Cloud and Datacenter Management Blog

Microsoft Hybrid Cloud blogsite about Management


Leave a comment

Adding Windows Server 20H2 Core to Azure Arc Services with #WindowsAdminCenter #Winserv #Azure

Azure Arc Services

Azure Arc enabled servers allows you to manage your Windows and Linux machines hosted outside of Azure, on your On-premises network, or other cloud provider consistent with how you manage native Azure virtual machines. When a hybrid machine is connected to Azure, it becomes a connected machine and is treated as a resource in Azure. Each connected machine has a Resource ID, is included in a resource group, and benefits from standard Azure constructs such as Azure Policy and applying tags. Service providers who manage a customer’s on-premises infrastructure can manage their hybrid machines, just like they do today with native Azure resources, across multiple customer environments, using Azure Lighthouse with Azure Arc.

To deliver this experience with your hybrid machines hosted outside of Azure, the Azure Connected Machine agent needs to be installed on each machine that you plan on connecting to Azure. This agent does not deliver any other functionality, and it doesn’t replace the Azure Log Analytics agent. The Log Analytics agent for Windows and Linux is required when you want to proactively monitor the OS and workloads running on the machine, manage it using Automation runbooks or solutions like Update Management, or use other Azure services like Azure Security Center.

In earlier blogpost I wrote about Windows Admin Center and the Installation of Windows Server 20H2 Core version.

Now we have my Dark20H2.MVPLAB.LOCAL Windows Server Core managed by Windows Admin Center, I like to connect the Windows Server 20H2 Core to Azure Arc Services for Hybrid IT Management to get the benefits of the Cloud.

In the next step-by step guide we will enable Azure Arc Services by installing the agent on the Windows Server 20H2 Core.

Prerequisites

  • If you don’t have an Azure subscription, create a free account before you begin.
  • Deploying the Arc enabled servers Hybrid Connected Machine agent requires that you have administrator permissions on the machine to install and configure the agent. On Linux, by using the root account, and on Windows, with an account that is a member of the Local Administrators group.
  • Before you get started, be sure to review the agent prerequisites and verify the following:
    • Your target machine is running a supported operating system.
    • Your account is granted assignment to the required Azure roles.
    • If the machine connects through a firewall or proxy server to communicate over the Internet, make sure the URLs listed are not blocked.
    • Azure Arc enabled servers supports only the regions specified here.

Open Azure Arc in the Portal.

Because I have already Azure Arc Active for my Azure Stack HCI Cluster in my MVPLAB.LOCAL, I will click on Servers on the left.

Click on Add

We will Generate a Script for the Single Windows Server 20H2 Core.
You can Add also Servers at Scale.

HTTPS Access to Azure Services is Needed
and
Local Administrator permissions, Click Next

Select the right Azure Subscription and the Resource Group.
Select the Azure Region and Operating System.
and the URL when you are behind a Proxy Server.
Click Next.

You can add Tags for Administrative tasks like Costs.
Click Next.

Here you can Copy and Paste the Script or Download it.
I downloaded the PowerShell Script.
Click on Close.

Windows Admin Center in action on Windows Server 20H2 Core

The Windows Server Dark20H2.mvplab.local is a basic installation and managed by Windows Admin Center

Now we have to do the following steps :

  1. Copy the Azure Arc PowerShell Script to the Server with WAC.
  2. Install Azure PowerShell on the Server
  3. Run the Azure Arc PowerShell Script.

1. Copy the Azure Arc PowerShell Script to the Server with WAC

First we use Windows Admin Center to make a directory on the Server for uploading the Azure Arc PowerShell Script.

I have made a Azure Arc directory with Windows Admin Center.
Click on Upload.

Browse to your Azure Arc PowerShell Script.

Click on Submit.

The Azure Arc PowerShell Script is now on the Server.

2. Install Azure PowerShell on the Server

In the following steps we will install Microsoft Azure PowerShell on the Server via Windows Admin Center.

