mountainss Cloud and Datacenter Management Blog

Microsoft Hybrid Cloud blogsite about Management


Leave a comment

Deep dive on Windows Server 2019 Updates by @WSV_GUY #Winserv #WAC #Hyperv

Deep Dive into Windows Server 2019 Updates with Jeff Woolsey Principal PM of the Windows Server Team.

What’s New in Windows Server 2019 Insider Preview Builds :

See here what’s New in Windows Server 2019 Insider Preview Builds

Windows Insider Program for Server allows you deploy the Windows Server 2019 Insider Preview builds in your enterprise. The docs cover the new enterprise features we’d like you to test and describes how to do the most common tasks.

Windows Insider Server program:
https://aka.ms/WindowsServerInsider
Download Windows Server 2019 preview:
https://aka.ms/WindowsServer2019Preview
Windows Admin Center:
https://aka.ms/DownloadWAC

Download Windows Server 2019 Insider Preview and Windows Admin Center Now !

Advertisements


Leave a comment

Scale and Upgrade your Azure Kubernetes Cluster #AKS #Containers #Azure #Kubernetes #DevOps #Cloud


I start with a 2 Node Kubernetes Cluster.

Azure Kubernetes Service (AKS) makes it simple to deploy a managed Kubernetes cluster in Azure. AKS reduces the complexity and operational overhead of managing Kubernetes by offloading much of that responsibility to Azure. As a hosted Kubernetes service, Azure handles critical tasks like health monitoring and maintenance for you. In addition, the service is free, you only pay for the agent nodes within your clusters, not for the masters.

When you have a Web App like Joomla CMS running on Microsoft Azure Kubernetes Services (AKS) and you need more capacity or performance, you can really easy Scale-Up and Scale-Down when needed. It is easy to scale an AKS cluster to a different number of nodes. Select the desired number of nodes and run the az aks scale command. When scaling down, nodes will be carefully cordoned and drained to minimize disruption to running applications. When scaling up, the az command waits until nodes are marked Ready by the Kubernetes cluster.

Scaling your Azure Kubernetes Cluster (AKS)

In the following step-by-step guide I’m scaling my AKS Cluster from 2 nodes to 4 node Kubernetes Cluster :

Here you can scale your Cluster to the right Size
Click on Save to execute.

One AKS Cluster can Scale-Up to 100 vCPU’s and 350 GB of Memory 😉

It’s updating now my 2 Node AKS Cluster to 4 Nodes.
( wait a couple of minutes )

Done !

In Visual Studio Code a got 4 Nodes

In the AKS Cluster Health Monitor you see the Update of the Config.

When you open the Kubernetes Dashboard you see the load on the 4 Nodes.

When you don’t need a 4 Node Cluster performance and/or capacity any more because of the workload, you can scale your Cluster back to 2 Node Cluster for example.

Scaling down to 2 Node AKS Cluster.

Back to 2 Node Azure Kubernetes Cluster.

Just Refresh in Visual Studio Code
2 Node Cluster Again.

And my Joomla CMS Web App is running on 2 Node AKS Cluster.

This was Scaling your Microsoft Azure Kubernetes Cluster (AKS), the Next step-by-step guide I’m Upgrading my Azure Kubernetes Cluster (AKS) to a New version.

Upgrading your Azure Kubernetes Cluster (AKS)

My Current version of AKS is 1.10.5

I’m Upgrading to Kubernetes version 1.10.6
Click on Save to Execute.

After +/- 10 minutes my AKS Cluster was Up-to-Date.

with kubectl version you see the Changes in Visual Studio Code (VSC)


And of course you get notified by the Azure Portal when your Upgrade is Done 🙂

When you like to work from Azure CLI or Cloudshell or VSC you can Upgrade your Kubernetes Cluster from here

More information about Azure Kubernetes Services (AKS) :

Kubernetes versions on GitHub

Kubernetes Documentation

Microsoft Azure AKS Docs

Hope this easy Quick Step-by-Step Guides are helpful for you and your Business.


Leave a comment

Installing Joomla Web App on your #Azure Kubernetes Cluster #AKS #Containers #DevOps

When you have your Microsoft Azure Kubernetes Cluster (AKS) created and running in the Cloud you want to run some pods (Containers) for your Business Solution. In the Next steps I created a Joomla CMS Web App on my Kubernetes Cluster in Microsoft Azure by playing with some tooling.

