GitHub has become the central location for open-source projects, samples, and even content – but primarily focused on developers. This new repository will focus on you: The ITPro/Ops person managing the environment in your company, keeping the lights on, supporting end-users or other IT teams.
The Microsoft Modern Infrastructure Cloud Advocates are responsible for the content on this repo, but sharing your handy script samples on this repo would be Awesome to manage Modern Azure Infrastructure, Azure Stack HCI, Windows Servers, Hyper-V, Containers and more. Have a look at the announcement on Microsoft tech community, Sharing together to make IT Better 😉
With Microsoft Prerelease Software like Windows Server Insider Preview Builds, you can experience and test the new features in your Test environment before it’s GA and in your production datacenter(s). First you have to register for the Windows Server Insider program here
Then you can download the Windows Server Insider Preview Build.
I’m updating my mvplab.local domain.
With this you can Build your own test environment and experience the new features in Windows Server Insider Preview Builds.
The Microsoft Windows Server Insider Team is also on Microsoft Tech Community.
Windows Server Long-Term Servicing Channel Preview in ISO format in 18 languages, and in VHDX format in English only.
Windows Server Datacenter Azure Edition Preview in ISO and VHDX format, English only.
Microsoft Server Languages and Optional Features Preview
Keys: Keys are valid for preview builds only
Server Standard: MFY9F-XBN2F-TYFMP-CCV49-RMYVH
Datacenter: 2KNJJ-33Y9H-2GXGX-KMQWH-G6H67
Azure Edition does not accept a key
Expiration: This Windows Server Preview will expire September 15, 2023.
Installing Windows Server Insider Preview Build 25314
For the Microsoft Product Group it’s important to give your feedback when you have ideas or experience some issues with these Windows Server Insider Preview Builds. Here you find more information about the Feedback Hub.
With this you can build great Hybrid Solutions with Windows Server Insider Preview Build Clusters which is connected with
Microsoft Azure Arc Services for Azure Hybrid IT Solutions. In this way you can test new experiences before you go into production and learn a lot of what you can do! Here you can read more about Azure Arc enabled Servers
My Domain Controller is Up-to-date with the Newest Windows Server Insider Preview Build 25314 for now 😉
With Windows Server Insider Preview Build you can make your own environment, with your own domain, Clusters, Hybrid Servers or build your environment for Containers. You can experience and test for example Windows Server Insider Preview Azure edition with Hot Patching feature on. Start today with Microsoft Windows Server Insider Preview Builds and Share your feedback with Microsoft.
Azure Arc-enabled servers lets you manage Windows and Linux physical servers and virtual machines hosted outside of Azure, on your corporate network, or other cloud providers. VM insights monitors the performance and health of your virtual machines and virtual machine scale sets, including their running processes and dependencies on other resources. It can help deliver predictable performance and availability of vital applications by identifying performance bottlenecks and network issues.
In the following steps you see more Azure Arc Insights of this On-premises domain controller.
Azure Arc Insights Performance monitor
Here you see by default performance counters in a dashboard of the Azure Arc enabled Server :
CPU Utilization
Available Memory
Logical Disk IOPS
Logical Disk MB/s
Max Logical Disk Used %
Bytes sent rate
Bytes received rate
In the right corner you can show your own workbooks.
Azure Arc Insights Map dependencies
I really like this feature to see more Insights of your dependencies with this map. See if there are any communication issues
in your solution is great!
Here you see connections of the Azure Arc enabled domain controller from on-premises.
You even can see if you have Malicious Connections in your process, here they are all green 🙂
Azure Arc Insights Map Changes
You can Investigate Changes
Azure Arc Insights Map Alerts
Here you can Investigate the Alerts.
Azure Arc Insights Overview
Make your own Data Collection Rule.
Here is the Data Source MSVMI-HybridIT
Here you can configure your resources with the Data Sources.
Create your own Data Collection endpoint for your Azure Arc enabled Server
Create your endpoint and select your Tag
with Tags you can set the Owner or cost number on the data collection endpoint.
When It’s ready you can here select the Data collection endpoint for your Server.