Type: $PSVersionTable.PSVersion
You need at least PowerShell 5.1

  1. Install .NET Framework 4.7.2 or later.
  2. Make sure you have the latest version of PowerShellGet. Run Install-Module -Name PowerShellGet -Force

Run the following script :

———————————————————————-

if ($PSVersionTable.PSEdition -eq ‘Desktop’ -and (Get-Module -Name AzureRM -ListAvailable)) {
Write-Warning -Message (‘Az module not installed. Having both the AzureRM and ‘ +
‘Az modules installed at the same time is not supported.’)
} else {
Install-Module -Name Az -AllowClobber -Scope CurrentUser
}

———————————————————————–

Type Y or A ( Yes or Yes to All)

Installing the Azure PowerShell Modules.

Now we are ready for the Azure Arc PowerShell Script.

3. Run Azure Arc PowerShell Script on the Server.

From here we are going to install the Microsoft Azure Arc PowerShell Script to join this server to Azure Arc Services with an Agent.

Run   .\OnboardingScript (1).ps1
It will ask for a Device login to Azure with a Code.
I did that on the Windows Admin Center Server.

When you Login to Azure with your Account you will see this Screen.

The Next screen is the completion in Windows Admin Center PowerShell of the Windows Server 20H2 Core.

This Dark20H2.mvplab.local Server is now connected with Azure Arc Services.
Azure Arc Enabled Server.

Here we see the Windows Server 202H2 Core in Azure Arc.

Azure Arc Services

Installing Azure Arc Insights

Here we start with one of the Azure Arc Services on the On-Premises Windows Server 20H2 Core called Azure Arc Insights.

Click on Insights on the Left of the Azure Arc Server.
Click on Enable.

Select your Azure Subscription and Log Analytics Workspace.
Click on Enable.

Installation of Azure Arc Insights in progress……

It’s Ready and waiting for data in Azure.

Performance View of On-Prem Servers.

Azure Arc Service Map will come available

Conclusion

With Microsoft Azure Arc Services you get the Azure Cloud Management services connected with On-Premises Servers. You get Azure Security Center, Log Analytics, Azure Monitoring and Alerting, Update Management, Change tracking and Automation tasks. This is the power of Hybrid IT Management and get the best of Tools there is like Windows Admin Center supporting me with Windows Server 20H2 Core. Azure Arc Services with Kubernetes and Azure Stack HCI Management is powerful and with a Single pain of Glass in IT Management. Hope this helpful for you, and Go for it yourself. 😉

 

 


Leave a comment

Running #Dapr in WSL2 Ubuntu 20-04 distro in #WindowsInsider Build 21277 RS and #VSCode

Working with Dapr in WSL2 Remote VSCode and Ubuntu 20.04 distro

Dapr is a portable, event-driven runtime that makes it easy for any developer to build resilient, stateless and stateful applications that run on the cloud and edge and embraces the diversity of languages and developer frameworks.

 

Developer language SDKs and frameworks

To make using Dapr more natural for different languages, it also includes language specific SDKs for Go, Java, JavaScript, .NET and Python. These SDKs expose the functionality in the Dapr building blocks, such as saving state, publishing an event or creating an actor, through a typed, language API rather than calling the http/gRPC API. This enables you to write a combination of stateless and stateful functions and actors all in the language of their choice. And because these SDKs share the Dapr runtime, you get cross-language actor and functions support.

SDKs

Dapr in Standalone version.

I’m using Windows Insider Build version 21277-RS with Docker for Windows Edge and Visual Studio Code.

Docker for Windows Edge Version Running.

Because Docker for Windows Edge support WSL2 Engine and Visual Studio Code too, brought me to an idea to build dapr into Ubuntu 20.04 WSL Distro on my Windows Insiders 21277 RS version on my Surface Book 3. There for you must activate the WSL2 integration with my default WSL distro Ubuntu-20.04.

Docker for Windows WSL 2 Integration.

