Cloud and Datacenter Management Blog

Microsoft Hybrid Cloud blogsite about Management


Leave a comment

Windows Admin Center and Deploying Windows Server Insider Build 25099 Core #WindowsAdminCenter #Winserv #WIMVP

Windows Admin Center Version 2110.2 Build 1.3.2204.19002

Windows Admin Center is a customer-deployed, browser-based app for managing servers, clusters, hyper-converged infrastructure, and Windows PCs. It comes at no additional cost beyond Windows and is ready to use in production. Learn more about Windows Admin Center.

Benefits

  • Simple and modern management experience
  • Hybrid capabilities
  • Integrated toolset
  • Designed for extensibility

Languages
Chinese (Simplified), Chinese (Traditional), Czech, Dutch (Netherlands), English, French, German, Hungarian, Italian, Japanese, Korean, Polish, Portuguese (Brazil), Portuguese (Portugal), Russian, Spanish, Swedish (Sweden), Turkish

In the following step-by-step guide I will deploy Windows Server 2022 Insider Build 25099 Core Edition with Windows Admin Center tool together with some great features for managing Windows Servers in a secure hybrid way with Microsoft Azure Cloud services. Like Azure Defender for Cloud, Azure Backup Vault, Azure Monitor, Security and more.
So I have Windows Admin Center 2110.2 installed and I have a Windows Server 2022 Hyper-V Server for my Virtual Machines in my MVPLAB Domain.
Now we will deploy the new Windows Server 2022 Insider Preview Build 25099.

In WAC on my Hypervisor in Virtual Machines

When you explore and open your Hyper-V Host and go to Virtual Machines, you can Click on Add and then on New for Creating your Windows Server Insider VM.

Create a New Windows Server Insider VM called StormTrooper01

Here you can configure your new Windows Server 2022 Insider VM with the following :

  • What kind of Generation VM (Gen 2 Recommended)
  • The path of your Virtual Machine and the path of your virtual disk(s)
  • CPU and you can make nested Virtualization too
  • Memory and use of Dynamic Memory
  • Network select the Virtual Switch
  • Network Isolation by VLAN
  • Storage, Create the size of the Virtual Disk. Choose an ISO or Select an existing VHD(x)

I Created a New 70GB OS Disk
and I want to Install the New Windows Server Insider OS from ISO.
Click on Browse

Here you Browse Default on your Hyper-V Host and select the ISO.

When the Windows Server ISO is selected you can hit Create

We get the Notification that the virtual machine is successfully created.

Only the Virtual Machine is now made with your specs and visible on the Hyper-V Host.
Select the New Virtual Machine (StormTrooper01) click on Power and hit Start.

After you started the VM, you can double click on it and go to Connect.
Click on Connect to the Virtual Machine.

Now you are on the console via VM Connect.

Click on Install Now

We are installing Windows Server 2022 Insider Core edition, because we have WAC 😉

Installing Windows Server 2022 Insider Core Preview Build 25099 via Windows Admin Center

Create New Administrator Password.

And here we have Sconfig of the Windows Server 2022 Core.
via Virtual Machine Connect.

Now we can add and connect the New Virtual Machine with Windows Server 2022 Insider Preview Build in Windows Admin Center via IP-Address.

The Next step is to join the Windows Server 2022 Insider to my Domain MVPLAB.

Click on the Top on Edit Computer ID
Click on Domain and type your domain name.
Click op Next
Add your administrator account for joining the server
Reboot the VM.

Windows Server 2022 Insider Preview Core edition is domain joined.

Now we have the New Microsoft Windows Server 2022 Insider Preview Build 25099 running in Windows Admin Center, we can use all the tooling provided by WAC also in a Azure Hybrid way. Think about Azure Defender for Cloud, Azure Monitor. In Microsoft Windows Admin Center we also have a topic Azure Hybrid Center :

Here you see all the Azure Hybrid benefit features for your Windows Server 2022 Insider.

  • Microsoft Azure Arc
  • Azure Backup
  • Azure File Sync
  • Azure Site Recovery
  • Azure Network Adapter
  • Azure Monitor
  • Azure Update Management
  • and More…

Microsoft Azure and the Windows Admin Center Team made the wizards customer friendly and easy to get those Azure Hybrid services for your Windows Server.
When you have your Server running, you want to make backups and Monitoring your Server for management. And after that you want to be in control of your security of your new Server. In the following steps you see some examples on the same Windows Server 2022 Insider Preview Build:

Microsoft Azure Backup via WAC

Click on Azure Backup
Select your Azure Subscription and the Azure Backup Vault.
Select your data and make the schedule.

