Cloud and Datacenter Management Blog

Microsoft Hybrid Cloud blogsite about Management


Leave a comment

#Microsoft Windows Insiders and Windows Terminal Preview #WindowsInsiders #Winserv #MVPBuzz

Microsoft Windows Insiders Program

To be the first with the Microsoft Windows Insiders Community testing all the New features is awesome to do!
I’m a Windows Insider since October 1st, 2014 and I like to see every week what’s new? In the Feedback HUB Preview you can Follow other Windows Insiders and see the Challenges and features requests. From there you can give them feedback or vote for the new features.

Windows Insiders Feed Back HUB

To become a Microsoft Windows Insider, you have to register your self here : BECOME AN INSIDER

In the Windows Insiders HUB you find also the New announcements of the Preview Build versions. Microsoft Windows Insiders also have a blogsite here to follow:

Windows Insiders Blogpost site

When you are active in the Microsoft Windows Insiders Community you can Earn badges and Learn a lot of the New Features Microsoft releases every week. This gives you always a step a head and It’s fun 🚀😎👍

Earning Badges

It’s not only the Windows 10 Insiders program but also Windows Server Insiders or Microsoft Edge Insiders
Here you find more information :

Windows Server Insider Program

Microsoft Edge Insider Program

And of course keep up-to-date via Social Media here:

@windowsinsider

@donasarkar

@JenMsft

@MSEdgeDev

@windowsserver

Which recent Features do I like in Microsoft Windows Insiders Preview Build?

Well Let start Right a way with the Dark Side Theme in Windows Insiders 😎👍🚀

Much better for my eyes 😍

One of the latest new Features in Windows Insider Preview Build 18922 is Windows Terminal Preview from the Marketplace.

Click on Get

Just Click on Launch

It’s in really early Preview with version 0.2.1715.0

Windows Terminal Preview

Here begins the cool 😎 part with Settings opening profiles.json file to edit :

JSON Settings of Windows Terminal Preview

Here I Changed the JSON file for my Ubuntu Linux Terminal with a Great New Background.

You Have to add these lines in the JSON file here:

%LOCALAPPDATA%\Packages\Microsoft.WindowsTerminal_8wekyb3d8bbwe\RoamingState

Under “Icon” :

“backgroundImage” : “ms-appdata:///roaming/yourimage.jpg”,
“backgroundImageOpacity” : 0.75,
“backgroundImageStrechMode” : “fill”,

Save Profiles.json and you will see that the background will be Awesome in Ubuntu Terminal :

How Awesome is this !! 😎🚀👍

Conclusion:

I Love my Hobby and my Hobby is my Work !
The Microsoft Windows Insiders Program is Awesome together with the Community to make Windows a Great product for everyone.


Leave a comment

#Microsoft Azure Central Monitoring for your Team #Dashboards #Azure #ContainerInsights #Apps

Full Screen Monitoring

When you install Azure Virtual Machines or Kubernetes Clusters in the Microsoft Cloud, It’s important to monitor your workload and keep your IT department in Control for the Business. Metric alerts in Azure Monitor work on top of multi-dimensional metrics. These metrics could be platform metrics, custom metrics, popular logs from Azure Monitor converted to metrics and Application Insights metrics.

When you have important alerts, you want to take action based on your rules.

Take action on Alerts

Make your Own rules based on Alerts.

IT Department of a company has most of the time different teams with each having it’s own responsibility of workloads in the Microsoft Cloud. For example, the Servicedesk is supporting the Business and they like to see if all the Services are up and running for the Business. The Infrastructure Team wants the same, but on deep level components of the Services like Memory, Network, Storage, CPU, Performance, Availability and more. The Technical Application Team is interested if the application is running and working with all the Interfaces, Databases, and/or Azure Pipelines.

Each Team can build there own Azure Dashboard(s) in the Microsoft Cloud.

Here I Have made an easy example of my Windows Server 2019 Virtual Machines and my Azure Kubernetes Cluster in One Microsoft Azure Dashboard :

You can Start from Azure Monitor Metrics

Or you can Start from the Virtual Machine Blade here.

