JOIN Microsoft Ignite 2021 Event
You don’t want to miss this Live Awesome Virtual Global Event of Microsoft 😉
Category Archives: Azure Stack
Adding Windows Server 20H2 Core to Azure Arc Services with #WindowsAdminCenter #Winserv #Azure
Azure Arc Services
Azure Arc enabled servers allows you to manage your Windows and Linux machines hosted outside of Azure, on your On-premises network, or other cloud provider consistent with how you manage native Azure virtual machines. When a hybrid machine is connected to Azure, it becomes a connected machine and is treated as a resource in Azure. Each connected machine has a Resource ID, is included in a resource group, and benefits from standard Azure constructs such as Azure Policy and applying tags. Service providers who manage a customer’s on-premises infrastructure can manage their hybrid machines, just like they do today with native Azure resources, across multiple customer environments, using Azure Lighthouse with Azure Arc.
To deliver this experience with your hybrid machines hosted outside of Azure, the Azure Connected Machine agent needs to be installed on each machine that you plan on connecting to Azure. This agent does not deliver any other functionality, and it doesn’t replace the Azure Log Analytics agent. The Log Analytics agent for Windows and Linux is required when you want to proactively monitor the OS and workloads running on the machine, manage it using Automation runbooks or solutions like Update Management, or use other Azure services like Azure Security Center.
In earlier blogpost I wrote about Windows Admin Center and the Installation of Windows Server 20H2 Core version.
Now we have my Dark20H2.MVPLAB.LOCAL Windows Server Core managed by Windows Admin Center, I like to connect the Windows Server 20H2 Core to Azure Arc Services for Hybrid IT Management to get the benefits of the Cloud.
In the next step-by step guide we will enable Azure Arc Services by installing the agent on the Windows Server 20H2 Core.
Prerequisites
- If you don’t have an Azure subscription, create a free account before you begin.
- Deploying the Arc enabled servers Hybrid Connected Machine agent requires that you have administrator permissions on the machine to install and configure the agent. On Linux, by using the root account, and on Windows, with an account that is a member of the Local Administrators group.
- Before you get started, be sure to review the agent prerequisites and verify the following:
- Your target machine is running a supported operating system.
- Your account is granted assignment to the required Azure roles.
- If the machine connects through a firewall or proxy server to communicate over the Internet, make sure the URLs listed are not blocked.
- Azure Arc enabled servers supports only the regions specified here.
Open Azure Arc in the Portal.
Because I have already Azure Arc Active for my Azure Stack HCI Cluster in my MVPLAB.LOCAL, I will click on Servers on the left.
Click on Add
We will Generate a Script for the Single Windows Server 20H2 Core.
You can Add also Servers at Scale.
HTTPS Access to Azure Services is Needed
and
Local Administrator permissions, Click Next
Select the right Azure Subscription and the Resource Group.
Select the Azure Region and Operating System.
and the URL when you are behind a Proxy Server.
Click Next.
You can add Tags for Administrative tasks like Costs.
Click Next.
Here you can Copy and Paste the Script or Download it.
I downloaded the PowerShell Script.
Click on Close.
Windows Admin Center in action on Windows Server 20H2 Core
The Windows Server Dark20H2.mvplab.local is a basic installation and managed by Windows Admin Center
Now we have to do the following steps :
- Copy the Azure Arc PowerShell Script to the Server with WAC.
- Install Azure PowerShell on the Server
- Run the Azure Arc PowerShell Script.
1. Copy the Azure Arc PowerShell Script to the Server with WAC
First we use Windows Admin Center to make a directory on the Server for uploading the Azure Arc PowerShell Script.
I have made a Azure Arc directory with Windows Admin Center.
Click on Upload.
Browse to your Azure Arc PowerShell Script.
Click on Submit.
The Azure Arc PowerShell Script is now on the Server.
2. Install Azure PowerShell on the Server
In the following steps we will install Microsoft Azure PowerShell on the Server via Windows Admin Center.
Type: $PSVersionTable.PSVersion
You need at least PowerShell 5.1
- Install .NET Framework 4.7.2 or later.