We only have Performance Counters, so we will add more Data Sources.
Here you can see some default Data sources.
I select Windows Event Logs.
Here you can configure the event logs and levels to Collect.
I selected only these.
Click on Next : Destination>
Select the right destination.
Then Click on Add Data Source
When you have your Servers Azure Arc enabled, you will work with Azure Arc extensions to work with Azure hybrid features like Defender for Cloud, Azure Monitor, Windows Admin Center and more. For each Azure Arc extension you can get updates, and it’s important to keep them up-to-date for new functionality and security. You have Azure Arc extensions for Windows Servers but also for Linux Servers.
Some of the Azure Arc extensions will automatic upgrade when you have enabled it and some must go manually from the Azure Portal.
More information about Azure Arc extensions you can find them here
In the next steps you will see the Update management of the Azure Arc enabled extensions :
Here I update one extension.
Inside the WindowsOsUpdateExtension
Here you can see that the WindowsOsUpdateExtension is up-to-date
and Status Succeeded
On the right of this screenshot you see Automatic Upgrade and some extensions are enabled, but some are not supported.
That’s why it’s important to check these updates.
Here you can see in the Status that two Azure Arc extensions are updating
And sometimes it failed to update.
But you can see what you can do best with this failed Status.
Here you see the error message and the Tips.
And when you can’t fix it yourself you can make a Support ticket right away.
Here you can see that all the Azure Arc extensions are updated successfully
So I selected all my Azure Arc enabled Servers and updated them all.
Conclusion
With Microsoft Azure Arc enabled Servers you have do some IT management to keep your Azure Arc extensions up-to-date.
I did this without rebooting Servers, just from the Azure Portal update Azure Arc extension.
Here you find more information about Microsoft Azure Arc for Azure Hybrid IT
I like to thank you Community for Supporting, Sharing and Reading New Microsoft technologies on my Blog, Twitter, Facebook and
LinkedIn Community Groups 💗 I wish you all happy Holidays, Merry Christmas and a Healthy New Year 2023 may the Best Wishes comes true ! 🎄🥂
I’m very proud and Honored on the Microsoft Global MVP Awards 2022-2023 !
MVP Award for Cloud and Datacenter Management
MVP Award for Windows Insiders
MVP Award for Azure Hybrid
Thank you Microsoft Product Groups, MVP Award Program, Windows Insider Team, Azure Hybrid Team, Windows Server and Azure Stack HCI Team for all your support, NDA PGI sessions, and for the Awesome software, Features, solutions you are building 🙂
Wish you all Happy Holidays, Merry Christmas and a Healthy New Year 2023 may the Best Wishes comes true ! 🎄🥂
Here are some Great links for Reading and Sharing :
JOIN these LinkedIn Community Groups for free and Share New Microsoft Technologies Together:
Microsoft Azure Update Management Center (Preview)
Update management center (preview) is a unified service to help manage and govern updates for all your machines. You can monitor Windows and Linux update compliance across your deployments in Azure, on-premises, and on the other cloud platforms from a single dashboard. Using Update management center (preview), you can make updates in real-time or schedule them within a defined maintenance window. Here you can find more information about Azure Update Management Center
In the following step-by-step guide, we will start with Azure Update Management Center (Preview) and Microsoft Azure Arc enabled Windows Servers running on-premises in my mvplab.local domain.
With getting started you can configure the environment.
I start here with my Azure Arc enabled Storage Server.
Updates installed on the Azure Arc Enabled Windows Server.
In Azure Update Management Center Overview Dashboard
you can see that one machine is completed.
For Monitoring you can make your own workbooks.
I like this History, to see if updates are successful or not.
Conclusion
Microsoft Azure Update Management Center is still in Preview but it’s a new way to manage all of your updates on your Servers on-premises with Azure Arc enabled, or on Azure Cloud, but also in other Clouds if you want. One Update Management Center from the Azure Portal is Awesome to work with and gives you control and overview of your update compliance in your datacenter(s). Important: This Great tool is still in preview and not for production environments yet until it’s made GA by Microsoft and you have the full support on this awesome management tool.