When you have your Azure Monitor metrics ready with the right information then you can create it in your Azure Dashboard for your Team.

 

Select another Dashboard.

Create your Own Dashboard.

Now we have the first VM with CPU percentage in the Azure Dashboard.

Here I have added More Virtual Machines to the Same Metric Chart.

When you have Azure Kubernetes Cluster to monitor :

From here you can Add Container Insights information into your Azure Dashboard :

Adding Azure Monitor Container Insights of KubeCluster01

The Azure Monitor Container Insights logs for your Dashboard information, with Pin to Dashboard.

 

When you right click with your mouse on the dashboard, you can edit your dashboard with more Azure Resources
from the tile Gallery. Here you can read more about creating your Own Azure Dashboard with Action Rules.

Azure Monitor for containers is a feature designed to monitor the performance of container workloads deployed to either Azure Container Instances or managed Kubernetes clusters hosted on Azure Kubernetes Service (AKS). Monitoring your containers is critical, especially when you’re running a production cluster, at scale, with multiple applications.
Azure Monitor for containers gives you performance visibility by collecting memory and processor metrics from controllers, nodes, and containers that are available in Kubernetes through the Metrics API. Container logs are also collected. After you enable monitoring from Kubernetes clusters, these metrics and logs are automatically collected for you through a containerized version of the Log Analytics agent for Linux and stored in your Log Analytics workspace.

 

Read here more about Azure Container Insights with Live Logs.

Follow and Join the community on LinkedIn

JOIN Azure DevOps Community 

JOIN Containers in the Cloud Community 

JOIN Azure Monitor and #Security Community 


Leave a comment

Installing and Maintaining #Azure Kubernetes Cluster with Multi Pool Nodes (Preview) for #Linux #Winserv Containers

Install AKS-Preview extension via Azure Cloudshell

NOTE ! This is a Preview blogpost, do not use in production! (only for test environments)

To create an AKS cluster that can use multiple node pools and run Windows Server containers, first enable the WindowsPreview feature flags on your subscription. The WindowsPreview feature also uses multi-node pool clusters and virtual machine scale set to manage the deployment and configuration of the Kubernetes nodes. Register the WindowsPreview feature flag using the az feature register command as shown in the following example:

I Have registered the following Preview Features from the Azure CloudShell :

  • az feature register –name WindowsPreview –namespace Microsoft.ContainerService
  • az feature register –name MultiAgentpoolPreview –namespace Microsoft.ContainerService
  • az feature register –name VMSSPreview –namespace Microsoft.ContainerService

This will take a few minutes and you can check the registration with the following command :

az feature list -o table –query “[?contains(name, ‘Microsoft.ContainerService/WindowsPreview’)].{Name:name,State:properties.state}”

When ready, refresh the registration of the Microsoft.ContainerService resource provider using the az provider register command:

 

Creating Azure Kubernetes Cluster

First you create a Resource Group in the right Azure Region for your AKS Cluster to run:

az group create –name myResourceGroup –location eastus

I created Resource Group KubeCon in location West-Europe.

Creating KubeCluster

With the following CLI command in Azure Cloudshell, I created the Kubernetes Cluster with a single node:

$PASSWORD_WIN=”P@ssw0rd1234″

az aks create –resource-group KubeCon –name KubeCluster –node-count 1 –enable-addons monitoring –kubernetes-version 1.14.0 –generate-ssh-keys –windows-admin-password $PASSWORD_WIN –windows-admin-username azureuser –enable-vmss –network-plugin azure

The Azure Kubernetes Cluster “KubeCluster” is created in the resource group “KubeCon” in a view minutes.

Adding a Windows Pool

Adding a Windows Server Node Pool

By default, an AKS cluster is created with a node pool that can run Linux containers. Use az aks nodepool add command to add an additional node pool that can run Windows Server containers.

az aks nodepool add –resource-group KubeCon –cluster-name KubeCluster –os-type Windows –name pool02 –node-count 1 –kubernetes-version 1.14.0

I added the Windows Server Pool via the Azure Portal.