- Make sure you have the latest version of PowerShellGet. Run
Install-Module -Name PowerShellGet -Force
Run the following script :
———————————————————————-
if ($PSVersionTable.PSEdition -eq ‘Desktop’ -and (Get-Module -Name AzureRM -ListAvailable)) {
Write-Warning -Message (‘Az module not installed. Having both the AzureRM and ‘ +
‘Az modules installed at the same time is not supported.’)
} else {
Install-Module -Name Az -AllowClobber -Scope CurrentUser
}
———————————————————————–
Type Y or A ( Yes or Yes to All)
Installing the Azure PowerShell Modules.
Now we are ready for the Azure Arc PowerShell Script.
3. Run Azure Arc PowerShell Script on the Server.
From here we are going to install the Microsoft Azure Arc PowerShell Script to join this server to Azure Arc Services with an Agent.
Run .\OnboardingScript (1).ps1
It will ask for a Device login to Azure with a Code.
I did that on the Windows Admin Center Server.
When you Login to Azure with your Account you will see this Screen.
The Next screen is the completion in Windows Admin Center PowerShell of the Windows Server 20H2 Core.
This Dark20H2.mvplab.local Server is now connected with Azure Arc Services.
Azure Arc Enabled Server.
Here we see the Windows Server 202H2 Core in Azure Arc.
Azure Arc Services
Installing Azure Arc Insights
Here we start with one of the Azure Arc Services on the On-Premises Windows Server 20H2 Core called Azure Arc Insights.
Click on Insights on the Left of the Azure Arc Server.
Click on Enable.
Select your Azure Subscription and Log Analytics Workspace.
Click on Enable.
Installation of Azure Arc Insights in progress……
It’s Ready and waiting for data in Azure.
Performance View of On-Prem Servers.
Azure Arc Service Map will come available
Conclusion
With Microsoft Azure Arc Services you get the Azure Cloud Management services connected with On-Premises Servers. You get Azure Security Center, Log Analytics, Azure Monitoring and Alerting, Update Management, Change tracking and Automation tasks. This is the power of Hybrid IT Management and get the best of Tools there is like Windows Admin Center supporting me with Windows Server 20H2 Core. Azure Arc Services with Kubernetes and Azure Stack HCI Management is powerful and with a Single pain of Glass in IT Management. Hope this helpful for you, and Go for it yourself. 😉
Running #Dapr in WSL2 Ubuntu 20-04 distro in #WindowsInsider Build 21277 RS and #VSCode
Working with Dapr in WSL2 Remote VSCode and Ubuntu 20.04 distro
Dapr is a portable, event-driven runtime that makes it easy for any developer to build resilient, stateless and stateful applications that run on the cloud and edge and embraces the diversity of languages and developer frameworks.
Developer language SDKs and frameworks
To make using Dapr more natural for different languages, it also includes language specific SDKs for Go, Java, JavaScript, .NET and Python. These SDKs expose the functionality in the Dapr building blocks, such as saving state, publishing an event or creating an actor, through a typed, language API rather than calling the http/gRPC API. This enables you to write a combination of stateless and stateful functions and actors all in the language of their choice. And because these SDKs share the Dapr runtime, you get cross-language actor and functions support.
SDKs
Dapr in Standalone version.
I’m using Windows Insider Build version 21277-RS with Docker for Windows Edge and Visual Studio Code.
Docker for Windows Edge Version Running.
Because Docker for Windows Edge support WSL2 Engine and Visual Studio Code too, brought me to an idea to build dapr into Ubuntu 20.04 WSL Distro on my Windows Insiders 21277 RS version on my Surface Book 3. There for you must activate the WSL2 integration with my default WSL distro Ubuntu-20.04.
Docker for Windows WSL 2 Integration.
In your Ubuntu-20.04 WSL2 version, you can install Dapr into your linux distro, more information you find here on dapr.io
Dapr init ( in the Ubuntu-20.04 WSL2 Linux distro )
Here you find the Dapr dev environment installation types for Dapr init, I did the standalone version. Dapr makes then the following containers :
Dapr Containers.
Then we have the following running :
- Dapr Dashboard
- Zipkin
Zipkin is a distributed tracing system. It helps gather timing data needed to troubleshoot latency problems in service architectures. Features include both the collection and lookup of this data.
Zipkin Traces
Dapr Dashboard
Now we have Dapr running in the WSL2 Ubuntu-20.04 distro, you can use Visual Studio Code on Windows Insiders using Remote WSL and work with your favourite dapr SDK like the list above 😉
From here you can work with your dapr application.
