I like to thank you Community for Supporting, Sharing and Reading New Microsoft technologies on my Blog, Twitter, Facebook and
LinkedIn Community Groups 💗 I wish you all happy Holidays, Merry Christmas and a Healthy New Year 2023 may the Best Wishes comes true ! 🎄🥂
I’m very proud and Honored on the Microsoft Global MVP Awards 2022-2023 !
MVP Award for Cloud and Datacenter Management
MVP Award for Windows Insiders
MVP Award for Azure Hybrid
Thank you Microsoft Product Groups, MVP Award Program, Windows Insider Team, Azure Hybrid Team, Windows Server and Azure Stack HCI Team for all your support, NDA PGI sessions, and for the Awesome software, Features, solutions you are building 🙂
Wish you all Happy Holidays, Merry Christmas and a Healthy New Year 2023 may the Best Wishes comes true ! 🎄🥂
Here are some Great links for Reading and Sharing :
JOIN these LinkedIn Community Groups for free and Share New Microsoft Technologies Together:
To keep your Business running, It’s important to secure and monitor your data. One of the security measures is doing Vulnerability assessments in your datacenter(s) to see the status and results for remediation. With Microsoft Azure Arc Defender for Cloud you can do a SQL Server vulnerability assessment in your on-premises datacenter or anywhere with the Azure Arc agent running. Here you find more information about Azure Arc enabled SQL Server
Microsoft Defender for Cloud on Azure Arc enabled SQL Server
Here I activated Microsoft Defender for Cloud on Azure Arc enabled SQL Server, and Azure Defender for Cloud is doing a SQL vulnerability assessment to get the security status and results for remediation.
On this same Azure portal page you will see the Vulnerability assessment findings.
When you Open a Vulnerability finding, you get more information and the remediation for the issue.
Here you see the complete Resource Health of the Azure Arc enabled SQL Server.
Look at the Status of each severity.
Here you see all the vulnerability findings on these four databases.
When you do the remediation you will see the healthy status.
on the Passed tab.
Here I open only the OperationsManager database.
Now you see only the Vulnerability findings on this database.
Here you see a vulnerability finding on the SCOM database with the Remediation 🙂
You can make your Own Workbooks or use them from the Gallery.
Workbook example of Vulnerability Assessment findings.
Conclusion
With Azure Defender for Cloud vulnerability assessment and management you will learn a lot to set your Security Baseline on a higher level in your datacenter(s). Getting the right remediation of Microsoft to solve security issues is Great! You can do your assessments frequently to show your current status on demand. I Really like these Azure Hybrid Tools to make my work easier and the data more secure for the business.
In earlier MVPLABSerie blogpost I wrote about making your on-premises Servers hybrid with Azure Arc enabled Servers.
In my mvplab.local domain, there is a SQL 2022 Cluster running which also has the Azure Connected Machine Agent version 1.24.
One of the benefits of Azure Arc enabled Servers for SQL is that you can do on-demand SQL Health assessments on your SQL Environment in your On-premises Datacenter. In the following step-by-step guide we will prepare the SQL Cluster nodes.
Here you see that the Azure Connected Machine Agent already is installed.
But it will now add the SQL Extension.
Installation Completed Successfully.
Now we have two Azure Arc enabled SQL Servers connected.
Overview of SQL 2022 Node in Azure Arc.
You can see the Databases running.
Here you can set your Admin from Azure Active Directory.
But we want to do a SQL Assessment, but the Azure Monitoring Agent is still missing.
Here you see that the SQL extension is installed.
Now we will add the Azure Monitor Agent to my existing Log Analytics Workspace.
Click on Add
Select Log Analytics Agent – Azure Arc.
Add your Workspace ID
Add your Workspace Kay
Click on Review + Create
Validation Passed.
Azure Monitoring Agent is Installed.
From here you can do the On-Demand SQL Assessments via
Microsoft Azure Arc enabled SQL Servers.
