I wish you all a Merry Christmas and a Happy & Healthy New Year 2024!
Thank you for all your support in the Community.
Join these Free LinkedIn Community Groups during the Holidays and keep up-to-date 😉
Microsoft Azure Monitor & Security for Hybrid IT
Windows Admin Center Community
Azure Copilot and Security Copilot (NEW)
Azure Arc Enabled Server
With Microsoft Azure Arc Machine agent you can connect your Windows Server 2022 with Microsoft Azure Arc Services.
Microsoft Azure Arc-enabled servers lets you manage Windows and Linux physical servers and virtual machines hosted outside of Azure, on your corporate network, or other cloud provider. in October 2023 Microsoft released via Windows Update Center the setup of Azure Arc Machine agent. In the following steps I will install Azure Arc via the Windows Server Manager:
Click on Disabled
Click on Next
Azure Connected Machine Agent is installing.
Click on Configure
Click on Next
Sign into your Azure Subscription
Click on Next
Select your Azure Active Directory Tenant.
Select Subscription
Select the Resource Group
Select the Azure Region
Select Network Connectivity.
Click on Next
Your done, your Windows Server is now connected with Azure Arc
Click on Finish
Here is our Azure Arc enabled Windows Server 2022 in the Microsoft Azure Portal.
From here you have all the Azure Arc Services available for your on-prem Server.
When you connect your machine to Azure Arc-enabled servers, you can perform many operational functions, just as you would with native Azure virtual machines. Below are some of the key supported actions for connected machines.
This is handy to install a couple of Servers manually but when you have to do more, you can generate a script for multiple
Servers installation:
From the Azure Portal
Click on Generate Script
Here you can make a Basic script or for Configuration Manager,
or a script for a Group Policy or via Ansible.
Important:
Before you begin with making your Windows Server Azure Hybrid with the Arc Connected Machine Agent, you have to think about Security by Design. with Identity Access Management (IAM) you can manage who will get access to your Arc enabled Servers.
Wo may use Windows Admin Center for example in the Azure portal?
Access Control on Azure Arc enabled Server.
With Microsoft Azure policy you can set your governance and policies for the organization. There are a lot of pre-defined policies, but you can also make your own Azure policies for your Arc enabled Servers.
Make your datacenter(s) securely Hybrid with Microsoft Azure Arc Services is easy to do and gives you a lot of Azure Hybrid benefits.
Start with your test environment and make your own Azure Arc enabled solutions and when the experience is good you can do it in production 😉
 Here you find more about Azure Arc enabled Services:
You can Download Windows Server Insider Preview Build 25967 here
New in Windows Server Insider Preview Build 25967 is Microsoft Azure Arc in your taskbar system tray Icon.
Currently, Azure Arc allows you to manage the following resource types hosted outside of Azure:
Here you find the Azure Arc system tray icon.
Here you can see the Microsoft Azure Arc Status
and
You can connect to the Azure Arc enabled virtual machine in the Cloud.
Azure Arc enabled virtual machine in the Cloud.
Windows Admin Center via Azure Arc enabled Server.
Azure Arc Management in Server Manager!
Here you find more information about Windows Server Insider Preview Build 25967 on Microsoft Tech Community.
Watch AKS Edge Essentials Architecture with @liorkamrat
The following Jumpstart scenario will show how to create an AKS Edge Essentials cluster in Azure Windows Server VM and connect the Azure VM and AKS Edge Essentials cluster to Azure Arc using Azure ARM Template. The provided ARM template is responsible for creating the Azure resources as well as executing the LogonScript (AKS Edge Essentials cluster creation and Azure Arc onboarding (Azure VM and AKS Edge Essentials cluster)) on the Azure VM.
I like to thank you Community for Supporting, Sharing and Reading New Microsoft technologies on my Blog, Twitter, Facebook and
LinkedIn Community Groups 💗 I wish you all happy Holidays, Merry Christmas and a Healthy New Year 2023 may the Best Wishes comes true ! 🎄🥂
I’m very proud and Honored on the Microsoft Global MVP Awards 2022-2023 !