First I installed Chocolatey via Powershell in the Administrator modus :

Set-ExecutionPolicy Bypass -Scope Process -Force; iex ((New-Object System.Net.WebClient).DownloadString(‘https://chocolatey.org/install.ps1’))

With Chocolatey v0.10.11 I installed Helm on my Windows10 Surface by typing :

Choco install kubernetes-helm

Type helm init

Here you find the Helm QuickStart Guide for your commands on your Azure Kubernetes Cluster

Type : helm repo update

This will update your stable repository packages

With the following command I installed Joomla CMS on my Azure Kubernetes Cluster (AKS) :

helm install stable/joomla  ( In Powershell )

When you have Visual Studio Code installed with the Kubernetes Extension you can manage your Joomla
web application for Content Management.

Here you can inside the Pods (Containers) via terminal

But most important is that your workload ( Joomla CMS Web App ) is running in the Cloud on a Scalable Azure Kubernetes Cluster for the Business.

Hope this Quick Guide is helpful for you and your Business.

More information :

Microsoft Azure Kubernetes Services (AKS) docs


Leave a comment

Download the Cloud Application Architecture Guide #Azure #Cloud #Architects #Apps

This 300 pages guide presents a structured approach for designing cloud applications that are scalable, resilient, and highly available. The guidance in this e-book is intended to help your architectural decisions regardless of your cloud platform, though we will be using Azure so we can share the best practices that we have learned from many years of customer engagements.
In the following chapters, we will guide you through a selection of important considerations and resources to help determine the best approach for your cloud application:

  1. Choosing the right architecture style for your application based on the kind of solution you are building.
  2. Choosing the most appropriate compute and data store technologies.
  3. Incorporating the ten high-level design principles to ensure your application is scalable, resilient, and manageable.
  4. Utilizing the five pillars of software quality to build a successful cloud application.
  5. Applying design patterns specific to the problem you are trying to solve

Download the Cloud Application Architecture Guide here


Leave a comment

Create #Azure Kubernetes Cluster and Manage in Visual Studio Code #VSC #Kubernetes #Cloud


In this Step-by-Step Guide we will Create a Microsoft Azure Kubernetes Cluster (AKS) and add it to Microsoft Visual Studio Code to manage and use it.

This time I have created the Kubernetes Cluster via the Azure Portal, when you don’t have an Azure Subscription you can start here 

Azure Kubernetes Service (AKS) makes it simple to deploy a managed Kubernetes cluster in Azure. AKS reduces the complexity and operational overhead of managing Kubernetes by offloading much of that responsibility to Azure. As a hosted Kubernetes service, Azure handles critical tasks like health monitoring and maintenance for you. In addition, the service is free, you only pay for the agent nodes within your clusters, not for the masters.

You can of course also Create your Azure Kubernetes Cluster via Azure CLI in Cloudshell.

Here you see the steps from the Azure Portal to Create your Azure Kubernetes Cluster :

Fill in the Basics and Click on Authentication tab

Here you have your SPN and you can manage RBAC.
go to Networking TAB.

Network Settings, keep http application routing on yes.

Click on Monitoring TAB.

Azure Monitoring settings.

Review + Create will Validate your Configuration.

Click on Create.

It’s Deploying the Azure Kubernetes Cluster.

Here you find the Overview of your AKS Cluster in the Azure Portal.

Your Microsoft Azure Kubernetes Cluster is now running by Default with Azure monitoring enabled, and I like to have it in Microsoft Visual Studio Code.

Install the latest Azure CLI 2.0 version
(You need version 2.0.27 or higher)

my version of Azure CLI is 2.0.41

In the Next Visual Studio Code steps I’m already logged-in my Azure Subscription.

When you have Microsoft Visual Studio Code installed with the Kubernetes Extension you can Create or add Existing Cluster to VSC.

Choose Cluster type Azure Kubernetes Service

Choose the right Azure Subscription.

Here you will see your Azure Kubernetes Cluster
KubeCluster in my Azure Subscription

Now you Azure Kubernetes Cluster (AKS) is added to VSC 😉

When you right click on your Kubernetes Cluster you can open Dashboard.

Here you see my two-nodes in Kubernetes Dashboard.

Status of one Kubernetes node.