In your Ubuntu-20.04 WSL2 version, you can install Dapr into your linux distro, more information you find here on dapr.io

Microsoft Windows Subsystem for Linux Installation Guide for Windows 10 with all kind of Linux distro’s 

Dapr init ( in the Ubuntu-20.04 WSL2 Linux distro )

Here you find the Dapr dev environment installation types for Dapr init, I did the standalone version. Dapr makes then the following containers :

Dapr Containers.

Then we have the following running :

  • Dapr Dashboard
  • Zipkin

Zipkin is a distributed tracing system. It helps gather timing data needed to troubleshoot latency problems in service architectures. Features include both the collection and lookup of this data.

Zipkin Traces

Dapr Dashboard

Now we have Dapr running in the WSL2 Ubuntu-20.04 distro, you can use Visual Studio Code on Windows Insiders using Remote WSL and work with your favourite dapr SDK like the list above 😉

Dapr Extension in VSCode

From here you can work with your dapr application.

In this guide dapr is running with Docker containers, but you can also install it on Kubernetes or K8s, AKS, Azure any where, see this overview :

Dapr with Kubenetes Containers.

Dapr Overview.

Important Note : Dapr is still in preview and not ready yet for production. But as a developer, DevOps, AzOps, you can start with it and Build and Test your own microservices and Container apps !  Hope you are having fun with it too 😉

 


Leave a comment

Happy Holidays and I wish you a Healthy 2021 #Azure #Cloud #MVPBuzz #Winserv #Security #Healthcare

It’s a year full of misery with the Covid-19 virus around the world. People who lose their loved one, It’s a very sad time for all of us! Microsoft technologies are still going on strong with new features in Azure Cloud Services but also supporting the people who are working in the healthcare, data analytics, Microsoft Teams for Collaboration and much more. But what I want to say to all HealthCare people over the world : THANK YOU SO MUCH FOR ALL THE WORK YOU DO 👍
I have deep respect for you all !
Community, Microsoft Product Teams, MVP Lead, WIndows Insiders, I wish you and your family happy holidays and a Healthy 2021 with lot of Success! 🎄😍

 


Leave a comment

Windows Admin Center and The Container Extension #WAC #Containers #Winserv

Windows Admin Center

Windows Admin Center is a locally deployed, browser-based app for managing Windows servers, clusters, hyper-converged infrastructure, as well as Windows 10 PCs. It comes at no additional cost beyond Windows and is ready to use in production. If you want to work more secure with Windows Server Core images without the GUI or with Microsoft Azure Stack HCI operating system then Windows Admin Center is the tool for the Administrator to manage your workloads on-premises or in the Cloud. You have one web based interface for all your Server consoles (MMC) to manage your Hybrid Datacenter.
Here you can read more about Microsoft Windows Admin Center and download the free software.

Get the best with Windows Admin Center Extensions

Windows Admin Center and the Container Extension

When you have installed Microsoft Windows Admin Center you can configure the settings and extensions for your environment. When you want the benefits of the Microsoft azure Cloud Services you can configure your Azure subscription and add the extensions to your Windows Admin Center. There are also Third Party extensions like Dell, DataOn, Fujitsu and more.
Here you find more information about how extensions work.

Container Extension

In the following step-by-step guide we will work with the Container Extension of Windows Admin Center on a Windows Server 2019. You have already added the server in WAC and installed the Container extension. In my MVPLAB.CLOUD is that Windows Server 2019 datacenter Starship01.mvplab.cloud. When you open the server you will come in the Overview of the Windows Server:

Click on Containers.

Click on Install for the Docker installation on Starship01.mvplab.cloud.

This will install Docker on the Windows Server 2019 and reboot when it’s ready to use for Containers. From this moment you can work with Windows Containers on the host via Windows Admin Center.

Remote Desktop in Windows Admin Center, the docker host is installed with the Windows Filter by default.

When you want to use Docker Linux Containers with Windows Server 2019 host, you have to configure the Linux kit LCOW with a distro on the host. More info here

Containers on Starship01.mvplab.cloud

To start with containers you can create your own, or pull an image from Docker Hub with Windows Admin Center. In my case I pull Windows Server 2019 ltsc with IIS image.

mcr.microsoft.com/windows/servercore/iis  (Image)

windowsservercore-ltsc2019 (Tag)

Click then on Pull.