Baseline security is very important to have that in place to keep your Servers more secure in your datacenter. You want Hybrid Servers like Azure Arc enabled servers for example to be secure running in your datacenter. This begins to secure and have up-to-date Server hardware running in your datacenter. Monitor for security updates and install Server hardware based on best practices from the vendor.
Then the Operating System like Windows Server 2022 standard needs the OS Baseline security. This is called:
When your Windows Servers are security compliant by the rules of the company and/or Security Officer, then we can have a look at the Well Architected Framework (WAF) for Azure Arc Enabled Servers. Here you find an
This security baseline applies guidance from the Microsoft cloud security benchmark version 1.0 to Azure Arc-enabled servers. The Microsoft cloud security benchmark provides recommendations on how you can secure your cloud solutions on Azure. The content is grouped by the security controls defined by the Microsoft cloud security benchmark and the related guidance applicable to Azure Arc-enabled servers.
When you have read about Azure Arc Well Architected Framework (WAF) and you have your security in place, we can start with Microsoft Azure Arc.
Before you start implementing Azure Arc, you must have seen this Awesome website of Azure Arc Jumpstart!
The Azure Arc Jumpstart is designed to provide a “zero to hero” experience so you can start working with Azure Arc right away!
The Jumpstart provides step-by-step guides for independent Azure Arc scenarios that incorporate as much automation as possible, detailed screenshots and code samples, and a rich and comprehensive experience while getting started with the Azure Arc platform.
Our goal is for you to have a working Azure Arc environment spun-up in no time so you can focus on the core values of the platform, regardless of where your infrastructure may be, either on-premises or in the cloud.
You can manage your compliance and security policies with Azure Arc enabled Servers, Kubernetes, or SQL Managed instances to make your hybrid solutions with
the Microsoft Azure Cloud in a secure environment. When you work with security by design based on OSI model with 7 security layers and use Microsoft Arc enabled servers, you get also more Azure Hybrid security features like Azure Defender for Cloud, and much more.
Don’t forget the Microsoft Azure Arc Community Monthly Meetup
In my last MVPLAB Serie blogpost, I wrote about setting-up a Microsoft Domain mvplab.local and making a Windows Server Insider Cluster with an iSCSI Target Host Server for Shared iSCSI Storage provisioning. First thing I did was Installing Windows Admin Center for Hybrid IT Management. With WAC we can Manage the Cluster Nodes but also the Cluster, Installing new features via Windows Admin Center like Kubernetes for running Containers and microservices. But first we start with Microsoft Cluster Aware Updating to keep your Cluster up-to-date.
Windows Admin Center Cluster Manager
Installing Cluster Aware Updating
In the following steps you can see how easy it is to install Cluster Aware Updating with Windows Admin Center on your Windows Server Cluster, in my case mvpcl01.mvplab.local
Go to your Windows Server Insider Cluster
In Cluster Manager, go to Updates.
Click on Add Cluster Aware Updating Role
Microsoft Windows Admin Center is the Administrator Management tool to use in your hybrid datacenter. You see how easy it is to configure Cluster Aware Updating (CAU) on your Cluster. When you use Windows Server Core or Azure Stack HCI then Windows Admin Center is really handy instead of command-line tools or PowerShell scripting. here you can find more information about Cluster Aware Updating requirements and Best Practices
I have made a new MVPLAB with Microsoft Windows Server Insider Preview Build 25158 to install Services and Features for learning but also to give Microsoft feedback about the products. When the MVPLAB domain and Clusters are ready in basic then I can use new Microsoft Azure Hybrid solutions as well, like Azure Arc Kubernetes services and Azure Cloud Defender for Servers and SQL.
Before we start, you need to become a Windows Server Insider so that you can download the newest Windows Server Insider Builds ISO.
Here you get more information for the Windows Server Insider Program registration
After the free registration you can download the new Microsoft Windows Server Insider Builds here :
To Build your Test and innovation LAB with the newest Microsoft technologies, you need a platform to Build on. Of course Microsoft Azure Cloud Services is Awesome to work with and Great to make test environments but I like to make a Azure Hybrid scenario with Azure Cloud and On-premises datacenter services like for example a Microsoft SQL Cluster with Cluster resources / Instances.