The SQL Server Assessment focuses on several key pillars, including:
SQL Server configuration
Database design
Security
Performance
Always On
Cluster
Upgrade readiness
Error log analysis
Operational Excellence
Example of SQL Server Assessment results.
On each assessment result you get a recommendation from Microsoft so you can make your SQL environment Health and Secure!
Conclusion
To get these health results of your SQL environment is Awesome 🙂 You are in control of your Azure Hybrid Arc enabled SQL Servers to keep them Healthy and Secure. The following Azure Arc enabled SQL Server blogpost is about Azure Defender for Cloud for your SQL Servers. With these two Azure Arc for SQL Server features you get the best Insights to keep your data as save as possible.
In this blogpost of MVPLAB Serie, we are going to install Microsoft SQL Server 2022 CTP2.1 on my Windows Server Insider Preview Cluster in mvplab.local domain. Before this blogpost I installed the following basics in mvplab.local domain :
Now we are going to install the Backend of the datacenter, and that is SQL Server 2022 CTP2.1 on a Cluster resource with the first SQL Instance for databases which is High Available (HA).
SQL Server 2022 Preview is the most Azure-enabled release of SQL Server yet, with continued innovation in security, availability, and performance.
Integration with Azure Synapse Link and Azure Purview enables customers to drive deeper insights, predictions, and governance from their data at scale.
Cloud integration is enhanced with disaster recovery (DR) to Azure SQL Managed Instance, along with no-ETL (extract, transform, and load) connections to cloud analytics, which allow database administrators to manage their data estates with greater flexibility and minimal impact to the end-user.
Performance and scalability are automatically enhanced via built-in query intelligence.
There is choice and flexibility across languages and platforms, including Linux, Windows, and Kubernetes.
Mount the ISO file and Copy the files to a local disk location, then run Setup as Administrator with your personal Domain Administrator Account to install SQL Server 2022 CTP2.1. Before the installation read Configure Cluster accounts in Active Directory (AD)
Click on Yes.
Click on the left on Installation Then Click on New SQL Server Failover Cluster Installation
Here I choose for the Developer edition.
Click on Next
Accept the License terms
Click on Next
Check for Updates (recommended)
Click on Next
Check the Warnings and solve issues.
Click on Next
I Installed only the default for SQL Database.
(You can install later Shared SQL Features if you need them.)
Click on Next
Specify a network name for the New SQL Server Failover Cluster. mvpsql01 Click on Named Instance and type INSTANCE01 Click on Next
Click on Next
Select your Cluster disk
Click on Next
Select IPv4 and type the IP-Address of your Cluster Resource
mvpsql01
Then Click on Next
Select your domain Service accounts and type the passwords. Select if you want Maintenance Tasks privilege to your SQL Server Database Engine Service.
Click Next
Here you can add the SQL Admin Group from Active Directory (AD)
Click on top tab Data Directories
I Changed the User Database Log Directory.
Here you can set your directories.
Have a look at the Other TAB fields, I set Memory later. When you finished all the Tabs then click Next
Check the Summary and click on Install
SQL Server 2022 CTP2.1 Installed Successfully Click on Close.
This was on the first mvpfs01.mvplab.local, now you have to do the installation on the other node mvpfs02.mvplab.local.
Here we will add a SQL Node to the Cluster.
Click on the left on Installation
Then Click on Add Node to a SQL Server Failover Cluster
Add Node in Progress
Add Node to SQL Server 2022 CTP2.1 Failover Cluster is Successful
Click on Close
Here you see your SQL Server 2022 CTP2.1 Cluster Instance Running in Failover Cluster Manager.
Connecting the High Available SQL 2022 CTP2.1 Cluster Resource Instance01.
And you can connect the SQL Instance with Azure Data Studio 😉
With Azure Data Studio you can install marketplace extensions working with your SQL Instance.
Here you find more information about Microsoft Azure Data Studio
I have made a new MVPLAB with Microsoft Windows Server Insider Preview Build 25158 to install Services and Features for learning but also to give Microsoft feedback about the products. When the MVPLAB domain and Clusters are ready in basic then I can use new Microsoft Azure Hybrid solutions as well, like Azure Arc Kubernetes services and Azure Cloud Defender for Servers and SQL.