Thank you Microsoft Product Groups, MVP Award Program, Windows Insider Team, Azure Hybrid Team, Windows Server and Azure Stack HCI Team for all your support, NDA PGI sessions, and for the Awesome software, Features, solutions you are building 🙂
Wish you all Happy Holidays, Merry Christmas and a Healthy New Year 2023 may the Best Wishes comes true ! 🎄🥂
JOIN these LinkedIn Community Groups for free and Share New Microsoft Technologies Together:
Windows Admin Center Community Group
Containers in the Cloud Community Group
Microsoft Azure Monitor & Security for Hybrid IT Community Group
What I really love is the Microsoft Tech Community platform
For Microsoft Azure Hybrid:
Azure Hybrid and Multi Cloud documentation
Microsoft Azure Arc Community monthly Meetup (GitHub)
Follow on Twitter for Azure Hybrid:
Microsoft Windows Insiders Blog
Windows Insider Team on YouTube
The Windows Insider Program Team is really active on Twitter:
@WindowsInsider
Get started with the Windows Server Insider program
What’s New in Windows Server 2022
Overview of Windows Admin Center
Azure Arc enabled SQL Servers Architecture
To keep your Business running, It’s important to secure and monitor your data. One of the security measures is doing Vulnerability assessments in your datacenter(s) to see the status and results for remediation. With Microsoft Azure Arc Defender for Cloud you can do a SQL Server vulnerability assessment in your on-premises datacenter or anywhere with the Azure Arc agent running.
Here you find more information about Azure Arc enabled SQL Server
Microsoft Defender for Cloud on Azure Arc enabled SQL Server
Here I activated Microsoft Defender for Cloud on Azure Arc enabled SQL Server, and Azure Defender for Cloud is doing a SQL vulnerability assessment to get the security status and results for remediation.
On this same Azure portal page you will see the Vulnerability assessment findings.
When you Open a Vulnerability finding, you get more information and the remediation for the issue.
Here you see the complete Resource Health of the Azure Arc enabled SQL Server.
Look at the Status of each severity.
Here you see all the vulnerability findings on these four databases.
When you do the remediation you will see the healthy status.
on the Passed tab.
Here I open only the OperationsManager database.
Now you see only the Vulnerability findings on this database.
Here you see a vulnerability finding on the SCOM database with the Remediation 🙂
You can make your Own Workbooks or use them from the Gallery.
Workbook example of Vulnerability Assessment findings.
With Azure Defender for Cloud vulnerability assessment and management you will learn a lot to set your Security Baseline on a higher level in your datacenter(s). Getting the right remediation of Microsoft to solve security issues is Great! You can do your assessments frequently to show your current status on demand. I Really like these Azure Hybrid Tools to make my work easier and the data more secure for the business.
Please join the Azure Hybrid Community Group on LinkedIn for free ( Sharing is Caring together )
Hope you started year 2022 in Good Health in a difficult pandemic time.
Starting 2022 by asking yourself, how is your Security by Design doing in 2022
Your Security is one of the most important aspects of any architecture for your Business.
It provides confidentiality, integrity, and availability assurances against attacks and abuse of your valuable data and systems. Losing these assurances can negatively impact your business operations and revenue, and your organization’s reputation.
Here you find Awesome information about Applying security principles to your architecture to protect against attacks on your data and systems:
Microsoft Architecture and Security Docs
Here you find more information about NIST Cybersecurity Framework
The Microsoft Cybersecurity Reference Architectures (MCRA) describe Microsoft’s cybersecurity capabilities. These References and diagrams can support you with implementing Security by design.
Microsoft Defender for Cloud
Microsoft Defender for Cloud (formerly known as Azure Security Center) community repository. This repository contains:
Security and Learning is a ongoing process, I always say Learning on the Job 😉 is important to keep Up-to-Date every day of the week. Microsoft Tech Community platform and Microsoft Learning can support you to get the knowledge.
Become a Microsoft Defender for Cloud Ninja here
Microsoft and the community has a lot of good security information to start with for your Data and Systems to keep your business solution as save as possible. Here they write New blogposts for the community about Defender for Cloud
Keep in Mind “Security is only as strong as the weakest component in the Chain”
So keep your Security up-to-date and do assessments on vulnerabilities to keep your data and systems secure. Monitoring => Alerting => Remediation is 24/7/365 Process with Security people in the business.
Join Microsoft and the Community November 2–4, 2021 to explore the latest tools, training sessions, technical expertise, networking opportunities, and more. You can register here
Here you find some great MSIgnite guidance on Microsoft Tech Community :
Of course you can make your own schedule from the session catalog here
Microsoft Build 2021 Global virtual event
I Hope everyone had a Great Microsoft Build 2021 Online Conference this week. Microsoft announced a lot of new features and Hybrid Cloud Solutions at Build 2021 🙂 If you missed this Awesome Build 2021 event, you can watch the highlights on demand here.
