Cloud and Datacenter Management Blog

Microsoft Hybrid Cloud blogsite about Management


Leave a comment

Windows Admin Center Rocks for Managing Hybrid DataCenters #WAC #Azure #Winserv

Microsoft Windows Admin Center for Hybrid IT Management

I really like to work with Microsoft Windows Admin Center for managing my Hybrid workloads Windows Servers in Azure Cloud Services but also our On-premises Servers on Hyper-V and VMware platform. Even our physical Windows Servers can be managed from Windows Admin Center.

You can extend on-premises deployments of Windows Server to the cloud by using Azure hybrid services. These cloud services provide an array of useful functions, including the following:

  • Protect virtual machines and use cloud-based backup and disaster recovery (HA/DR) with Azure Site Recovery.
  • Track what’s happening across your applications, network and infrastructure with the help of advanced analytics and machine learning in Azure Monitor.
  • Simplify network connectivity to Azure with Azure Network Adapter.
  • Keep virtual machines up to date with Azure Update Management.

Azure hybrid services work with Windows Servers in the following configurations:

I’m working with Windows Admin Center since day one, and you see the hybrid management tool evolving with great new features to make your life as an Administrator more easier. For example you get notifications when there are updates in extensions.

Notification details about update Extensions

When you click on the link “Go to Extensions” you will see the Extensions installed and the Updates which you can install from there.

Here you see an Azure Security Center Extension update.

There are not only Microsoft extensions, but also third party solution extensions and you could build your own extension for your solution. Here you find all the information about Windows Admin Center Extensions

Third Party Windows Admin Center Extensions

Installing a New extension is easy to do, the Azure Cloud Shell (Preview) was the last extension I installed in my Azure MVP Lab to work with. Azure Cloud Shell is an interactive, authenticated, browser-accessible shell for managing Azure resources. It provides the flexibility of choosing the shell experience that best suits the way you work, either Bash or PowerShell. Cloud Shell enables access to a browser-based command-line experience built with Azure management tasks in mind. So how does this look in Windows Admin Center?

Install the Azure Cloud Shell (Preview) Extension

You find the Installed Azure Cloud Shell in the pulldown menu of WAC

Copy your code here https://microsoft.com/devicelogin

You will see this screen when you copy-paste the code

When you go back to Windows Admin Center you will see you are connected with Azure Cloud Shell CLI 😉

Azure Cloud Shell in Windows Admin Center

from here you can manage all your Azure Cloud Services via the Azure Cloud Shell CLI with Bash or Powershell.
Here you find more about Microsoft Azure Cloud Shell tools and Features.

you can add an Azure Network Adapter to your on-premises servers to help you securely connect the server to an Azure Virtual Network.

Read more about adding Microsoft Azure Network Adapter (Preview) in the top 10 Features of Windows Server 2019. Nice link speed of 40 Gbps 😉

For Management of your Windows Servers you need some tools and consoles. Windows Admin Center is supporting you to get the Management consoles in one place to do your administration and updates.
The next tree Features are in Windows Admin Center to manage your Windows Server.

Powershell inside WAC of my Domain Controller

Windows PowerShell is a task-based command-line shell and scripting language designed especially for system administration. Built on the .NET Framework, Windows PowerShell helps IT professionals and power users control and automate the administration of the Windows operating system and applications that run on Windows.
Here you find more information about Windows Commands

Windows Update in Windows Admin Center.

Of course you need to update your Windows Servers, and what I like in WAC is that you get the information if an update needs a reboot before you click on Install Updates. This option is good for my Azure MVP Lab but when you need to update more then 100 Servers, you would do that centrally managed like with Update Management solution in Azure

Windows Remote Desktop in WAC

Remote Desktop is one of the Features of Windows Admin Center, to take over the desktop for installations of Applications for example.

