hybrid

Thank you Microsoftย Product Groups, MVP Award Program, Windows Insider Team, Azure Hybrid Team, Windows Server and Azure Stack HCI Team for all your support, NDA PGI sessions, and for the Awesome software, Features, solutions you are building ๐Ÿ™‚
Wish you all Happy Holidays, Merry Christmas and a Healthy New Year 2023 may the Best Wishes comes true ! ๐ŸŽ„๐Ÿฅ‚

Here are some Great links for Reading and Sharing :

JOIN these LinkedIn Community Groups for free and Share New Microsoft Technologies Together:

Windows Admin Center Community Group

Containers in the Cloud Community Group

Microsoft Azure Monitor & Security for Hybrid IT Community Group

Azure Hybrid Community Group

Azure DevOps Community Group

What I really love is the Microsoft Tech Community platform


For Microsoft Azure Hybrid:

Azure Arc Jumpstart site

Azure Hybrid and Multi Cloud documentation

Microsoft Azure Arc Community monthly Meetup (GitHub)

Follow on Twitter for Azure Hybrid:

——————————————————————————————————————————————————-
For Windows Insiders:

Microsoft Windows Insiders Blog

Windows Insider Team on YouTube

The Windows Insider Program Team is really active on Twitter:
@WindowsInsider

@JenMsft

@NorthFaceHiker

@brandonleblanc

@amanda_lango


Get started with the Windows Server Insider program

What’s New in Windows Server 2022

Overview of Windows Admin Center

What’s New in SQL Server 2022



Leave a comment

#MVPLABSerie Azure Defender for Cloud with #AzureArc enabled SQL Server #AzureHybrid #Security

Azure Arc enabled SQL Servers Architecture

To keep your Business running, It’s important to secure and monitor your data. One of the security measures is doing Vulnerability assessments in your datacenter(s) to see the status and results for remediation. With Microsoft Azure Arc Defender for Cloud you can do a SQL Server vulnerability assessment in your on-premises datacenter or anywhere with the Azure Arc agent running.
Here you find more information about Azure Arc enabled SQL Server

Microsoft Defender for Cloud on Azure Arc enabled SQL Server

Here I activated Microsoft Defender for Cloud on Azure Arc enabled SQL Server, and Azure Defender for Cloud is doing a SQL vulnerability assessment to get the security status and results for remediation.

On this same Azure portal page you will see the Vulnerability assessment findings.

When you Open a Vulnerability finding, you get more information and the remediation for the issue.

Here you see the complete Resource Health of the Azure Arc enabled SQL Server.
Look at the Status of each severity.

Here you see all the vulnerability findings on these four databases.

When you do the remediation you will see the healthy status.
on the Passed tab.

Here I open only the OperationsManager database.
Now you see only the Vulnerability findings on this database.

Here you see a vulnerability finding on the SCOM database with the Remediation ๐Ÿ™‚

You can make your Own Workbooks or use them from the Gallery.

Workbook example of Vulnerability Assessment findings.

Conclusion

With Azure Defender for Cloud vulnerability assessment and management you will learn a lot to set your Security Baseline on a higher level in your datacenter(s). Getting the right remediation of Microsoft to solve security issues is Great! You can do your assessments frequently to show your current status on demand. I Really like these Azure Hybrid Tools to make my work easier and the data more secure for the business.


Please join the Azure Hybrid Community Group on LinkedIn for free ( Sharing is Caring together )


Leave a comment

#MVPLABSerie Azure Arc enabled SQL Server Health Assessment #AzureHybrid #AzureArc #SQLServer

Azure Hybrid

In earlier MVPLABSerie blogpost I wrote about making your on-premises Servers hybrid with Azure Arc enabled Servers.
In my mvplab.local domain, there is a SQL 2022 Cluster running which also has the Azure Connected Machine Agent version 1.24.

One of the benefits of Azure Arc enabled Servers for SQL is that you can do on-demand SQL Health assessments on your SQL Environment in your On-premises Datacenter. In the following step-by-step guide we will prepare the SQL Cluster nodes.

Go to this link to watch the video

In my mvplab.local domain I’m doing the following steps :

Go in the Azure Portal to Azure Arc
Click on SQL Servers
under Infrastructure.
Click on Add

I Choose for Connect Servers
because both SQL Nodes are already connected in my MVPLAB.local domain.

Prerequisites
Click on Next Server details.

Select the right Azure Subscription and Resource Group
Select the region and Operating System
Set Proxy server URL
if you need one
Click on Next.

Set your owner tags if needed.
Here you can find more information about Tags Management

From here you have to download the Script
and Run it locally on both SQL Nodes. ( or your Single SQL Server )

Run the script in administrator modus of Powershell ISE.
go to page https://microsoft.com/devicelogin
and enter the Code

Login and continue.

Here you see that the Azure Connected Machine Agent already is installed.
But it will now add the SQL Extension.

Installation Completed Successfully.

Now we have two Azure Arc enabled SQL Servers connected.

Overview of SQL 2022 Node in Azure Arc.

You can see the Databases running.

Here you can set your Admin from Azure Active Directory.

But we want to do a SQL Assessment, but the Azure Monitoring Agent is still missing.

Here you see that the SQL extension is installed.
Now we will add the Azure Monitor Agent to my existing Log Analytics Workspace.
Click on Add

Select Log Analytics Agent – Azure Arc.

Add your Workspace ID
Add your Workspace Kay
Click on Review + Create

Validation Passed.

Azure Monitoring Agent is Installed.

From here you can do the On-Demand SQL Assessments via
Microsoft Azure Arc enabled SQL Servers.

The SQL Server Assessment focuses on several key pillars, including:

  • SQL Server configuration
  • Database design
  • Security
  • Performance
  • Always On
  • Cluster
  • Upgrade readiness
  • Error log analysis
  • Operational Excellence

Example of SQL Server Assessment results.

On each assessment result you get a recommendation from Microsoft so you can make your SQL environment Health and Secure!

Conclusion

To get these health results of your SQL environment is Awesome ๐Ÿ™‚ You are in control of your Azure Hybrid Arc enabled SQL Servers to keep them Healthy and Secure. The following Azure Arc enabled SQL Server blogpost is about Azure Defender for Cloud for your SQL Servers. With these two Azure Arc for SQL Server features you get the best Insights to keep your data as save as possible.