Microsoft also launched MSBuild Book of News 2021
Build 2021 Resources: Build consistent hybrid and multicloud applications with Azure Arc
DevOps and developers are increasingly using microservices-based architectures with containerized applications for agility and flexibility. Azure Arc extends the single control plane from Azure to enable you to build apps consistently across hybrid and multi-cloud environments. With this information I was thinking, can I connect Microsoft Azure Arc Services to my Surface Book 3 with Windows 10 Preview Insiders Build 21390 and Docker for Windows with Kubernetes Cluster 1.19.7 active?
IMPORTANT: The following step-by-step guide is for testing purpose only.
First you need to have Docker for Windows 10.
Your Windows machine must meet the following requirements to successfully install Docker Desktop.
Here you can download Docker Desktop for Windows
With docker desktop for Windows you can switch between Windows Containers and Linux Containers. When you want to have a Kubernetes Cluster on your Windows 10 device active you have to switch to Linux Containers in the taskbar like this :
It’s now active for Linux Containers. (Default)
Right Click on the Docker tray icon and go to Settings.
Then go to Kubernetes to enable your Cluster locally on your Windows 10 Device.
When you apply it take some minutes for the installation.
When you see the Kubernetes icon on green, then your Cluster is running.
When you do a lot of DevOps work you use Microsoft Visual Studio Code for Free, because here you can see your Kubernetes Cluster and try your own code or Apps.
Kubernetes Cluster is running locally on your Windows 10 device.
The next step is to install the Microsoft Azure Arc agent on your Windows 10 device.
Login in your Azure Subscription, if you don’t have one you can start here
Search for Azure Arc in your subscription.
Click on Servers and Click on Add.
Click on add a Single Server.
Click on Generate Script.
Prerequisites for the Azure Arc Agent.
Select your Azure Subscription and Resource Group
Choose your Region.
Operating System is Windows. ( your Windows10 device)
Click on Next.
You can add your TAG here.
More information about Azure Tags
Here you can download the Installation script or do a Copy of the Azure Arc Agent.
Open PowerShell ISE in Administrator mode.
Paste the Azure Arc Agent PowerShell Script.
Click on run.
When you see this message open your browser and go to
https://microsoft.com/devicelogin
Copy the Code in the last rule of PowerShell here and click on Next.
Enter your Azure Subscription account here and click on Next.
Connection is made with Azure you can close this screen.
Azure Arc Agent is connect with your Windows 10 Device.
Here you see my Azure Arc Enabled Machine.
Now your Windows 10 device, my Surface Book 3 is connected with Microsoft Azure Arc Services.
The last step is to register your kubernetes Cluster with Microsoft Azure Arc Services.
Click on kubernetes Clusters on the left.
Click on Register a Kubernetes Cluster with Azure Arc.
The prerequisites to add your Kubernetes Cluster to Azure Arc
Select your Azure Subscription
Select your Resource Group
Give your Cluster a Name in Azure
Select Region.
Are you behind a Proxy Server? Yes or No
Here you can add your TAG to the Kubernetes Cluster.
The Next step is to run the Script, you can do that with PowerShell or Bash. I Did this via Azure CLI and with Helm 3.
Microsoft Azure CLI active with Helm 3
Copy the Bash commando into your Azure CLI like here.
This operation might take a couple of minutes.
Done, the Kubernetes Cluster is added to Azure Arc.
Dockkube was successfully connected to Azure.
Kubernetes Cluster with Azure Arc
Now you Have connected your Kubernetes Cluster to Azure Arc Services, you can start exploring the extensions :
Kubernetes Cluster – Azure Arc extensions
You can work with GitOps on your Kubernetes Cluster via Azure Arc Services
More Features like Security, Monitoring, Automation :
Features for Kubernetes in Azure Arc Services.
Here you see in Visual Studio Code your Azure-Arc Helm Release.
“Learn how to write once and run anywhere using your preferred cloud-native application services. Ensure governance, compliance and security for your deployments, all through a single pane of glass management experience in Azure.”
With Microsoft Azure Arc Services you bring Azure Cloud Technology anywhere for your Apps, Containers, microservices.
I Hope this is a first start for exploring and testing your Hybrid Cloud solution. Wish you a lot of fun and happy coding 😉
Cloud and Datacenter Management Blog 