When this has finished, we have an Azure Kubernetes Cluster with Multi node Pools for Linux and Windows Server Containers :

Pools for Linux and Windows Server Containers

The following will be created in Microsoft Azure too :

VNET, NSG and Virtual Machine Scale Set (VMSS)

Azure Monitor for containers is a feature designed to monitor the performance of container workloads deployed to either Azure Container Instances or managed Kubernetes clusters hosted on Azure Kubernetes Service (AKS). Monitoring your containers is critical, especially when you’re running a production cluster, at scale, with multiple applications.
Azure Monitor for containers gives you performance visibility by collecting memory and processor metrics from controllers, nodes, and containers that are available in Kubernetes through the Metrics API. Container logs are also collected. After you enable monitoring from Kubernetes clusters, these metrics and logs are automatically collected for you through a containerized version of the Log Analytics agent for Linux and stored in your Log Analytics workspace.

Container Insights Monitoring of the Linux Node

Container Insights Monitoring of the Windows Server Node

Here you can read all about Azure Monitoring with Container Insights

Scaling Multi Pool Node AKS Cluster

To Scale your Multi Pool Node AKS Cluster, you need to do this via the Azure Cloudshell CLI.

Here you see the two pools ( Linux and Windows Server)

Scaling up the Windows Server Pool

You can do this with the following command :

az aks nodepool scale –resource-group KubeCon –cluster-name KubeCluster –name pool02 –node-count 2 –no-wait

Scaling

Scaling Succesful after a few minutes

Upgrading Windows Server Pool Instance

When I scaled the Cluster there was a update released by Microsoft.

Windows Server Pool Instances

Just Click on Upgrade

Upgrade is Done 😉


Leave a comment

Microsoft #Azure CloudShell for Management tasks #Bash #Powershell #CLI #KubeCtl #Terraform

https://shell.azure.com

Azure Cloud Shell is an interactive, browser-accessible shell for managing Azure resources. It provides the flexibility of choosing the shell experience that best suits the way you work. Linux users can opt for a Bash experience, while Windows users can opt for PowerShell.

In this quick overview you will see the possibilities of Microsoft Azure Cloudshell functionalities and tools.

Azure Cloudshell Editor

Azure Cloud Shell includes an integrated file editor built from the open-source Monaco Editor. The Cloud Shell editor supports features such as language highlighting, the command palette, and a file explorer.
This can be handy with JSON and YAML files.

 

When you have your App YAML file for your Azure Kubernetes Cluster on your Cloud drive, you can edit the file online with your browser and save it in the Azure Cloud. I like this editor in the Cloudshell, especially when you are not behind your own laptop or pc and you have to make a quick change.

I have a Kubernetes Cluster installed on Azure and with this editor I can explore my Azure logs, Cache, and config files for the information I need to work with in Bash, Powershell to do my CLI commands for example 😉

For the Powershell Gurus 

Azure PowerShell provides a set of cmdlets that use the Azure Resource Manager model for managing your Azure resources. Learn here more about Azure Powershell

Azure Kubernetes CLI Kubectl

Kubectl is a command line interface for running commands against Kubernetes clusters. kubectl looks for a file named config in the $HOME/.kube directory. You can specify other kubeconfig files by setting the KUBECONFIG environment variable or by setting the –kubeconfig flag.
Read here more about Kubectl

Terraform CLI is Available

What is Terraform?
Terraform is a tool for building, changing, and versioning infrastructure safely and efficiently. Terraform can manage existing and popular service providers as well as custom in-house solutions.
Configuration files describe to Terraform the components needed to run a single application or your entire datacenter. Terraform generates an execution plan describing what it will do to reach the desired state, and then executes it to build the described infrastructure. As the configuration changes, Terraform is able to determine what changed and create incremental execution plans which can be applied.
The infrastructure Terraform can manage includes low-level components such as compute instances, storage, and networking, as well as high-level components such as DNS entries, SaaS features, etc.

The key features of Terraform are:

Infrastructure as Code
Infrastructure is described using a high-level configuration syntax. This allows a blueprint of your datacenter to be versioned and treated as you would any other code. Additionally, infrastructure can be shared and re-used.

Execution Plans
Terraform has a “planning” step where it generates an execution plan. The execution plan shows what Terraform will do when you call apply. This lets you avoid any surprises when Terraform manipulates infrastructure.