Before we start, you need to become a Windows Server Insider so that you can download the newest Windows Server Insider Builds ISO.
Here you get more information for the Windows Server Insider Program registrationÂ
After the free registration you can download the new Microsoft Windows Server Insider Builds here :
To Build your Test and innovation LAB with the newest Microsoft technologies, you need a platform to Build on. Of course Microsoft Azure Cloud Services is Awesome to work with and Great to make test environments but I like to make a Azure Hybrid scenario with Azure Cloud and On-premises datacenter services like for example a Microsoft SQL Cluster with Cluster resources / Instances.
So my MVPLAB will be Azure Hybrid and for On-premises I use Windows Server Hyper-V to make virtual servers.
It’s Great when your hardware provider like Dell is Microsoft Azure Stack HCIcompliant to build your Hyper Converged Infrastructure in your on-premises datacenter.
Microsoft Azure Stack HCI Solution
When you work with Microsoft Azure and Azure Stack HCI, you really need Windows Admin Center for Hybrid IT Management.
This is a Great Administrator tool for managing your Windows Servers, Clusters, Azure Stack HCI, and Azure VM’s in a Hybrid environment.
Windows Admin Center Cluster Overview
Now that we have everything and Hyper-V is running, we will build the Following Windows Servers with the Insider Preview Build:
MVPDC01 ( the first domain controller for mvplab.local domain )
MVPStore01 ( ISCSI Target Host for deploying ISCSI Virtual Disks to my Cluster)
MVPFS01 ( Cluster Node 01 of Cluster MVPCL01 )
MVPFS02 ( Cluster Node 02 of Cluster MVPCL01 )
I install all the virtual servers with 50GB local harddisk for OS and start with 4GB of Dynamic Memory and a Nic.
Only the Cluster nodes get two Nics (One for Heartbeat of the Cluster)
This is for my MVPLAB, but for Production environments I always start with 3 Nics ( 1 = Production 2 = Heartbeat 3 = Storage )
In Hyper-V we make a New Virtual Machine with these specifications and we attach the Windows Server Insider Preview Build ISO.
We install Windows Server Insider Preview Build default and after the installation we set the NIC IP-Address on static and gave the Server the name MVPDC01. Then I installed all the Windows Updates, and after that I started Server Manager to install the Active Directory Feature :
Active Directory just follow the wizard and don’t forget to run DCPromo to
build your domain.
Active Directory and DNS is running locally like
mvplab.local
So now is my domain and DNS running in my MVPLAB, but what do I need more first to build a Windows Server Insider Cluster?
We need Shared storage, so we build a Windows Server Insider ISCSI Target Host to provision Shared VHD’s via ISCSI Initiator to the Cluster Nodes.
The Next member Windows Server Insider is MVPStore01.mvplab.local joined in our new domain. Here I installed the iSCSI Host features:
Start Server Manager and the Add Server role : – iSCSI Target Server – iSCSI Target Storage Provider
Click on Install
In Hyper-V Settings of the Virtual Machine MVPStore01, I have installed a extra disk of 25GB so that we can use that for iSCSI Target Host which is now running on this Server. Now we can provision storage when the new Windows Server Insider Cluster MVPCL01.mvplab.local is installed with the iSCSI Initiator to get Cluster storage. So now we are first going to build a Windows Server Insider Cluster and after that we will provision the Cluster Storage.
Installing a Windows Server Cluster with Insider preview Build 25158.
I deployed two member servers MVPFS01.mvplab.local and MVPFS02.mvplab.local into the new domain. they have static IP-Address and are working fine with DNS resolving. On both Servers I installed the Feature Failover Clustering
Failover Clustering Installed.
from here we are going to install the new Windows Server Insider Cluster MVPCL01.mvplab.local
Start Failover Cluster Manager.
Create Cluster.