Windows Admin Center got a lot more Features and Tools to Manage your Windows Servers in a Hybrid world.
Like these :

  • Storage
  • Security
  • System Insights
  • Scheduled Tasks
  • Installing Roles and Features of Windows Server
  • Registry
  • Processes running on your Windows Server
  • Managing and deploying Clusters
  • and much More………

You can install the following Resources to Manage with WAC

Windows Admin Center Overview

Conclusion:

Microsoft Windows Admin Center is the New Management tool for your Hybrid IT Management to Controle your Servers for your Business. It got all the Management consoles covered of Windows Servers to manage from one tool.
It’s easy to use and It keeps you Up-to-date of what is happening on your Windows Server but also what is New and updated. With Microsoft Windows Admin Center your are learning on the job and that’s what I Like 😉
Hope you will use Microsoft Windows Admin Center too for your Business, download it here for Free!


Leave a comment

Don’t miss this Awesome #Microsoft Ignite 2019 Event of the Year #MSIgnite

Microsoft Ignite 2019

LEARN | CONNECT | EXPLORE

You don’t want to miss this Awesome Microsoft Ignite 2019 Event of the Year in Orlando, Florida !
If you can’t attend, don’t worry you can follow the Live Stream of MS Ignite here
Or here on Microsoft Ignite YouTube Channel

Have a look at the Microsoft Ignite 2019 Agenda

Plan your sessions for Microsoft Ignite 2019 ( More 1000+)

Download the Microsoft Events Mobile App for MS Ignite 2019 here

Follow @MS_Ignite on Twitter here

Use #MSIgnite on Social media

JOIN the Community on LinkedIn

JOIN Azure DevOps Community

linkedin.com/groups/1213925

JOIN Containers in the Cloud Community

linkedin.com/groups/1353996

JOIN Azure Monitor and Security Community

linkedin.com/groups/1351711


Leave a comment

Backup – Restore – DR strategy in a Fast changing World #Data #Management

The world of data is moving and changing a lot with new IT technologies coming up like leaves on a tree.
Data is everywhere, on Servers, workstations, BYOD Devices in the Cloud but how do you keep your data save and protected for your business today and in the future? There are a lot of reasons why you should Backup your data :

  • One of your employees accidentally deleted important files for example.
  • Your data got compromised by a virus.
  • Your Server crashed
  • You have to save your data for a period of time by Law
  •  And there will be more reasons why you should do backup…………….

A lot of Enterprise organizations are moving to the Cloud with workloads for the Business, but how is your Backup and Disaster Recovery managed today? A lot of data transitions are made but what if your Backup and Disaster Recovery solution is out dated or reaching end of Life? You can have a lot of Questions like :

  • What data should I backup?
  • Should I just upgrade the Backup Solution?
  • How can I make my Data Management Backup -DR Solution Cheaper and ready for the future?
  • How can I make my new Backup-DR Solution independent? ( Vendor Lockin)

And there will be more questions when you are in this scenario where you have to renew your Backup – DR Solution.
Here we have the following Great Backup Solution from 2014 :

Offsite Microsoft DPM Backup Solution since 2014

Here we have 3 System Center Data Protection Manager Backup Pods with a Tape library and One DPM pod connected with a Microsoft Azure Backup Vault in the Cloud. You do the Security updates and the Rollups for Windows Server 2012 R2 and System Center Data Protection Manager 2012 to keep the Solution save and running.

Long Time Protection to Tape

DPM 2012 Server with direct attached Storage for Short time protection

The four DPM Backup Pods have the same Storage configuration for short time protection with a retention time of 15 days. After that Longtime protection is needed with Backup to tape and Backup to Microsoft Azure Backup Vault.
Since 2014 the Backup data is depending on these solution configurations.

Tape Management cost a lot of time and money

The fourth DPM Backup pod got a Azure Backup Vault in the Cloud to save Tape Management time.

DPM Backup to Microsoft Azure Cloud Backup Vault.

So this is the Start of the Journey to a New Data Management Backup – DR Solution transformation. The next Couple of weeks I will search for the different scenarios and solutions on the Internet and talk with the Community looking for Best Practices. I will do Polls on Social Media and a Serie of blogposts for the Data Management Backup – DR Solution to keep the business continuity.

Magic Quadrant for Data Center Backup and Recovery Solutions

Will it be a Cloud Backup – DR Solution?
Will it be a Hybrid Cloud Backup – DR Solution?
Everything in One Management Console?
Or More then One Backup -DR Solution for the right Job?