Enter the Encryption passphrase and Apply.

Here you have Azure Backup Vault working together with WAC.

Azure Defender for Cloud Security

Click op Microsoft Defender for Cloud
Click on Setup
Add the right Azure Subscription and Workspace
Click on Setup.

Configuring Azure Defender for Cloud agent and Subscription.

Azure Defender for Cloud in Windows Admin Center on your Windows Server 2022 Insider Preview Build.

In Windows Admin Center there is also a Security tab for the Windows Server.

Here you can see your Secured-Core status

Here you can see if your system is supported for this security features 🙂

Enable the supported features and Restart de Virtual Machine.

And here you see my status overview.

Further more you can manage RBAC in Windows Admin Center when you have to work with different kind of users.

You can find RBAC in settings.

Conclusion

Windows Server Insider Core edition and Windows Admin Center are working better together! You have all the tools you need to startup your Windows Server and
manage it with WAC. Windows Admin Center is getting better and better to manage your Hybrid Datacenter and keep you as an Administrator in Control!
So is how I manage my MVPLAB but also for Production workloads I use Windows Admin Center and the Azure Portal together. With Microsoft Azure Arc Services
Azure Hybrid becomes your solution where Windows Admin Center can Support you with making Azure Stack HCI Clusters with Azure Kubernetes for your DevOps environment.

Windows Admin Center Community Group on LinkedIn


Leave a comment

Azure Arc Enabled Kubernetes Container Insights Alerts and Actions #Azure #Cloud #DevOps

Azure Arc-Enabled Data Services overview

Microsoft Azure Arc allows you to manage the following resource types hosted outside of Azure:

  • Servers: Manage Windows and Linux physical servers and virtual machines hosted outside of Azure.
  • Kubernetes clusters: Attach and configure Kubernetes clusters running anywhere, with multiple supported distributions.
  • Azure data services: Run Azure data services on-premises, at the edge, and in public clouds using Kubernetes and the infrastructure of your choice. SQL Managed Instance and PostgreSQL Hyperscale (preview) services are currently available.
  • SQL Server: Extend Azure services to SQL Server instances hosted outside of Azure.

I have a Kubernetes Cluster enabled with Azure Arc Services in my MVP LAB:

It’s Called Dockkube.

The Kubernetes Cluster is running on-premises and is enabled with Microsoft Azure Arc Services. With that said we get Azure Services available for management in the Cloud in a hybrid way. In the following step by step guide we activate Azure Monitor Insights for Containers on the Azure Arc enabled Kubernetes Cluster.

Container Insights Alerts / Actions on Azure Arc Enabled Kubernetes

Dockkube Insights

When you open Dockkube Azure Arc enabled Kubernetes, you will see on the left Monitoring Insights.
Then you have the options :

  • What’s New
  • Cluster
  • Nodes
  • Controllers
  • Containers.

Click on Containers, and you will see all the containers on the Azure Arc enabled kubernetes.
Then you have recommended Alerts (Preview) at the top, when you Click on it you will see all the predefined recommended alerts in preview. I have selected Node CPU % and Enabled the alert. With that you see on the above screenshot there is no action group assigned. That is the next step, click on No Action Group Assigned.

Click on Create a new action group.

Select the Azure Subscription, Resource group and give the
Action Group a name.
Click on Next: Notifications

Here you can select your type of Alert communication.
I have selected the option Email.

Setting the Name : Dock Kube Notify.

The next step you can select an action type :

  • Automation Runbook
  • Azure Function
  • Event Hub
  • ITSM
  • Logic App
  • Secure webhook
  • Webhook

In my MVP LAB, I don’t need an action but just a notification by email.

You can set a TAG here

Before you create the Alert rule with the action group, you get the option
to test the action group.
Click on Test Action Group.

Select a sample type.
I did Resource health alert
Click on Test.

The test is running.

I’m getting the Alert email in my box from Microsoft Azure.

Test is successful and click on Done.

Click on Create

Select the Action group for me is that DockKube CPU.
Click on Apply to Rule.