In this guide dapr is running with Docker containers, but you can also install it on Kubernetes or K8s, AKS, Azure any where, see this overview :
Dapr with Kubenetes Containers.
Dapr Overview.
Important Note : Dapr is now production ready with version 1.0 ! Developers, DevOps, AzOps, you can start with it and Build and Test your own microservices and Container apps ! Hope you are having fun with it too 😉
Happy Holidays and I wish you a Healthy 2021 #Azure #Cloud #MVPBuzz #Winserv #Security #Healthcare
It’s a year full of misery with the Covid-19 virus around the world. People who lose their loved one, It’s a very sad time for all of us! Microsoft technologies are still going on strong with new features in Azure Cloud Services but also supporting the people who are working in the healthcare, data analytics, Microsoft Teams for Collaboration and much more. But what I want to say to all HealthCare people over the world : THANK YOU SO MUCH FOR ALL THE WORK YOU DO 👍
I have deep respect for you all !
Community, Microsoft Product Teams, MVP Lead, WIndows Insiders, I wish you and your family happy holidays and a Healthy 2021 with lot of Success! 🎄😍
Windows Admin Center and The Container Extension #WAC #Containers #Winserv
Windows Admin Center
Windows Admin Center is a locally deployed, browser-based app for managing Windows servers, clusters, hyper-converged infrastructure, as well as Windows 10 PCs. It comes at no additional cost beyond Windows and is ready to use in production. If you want to work more secure with Windows Server Core images without the GUI or with Microsoft Azure Stack HCI operating system then Windows Admin Center is the tool for the Administrator to manage your workloads on-premises or in the Cloud. You have one web based interface for all your Server consoles (MMC) to manage your Hybrid Datacenter.
Here you can read more about Microsoft Windows Admin Center and download the free software.
Get the best with Windows Admin Center Extensions
Windows Admin Center and the Container Extension
When you have installed Microsoft Windows Admin Center you can configure the settings and extensions for your environment. When you want the benefits of the Microsoft azure Cloud Services you can configure your Azure subscription and add the extensions to your Windows Admin Center. There are also Third Party extensions like Dell, DataOn, Fujitsu and more.
Here you find more information about how extensions work.
Container Extension
In the following step-by-step guide we will work with the Container Extension of Windows Admin Center on a Windows Server 2019. You have already added the server in WAC and installed the Container extension. In my MVPLAB.CLOUD is that Windows Server 2019 datacenter Starship01.mvplab.cloud. When you open the server you will come in the Overview of the Windows Server:
Click on Containers.
Click on Install for the Docker installation on Starship01.mvplab.cloud.
This will install Docker on the Windows Server 2019 and reboot when it’s ready to use for Containers. From this moment you can work with Windows Containers on the host via Windows Admin Center.
Remote Desktop in Windows Admin Center, the docker host is installed with the Windows Filter by default.
When you want to use Docker Linux Containers with Windows Server 2019 host, you have to configure the Linux kit LCOW with a distro on the host. More info here
Containers on Starship01.mvplab.cloud
To start with containers you can create your own, or pull an image from Docker Hub with Windows Admin Center. In my case I pull Windows Server 2019 ltsc with IIS image.
mcr.microsoft.com/windows/servercore/iis (Image)
windowsservercore-ltsc2019 (Tag)
Click then on Pull.
Select your image and click on Run.
Give your Container a name and set your settings.
Click on Run.
Click on Containers tab and you will see your running Container
More details you see the IP-Address of the Container.
IIS is running on Windows Server 2019 ltsc in a Docker Windows Container.
That was easy right 😉
Making your Own Docker file with Windows Admin Center Container Extension
When you have your own Github repository with your software, you can make your own docker file and make a docker image on your host for deployment. To show this I have used this sample on Microsoft docs, but you can clone also a github repository and copy the dockerfile on the host.
I copied the dockerfile on the host C:\BuildImage.
