mountainss Cloud and Datacenter Management Blog

Microsoft Hybrid Cloud blogsite about Management


Leave a comment

Make your first Pipeline with Azure DevOps Project in the #Cloud #Azure #AzureDevOps


Start here your Azure DevOps Project in Azure.

Microsoft Azure DevOps Services (Tools) to make your own CI/CD Pipeline in the Cloud

Azure Pipelines is a cloud service that you can use to automatically build and test your code project and make it available to other users. It works with just about any language or project type.
Pipelines combines both Continuous Integration (CI) and Continuous Deployment (CD) to constantly and consistently test and build your code and ship it to any target.

Microsoft made it really easy to make your first Azure DevOps Pipeline in the Cloud.
Here you find a step-by-step guide to make your first Azure pipeline :

When you already made your Cloud application, you can choose option Bring your Own Code 😉

But in this step-by-step guide, I choose for a HTML5 Azure Web App template which is available in Azure.

Static Azure Website => Next.

When you create your Azure DevOps project you can see the Flow steps for Creation.

For the Service of the Web App, there are two options in this deployment template :

  1. Web App for Containers
  2. Web App as a Service.

Azure Web Apps enables you to build and host web applications in the programming language of your choice without managing infrastructure. It offers auto-scaling and high availability, supports both Windows and Linux, and enables automated deployments from GitHub, Azure DevOps, or any Git repo

Web App for Containers provides built-in Docker images on Linux with support for specific versions, such as PHP 7.0 and Node.js 4.5. Web App for Containers uses the Docker container technology to host both built-in images and custom images as a platform as a service. In this tutorial, you learn how to build a custom Docker image and deploy it to Web App for Containers. This pattern is useful when the built-in images don’t include your language of choice, or when your application requires a specific configuration that isn’t provided within the built-in images.

The last step needs information about :

  • Organization: for the site name.
  • Projectname
  • Subscription ID
  • Web App Name
  • Azure Location.

And then click on Done

 

Deployment overview.

Your Azure DevOps Pipeline is Running as easy like that 🙂

But most important your Azure Web App is running.

Running in your Container in Azure Cloud Services.

Azure DevOps Container Web App Pipeline is running.

From here you can build your Project and Share it with your Developer Team.
More information you can find on Azure DevOps Docs

Here you see some snapshots on the latest Releases of Azure DevOps release features when I made this blogpost :

When you want to keep up-to-date on Microsoft Azure DevOps, here are some links :

Follow Microsoft Azure DevOps on Twitter

Start here free with Azure DevOps

Microsoft Azure DevOps Blog

JOIN the Azure DevOps Community Group on LinkedIn

Advertisements


Leave a comment

Watch the Live Stream Today of #Microsoft Ignite 2018 in Orlando 24 – 28 September #MSIgnite #Azure #Cloud #DevOps and More


Don’t miss the Live Stream of Microsoft Ignite 2018

Get the latest insights and skills from technology leaders and practitioners shaping the future of cloud, data, business intelligence, teamwork, and productivity. Immerse yourself with the latest tools, tech, and experiences that matter, and hear the latest updates and ideas directly from the experts.

Watch live https://www.microsoft.com/en-us/ignite as Microsoft CEO Satya Nadella lays out his vision for the future of tech, then watch other Microsoft leaders explore the most important tools and technologies coming in the next year. After the keynotes, select Microsoft Ignite sessions will stream live—take a deep dive into the future of your profession.


More then 700+ Sessions and 100+ Expert-led and self-paced workshops


#MSIgnite



Leave a comment

Upgrading Azure #Kubernetes Cluster and Set #Azure monitor Alerts on #AKS


Current version of Kubernetes on Microsoft Azure.

Upgrading Microsoft Azure Kubernetes Services

Azure Kubernetes Service (AKS) makes it simple to deploy a managed Kubernetes cluster in Azure. AKS reduces the complexity and operational overhead of managing Kubernetes by offloading much of that responsibility to Azure. As a hosted Kubernetes service, Azure handles critical tasks like health monitoring and maintenance for you. In addition, the service is free, you only pay for the agent nodes within your clusters, not for the masters.

AKS clusters support Role-Based Access Control (RBAC). An AKS cluster can also be configured to integrate with Azure Active Directory. In this configuration, Kubernetes access can be configured based on Azure Active Directory identity and group membership.
For more information, see, Integrate Azure Active Directory with AKS.

From here I will do a step-by-step Upgrade of a Microsoft Azure Kubernetes Cluster to a newer version and set Azure Monitor alert rule active for the future to get an Alert notification when a colleague is upgrading the AKS Services.

Here you see all the newer versions of Kubernetes.

Upgrading to version 1.11.1 of Kubernetes.

IMPORTANT NOTE :

When upgrading an AKS cluster, Kubernetes minor versions cannot be skipped. For example, upgrades between 1.8.x -> 1.9.x or 1.9.x -> 1.10.x are allowed, however 1.8 -> 1.10 is not. To upgrade, from 1.8 -> 1.10, you need to upgrade first from 1.8 -> 1.9 and then another do another upgrade from 1.9 -> 1.10

KubeCluster Activity Log

At the green arrow on this picture you can download the activities into CSV file. At the Red arrow you see the User ID who initiated the Upgrade of the Kubernetes Cluster. This is important information for Azure Alert monitoring.