So my MVPLAB will be Azure Hybrid and for On-premises I use Windows Server Hyper-V to make virtual servers.
It’s Great when your hardware provider like Dell is Microsoft Azure Stack HCIcompliant to build your Hyper Converged Infrastructure in your on-premises datacenter.
Microsoft Azure Stack HCI Solution
When you work with Microsoft Azure and Azure Stack HCI, you really need Windows Admin Center for Hybrid IT Management.
This is a Great Administrator tool for managing your Windows Servers, Clusters, Azure Stack HCI, and Azure VM’s in a Hybrid environment.
Windows Admin Center Cluster Overview
Now that we have everything and Hyper-V is running, we will build the Following Windows Servers with the Insider Preview Build:
MVPDC01 ( the first domain controller for mvplab.local domain )
MVPStore01 ( ISCSI Target Host for deploying ISCSI Virtual Disks to my Cluster)
MVPFS01 ( Cluster Node 01 of Cluster MVPCL01 )
MVPFS02 ( Cluster Node 02 of Cluster MVPCL01 )
I install all the virtual servers with 50GB local harddisk for OS and start with 4GB of Dynamic Memory and a Nic.
Only the Cluster nodes get two Nics (One for Heartbeat of the Cluster)
This is for my MVPLAB, but for Production environments I always start with 3 Nics ( 1 = Production 2 = Heartbeat 3 = Storage )
In Hyper-V we make a New Virtual Machine with these specifications and we attach the Windows Server Insider Preview Build ISO.
We install Windows Server Insider Preview Build default and after the installation we set the NIC IP-Address on static and gave the Server the name MVPDC01. Then I installed all the Windows Updates, and after that I started Server Manager to install the Active Directory Feature :
Active Directory just follow the wizard and don’t forget to run DCPromo to
build your domain.
Active Directory and DNS is running locally like
mvplab.local
So now is my domain and DNS running in my MVPLAB, but what do I need more first to build a Windows Server Insider Cluster?
We need Shared storage, so we build a Windows Server Insider ISCSI Target Host to provision Shared VHD’s via ISCSI Initiator to the Cluster Nodes.
The Next member Windows Server Insider is MVPStore01.mvplab.local joined in our new domain. Here I installed the iSCSI Host features:
Start Server Manager and the Add Server role : – iSCSI Target Server – iSCSI Target Storage Provider
Click on Install
In Hyper-V Settings of the Virtual Machine MVPStore01, I have installed a extra disk of 25GB so that we can use that for iSCSI Target Host which is now running on this Server. Now we can provision storage when the new Windows Server Insider Cluster MVPCL01.mvplab.local is installed with the iSCSI Initiator to get Cluster storage. So now we are first going to build a Windows Server Insider Cluster and after that we will provision the Cluster Storage.
Installing a Windows Server Cluster with Insider preview Build 25158.
I deployed two member servers MVPFS01.mvplab.local and MVPFS02.mvplab.local into the new domain. they have static IP-Address and are working fine with DNS resolving. On both Servers I installed the Feature Failover Clustering
Failover Clustering Installed.
from here we are going to install the new Windows Server Insider Cluster MVPCL01.mvplab.local
Start Failover Cluster Manager.
Create Cluster.
Click on Next
select the two new Cluster Nodes
Click on Next
Select Yes, run configuration validation tests
Click on Next
Click on Next
Run all tests
Click Next
Confirmation
Click Next
Type in the new Cluster name => mvpcl01
IP-Address => 192.168.2.43
Click Next
Confirmation
Click on Next
Creating Cluster….
We now have a Cluster mvpcl01.mvplab.local running, but without storage and without the witness disk. the iSCSI initiator is running on both Cluster nodes, so now we have to provision storage to the Cluster via the iSCSI Target Host MVPStore01.mvplab.local.
iSCSI Storage provisioning to Windows Server Insider Cluster
via the Server Manager of the iSCSI Target host, we are going to create a new iSCSI Virtual Disk for both Cluster Nodes :
Click on New iSCSI Virtual Disk
iSCSI Virtual Disk Name
Click on Next
Type in the Size I’m using 20GB of 24,9 because I need also a Quorum disk for the Cluster.