Now this Alert is active on my Azure Arc enabled Kubernetes 😉

When you go to Alert Rules, you will see the new Alert rule.
Here you can modify it if necessary.

For example, I want the severity from 3 Information to 2 Warning.

I made a severity 2 Warning.
Don’t forget to click on Save at the left top.

More Container Insights information on Microsoft docs :

Recommended metric alerts (preview) from Container insights 

Common alert schema

Use Cluster Connect to connect to Azure Arc-enabled Kubernetes clusters

Conclusion

Microsoft Azure Arc enabled kubernetes is Awesome for management in a hybrid way. I just showed you the power of Alert rules with action groups from the Azure Cloud to get Container Insights. Of course there are more Azure features for your Azure Arc enabled Kubernetes like Security (Preview) Kubernetes Resources, Policies, Gitops and more. Making your own dashboard with Container Insight information. Go for hybrid IT Management with Azure Arc enabled Kubernetes!

 


Leave a comment

#Microsoft Windows Server and SMB Protocol #Winserv #WindowsServer2022

Server Message Block (SMB)

The Server Message Block (SMB) Protocol is a network file sharing protocol, and as implemented in Microsoft Windows is known as Microsoft SMB Protocol. The set of message packets that defines a particular version of the protocol is called a dialect. The Common Internet File System (CIFS) Protocol is a dialect of SMB. Both SMB and CIFS are also available on VMS, several versions of Unix, and other operating systems.
Here you can see the versions of MS-CIFS and download free white papers

Today SMBv1 is a not save protocol and will be used by hackers for man in the middle attacks to compromise your data and systems. SMBv1 is a weak protocol and should not be used in your environment. There are still a lot of Windows Servers 2012 R2 in the world running in datacenters with SMBv1 by Default enabled. To make your Windows Server more secure, you can disable SMBv1 protocol via a Group Policy Object (GPO).

In the following steps we will disable SMBv1 on Windows Servers via GPO.

Open Group Policy Management in your Domain.

Click on Group Policy Object with your right mouse button.
Click on New.

Give your policy a Name.

I made also an temporary Exception policy.

Right click on your new Policy Object.
Click on Edit.

Go to Computer Configuration => Preferences => Windows Settings
Click on Registry.

Click on New and then on Registry Item.

Here you have to add the following Registry Properties:

Set these settings.

Set Path: HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters

Click on Apply for these Registry settings.

SMBv1 Disable setting is set in the Policy Object.

This is the path where we push the policy via GPO.

Here we Link the Existing GPO to the OU with the Windows Server 2012 R2
to disable SMBv1 Protocol.

Select your new Policy to disable SMBv1 Protocol.

We have now Linked the new GPO to Disable SMBv1

GPUpdate /force on your Server to disable SMBv1
To get the new GPO active on your Server.

Policy Update successfully.

GPResult /r to see the results.

Get-SmbServerConfiguration | Select EnableSMB1Protocol

or

Get-SmbServerConfiguration

You can still as a administrator enable SMBv1 on your Server with :

Set-SmbServerConfiguration -EnableSMB1Protocol $true

When the Server gets a reboot, SMBv1 will be disabled by GPO again.

When you have maintenance window for updates for example, you can un-install the SMBv1 Feature in Server Manager. This procedure needs a restart of the Windows Server.

Go to Server Manager remove features.

Click on Remove Roles and Features.

Remove the mark at SMB 1.0/CIFS File Sharing Support Feature.

Click on Remove.

Click on Close and Reboot the Server

Now SMBv1 protocol on the Windows Server is disabled and will use a higher version of SMB like version 2.x or 3.x.

More Microsoft information can be found here on Docs.

SMB over QUIC on Windows Server 2022

SMB over QUIC introduces an alternative to the TCP network transport, providing secure, reliable connectivity to edge file servers over untrusted networks like the Internet. QUIC is an IETF-standardized protocol with many benefits when compared with TCP:

  • All packets are always encrypted and handshake is authenticated with TLS 1.3
  • Parallel streams of reliable and unreliable application data
  • Exchanges application data in the first round trip (0-RTT)
  • Improved congestion control and loss recovery
  • Survives a change in the clients IP address or port

SMB over QUIC offers an “SMB VPN” for telecommuters, mobile device users, and high security organizations. The server certificate creates a TLS 1.3-encrypted tunnel over the internet-friendly UDP port 443 instead of the legacy TCP port 445. All SMB traffic, including authentication and authorization within the tunnel is never exposed to the underlying network. SMB behaves normally within the QUIC tunnel, meaning the user experience doesn’t change. SMB features like multichannel, signing, compression, continuous availability, directory leasing, and so on, work normally.