Select your image and click on Run.
Give your Container a name and set your settings.

Click on Run.

Click on Containers tab and you will see your running Container

More details you see the IP-Address of the Container.

IIS is running on Windows Server 2019 ltsc in a Docker Windows Container.
That was easy right 😉

Making your Own Docker file with Windows Admin Center Container Extension

When you have your own Github repository with your software, you can make your own docker file and make a docker image on your host for deployment. To show this I have used this sample on Microsoft docs, but you can clone also a github repository and copy the dockerfile on the host.

I copied the dockerfile on the host C:\BuildImage.

—————

# Sample Dockerfile

# Indicates that the windowsservercore image will be used as the base image.
FROM mcr.microsoft.com/windows/servercore:ltsc2019

# Metadata indicating an image maintainer.
LABEL maintainer=”jshelton@contoso.com”

# Uses dism.exe to install the IIS role.
RUN dism.exe /online /enable-feature /all /featurename:iis-webserver /NoRestart

# Creates an HTML file and adds content to this file.
RUN echo “Hello World – Dockerfile” > c:\inetpub\wwwroot\index.html

# Sets a command or process that will run each time a container is run from the new image.
CMD [ “cmd” ]


Here is the Microsoft docs website

Image Creation in progress

New Image Created with Windows Admin Center

Running your Own Container image

Container “Hello World – Dockerfile” running

Conclusion :

In Windows Admin Center comes ITpro world and DevOps world Together in One web based console like with the Container extension. Microsoft is developing really fast in Windows Admin Center to get all the right Feature for ITPro, DevOps and SecOps Administrators in one place. Awesome are the Windows Admin Center Extensions, developers makes these better and better to do the job for Administrators 🚀
Windows Server 2019 Core and Azure Stack HCI are Operating systems without a GUI, and with Windows Admin Center they are really good to manage, update and keeping in control of security.
I like Windows Admin Center a lot and it Rocks for managing your hybrid Datacenter 😉

Send your comments and feedback via Microsoft GitHub repo by opening a new issue for the Container Extension. Follow @vrapolinario on Twitter

 

You can Follow Windows Admin Center here on Twitter : @servermgmt


Leave a comment

JOIN #Microsoft Inspire 2020 Global Event July 21-22 #MSInspire #Azure #AzureStack #Cloud #MVPBuzz #Innovation

Microsoft Inspire 2020 Global Event 🚀

Innovation. Leadership. Partnership.

Now is the time. Join your global partner community for the Microsoft Inspire digital event experience. Register today and get ready to extend your partner network as we explore what’s coming in the year ahead and work together to find shared solutions for our customers. Join Microsoft Inspire 2020 Global Event on July 21-22 Now at no Cost!

You will be Inspired by Microsoft New Technologies and Innovations !


Leave a comment

Manage Servers On-premises with Microsoft Azure Cloud Services #Azure #Arc #Security #Cloud #AzureMonitor #ASC

Microsoft Azure Arc Servers On-Premises and Azure Cloud Services

Earlier I wrote a blogpost about Microsoft Azure Arc services installation to manage on-premises Servers with Azure Cloud Services, like Azure Monitor and Azure Security Centre from the Cloud.
Here in this post you will see the Newest Microsoft Azure Cloud Services to Manage and Monitor your Servers on-premises with security and compliance included.

Azure Arc Extensions settings of the Server.

Here you can see we have installed the Microsoft Monitoring Agent for Azure Monitor and log analytics, second we have installed the dependency Agent for Windows for
insights, Performance and Service maps. Here you find more information about Virtual machine extension management with Azure Arc for servers (preview)  

After initial deployment of the Azure Arc for servers (preview) Connected Machine agent for Windows or Linux, you may need to reconfigure the agent, upgrade it, or remove it from the computer if it has reached the retirement stage in its lifecycle. You can easily manage these routine maintenance tasks manually or through automation, which reduces both operational error and expenses.