Click on Next
select the two new Cluster Nodes
Click on Next
Select Yes, run configuration validation tests
Click on Next
Click on Next
Run all tests
Click Next
Confirmation
Click Next
Type in the new Cluster name => mvpcl01
IP-Address => 192.168.2.43
Click Next
Confirmation
Click on Next
Creating Cluster….
We now have a Cluster mvpcl01.mvplab.local running, but without storage and without the witness disk. the iSCSI initiator is running on both Cluster nodes, so now we have to provision storage to the Cluster via the iSCSI Target Host MVPStore01.mvplab.local.
iSCSI Storage provisioning to Windows Server Insider Cluster
via the Server Manager of the iSCSI Target host, we are going to create a new iSCSI Virtual Disk for both Cluster Nodes :
Click on New iSCSI Virtual Disk
iSCSI Virtual Disk Name
Click on Next
Type in the Size I’m using 20GB of 24,9 because I need also a Quorum disk for the Cluster.
Select Fixed Size.
Click on Next.
New iSCSI Target
Click on Next
Give the iSCSI Target a Name
Click on Next
Add the Access Servers via iSCSI Initiator
Click on Next
Here you can set Authentication if you want.
Click on Next
Confirmation
Click on Create
the iSCSI Virtual Disk is successfully created.
the iSCSI Target VHD is not connected yet.
Now we connect with iSCSI Initiator from the Cluster Nodes.
The work on iSCSI Taget Host MVPStore01.mvplab.local is Done.
When you start the iSCSI Initiator it will set the services and the firewall settings on the Server.
You have to do this on both Cluster nodes.
First we add the Target portal and that is our iSCSI Taget Host MVPStore01.mvplab.local with
IP-Address 192.168.2.46 with port 3260.
This is under the discovery tab.
Select Targets tab
you see the Target mvpstore01 Inactive.
Select and click on Connect.
If you had Multi-path IO running, you could enable Multipath too.
Click on Ok
The iSCSI Taget Virtual Disk is connected.
On the iSCSI Target Host MVPStore01.mvplab.local is the target now also in Connected status.
You now can now bring the 20GB disk Online via Disk Management and give it a drive letter
for the Cluster.
Then you can add the 20GB disk via Storage of Cluster Manager tool.
You can make Cluster Shared Volume.
I made a Cluster for a SQL Instance and I made
a 2GB iSCSI Taget VHD for the Witness Disk.
So Now we have Cluster storage running and failovers are working, now we need to configure Quorum witness disk via
Failover Cluster Manager.
Go to more actions on the Cluster.
Configure Cluster Quorum
Click on Next
Select the quorum witness
Click on Next
You can configure your witness on different locations.
I will select our 2GB witness disk on our Cluster
Select the Quorum disk
Click on Next
Confirmation
Click on Next
You have successfully configured the quorum settings for the Cluster
Click on Finish
Witness disk is running.
So my Microsoft Windows Server Insider Cluster is ready for workloads, if you want to you can run a Cluster validation to see
if everything is okay. Now my MVPLAB is ready for the next installation on my Cluster and that is :
Installing the Newest SQL Server 2022 CTP2.1 on my Windows Server Insider Cluster.
But that will be a next Blogpost : Installing SQL Server 2022 CTP2.1 on a Windows Server Cluster 😉
Follow me on Twitter : @Jamesvandenberg
Microsoft Azure ARC and Manage your Infrastructure
Azure Arc for servers (preview) allows you to manage your Windows and Linux machines hosted outside of Azure on your corporate network or other cloud provider, similarly to how you manage native Azure virtual machines. When a hybrid machine is connected to Azure, it becomes a connected machine and is treated as a resource in Azure.
Azure ARC
Generate a script to onboard target machine.
Read more here for connecting hybrid Machine.