Client Server Handshake and Data transfer differences.

Here you find a Great blogpost of Ned Pyle

SMB over QUIC: Files Without the VPN

Conclusion

When you still have Windows Servers running with SMBv1 by default enabled, for security you should disable SMBv1 protocol as soon as possible! Otherwise you make it easy for hackers to compromise your data with man in the middle attacks. In Windows Server 2019 and higher SMBv1 is disabled by default. Have a look at SMB over QUIC in your test environment and learn how secure it is and how it works for your security and data.


Leave a comment

Windows Admin Center and Windows Server 2022 #Docker Host – Azure Container Instances and #AKS #WAC #Azure #Winserv

Windows Admin Center

Windows Admin Center runs in a web browser and can manage :

  • Windows Server 2022, Windows Server 2019, Windows Server 2016, Windows Server 2012 R2
  • Windows 11, Windows 10
  • Azure Stack HCI
  • Clusters
  • Containers; Docker, Kubernetes, AKS
  • Azure Virtual Servers, Azure integration via extensions like Azure Monitoring, Azure Security, and much more….
  • Lot of extensions to manage for example third party solutions.

This goes with the locally Windows Admin Center gateway installed on Windows Server or domain-joined Windows 10 /11.

Windows Admin Center Architecture.

Here you find more information about the Install options of Windows Admin Center

I’m working with Windows Admin Center every day to manage our datacenter and to mange my MVP LAB. When you have to install Windows Server Core
or Microsoft Azure Stack HCI Operating system, then Windows Admin Center is the right tool for you as an Administrator. You can use all the Server Manager tools via WAC
and you don’t have to work with Command-line tools only like CMD and PowerShell.


You can download Microsoft Windows Admin Center here

Installing Docker Host on Windows Server 2022

In my MVP LAB I have a Microsoft Windows Server 2022 Datacenter Edition Hyper-V Host, and I like to make a Docker Host Server for my Containers.
With Windows Admin Center it’s easy to roll out a Docker host Server for your Containers.
In the following steps I will Install a Docker Host Server on Windows Server 2022.

Open Windows Admin Center and connect to your Server.

I Have Container Extension installed version 1.150.0

Click on Containers and Click on Install
Windows Admin Center will Restart your Server for the Docker Installation!

Hang on while Docker Host will be Installed on Windows Server 2022.

Docker Host Installed Successfully.

Docker Host Container Overview Screen on Windows Server 2022.

From here you can Pull containers images to the Docker Host.
This is what I did but…..

Instead of pulling a Container Image you can also Create your Own Container Image.

Here I’m Pulling a ASP.NET Container Image from Microsoft.

Pulled Container Image Successfully.

The ASP.NET Container Image is now Available on the Docker Host.

Select the Container Image and Click on Run.

Give the Docker Container a name.
You can Manage the ports,
Hyper-V Isolation,
Memory,
CPU
And add addition Docker Run options,
Click on Run.

The ASP.NET Docker Container is running on Windows Server 2022.

When you Click on the running Container you will get options like :
Stats, Details, Logs, Console and Events.
When you Click on Console you will go remote by PowerShell to the Docker Host.

Here you got all the Docker commands 😉

And of course when you want to develop Containers as a developer you can use Microsoft Visual Studio Code as well.

The ASP.NET Container in VSCode.
Download Microsoft Visual Studio Code here

(I’m using Visual Studio Code Insiders version in my MVP LAB)

Microsoft Azure Container Instances

Containers are becoming the preferred way to package, deploy, and manage cloud applications. Azure Container Instances offers the fastest and simplest way to run a container in Azure, without having to manage any virtual machines and without having to adopt a higher-level service.

Azure Container Instances is a great solution for any scenario that can operate in isolated containers, including simple applications, task automation, and build jobs. For scenarios where you need full container orchestration, including service discovery across multiple containers, automatic scaling, and coordinated application upgrades, we recommend Azure Kubernetes Service (AKS).

For my MVP LAB Azure Container Instances (ACI) is a great way to run Containers fast in the Cloud and have a overview with Windows Admin Center for :

Here you have a overview of your Azure Container Instances in Windows Admin Center.