We will see what the journey will bring us based on Best Practices  😉


Leave a comment

Creating Azure Virtual Machine via the Portal #Winserv #Linux #Azure

Microsoft Azure Cloud Services is evolving really fast with New solutions and features every day for your business. In the following step-by-step guide we will see all the options and features when you create a virtual machine in the Azure Cloud. For this you need a Microsoft Azure subscription to start. When you are in the Azure Portal you begin with + Create a Resource and from there you see all the create items. Click on Compute and you will see the picture above what you can create. I’m going to create a Windows Server 2019 datacenter edition Virtual Machine in the Microsoft Azure Cloud. In the Azure Portal is a step by step wizard to help you with your choices.

Basic tab

We start by selecting the right Azure subscription ( if you have Multiple) like a Hub-Spoke model design
you can choose for your deployment. Then select a Resource Group or Create New. I made a new Resource Group called RSG-Winserv.

 

When you go further down, you must give your Virtual Machine a name and select the Microsoft Azure region where your VM will run. I Choose West Europe because I life in the Netherlands. For availability options of the Virtual Machine you can choose out of three options :

  1. No infrastructure redundancy required
  2. Availability zone
  3. Availability set

Availability Zones is a high-availability offering that protects your applications and data from datacenter failures. Availability Zones are unique physical locations within an Azure region. Each zone is made up of one or more datacenters equipped with independent power, cooling, and networking

An Availability Set is a logical grouping capability that you can use in Azure to ensure that the VM resources you place within it are isolated from each other when they are deployed within an Azure datacenter. Azure ensures that the VMs you place within an Availability Set run across multiple physical servers, compute racks, storage units, and network switches

Microsoft Azure got a lot of software operating images, I installed Windows Server 2019 Datacenter but have a look at Browse all Public and Private images :

Small Disk Images

More images like Kali and Red Hat

The next step is the VM Size, the “hardware” requirements of the Virtual Machine. When you choose your VM size you have to know the possibilities and feature set of the Virtual Machine. This article describes the available sizes and options for the Azure virtual machines you can use to run your Windows apps and workloads. It also provides deployment considerations to be aware of when you’re planning to use these resources.

Here is Microsoft Azure showing 250 different VM sizes

In this window you see the following items of the Virtual Machine specs :

  • VM Size
  • Offering
  • Family
  • vCPUs
  • Memory RAM
  • Data Disks
  • Max IOPS
  • Temporary Storage
  •  Premium Disks (Yes or No)
  • Cost / Month Estimated

So pick the right VM Size for your solution to do the job.

Allow Public Internet Inbound Port Rules

If you need this for example a website, then you can set it right away, but you can set it on None and change the Network Security Group (NSG) or Azure App Gateway or Azure Firewall later and keep it Closed for now. I will show this in the NSG later to get RDP access.

Hybrid Benefit

You can enable great savings in Azure with Windows Server Software Assurance by using Azure Hybrid Benefit for Windows Server. Azure Hybrid Benefit for Windows Server allows you to use your on-premises Windows Server licenses and run Windows virtual machines in Microsoft Azure at a reduced cost (i.e. at Linux rates). You can use your licenses for Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016. The Azure Hybrid Benefit for Windows Server is applicable to Windows Server Standard and Datacenter editions as well as other versions obtained via custom images. With Azure Hybrid Benefit for Windows Server, you can save 40 percent or more1 on Windows Server virtual machines by paying only the base compute2 rates—adding value to your Software Assurance investments. The benefit is available across all Azure regions. Read more here

Disks tab

Disk storage is important for performance, that’s why you can choose for Standard HDD,  Standard SSD or
Premium SSD for your OS Disk. When your server need a Data disk, you can add it here or later on.
Here you can read more on Managed disks
What disk types are available in Azure?

Networking tab

Here you create your Virtual Network / subnet with a public IP. You can see here when you choose for a specific Virtual machine, you can not use accelerated networking because It’s not supported by the VM size selection.

Here you can choose for a Load Balancer or a Application Gateway

Azure Application Gateway is a web traffic load balancer that enables you to manage traffic to your web applications. Traditional load balancers operate at the transport layer (OSI layer 4 – TCP and UDP) and route traffic based on source IP address and port, to a destination IP address and port.