Here you see the pods (Containers) and also the Azure Monitoring Agent.

Now you can install or Build your solution on your Azure Kubernetes Cluster (AKS).

Monitoring and managing your AKS solution is important to see what is going on. That’s why the Azure Monitoring Agent is on by Default.

Here you see my Container Monitoring Solution for all my Containers.
( Azure AKS and Docker containers on-premises )

What is NEW and AWESOME is Azure Monitoring – Container Health Services.

Health Overview of your AKS Cluster

Health overview of your AKS Nodes

Health Overview of your AKS Controllers

For Troubleshooting you can use the Azure logs of your solution and query what is wrong.

And Scaling your AKS Cluster is Never been Easier then this 🙂

Hope this Step-by-Step Guide is useful for you and your Business to start with Containerize your Apps in the Cloud

JOIN Containers in the Cloud Community Group

 


Leave a comment

Creating VM Cluster on Azure #Cloud with Terraform #IaC #Azure #Terraform #Linux #Winserv

Type az and you should see this Azure CLI

Type Terraform and you should see the terraform commands

 

Install and configure Terraform to provision VMs and other infrastructure into Azure

Before you begin with Terraform and deploying your solution to Microsoft Azure you have to install Azure CLI and Terraform for your OS.

In the following step-by-step guide we will deploy a VM Cluster with Terraform into Microsoft Azure Cloud Services.

First we open Powershell in Administrator mode :

You should have your Terraform script ready.

It’s great to edit your Terraform script in Visual Studio Code

Create a Terraform configuration file
In this section, you create a file that contains resource definitions for your infrastructure.
Create a new file named main.tf.
Copy following sample resource definitions into the newly created main.tf file:


resource “azurerm_resource_group” “test” {
name = “acctestrg”
location = “West US 2”
}

resource “azurerm_virtual_network” “test” {
name = “acctvn”
address_space = [“10.0.0.0/16”]
location = “${azurerm_resource_group.test.location}”
resource_group_name = “${azurerm_resource_group.test.name}”
}

resource “azurerm_subnet” “test” {
name = “acctsub”
resource_group_name = “${azurerm_resource_group.test.name}”
virtual_network_name = “${azurerm_virtual_network.test.name}”
address_prefix = “10.0.2.0/24”
}

resource “azurerm_public_ip” “test” {
name = “publicIPForLB”
location = “${azurerm_resource_group.test.location}”
resource_group_name = “${azurerm_resource_group.test.name}”
public_ip_address_allocation = “static”
}

resource “azurerm_lb” “test” {
name = “loadBalancer”
location = “${azurerm_resource_group.test.location}”
resource_group_name = “${azurerm_resource_group.test.name}”

frontend_ip_configuration {
name = “publicIPAddress”
public_ip_address_id = “${azurerm_public_ip.test.id}”
}
}

resource “azurerm_lb_backend_address_pool” “test” {
resource_group_name = “${azurerm_resource_group.test.name}”
loadbalancer_id = “${azurerm_lb.test.id}”
name = “BackEndAddressPool”
}

resource “azurerm_network_interface” “test” {
count = 2
name = “acctni${count.index}”
location = “${azurerm_resource_group.test.location}”
resource_group_name = “${azurerm_resource_group.test.name}”

ip_configuration {
name = “testConfiguration”
subnet_id = “${azurerm_subnet.test.id}”
private_ip_address_allocation = “dynamic”
load_balancer_backend_address_pools_ids = [“${azurerm_lb_backend_address_pool.test.id}”]
}
}

resource “azurerm_managed_disk” “test” {
count = 2
name = “datadisk_existing_${count.index}”
location = “${azurerm_resource_group.test.location}”
resource_group_name = “${azurerm_resource_group.test.name}”
storage_account_type = “Standard_LRS”
create_option = “Empty”
disk_size_gb = “1023”
}

resource “azurerm_availability_set” “avset” {
name = “avset”
location = “${azurerm_resource_group.test.location}”
resource_group_name = “${azurerm_resource_group.test.name}”
platform_fault_domain_count = 2
platform_update_domain_count = 2
managed = true
}

resource “azurerm_virtual_machine” “test” {
count = 2
name = “acctvm${count.index}”
location = “${azurerm_resource_group.test.location}”
availability_set_id = “${azurerm_availability_set.avset.id}”
resource_group_name = “${azurerm_resource_group.test.name}”
network_interface_ids = [“${element(azurerm_network_interface.test.*.id, count.index)}”]
vm_size = “Standard_DS1_v2”