In the following steps I will create an Azure Container Instance via the Microsoft Azure Portal and show it in Windows Admin Center. For this you need to integrate Windows Admin Center with your Microsoft Azure Subscription. This you can do in settings of WAC:

Register your Azure Subscription with Windows Admin Center for Hybrid Benefit.
Here you find more information about Azure integration with Windows Admin Center

When you have your Azure Account active in Windows Admin Center, go to the Microsoft Azure Portal and search for Container instances.

Click on Create Container Instances

Here you set the basics of your Azure Container Instance

Here you set the following items for your Azure Container Instance (ACI) :

  1. Select your Azure Subscription which is integrated with your Microsoft Windows Admin Center.
  2. Select or Create the Resource Group for your Azure Container Instance.
  3. Give your Container a name.
  4. Select the Region in Microsoft Azure where you want your Azure Container Instance to run.
  5. Availability zones to select.
  6. Select your Image Source, I selected Quickstart images of Microsoft, but you can also select your own Container image.
  7. Then select the size for vcpu, memory, gpus for your Azure Container Instance application.

Click on Next for Networking.

I Selected Public for testing but here you can select private too
with your own DNS name Label with the
right ports and protocols.

At Advanced settings you can configure additional container properties and variables

here you can TAG the Owner of the Azure Container Instance.
Click on Review + Create.

Now you can Click Create or Download the template for Automation.

Have a look at the Options here what you can do with the Template from here.

Microsoft Azure Container Instance is Deployed and running.

Nginx Container Instance is running on Azure.

Now we have the Microsoft Azure Container Instance with Nginx running in the Cloud, we can see that in Windows Admin Center.

Azure Container Instance in Windows Admin Center in running state.
When you don’t need it anymore you can end it here or in the Azure Portal.

Azure Container Instance is stopped by Windows Admin Center.

Run your Own Azure Container Instances from the ACR via
Windows Admin Center.

Manage Kubernetes Clusters and Containers with Windows Admin Center

Azure Kubernetes Service (AKS) on Azure Stack HCI is an on-premises implementation of Azure Kubernetes Service, which automates running containerized applications at scale. Azure Kubernetes Service is available on Azure Stack HCI, Windows Server 2019 Datacenter, and Windows Server 2022 Datacenter, making it quicker to get started hosting Linux and Windows containers in your datacenter. This is the High Available Container Solution on-premises from Microsoft, where you can run Containers and microservices in a isolated way in your datacenter with your DevOps Team. But you can also make your Azure Stack HCI Cluster hybrid with Azure integration and Azure Arc Services to benefit of Azure Hybrid Services.

 

Setup AKS on Azure Stack HCI with Windows Admin Center

Create your Own locally Azure Stack HCI Cluster with Azure Kubernetes Services

Conclusion

Microsoft product team of Windows Admin Center | Windows Server | Azure Stack HCI are working hard to make the Windows Admin Center Tool better and better to install and manage Container / microservices solutions. With Microsoft Azure extensions in Windows Admin Center and Azure Arc Services, Microsoft features from the Azure Cloud becomes available for your Containers like Azure Defender for Cloud with Container Insights, Azure Monitor, Azure App Services and much more.
Windows Admin Center is a Great Server Manager tool for your Windows Servers in your Datacenter. Especially when you use Windows Server Core or Azure Stack HCI.

Important:

Some features in Windows Admin Center are preview and not production ready yet, like ACR and ACI Integration I just showed in preview.
Please feel free to provide Microsoft feedback on Windows Admin Center here.

JOIN Windows Admin Center Community Group on LinkedIn


Leave a comment

#Microsoft Defender for Cloud videos with @yuridiogenes #Security

Here you will find all the Microsoft Defender for Cloud videos with Yuri

Here you find all the Azure Security Center in the Field Videos with Yuri

You can follow Yuri Diogenes also on Twitter

 


Leave a comment

Azure Monitor Insights for Arc enabled Kubernetes Clusters anywhere #Azure #Kubernetes

Azure Monitor Insights for Monitoring your Containers.

In the last blogpost I wrote about Microsoft Azure Arc Services and how to connect a Docker for Desktop Kubernetes Cluster for testing your DevOps solution like Container Apps, Functions, App Services in a test environment. Here you find the Link to the Installation.