Azure Application Gateway

With Azure Load Balancer, you can scale your applications and create high availability for your services. Load Balancer supports inbound and outbound scenarios, provides low latency and high throughput, and scales up to millions of flows for all TCP and UDP applications.
Load Balancer distributes new inbound flows that arrive on the Load Balancer’s frontend to backend pool instances, according to rules and health probes.
Additionally, a public Load Balancer can provide outbound connections for virtual machines (VMs) inside your virtual network by translating their private IP addresses to public IP addresses.
Azure Load Balancer is available in two SKUs: Basic and Standard. There are differences in scale, features, and pricing. Any scenario that’s possible with Basic Load Balancer can also be created with Standard Load Balancer, although the approaches might differ slightly. As you learn about Load Balancer, it is important to familiarize yourself with the fundamentals and SKU-specific differences.

Management tab

When you have deployed your virtual machine, you want to manage it like monitoring and backup for example.
You can do these options also after the Virtual Machine deployment.
Backup of the Virtual Machine can be added when you deploy the VM.

I have a existing Backup Vault called WACvault1

From here you can create your own backup recovery Vault with your Own backup policy and retention times.

The feature provides Azure services with an automatically managed identity in Azure AD. You can use the identity to authenticate to any service that supports Azure AD authentication, including Key Vault, without any credentials in your code. What is managed identities for Azure resources?

Advanced tab

In the advanced tab you can select extensions for your Virtual Machine. These are add-ons and will installed during the deployment. You can now also select Gen 2 VM in Preview. Microsoft Azure has a lot of extensions for your Virtual machine :

List of extensions for your VM

Click on Create for adding Microsoft Antimalware on your VM

Select the options and exclusions

Tags tab

Here you can Tag your deployment

After you apply tags, you can retrieve all the resources in your subscription with that tag name and value. Tags enable you to retrieve related resources from different resource groups. This approach is helpful when you need to organize resources for billing or management. Read more on Tags here

At this moment the validation has passed for deployment with all your settings, but don’t forget to have a look at “Download a template for Automation”  before you hit Create.

Here you can download or save the JSON ARM Template

When you you go Back and click on Create the Virtual Machine, this will deploy the VM in Minutes.

The following Azure items are deployed in RSG-Winserv

Now your Virtual Machine is deployed in Microsoft Azure Cloud and is running, you can have a look at all the features of the Virtual Machine in the Portal.
To connect to the Virtual Machine you have to Manage access for your RDP session via the NSG in my case:

Double click on the NSG

I added a new rule to give my IP-address access to the VM

From here you can access the Windows Server 2019 Datacenter Virtual Machine in Microsoft Azure Cloud.

Management of your Virtual Machine

When your Azure Virtual Machine with Windows Server 2019 is running, you want to monitor the VM and see what is happening inside the Virtual Machine. Azure Monitor Insights can help you with this.

Health State of the VM

Connections

When Microsoft Azure Monitoring is on and running you want have important alerts on your Mobile by sms or
via E-mail notification to take action.

Alerts on Winserv2019 VM

High CPU Alert

Here we make an Alert about the CPU which is going higher then 80% average.

Making an Action group for email notification of the Alert

Action Group made

Alert made for the VM

Alert details

Alert rule is set and running for this Virtual Machine.

Conclusion

  1. You can create every virtual machine you want for your business, Windows Server or Linux..
  2. You can mange your own performance for the VM on demand by selecting the right VM Size.
  3. You can set Networking and High Availability
  4. You can set Disk Performance for your IOPS
  5. You can configure your management settings and dashboard for Monitoring.
  6. Security can be set on different levels.
  7. Backup of the Virtual Machine can be set with the right policy before deployment.
  8. and more…….

And keep watching your Azure Advisor for better changes :

New Advise will come !

and of course there are more features and options on this Virtual Machine, Have a look :

Settings of the VM

Operations and Management of the VM

Support and Troubleshooting of the VM


Leave a comment

How to make the Most out of #Azure Advisor

What is Advisor?