Select Fixed Size.
Click on Next.
New iSCSI Target
Click on Next
Give the iSCSI Target a Name
Click on Next
Add the Access Servers via iSCSI Initiator
Click on Next
Here you can set Authentication if you want.
Click on Next
Confirmation
Click on Create
the iSCSI Virtual Disk is successfully created.
the iSCSI Target VHD is not connected yet.
Now we connect with iSCSI Initiator from the Cluster Nodes.
The work on iSCSI Taget Host MVPStore01.mvplab.local is Done.
When you start the iSCSI Initiator it will set the services and the firewall settings on the Server.
You have to do this on both Cluster nodes.
First we add the Target portal and that is our iSCSI Taget Host MVPStore01.mvplab.local with
IP-Address 192.168.2.46 with port 3260.
This is under the discovery tab.
Select Targets tab
you see the Target mvpstore01 Inactive.
Select and click on Connect.
If you had Multi-path IO running, you could enable Multipath too.
Click on Ok
The iSCSI Taget Virtual Disk is connected.
On the iSCSI Target Host MVPStore01.mvplab.local is the target now also in Connected status.
You now can now bring the 20GB disk Online via Disk Management and give it a drive letter
for the Cluster.
Then you can add the 20GB disk via Storage of Cluster Manager tool.
You can make Cluster Shared Volume.
I made a Cluster for a SQL Instance and I made
a 2GB iSCSI Taget VHD for the Witness Disk.
So Now we have Cluster storage running and failovers are working, now we need to configure Quorum witness disk via
Failover Cluster Manager.
Go to more actions on the Cluster.
Configure Cluster Quorum
Click on Next
Select the quorum witness
Click on Next
You can configure your witness on different locations.
I will select our 2GB witness disk on our Cluster
Select the Quorum disk
Click on Next
Confirmation
Click on Next
You have successfully configured the quorum settings for the Cluster
Click on Finish
Witness disk is running.
So my Microsoft Windows Server Insider Cluster is ready for workloads, if you want to you can run a Cluster validation to see
if everything is okay. Now my MVPLAB is ready for the next installation on my Cluster and that is :
Installing the Newest SQL Server 2022 CTP2.1 on my Windows Server Insider Cluster.
But that will be a next Blogpost : Installing SQL Server 2022 CTP2.1 on a Windows Server Cluster 😉
Follow me on Twitter : @Jamesvandenberg
Ps. I downloaded the VHDX file for Hyper-V, but you can get also the ISO file here.
Getting started with the Windows Insider Program for Windows Server
Get exclusive access to Windows Server Insider Previews and Remote Server Administration tools and help shape the future of Windows Server in the Windows Insider Program for Windows Server.Register here for the Windows Server Insider program
From here you can build your own local domain and Clusters in your LAB to test all the Features Windows Server 2022 Insider Preview Build 25140 has. Checking new Security features and doing your own pen tests.
Testing security with Kali Linux Rolling distro in WSL 2.0 against Windows Server Insider
in my Lab. And give feedback about features and or issues on Windows Server Insider :
And of course don’t forget Windows Admin Center for your LAB to manage your Servers, Azure Virtual Machines and your Clusters. You can download WAC here
What is new in preview is Windows Admin Center in the Azure Portal with Azure Arc Enabled Servers.
Windows Admin Center in the Azure Portal for Arc Enabled Servers 😉
Manage your Servers from the Cloud.
Conclusion
With Windows Server Insider Builds and Windows Admin Center, you can test and make your own LAB environment together for free. You can give the Microsoft product group feedback to make the product better. In the mean time your are learning new features and security in Windows Server Insider Preview Build and WAC before you go into production 🙂 I say a good win win situation and it’s fun to setup your own hybrid LAB.
Cloud and Datacenter Management Blog 