# Uncomment this line to delete the OS disk automatically when deleting the VM
# delete_os_disk_on_termination = true

# Uncomment this line to delete the data disks automatically when deleting the VM
# delete_data_disks_on_termination = true

storage_image_reference {
publisher = “Canonical”
offer = “UbuntuServer”
sku = “16.04-LTS”
version = “latest”
}

storage_os_disk {
name = “myosdisk${count.index}”
caching = “ReadWrite”
create_option = “FromImage”
managed_disk_type = “Standard_LRS”
}

# Optional data disks
storage_data_disk {
name = “datadisk_new_${count.index}”
managed_disk_type = “Standard_LRS”
create_option = “Empty”
lun = 0
disk_size_gb = “1023”
}

storage_data_disk {
name = “${element(azurerm_managed_disk.test.*.name, count.index)}”
managed_disk_id = “${element(azurerm_managed_disk.test.*.id, count.index)}”
create_option = “Attach”
lun = 1
disk_size_gb = “${element(azurerm_managed_disk.test.*.disk_size_gb, count.index)}”
}

os_profile {
computer_name = “hostname”
admin_username = “testadmin”
admin_password = “Password1234!”
}

os_profile_linux_config {
disable_password_authentication = false
}

tags {
environment = “staging”
}
}


Type : terraform init

You should see this screen.

Type : az login

We now logging into Microsoft Azure subscription.

https://microsoft.com/devicelogin

Insert the code from your Powershell screen.

Now we have the Terraform INIT running and we are connected to our Azure Subscription 😉

Type : terraform plan

It will refreshing the state and getting ready for deployment.

Type : terraform apply

and then type : yes <enter>

Terraform is now creating the azure resources

Azure resource group acctestrg is made

Terraform deployment VM Cluster on Azure is Ready 😉

Azure VM Cluster is running.

When you want to remove the complete Azure VM Cluster with terraform, it’s really easy :

Type : terraform destroy

and then type : yes <enter>

Azure resources are being deleted via terraform script

Terraform destroyed the Azure VM Cluster


All Azure Resources of the VM Cluster are removed.

Hope this step-by-step guide deploying infrastructure as Code with terraform will help you with your own Cloud solutions in Microsoft azure.

Ps. don’t forget to install Visual Studio Code Azure Terraform extension and play !

#MVPbuzz



Leave a comment

#Microsoft Azure #Security Center Standard for Hybrid Security #Azure #Cloud #SIEM


Azure Security Center Standard includes:

Hybrid security – Get a unified view of security across all of your on-premises and cloud workloads. Apply security policies and continuously assess the security of your hybrid cloud workloads to ensure compliance with security standards. Collect, search, and analyze security data from a variety of sources, including firewalls and other partner solutions.
Advanced threat detection – Use advanced analytics and the Microsoft Intelligent Security Graph to get an edge over evolving cyber-attacks. Leverage built-in behavioral analytics and machine learning to identify attacks and zero-day exploits. Monitor networks, machines, and cloud services for incoming attacks and post-breach activity. Streamline investigation with interactive tools and contextual threat intelligence.
Access and application controls – Block malware and other unwanted applications by applying whitelisting recommendations adapted to your specific workloads and powered by machine learning. Reduce the network attack surface with just-in-time, controlled access to management ports on Azure VMs, drastically reducing exposure to brute force and other network attacks.

To add On-premises Servers

When your workspace is added :

  1. + Add Computers
  2. Download the right agent for Windows or Linux
  3. When you installed the agent you need the workspace ID and the key to finish the connection.
  4. When your Server doesn’t have a Internet connection you can work with the OMS Gateway.

Connect computers without Internet access using the OMS Gateway

Here you see the 3 machines from On-Premises in Azure Security Center

Security Recommendations

Apply Azure Disk Encryption for example.

Azure Security Center Recommendations

Azure Security Center Overview
I have something to do in my Test LAB 😉

Here you find more Technical docs for Microsoft Azure Security Center 

Microsoft Intelligent Security Graph for Providers

Hope this information about Microsoft Intelligent Azure Security Center will help your Business to stay Secure.