10 minutes later Kubernetes Cluster is Upgraded to version 1.11.1

Upgrade is done.

We now do a minor Upgrade of Kubernetes from version 1.11.1 to 1.11.2 to get the newest version on Azure.
Click on 1.11.2 version and hit Save.

 

Microsoft Azure Monitoring Alerts

When you click on the second activity of the Upgrade you see at arrow 2 that you can add an Activity Log Alert by Azure monitoring.

Creating Rule Alerts.

  1. Define Alert condition is already set. We want an Alert notification on Upgrading KubeCluster.
  2. Define Alert details, must be set.
  3. Define Action Group, must be set to create the Alert Rule.

2. Define the Alert Details.

3. Define Action Group : Click on + New Action Group

Click on OK

Created Action Group name AKSAdmins

An action group is a collection of notification preferences defined by the user. Azure Monitor and Service Health alerts are configured to use a specific action group when the alert is triggered. Various alerts may use the same action group or different action groups depending on the user’s requirements.

More information on Creating and managing action groups in the Azure portal can be found here

For information on how to use Azure Resource Manager templates to configure action groups, see Action group Resource Manager templates.

 

From here you can Create the Alert Rule and make it Active.

Azure Monitor Alerts with one rule Enabled.

Here is our Active KubeCluster Alert Rule.

Now we will get a notification when a Colleague is Upgrading our KubeCluster in the Future 😉

KubeCluster is now running the latest available version of Kubernetes.

Kubernetes Cluster nodes are Healthy and running version 1.11.2

Here you see in the Kubernetes Dashboard the Node version of Kubernetes.

For Developers and DevOps it’s Great to work with Microsoft Visual Studio Code and the Azure Kubernetes Services (AKS) to work in a CI/CD Pipeline, to create continuous business applications in the Cloud.

Here is my Azure KubeCluster running in Visual Studio Code 🙂

And at last, most important thing is that my Application is running on my Azure Kubernetes Cluster for the Business My Test Site.

Hope this blogpost is useful for you and your business to manage your AKS Cluster in the Microsoft Cloud.

More information About Azure Kubernetes Service (AKS) :

 Upgrade an Azure Kubernetes Service (AKS) cluster via Azure CLI

Azure Kubernetes Service (AKS) Docs

Monitor Azure Kubernetes Service (AKS) container health (preview)

Microsoft Azure Kubernetes Services website Start Free here

Follow Containers in the Cloud Community Group on LinkedIn


Leave a comment

Installing #Azure Service Fabric Cluster on Windows Server 2019 Insiders #Containers #Winserv

Microsoft Azure Service Fabric Cluster

Azure Service Fabric is a distributed systems platform that makes it easy to package, deploy, and manage scalable and reliable microservices and containers. Service Fabric also addresses the significant challenges in developing and managing cloud native applications. Developers and administrators can avoid complex infrastructure problems and focus on implementing mission-critical, demanding workloads that are scalable, reliable, and manageable. Service Fabric represents the next-generation platform for building and managing these enterprise-class, tier-1, cloud-scale applications running in containers.

In the following Step-by-Step Guide I created a Standalone Microsoft Azure Service Fabric Cluster
on Windows Server 2019 Insiders Preview for DevOps testing :

First I downloaded the Contents of Service Fabric Standalone package for Windows Server here

Several sample cluster configuration files are installed with the setup package. ClusterConfig.Unsecure.DevCluster.json is the simplest cluster configuration: an unsecure, three-node cluster running on a single computer. Other config files describe single or multi-machine clusters secured with X.509 certificates or Windows security. You don’t need to modify any of the default config settings for this tutorial, but look through the config file and get familiar with the settings.

I made the Unsecure three-node Cluster running on Windows Server 2019 Insiders Preview in my MVPLAB.

 

Open Powershell in Administrator modus and run the Script :

.\CreateServiceFabricCluster.ps1 -ClusterConfigFilePath .\ClusterConfig.Unsecure.DevCluster.json -AcceptEULA

Connect-ServiceFabricCluster

 

Service Fabric Explorer (SFX) is an open-source tool for inspecting and managing Azure Service Fabric clusters. Service Fabric Explorer is a desktop application for Windows, macOS and Linux.

I Installed Azure Service Fabric Explorer to visualize the Cluster.

Here we got Azure Service Fabric 3-Node Cluster running on Windows Server 2019 Insiders

Azure Service Fabric CLI

The Azure Service Fabric command-line interface (CLI) is a command-line utility for interacting with and managing Service Fabric entities. The Service Fabric CLI can be used with either Windows or Linux clusters. The Service Fabric CLI runs on any platform where Python is supported.

Prior to installation, make sure your environment has both Python and pip installed.
The CLI supports Python versions 2.7, 3.5, 3.6, and 3.7. Python 3.x is the recommended version, since Python 2.7 will reach end of support soon.