One of the Microsoft Azure Arc features is Azure Monitor Insights for monitoring your Kubernetes Cluster and the Containers.

Azure Arc Insights for Kubernetes Cluster anywhere

In the following step-by-step guide we will configure Azure Monitor Insights for your Kubernetes Cluster.

I Connected my Analytics Workspace CloudMVPLab.
Click on Configure.

Onboarding your Kubernetes Cluster will take some minutes.

After a while your Kubernetes Cluster Analytics data will show in Insights.

Here you see a navigation bar with the following topics

  • What’s New
  • Cluster
  • Reports
  • Nodes
  • Controllers
  • Containers.

Insights reports of the Kubernetes Cluster

Here you can Click on default reports of your Kubernetes Cluster.

Storage Capacity and Health Status report of your Kubernetes Cluster.

Storage Capacity more in Details.

Deployments Report of your Kubernetes Cluster.

Workload details Report of your Kubernetes Cluster.

Kubelet report of your Kubernetes Cluster

Data Usage of your Kubernetes Cluster

Data Usage

Insights the Nodes of the Kubernetes Cluster

Insights of the Nodes and on the right you can view Analytics.

Here you can work with Log Analytics on your Cluster.

Insights in Controllers of your Kubernetes Cluster

Insights of your Controllers

Insights Containers of your Kubernetes Cluster

Container Insights of your Kubernetes Cluster

Container Insights with Azure Log Analytics.

So with Azure Arc Enabled Kubernetes Clusters you can monitoring your Cluster and running Containers to keep you in Control on what is happening on the Cluster but also with your Container Apps and microservices. After this you can set Alerts and notifications when something is going wrong or offline. With this running you can start running your own App services, Containers or Azure functions on your Kubernetes Cluster.

Microsoft Senior Cloud Advocate Thomas Maurer explains in this awesome video how to add Azure App Services to your Kubernetes Cluster

Conclusion

This configuration with Docker for Desktop Kubernetes Cluster is for testing purpose only and can be used for your own DevOps solutions before you deploy on Production Ready Clusters. With Azure Arc Enabled Kubernetes Clusters you get the powerful Microsoft Azure Features and solutions in a secure way on your Kubernetes Cluster. I wish you lot of success with Azure Arc Enabled Kubernetes Clusters to make Awesome Apps and IT solutions for the Business 😉


Leave a comment

Windows Admin Center v2103 Available! What’s New #Winserv #Azure #Management #WindowsAdminCenter #MVPBuzz

Windows Admin Center v2103

With Windows Admin Center you can remotely manage Windows Server running anywhere—physical, virtual, on-premises, in Azure, or in a hosted environment.
The tool, available with your Windows Server license at no additional charge, consolidates and reimagines Windows OS tools in a single, browser-based, graphical user interface.
At Microsoft Ignite 2021 Global Virtual Event they launched Windows Admin Center version 2103. Here you find the download.

What’s New in Windows Admin Center v2103

WAC Updates Automatically

Events Tool ReDesign (Preview)

Great Overview of the Server Events 😉

Azure IoT Edge for Linux on Windows

Windows Admin Center in The Azure Portal 

Set Proxy Server in Windows Admin Center Settings.

Open in a Separate Window

This is a Separate Window on my Second Screen, this works Awesome!

Windows Admin Center Virtual Tool improvements 🙂

Conclusion

Microsoft is working hard to make Hybrid IT Management better for Administrators to manage Hybrid Cloud datacenters. Windows Admin Center is a must have for managing
Windows Server Core, AzureStack HCI, and Cluster Services. I can say: I love to work with Windows Admin Center 🙂

 

When you have feedback for the Product Team please do that here at User Voice


Leave a comment

Get Started with the #Microsoft Azure Storage Explorer #AzOps #Azure #Cloud #Storage

Upload, download, and manage Azure blobs, files, queues, and tables, as well as Azure Cosmos DB and Azure Data Lake Storage entities. Easily access virtual machine disks, and work with either Azure Resource Manager or classic storage accounts. Manage and configure cross-origin resource sharing rules.

Microsoft Azure Storage Explorer

The Microsoft Azure Storage Explorer App is standalone and available for Windows, Linux and MacOS operating systems.
Here you find the Prerequisites and the Download files for Azure Storage Explorer.

Here you see how easy it is to create a snapshot before you begin with a Installation on the Azure Virtual Machine.