This blogpost is about the Microsoft Azure Migrate tool in the Cloud doing Azure Migrate assessments to see if your on-premises Datacenter is ready for Azure Cloud Services. Before you migrate your workloads with Azure Migrate to the Microsoft Azure Cloud, you want to know the costs before the migration and what your options are in the transition. For example when you have hardware in your on-premises Datacenter which is too high qua hardware specs like Memory, CPU and storage and you can do with less Compute power, then the performance assessments are really interesting. From here you see a step-by-step guide for VMWare workload assessment(s) to Azure Cloud.
Azure Migrate preparation for VMware workload
When you search for ‘Azure Migrate’in your Azure Subscription and click on the services you will see the Azure Migrate Overview screen. When you don’t have a Microsoft Azure subscription yet, you can get one here
Click on Assess and Migrate Servers.
Before we go further with the server migration assessments for VMware, there are more Azure Migration tools available to do assessments and migrations like the following goals :
For Databases Microsoft Azure Migrate uses the Data Migration Assistant for the Assessment and the Data migration to Azure SQL Cloud.
The Data Migration Assistant (DMA) helps you upgrade to a modern data platform by detecting compatibility issues that can impact database functionality in your new version of SQL Server or Azure SQL Database. DMA recommends performance and reliability improvements for your target environment and allows you to move your schema, data, and uncontained objects from your source server to your target server.
To identify the right Azure SQL Database / Managed Instance SKU for your on-premises Database you can use the CLI with a Script :
When you have a Virtual Desktop Infrastructure on-premises and you want to migrate to Windows Virtual Desktop (WVD) you can use this Azure Migrate tool :
ISV Lakeside with SysTrack
You can vote for the tools or scenarios that you would like to be integrated with Azure Migrate via this Online form
When you are in the beginning of your Cloud Transition journey, what will go first to the Cloud?
On-premises mail to Microsoft Office 365
File Server Clusters to Office 365 into Teams, Onedrive for Business
From Apps On-premises to SaaS or Paas solutions
From On-premises Websites to Azure Cloud Solutions like Azure Web App.
From SQL Clusters On-Premises to Azure SQL Managed Instances in the Cloud
And at last Migrate Servers to Azure IaaS
Of course there are much more scenarios like Lift and Shift or modernize your workload in the Cloud like moving to Azure Kubernetes Servicesfor example instead of IaaS Virtual Machines.
So when you want to start moving your On-premises Website(s) or WebApp, Microsoft Azure Migrate Services has a tool for that too :
At last when you have to move a big enterprise On-premises Datacenter to the Azure Cloud with a lot of Servers for example 10.000, you can use Azure Data Box Migration The Microsoft Azure Data Box cloud solution lets you send terabytes of data into Azure in a quick, inexpensive, and reliable way. The secure data transfer is accelerated by shipping you a proprietary Data Box storage device. Each storage device has a maximum usable storage capacity of 80 TB and is transported to your datacenter through a regional carrier. The device has a rugged casing to protect and secure data during the transit.
Microsoft Azure Migrate assessment for VMware platform
First we make the Azure Migrate Project ready in the Microsoft Azure Portal.
Select the right Azure Subscription and Resource group to collect the metadata reported by your On-premises environment. Give your Migrate project a name and select the geography.
Here you can select from different Assessment Tools Select Azure Migrate Server Assessment
Here you can select from different Migration Tools Select Azure Migrate Server Migration
Add your Tools in the Azure Portal.
Here you see both Microsoft Azure Migrate tools for the Assessment and the Migration as well.
We are going for the Assessment quick start, so click on discover
From here we select with VMware vShere Hypervisor, so you can download the Azure Migrate Appliance for VMware ( 12GB Ova file).
You can also work with an Import CSV file but that’s Preview.
When you have installed the Microsoft Azure Migrate Virtual Appliance for VMware successfully in your environment and has access to all the Virtual Machines then you can run the setup in the Appliance to make connectivity with your Azure subscription.
This will check all the prerequisites and get the updates.
Getting access to vCenter Server with the right permissions.
Now when your Azure Migrate Virtual Appliance for VMware is ready and collecting metadata, we see in the Microsoft Azure Portal the discovery running :
Discovery is in Progress.
After a view minutes we have discovered the Servers running on VMware platform On-premises.