Advisor is a personalized cloud consultant that helps you follow best practices to optimize your Azure deployments. It analyzes your resource configuration and usage telemetry and then recommends solutions that can help you improve the cost effectiveness, performance, high availability, and security of your Azure resources.

With Advisor, you can:

  • Get proactive, actionable, and personalized best practices recommendations.
  • Improve the performance, security, and high availability of your resources, as you identify opportunities to reduce your overall Azure spend.
  • Get recommendations with proposed actions inline.

You can access Advisor through the Azure portal. Sign in to the portal, locate Advisor in the navigation menu, or search for it in the All services menu.

The Advisor dashboard displays personalized recommendations for all your subscriptions. You can apply filters to display recommendations for specific subscriptions and resource types. The recommendations are divided into four categories:

Azure Advisor Overview

High Availability Advise

Azure Advisor on Security

Here you find the Microsoft Azure Advisor Website with all the information

Conclusion:

The Microsoft Azure Cloud is always on the move with better features, Security, and Cost efficiency.
Azure Advisor will help you with all the changes and great features to keep you secure and up-to-date and lower your Cloud solution cost if possible.
Have a look at Azure Advisor and get your new Advise in your Microsoft Azure Subscription!


Leave a comment

What is Microsoft Azure Sentinel? #SIEM #AI #Analytics #Azure #Security #ContainerInsights

Building on the full range of existing Azure services, Azure Sentinel natively incorporates proven foundations, like Log Analytics, and Logic Apps. Azure Sentinel enriches your investigation and detection with AI, and provides Microsoft’s threat intelligence stream and enables you to bring your own threat intelligence.

Microsoft Azure Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution. Azure Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Read more about Azure Sentinel Preview here

Run a Log Analytics query from Azure Sentinel and use Bookmarks to Hunt

Configure your own Data-Connector to Azure Sentinel Workspace

Read here more about Connecting data sources

Happy Hunting


Leave a comment

Don’t Miss this Awesome #Microsoft BUILD 2019 Event! #Azure #Cloud #MSBuild

Download the Mobile App here

Seattle May 6-8, 2019

Watch live as technology leaders from across industries share the latest breakthroughs and trends, and explore innovative ways to create solutions. After the keynotes, select Microsoft Build sessions will stream live—dive deep into what’s new and what’s next for developer tools and tech.

 

Watch the livestream here: https://www.microsoft.com/en-us/build

  • Discover and experience new ways to build, modernize, and migrate your applications. Get hands-on experiences with tools like Azure Kubernetes Service (AKS) that can help you dynamically scale your application infrastructure.
  • Quickly and easily build, train, and deploy your machine learning models using Azure Machine Learning, Azure Databricks, and ONNX. Uncover insights from all your content—documents, images, and media—with Azure Search and Cognitive Services.
  • Join Microsoft for hands-on learning to discover how tools like Visual Studio live share can help you collaborate with your peers instantly.
  • Come learn how to build an end-to-end continuous delivery pipeline that is fast and secure with Azure DevOps technologies. Spend less time maintaining your toolset and more time focusing on customer value.
  • Understand how frameworks like Xamarin and .NET can help you reach customers on all platforms. Learn how to use the same languages, APIs, and data structures across all mobile development platforms.
  • Learn how mixed reality helps you bring your work and data to life when you need it, and where you need it. Start building secure, collaborative mixed reality solutions today using intelligent services, best-in-class hardware, and cross-platform tools.
  • Learn to connect your devices to the cloud using flexible IoT solutions that integrate with your existing infrastructure. Collect untapped data and form valuable insights that help you create better customer experiences and generate new streams of revenue.

Book your Microsoft Build 2019 sessions via the BUILD Scheduler

Vision Keynote by CEO Satya Nadella

 

 

Windows Insider Program

Azure DevOps

Azure Monitor

Containers

Have a good look which sessions to follow because there are 431 sessions 👍🚀

JOIN Azure DevOps Community

https://www.linkedin.com/groups/12139259/ 

JOIN Containers in the Cloud Community

https://www.linkedin.com/groups/13539967/ 

JOIN Azure Monitor and Security Community https://www.linkedin.com/groups/13517115/