—————
# Sample Dockerfile
# Indicates that the windowsservercore image will be used as the base image.
FROM mcr.microsoft.com/windows/servercore:ltsc2019
# Metadata indicating an image maintainer.
LABEL maintainer=”jshelton@contoso.com”
# Uses dism.exe to install the IIS role.
RUN dism.exe /online /enable-feature /all /featurename:iis-webserver /NoRestart
# Creates an HTML file and adds content to this file.
RUN echo “Hello World – Dockerfile” > c:\inetpub\wwwroot\index.html
# Sets a command or process that will run each time a container is run from the new image.
CMD [ “cmd” ]
Here is the Microsoft docs website
Image Creation in progress
New Image Created with Windows Admin Center
Running your Own Container image
Container “Hello World – Dockerfile” running
Conclusion :
In Windows Admin Center comes ITpro world and DevOps world Together in One web based console like with the Container extension. Microsoft is developing really fast in Windows Admin Center to get all the right Feature for ITPro, DevOps and SecOps Administrators in one place. Awesome are the Windows Admin Center Extensions, developers makes these better and better to do the job for Administrators 🚀
Windows Server 2019 Core and Azure Stack HCI are Operating systems without a GUI, and with Windows Admin Center they are really good to manage, update and keeping in control of security.
I like Windows Admin Center a lot and it Rocks for managing your hybrid Datacenter 😉
Send your comments and feedback via Microsoft GitHub repo by opening a new issue for the Container Extension. Follow @vrapolinario on Twitter
You can Follow Windows Admin Center here on Twitter : @servermgmt
JOIN #Microsoft Inspire 2020 Global Event July 21-22 #MSInspire #Azure #AzureStack #Cloud #MVPBuzz #Innovation
Microsoft Inspire 2020 Global Event 🚀
Innovation. Leadership. Partnership.
Now is the time. Join your global partner community for the Microsoft Inspire digital event experience. Register today and get ready to extend your partner network as we explore what’s coming in the year ahead and work together to find shared solutions for our customers. Join Microsoft Inspire 2020 Global Event on July 21-22 Now at no Cost!
You will be Inspired by Microsoft New Technologies and Innovations !
Manage Servers On-premises with Microsoft Azure Cloud Services #Azure #Arc #Security #Cloud #AzureMonitor #ASC
Microsoft Azure Arc Servers On-Premises and Azure Cloud Services
Earlier I wrote a blogpost about Microsoft Azure Arc services installation to manage on-premises Servers with Azure Cloud Services, like Azure Monitor and Azure Security Centre from the Cloud.
Here in this post you will see the Newest Microsoft Azure Cloud Services to Manage and Monitor your Servers on-premises with security and compliance included.
Azure Arc Extensions settings of the Server.
Here you can see we have installed the Microsoft Monitoring Agent for Azure Monitor and log analytics, second we have installed the dependency Agent for Windows for
insights, Performance and Service maps. Here you find more information about Virtual machine extension management with Azure Arc for servers (preview)
After initial deployment of the Azure Arc for servers (preview) Connected Machine agent for Windows or Linux, you may need to reconfigure the agent, upgrade it, or remove it from the computer if it has reached the retirement stage in its lifecycle. You can easily manage these routine maintenance tasks manually or through automation, which reduces both operational error and expenses.
Managing and maintaining the Connected Machine agent
Azure Arc Insights Performance monitor
The Azure Arc Insights Performance monitor is there by default and installed with the following dashboards :
- CPU Utilization
- Available Memory
- Logical disk IOPS
- Logical disk MB/s
- Logical disk Latency
- Max logical disk used %
- Bytes Sent Rate
- Bytes Received Rate
Azure Arc Logs Analytics
Of course you can make your own custom Dashboards in the Azure Portal with your own triggers, so in this way you get the same Azure Monitor Innovative Tools for your On-Premises Servers. 😉
Within Microsoft Azure Arc Insights, you can also see a Service Map of the Server
Here is were the dependency agent comes in, you get a service map of the Server and see the communication lines with other resources. In this picture you see Server Yoda01 a Domain Controller of my MVPLAB.
You can see that there are three Clients are logged on the domain controller.
Microsoft Azure Security Center for Azure Arc Servers
One of the most powerful and important features of Microsoft Azure Cloud platform is Security! Microsoft Azure Security Center (ASC) is a unified infrastructure security management system that strengthens the security posture of your data centers, and provides advanced threat protection across your hybrid workloads in the cloud – whether they’re in Azure or not – as well as on premises.
Here you see my Azure Arc Servers (On-Premises) in Azure Security Center.