Managing and maintaining the Connected Machine agent

Azure Arc Insights Performance monitor

The Azure Arc Insights Performance monitor is there by default and installed with the following dashboards :

  • CPU Utilization
  • Available Memory
  • Logical disk IOPS
  • Logical disk MB/s
  • Logical disk Latency
  • Max logical disk used %
  • Bytes Sent Rate
  • Bytes Received Rate

Azure Arc Logs Analytics

Of course you can make your own custom Dashboards in the Azure Portal with your own triggers, so in this way you get the same Azure Monitor Innovative Tools for your On-Premises Servers. 😉

Within Microsoft Azure Arc Insights, you can also see a Service Map of the Server

Here is were the dependency agent comes in, you get a service map of the Server and see the communication lines with other resources. In this picture you see Server Yoda01 a Domain Controller of my MVPLAB.
You can see that there are three Clients are logged on the domain controller.

Microsoft Azure Security Center for Azure Arc Servers

 

One of the most powerful and important features of Microsoft Azure Cloud platform is Security! Microsoft Azure Security Center (ASC) is a unified infrastructure security management system that strengthens the security posture of your data centers, and provides advanced threat protection across your hybrid workloads in the cloud – whether they’re in Azure or not – as well as on premises.

Here you see my Azure Arc Servers (On-Premises) in Azure Security Center.

Azure Arc Server in Azure Security Center recommendations Summary

Five security assessments passed the test, but Azure Security assessment has two recommendations one is Medium Risk and one low.

Here you see the Security advise and the Remediation to take action on your Server.

Microsoft Azure Security Center Overview with the Overall Secure Score.

Security controls – Each control is a logical group of related security recommendations, and reflects your vulnerable attack surfaces. A control is a set of security recommendations, with instructions that help you implement those recommendations. Your score only improves when you remediate all of the recommendations for a single resource within a control.

To immediately see how well your organization is securing each individual attack surface, review the scores for each security control.

 Here you find More information about Azure Security Center Secure Score

To get your Azure Arc Servers (On-premises) complaint for the business and security, you can use Microsoft Azure Arc Policies

Azure Arc Policies to meet your Compliance state.

Conclusion

Microsoft is bringing Azure Cloud Power tools everywhere with Azure Arc Services to give you modern tools like Azure Monitor and Azure Security Center to keep you in control, Secure and Compliant for your business. Keep following Microsoft for Hybrid IT Management, because more awesome features are added every day in Microsoft Azure Cloud Services. Let’s start to get your Azure Security Score UP and UP 😉


Leave a comment

#Microsoft Windows Admin Center and Azure Backup Management #WAC #Azure

Microsoft Windows Admin Center

Microsoft Windows Admin Center is a web based App working in your modern browser like Edge or Chrome to manage your datacenter infrastructure. You can download it here
You can manage Windows Servers, Windows10 Desktops, Clusters, Hyperconverged Clusters, Storage Spaces Direct and more in a Hybrid environment and that’s what I like.
My Servers can be on-premises or in the Cloud like Azure and will manage them with Windows Admin Center.

Download the Windows Admin Center Overview Poster

Here you find all the Microsoft documentation about Windows Admin Center

Windows Admin Center and Azure backup integration

 

When you have Windows Admin Center running you can register with Microsoft Azure first in the settings of Windows Admin Center.

Register to your Azure Subscription, just follow the instructions.

Install Azure Backup Extension at Available extensions.

From here the basic settings are done and we will have a look at my MVP LAB to backup a virtual Server.

Windows Admin Center in Domain MVPLAB.CLOUD

I have selected stormtrooper01.mvplab.cloud Windows Server 2019 and on the left Azure Backup.

You can read here more about Microsoft Azure Backup

Click on setup Azure Backup.

Here you select the Azure Subscription and the Backup Vault
and this will be a system state backup.

Next Step is Backup Schedule and Encryption key.

IMPORTANT: Keep this Encryption key somewhere save !
You need this key for recovery and Microsoft does not have access to that key.

Azure Backup Schedule settings.