Create a Snapshot

Give the Snapshot a Name and select the Resource Group.

Snapshot Created Successfully 😉

When you open the Azure Portal and search for snapshots :

Phantom OS Disk with a Full Snapshot.

Azure Storage Explorer Emulator for Developers

Azurite open source Azure Storage API compatible server (emulator)

Azurite is an open source Azure Storage API compatible server (emulator). Based on Node.js, Azurite provides cross platform experiences for customers wanting to try Azure Storage easily in a local environment. Azurite simulates most of the commands supported by Azure Storage with minimal dependencies.

Azurite V2 is manually created with pure JavaScript, popular and active as an open source project. However, Azure Storage APIs are growing and keeping updating, manually keeping Azurite up to date is not efficient and prone to bugs. JavaScript also lacks strong type validation which prevents easy collaboration.

Compared to V2, Azurite V3 implements a new architecture leveraging code generated by a TypeScript Server Code Generator we created. The generator uses the same swagger (modified) used by the new Azure Storage SDKs. This reduces manual effort and facilitates better code alignment with storage APIs.

3.0.0-preview is the first release version using Azurite’s new architecture.

Features & Key Changes in Azurite V3

  • Blob storage features align with Azure Storage API version 2020-04-08 (Refer to support matrix section below)
    • SharedKey/Account SAS/Service SAS/Public Access Authentications
    • Get/Set Blob Service Properties
    • Create/List/Delete Containers
    • Create/Read/List/Update/Delete Block Blobs
    • Create/Read/List/Update/Delete Page Blobs
  • Queue storage features align with Azure Storage API version 2020-04-08 (Refer to support matrix section below)
    • SharedKey/Account SAS/Service SAS
    • Get/Set Queue Service Properties
    • Preflight Request
    • Create/List/Delete Queues
    • Put/Get/Peek/Updata/Deleta/Clear Messages
  • Features NEW on V3
    • Built with TypeScript and ECMA native promise and async features
    • New architecture based on TypeScript server generator. Leverage auto generated protocol layer, models, serializer, deserializer and handler interfaces from REST API swagger
    • Flexible structure and architecture, supports customizing handler layer implementation, persistency layer implementation, HTTP pipeline middleware injection
    • Detailed debugging log support, easy bug locating and reporting
    • Works with storage .Net SDK basic and advanced sample
    • SharedKey, AccountSAS, ServiceSAS, OAuth, Public Access authentication support
    • Keep updating with latest Azure Storage API version features (Refer to support matrix)

Introducing the ADF Azure Storage Explorer Extension

Azure Data Factory extension for Storage Explorer

Conclusion

Microsoft Azure Storage Explorer tool can make your life easier to do your Azure Storage Management. Copy – Paste data is a Great and handy feature for Administrators.
Hope this is useful and go try it yourself.


Leave a comment

Running #Dapr in WSL2 Ubuntu 20-04 distro in #WindowsInsider Build 21277 RS and #VSCode

Working with Dapr in WSL2 Remote VSCode and Ubuntu 20.04 distro

Dapr is a portable, event-driven runtime that makes it easy for any developer to build resilient, stateless and stateful applications that run on the cloud and edge and embraces the diversity of languages and developer frameworks.

 

Developer language SDKs and frameworks

To make using Dapr more natural for different languages, it also includes language specific SDKs for Go, Java, JavaScript, .NET and Python. These SDKs expose the functionality in the Dapr building blocks, such as saving state, publishing an event or creating an actor, through a typed, language API rather than calling the http/gRPC API. This enables you to write a combination of stateless and stateful functions and actors all in the language of their choice. And because these SDKs share the Dapr runtime, you get cross-language actor and functions support.

SDKs

Dapr in Standalone version.

I’m using Windows Insider Build version 21277-RS with Docker for Windows Edge and Visual Studio Code.

Docker for Windows Edge Version Running.

Because Docker for Windows Edge support WSL2 Engine and Visual Studio Code too, brought me to an idea to build dapr into Ubuntu 20.04 WSL Distro on my Windows Insiders 21277 RS version on my Surface Book 3. There for you must activate the WSL2 integration with my default WSL distro Ubuntu-20.04.

Docker for Windows WSL 2 Integration.