Discovered Servers
Now we have the Servers in our metadata, we can do the Assessment(s) to get all the information we want for preparing to migrate to Azure Cloud Services. Click on Assess.
From here you give the Assessment a name and then you go to the properties of the assessment by clicking on View All
Here you can set the parameters for the assessment for example based on :
Reserved instances
Storage types
Sizing criterion like Performance-Based
Percentile Utilization
Azure VM series to use
Discount
VM Uptime
Offer pricing like Enterprise Agreement Support or Pay-As-You-Go
Hybrid Benefit offer.
Here I made different Azure Migrate Assessment groups with different parameters to see the difference in Costs.
Here you see for example Migrate As Is On-Premises and Performance-Based, but also an Azure Migrate Assessment without SQL Cluster Nodes. In this way you can make your own Azure Migrate Assessment with all your Servers or just a view Servers of your On-premises solution which you want to Migrate to Azure Cloud Services.
Overview of your Azure Migrate Assessment
Server is ready for migration
Server Ready but with conditions
Microsoft Azure Migrate gives you all the information to make the right decisions to migrate you workload from VMware to Microsoft Azure Cloud. When the Azure Migrate Assessment(s) are ready you can make a CSV export file to check the information before you migrate.
Overview of the Azure Migrate Assessment
Azure Migrate Assessment based on Performance for the VM
and there is a separated tab for Storage.
When your assessment is done, you can do the migration by replicating them to Microsoft Azure.
Microsoft Azure Migrate gives you insight information about your own On-Premises Datacenter by doing assessments to get the right migration information to move to Microsoft Azure Cloud. It gives you Azure Cloud costs before you do any migration at all, based on Total Cost of Owner (TCO) ship you can calculate if your solution in the Microsoft Azure Cloud is cheaper or not. Realize that’s it is not always about the money but also :
Innovations
Time to market
New Features
Flexibility
Scalability
Availability
Not owning hardware anymore
Less management (Hardware)
Hope this blog post helps you by your transition journey to Microsoft Azure Cloud
You also can create a Private or Public Repository on GitHuband store your ARM Templates there in a Library.
GitHub Learning Lab
Learn new skills by completing fun, realistic projects in your very own GitHub repository. Get advice and helpful feedback from our friendly Learning Lab bot.
Create a SQL Server 2014 Always On Availability Group in an existing Azure VNET and an existing Active Directory instance via GitHub :
## Set Cluster Parameters: $ClusterNetworkName = “Cluster Network 1” # the cluster network name (Use Get-ClusterNetwork on Windows Server 2012 of higher to find the name) $IPResourceName = “IPlistener” # the IP Address resource name $ListenerILBIP = “10.x.x.x” # the IP Address of the Internal Load Balancer (ILB). This is the static IP address for the load balancer you configured in the Azure portal. [int]$ListenerProbePort = 80
Before you start with your SQL workloads from On-premises Datacenter on Microsoft Azure, have a look if PaaS Azure SQL Managed Instances is something for your Organization with all the benefits.
What is Microsoft Azure SQL Managed Instance?
Managed instance is a new deployment option of Azure SQL Database, providing near 100% compatibility with the latest SQL Server on-premises (Enterprise Edition) Database Engine, providing a native virtual network (VNet) implementation that addresses common security concerns, and a business model favorable for on-premises SQL Server customers. The managed instance deployment model allows existing SQL Server customers to lift and shift their on-premises applications to the cloud with minimal application and database changes. At the same time, the managed instance deployment option preserves all PaaS capabilities (automatic patching and version updates, automated backups, high-availability ), that drastically reduces management overhead and TCO.
When you have a lot of SQL workloads and want to go to Microsoft Azure Cloud Services, analyze your existing workloads well and have a look first at Microsoft Azure SQL Managed Instances. With this Azure PaaS Service, you don’t have to manage the Complete Infrastructure like in a SQL Always-On Cluster (IaaS).
Have a good look at the requirements and Microsoft Data Migration Services can help you out.