Azure Arc Server in Azure Security Center recommendations Summary
Five security assessments passed the test, but Azure Security assessment has two recommendations one is Medium Risk and one low.
Here you see the Security advise and the Remediation to take action on your Server.
Microsoft Azure Security Center Overview with the Overall Secure Score.
Security controls – Each control is a logical group of related security recommendations, and reflects your vulnerable attack surfaces. A control is a set of security recommendations, with instructions that help you implement those recommendations. Your score only improves when you remediate all of the recommendations for a single resource within a control.
To immediately see how well your organization is securing each individual attack surface, review the scores for each security control.
Here you find More information about Azure Security Center Secure Score
To get your Azure Arc Servers (On-premises) complaint for the business and security, you can use Microsoft Azure Arc Policies
Azure Arc Policies to meet your Compliance state.
Conclusion
Microsoft is bringing Azure Cloud Power tools everywhere with Azure Arc Services to give you modern tools like Azure Monitor and Azure Security Center to keep you in control, Secure and Compliant for your business. Keep following Microsoft for Hybrid IT Management, because more awesome features are added every day in Microsoft Azure Cloud Services. Let’s start to get your Azure Security Score UP and UP 😉
#Microsoft Windows Admin Center and Azure Backup Management #WAC #Azure
Microsoft Windows Admin Center
Microsoft Windows Admin Center is a web based App working in your modern browser like Edge or Chrome to manage your datacenter infrastructure. You can download it here
You can manage Windows Servers, Windows10 Desktops, Clusters, Hyperconverged Clusters, Storage Spaces Direct and more in a Hybrid environment and that’s what I like.
My Servers can be on-premises or in the Cloud like Azure and will manage them with Windows Admin Center.
Download the Windows Admin Center Overview Poster
Here you find all the Microsoft documentation about Windows Admin Center
Windows Admin Center and Azure backup integration
When you have Windows Admin Center running you can register with Microsoft Azure first in the settings of Windows Admin Center.
Register to your Azure Subscription, just follow the instructions.
Install Azure Backup Extension at Available extensions.
From here the basic settings are done and we will have a look at my MVP LAB to backup a virtual Server.
Windows Admin Center in Domain MVPLAB.CLOUD
I have selected stormtrooper01.mvplab.cloud Windows Server 2019 and on the left Azure Backup.
You can read here more about Microsoft Azure Backup
Click on setup Azure Backup.
Here you select the Azure Subscription and the Backup Vault
and this will be a system state backup.
Next Step is Backup Schedule and Encryption key.
IMPORTANT: Keep this Encryption key somewhere save !
You need this key for recovery and Microsoft does not have access to that key.
Azure Backup Schedule settings.
When you apply here it will setup the Azure backup agent and your policies.
Backup is scheduled.
Here I did the Backup by hand.
Here you see the backup in the Azure Backup Vault.
Backup done via Windows Admin Center 😉
Here you see a video from Microsoft Mechanics at Ignite with Jeff Woolsey
Follow Windows Admin Center here on Twitter
Don’t forget to give feedback or great ideas !
Inside Azure Management E-Book Available ! #Azure #MVPBuzz #Management #Cloud
Inside Azure Management
This Inside Azure Management E-Book is a Must Have for All Azure Cloud Administrators! It’s made by Great Microsoft Most Valuable Professionals (MVP’s)
who are working always with Microsoft Azure Cloud Services. You can download this Awesome Inside Azure Management E-Book here.
If you want a hard copy of this Awesome E-Book you can order at Amazon
Here you can find the Authors of the Inside Azure Management E-Book on GitHub.
Thank you Guys for Sharing this with the Community 👍😎🚀
#Microsoft Build 2020 Virtual Event May 19-20-21 Build your Schedule Now! #MSBuild #MVPBuzz
Microsoft Build 2020
Choose from 48 hours of continuous content to create your own digital event experience. Registration is free and is required to get full, interactive access to the digital event. Here you can register for Microsoft Build 2020 Virtual Event
The Session Catalog is Live ! Build your own Schedule here
With 30+ Community talks, learning sessions, and skill-building activities exploring Minecraft, MakeCode, Visual Studio, AI, Azure, and more, there is something here for every student and every level of experience!
Check out the full list here or search by keyword to add lessons to your schedule.
Don’t miss this Awesome Event 👍😎🚀