In your Ubuntu-20.04 WSL2 version, you can install Dapr into your linux distro, more information you find here on dapr.io

Microsoft Windows Subsystem for Linux Installation Guide for Windows 10 with all kind of Linux distro’s 

Dapr init ( in the Ubuntu-20.04 WSL2 Linux distro )

Here you find the Dapr dev environment installation types for Dapr init, I did the standalone version. Dapr makes then the following containers :

Dapr Containers.

Then we have the following running :

  • Dapr Dashboard
  • Zipkin

Zipkin is a distributed tracing system. It helps gather timing data needed to troubleshoot latency problems in service architectures. Features include both the collection and lookup of this data.

Zipkin Traces

Dapr Dashboard

Now we have Dapr running in the WSL2 Ubuntu-20.04 distro, you can use Visual Studio Code on Windows Insiders using Remote WSL and work with your favourite dapr SDK like the list above 😉

Dapr Extension in VSCode

From here you can work with your dapr application.

In this guide dapr is running with Docker containers, but you can also install it on Kubernetes or K8s, AKS, Azure any where, see this overview :

Dapr with Kubenetes Containers.

Dapr Overview.

Important Note : Dapr is now production ready with version 1.0 ! Developers, DevOps, AzOps, you can start with it and Build and Test your own microservices and Container apps !  Hope you are having fun with it too 😉

 

 


Leave a comment

Azure Arc Security remediation on Azure Stack HCI Cluster #Azure #Security #ASC #AzureStackHCI

Azure ARC Services

Microsoft Azure Arc enables you to manage your entire environment, with a single pane of glass, by projecting your existing resources into Azure Resource Manager. You can now manage virtual machines, Kubernetes clusters, and databases as if they are running in Azure. Regardless of where they live, you can use familiar Azure services and management capabilities. Azure Arc enables you to continue using traditional ITOps, while introducing DevOps practices to support new cloud native patterns in your environment.

IT Management with Azure ARC

With Microsoft Windows Admin Center I Build a Microsoft Azure Stack HCI Cluster and the Nodes are connected with Azure Arc Services. In the following steps you will see a security feature of Microsoft Azure Arc Services with remediation of the Risks on the Azure Stack HCI Cluster On-premises.

Azure Arc Security Remediation

Here you see the Azure Arc Servers with Azure Stack HCI

On Skywalker01 Node we have two Security Risks

When you click on the risk, you see the description and the remediation steps to solve this risk issue. Here you can also see the remediation script:

Automatic Remediation Script. 

Select the Azure workspace ID and when you don’t have one you can Create new Workspace in Azure.
Select the resource, in my case Skywalker01
Click on remediate resource.

Remediation in progress

The Microsoft Azure Monitor Agent extension in Azure Arc is successfully installed.

Done.

I did the same for Skywalker02 Azure Stack HCI Cluster Node.

The Next Medium Risk is a Vulnerability assessment on the Azure Stack HCI Cluster nodes. Just follow the steps of the wizard.

Azure Arc Security Vulnerability Assessment with Azure Defender

Click on remediate.

This one will use Qualys in Azure Defender.

Click on remediate resource.

The vulnerability scanner included with Azure Security Center is powered by Qualys. Qualys’ scanner is one of the leading tools for real-time identification of vulnerabilities. It’s only available with Azure Defender for servers. You don’t need a Qualys license or even a Qualys account – everything’s handled seamlessly inside Security Center.

Here you find more information about Azure Defender’s integrated vulnerability assessment solution for Azure and hybrid machines

Azure Arc Insights Monitor

Azure Arc Insights of the Azure Stack HCI Cluster Node

Because we have installed the Microsoft Azure Monitor extension in Azure Arc on this Azure Stack HCI Node Server, telemetry and analytics will do his job for Monitoring in Azure and data will be collected. In Azure maps you see the connectivity of the Server.

 

Here you can see the Fired Alerts by severity and Investigate 🙂

You can monitor the Traffic

Here you find more information about Insights and Maps for your Servers

Conclusion

Here you see the power of Hybrid IT management via Microsoft Azure Arc services and get Azure Cloud services for your On-premises Servers. You have the Free Microsoft Windows Admin Center Tool and integration with Azure Arc for all the innovative tools like Azure Monitor, Azure Security Center, Azure Defender, Update management and more. I hope you see the benefits too, Get started Today !

JOIN the Microsoft Azure Monitor & Security for Hybrid IT Community