Resource Graph
Terraform builds a graph of all your resources, and parallelizes the creation and modification of any non-dependent resources. Because of this, Terraform builds infrastructure as efficiently as possible, and operators get insight into dependencies in their infrastructure.

Change Automation
Complex changesets can be applied to your infrastructure with minimal human interaction. With the previously mentioned execution plan and resource graph, you know exactly what Terraform will change and in what order, avoiding many possible human errors.

More information on Terraform

It’s really easy to Upload or Download your Files.

AzCopy is a command-line utility designed for copying data to/from Microsoft Azure Blob, File, and Table storage, using simple commands designed for optimal performance. You can copy data between a file system and a storage account, or between storage accounts.

More information about Features & tools for Azure Cloud Shell here

Conclusion :

Microsoft Azure Cloudshell is very powerful to work with, creating your infrastructure from the Command Line Interface (CLI) or with JSON / YAML scripts. Some features or commands are not available in the Azure portal and that’s where Azure Cloudshell can help you out. Try the different Azure Cloudshell Tools and look what you like most to use for your work. From here you can work on any device with a browser and do your work. #MVPBuzz


Leave a comment

#Microsoft Azure Sentinel (Preview) Overview #Azure #Sentinel #Security #Analytics #SIEM

 

Microsoft Azure Sentinel

Microsoft Azure Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response.

  • Collect data at cloud scale across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds.
  • Detect previously undetected threats, and minimize false positives using Microsoft’s analytics and unparalleled threat intelligence.
  • Investigate threats with artificial intelligence, and hunt for suspicious activities at scale, tapping into years of cyber security work at Microsoft.
  • Respond to incidents rapidly with built-in orchestration and automation of common tasks.

In the following step-by-step guide you get a global overview of Azure Sentinel :

Search for Azure Sentinel in the Azure Portal.

Click on Create

Connect or add your Workspace.

Click on Add Azure Sentinel

Azure Sentinel is added to your workspace.

Azure Sentinel Overview

Security Analytics

Learn here more with Microsoft Azure Monitor analytics queries

Here you can play with Azure Log Analytics 😉

Here you can collect all your Security Cases

Azure Sentinel Build-In Dashboard Solutions

Azure AD Audit Logs

 

Linux Machines Security

When you have your Azure Sentinel Solutions in place with alerting rules and telemetry and analytics is coming to your workspace, Hunting is the next Threat management tool :

Azure sentinel Hunting

Working with Tags and Collaborate with Teammates

Launch Investigations and Bookmark

Working with Azure Notebooks for Azure Sentinel

Welcome to the Azure Sentinel repository! This repository contains out of the box detections, exploration queries, hunting queries, dashboards and playbooks to help you get ramped up with Azure Sentinel and provide you security content to secure your environment and hunt for threats. You can also submit any issues or feature requests as you onboard to Azure Sentinel. For questions and feedback, please contact AzureSentinel@microsoft.com

Azure Sentinel Notebooks on GitHub

 

Get started from here to Configure your Azure Sentinel Environment

Choose your Data Collections for Azure Sentinel Security

Lot of Choice already Build-in for you.

From here you can make your own Azure Sentinel Analytics Alert Rules.

Alert Rules

Create Alert rules with the right mappings, triggers, and scheduling, response automation.

Add your own playbooks for your Security

Unlock the power of AI for security with Machine Learning

Machine Learning in Azure Sentinel is built-in right from the beginning. We have thoughtfully designed the system with ML innovations aimed to make security analysts, security data scientists and engineers productive. One such innovation is Azure Sentinel Fusion built especially to reduce alert fatigue.

Building your Full Screen Dashboard for Monitoring

More information about Azure Sentinel Intelligent Security :

Start here free with Azure Sentinel Preview

Microsoft azure Sentinel Docs

Microsoft Azure Sentinel on GitHub

Join Microsoft Azure Monitor & Security for Hybrid IT Community

 


Leave a comment

How to monitor your #Kubernetes clusters – Best Practices Series #AKS #AzureMonitor

Get best practices on how to monitor your Kubernetes clusters from field experts in this episode of the Kubernetes Best Practices Series. In this intermediate level deep dive, you will learn about monitoring and logging in Kubernetes from Dennis Zielke, Technology Solutions Professional in the Global Black Belts Cloud Native Applications team at Microsoft.