When you apply here it will setup the Azure backup agent and your policies.

Backup is scheduled.

Here I did the Backup by hand.

Here you see the backup in the Azure Backup Vault.
Backup done via Windows Admin Center 😉

Here you see a video from Microsoft Mechanics at Ignite with Jeff Woolsey

Follow Windows Admin Center here on Twitter

Don’t forget to give feedback or great ideas !


Leave a comment

Inside Azure Management E-Book Available ! #Azure #MVPBuzz #Management #Cloud

Inside Azure Management

This Inside Azure Management E-Book is a Must Have for All Azure Cloud Administrators! It’s made by Great Microsoft Most Valuable Professionals (MVP’s)
who are working always with Microsoft Azure Cloud Services. You can download this Awesome Inside Azure Management E-Book here.

If you want a hard copy of this Awesome E-Book you can order at Amazon

Here you can find the Authors of the Inside Azure Management E-Book on GitHub.

Thank you Guys for Sharing this with the Community 👍😎🚀


Leave a comment

#Microsoft Build 2020 Virtual Event May 19-20-21 Build your Schedule Now! #MSBuild #MVPBuzz

Microsoft Build 2020

Choose from 48 hours of continuous content to create your own digital event experience. Registration is free and is required to get full, interactive access to the digital event. Here you can register for Microsoft Build 2020 Virtual Event

The Session Catalog is Live ! Build your own Schedule here 

With 30+ Community talks, learning sessions, and skill-building activities exploring Minecraft, MakeCode, Visual Studio, AI, Azure, and more, there is something here for every student and every level of experience!

Check out the full list here or search by keyword to add lessons to your schedule.

Don’t miss this Awesome Event 👍😎🚀


Leave a comment

Microsoft Azure Service Fabric Standalone Cluster for Testing #microservices #Containers #Apps

Microsoft Azure Service Fabric standalone

Azure Service Fabric is a distributed systems platform that makes it easy to package, deploy, and manage scalable and reliable microservices and containers.

To build and run Azure Service Fabric applications on your Windows development machine, install the Service Fabric runtime, SDK, and tools. You also need to enable execution of the Windows PowerShell scripts included in the SDK.

I have installed the latest version :

  • Service Fabric SDK and Tools 4.1.409
  • Service Fabric runtime 7.1.409

here you find more information about installing Azure Service Fabric Standalone version for testing
I have installed the Azure Service Fabric Cluster on my Windows10 Machine for testing only.

When you want to great your own Azure Service Fabric Cluster for Production, you have to prepare your self and making a plan before you build.

When you have your Azure Service Fabric Standalone Cluster running, you want to deploy your microservices, apps or containers on it and test your solution. In the following steps I deploy with Visual Studio a Web App to Azure Service Fabric Cluster Standalone version 7.1.409

Here is a Github Sample for Azure Service Fabric.

git clone https://github.com/Azure-Samples/service-fabric-dotnet-quickstart

Here you have your Clone from Github.

To deploy this App to the Azure Service Fabric Cluster we use Microsoft Visual Studio

Once the application is downloaded, you can deploy it to a cluster directly from Visual Studio.

  1. Open Visual Studio
  2. Select File > Open
  3. Navigate to the folder you cloned the git repository to, and select Voting.sln
  4. Right-click on the Voting application project in the Solution Explorer and choose Publish

Click on Publish.

Select connection Endpoint Local Cluster and click on Publish.

The Web App is Published to the Azure Service Fabric Standalone Cluster.

When you open the Azure Service Fabric Explorer you will see your App Running

This sample is for testing only and is not secure for production, just to learn how it works 😉

Of course you can also deploy Containers with Visual Studio to your Azure Service Fabric Standalone Cluster.

Deploying Service Fabric Container via Visual Studio.

More Azure Service Fabric information

Here you find the Azure Service Fabric documentation

Here you find the Microsoft Azure Service Fabric website

Here you find the Azure Service Fabric Tech Community Blog

Happy Testing your Apps, microservices, and Containers.

Join the Containers in the Cloud LinkedIn Community Group