You can download the latest Python version here

Check the Python version and the Pip version by typing :

python –version
Pip –version

The Pip version which is delivered via Python has to be updated with the following command :

python -m pip install –upgrade pip

We now have pip version 18.0 instead of 10.0.1

Installing Service Fabric CLI by command :

pip install -I sfctl

Done ! Service Fabric CLI is installed on my Windows 10 Surface.

sfctl -h 

Now we have installed Microsoft Azure Service Fabric Cluster on Windows Server 2019 Insiders Preview and the Service Fabric CLI on Windows 10, we now can connect to the 3-node Fabric Cluster via CLI.
Because we are working under Windows 10 and not on the host itself we have to set an endpoint connection :

sfctl cluster select –endpoint http://192.168.2.15:19080

sfctl cluster health

sfctl node list

Microsoft Visual Studio 2017 Enterprise and Service Fabric SDK

As a Developer or DevOps you like to work from Microsoft Visual Studio to deploy your Apps, Microservices or Containers to the Azure Service Fabric Cluster.

You need to install the Service Fabric SDK in Visual Studio before you can deploy :

Select Service Fabric Application at New Project

Visual Studio 2017 Enterprise : Service Fabric SDK must be installed

Installing Microsoft Azure Service Fabric SDK

Done.

Now you can make your Service Fabric Container.

Happy Developing 😉

More information on Microsoft Azure Service Fabric Cluster :

Service Fabric on GitHub

Add or remove nodes to a standalone Service Fabric cluster running on Windows Server :

Scaling your Azure Service Fabric Cluster

More info :

Microsoft Azure Service Fabric documentation

Microsoft Azure Service Fabric Cluster Learning Path


Leave a comment

#Microsoft Azure Security Center Investigation Dashboard (Preview) #Azure #Security #ASC #Cloud


Yesterday I was playing with Mimikatz (Hackertool) for Security pen tests and it was not working because Azure Security Center Quarantined the file 🙂

On my Surface I got an Azure monitoring Agent running

Microsoft Azure Security Center Investigation Dashboard

The Investigation feature in Security Center allows you to triage, understand the scope, and track down the root cause of a potential security incident.
The intent is to facilitate the investigation process by linking all entities (security alerts, users, computers and incidents) that are involved with the incident you are investigating. Security Center can do this by correlating relevant data with any involved entities and exposing this correlation in using a live graph that helps you navigate through the objects and visualize relevant information.

Microsoft Azure Security Center found also a rare SVCHOST Service on my Surface, and the ASC investigation dashboard gives you great overview of the security risk.

You can Run a Playbook based on this alert Rare SVCHOST Service

Try it yourself, more information about Azure Security Center Investigation Dashboard (Preview) can be found here

Microsoft azure Security Center

 

 


Leave a comment

Connecting Windows Admin Center to #Microsoft Azure Subscription #WAC #Azure

To allow the Windows Admin Center gateway to communicate with Azure to leverage Azure Active Directory authentication for gateway access, or to create Azure resources on your behalf (for example, to protect VMs managed in Windows Admin Center using Azure Site Recovery), you will need to first register your Windows Admin Center gateway with Azure. You only need to do this once for your Windows Admin Center gateway – the setting is preserved when you update your gateway to a newer version.

In the following Step-by-Step Guide you will connect Windows Admin Center to your Microsoft Azure Subscription.

From here you have to copy the device Code and hit the Link device login ( https://aka.ms/devicelogin )
This will make the connection between Windows Admin Center and your Azure Subscription.

Paste the Code into here and Click on Continue.

Sign in your Azure Subscription.

From here you are connected to your Azure Subscription.

Select the right Azure Tenant and Click on Register.

Go to the Azure AD App Registration link.

Click on Settings


Click on Required Permissions and then on Grant permissions

Click on Yes.

Windows Admin Center has now Permission.

Microsoft Windows Admin Center (WAC) Gateway is now registered to your Azure Subscription and you can use Azure AD Multi-Factor Authentication and Azure Site Recovery to protect your Virtual Machines with WAC.

IMPORTANT : Before you can add Microsoft Azure VM’s to Windows Admin Center, you have to set the Azure Network Firewall portal settings and also the Microsoft Windows OS Firewall of the VM.

Networking Settings of the Azure VM.

Open for http WAC port 5985 and for https 5986.

To make the port more Secure you have these Options in the Firewall rule.

Now you have done this for Azure Networking in the portal, you have to do the same in the Firewall settings of the Virtual Machine Inside.

Allow Port 5985 and 5986.

More information about Azure Integration in Windows Admin Center here

 

Here you see my Azure VM in Windows Admin Center On-Premises.

Here you see my Azure Data Science VM in the Cloud via Windows Admin Center 😉


Leave a comment

Download the August 2018 #Developers Guide to #Azure #Cloud

If you are a developer or architect who wants to get started with Microsoft Azure, this book is for you! Written by developers for developers, this guide will show you how to get started with Azure and which services you can use to run your applications, store your data, incorporate intelligence, build IoT apps, and deploy your solutions in a more efficient and secure way.

Download the August 2018 Update of Developers Guide to Azure E-book here

Happy Reading and Building in the Microsoft Azure Cloud with this Awesome E-book !