Multi-cluster view from Azure Monitor

Azure Monitor provides a multi-cluster view showing the health status of all monitored AKS clusters deployed across resource groups in your subscriptions. It shows AKS clusters discovered that are not monitored by the solution. Immediately you can understand cluster health, and from here you can drill down to the node and controller performance page, or navigate to see performance charts for the cluster. For AKS clusters discovered and identified as unmonitored, you can enable monitoring for that cluster at any time.

Understand AKS cluster performance with Azure Monitor for containers

Container Live Logs provides a real-time view into your Azure Kubernetes Service (AKS) container logs (stdout/stderr) without having to run kubectl commands. When you select this option, new pane appears below the containers performance data table on the Containers view, and it shows live logging generated by the container engine to further assist in troubleshooting issues in real time.
Live logs supports three different methods to control access to the logs:

AKS without Kubernetes RBAC authorization enabled
AKS enabled with Kubernetes RBAC authorization
AKS enabled with Azure Active Directory (AD) SAML based single-sign on

You even can search in the Container Live Logs for Troubleshooting and history.

View Container Live logs with Azure Monitoring for AKS | Kubernetes | Containers 


Leave a comment

Bye Bye 2018 vs Hello 2019 #MVPbuzz #Azure #Cloud #AzureDevOps #Education #Code #Analytics

Happy New Year !

First of all Thank you for following me and Sharing Microsoft Cloud and Datacenter Management content on Social Media 🙂 Sharing & Learning Together is Better. 

Here some work I did for the Community in 2018 :

  •  I wrote 62 Blogposts in 2018 on https://mountainss.wordpress.com and shared them on LinkedIn,
    Twitter, Facebook and Microsoft Tech Community
  • Made a Blogpost Serie about :
    It’s all about your Datacenter transition to the Cloud by Design and by Security.
    Microsoft Azure Hub-Spoke model by Enterprise Design

  • Started Azure DevOps Community Group on LinkedIn
  • Together with Community Groups :  Microsoft Azure Monitor and Security for Hybrid IT and
    Containers in the Cloud

    @Jamesvandenberg
  • Welcome 577 New Followers on Twitter of the 5904 Followers 🙂
    More then 2.807.000 Tweet impressions in One year !
  • Started with Friday is MVPbuzz Day for Education to get Azure Cloud in the Classroom, working together with Teachers and Students in my Free time.
  • Working with Microsoft Learn in Teams for the Students.
  • Meetings and Speaking for Education, all about Azure and AzureStack Technologies.
  • Conferences, like the Global MVP Summit 2018, DevOps Amsterdam, Community Group meetings.
    Microsoft Ignite, Microsoft Build, Microsoft Connect events.
  • Almost every week Microsoft Product Group Intervention (PGI) sessions Online.
  • Sharing the News every Day via Twitter, Facebook, LinkedIn, Microsoft Tech Community, Blog

But what is coming in 2019 ?

Rocking with Azure in the Classroom !

I will continue every day sharing knowledge with the Community and continue my Free work on MVPbuzz Friday for Education to get Azure Cloud Technology in the Classroom for Teachers and Students.
The trend I see for 2019 is more Infrastructure and Security by Code with Microsoft Azure DevOps
and of course you have to be in Control with Microsoft Azure Monitor

I will write a blogpost in January 2019 about Microsoft Azure Hub-Spoke model by Enterprise Design 4 of 4 : Optimize your Azure Workload.

More Items in 2019 to come :

  • Microsoft Azure Security Center for Hybrid IT
  • Windows Server 2019 in combination with Azure Cloud Services.
  • More on Containers in the Cloud
  • Azure Stack and ASDK
  • Integration with Azure Cloud.
  • API Management
  • Azure DevOps Pipelines and Collabration
  • Azure IoT for Smart Cities and Buildings combined with AI Technology

2019 will be a Great year again with New Microsoft Technologies and Features for your business.