Now is the time. Join your global partner community for the Microsoft Inspire digital event experience. Register today and get ready to extend your partner network as we explore whatās coming in the year ahead and work together to find shared solutions for our customers. Join Microsoft Inspire 2020 Global Event on July 21-22 Now at no Cost!
Earlier I wrote a blogpost about Microsoft Azure Arc services installation to manage on-premises Servers with Azure Cloud Services, like Azure Monitor and Azure Security Centre from the Cloud.
Here in this post you will see the Newest Microsoft Azure Cloud Services to Manage and Monitor your Servers on-premises with security and compliance included.
Azure Arc Extensions settings of the Server.
Here you can see we have installed the Microsoft Monitoring Agent for Azure Monitor and log analytics, second we have installed the dependency Agent for Windows for
insights, Performance and Service maps. Here you find more information aboutĀ Virtual machine extension management with Azure Arc for servers (preview)Ā Ā
After initial deployment of the Azure Arc for servers (preview) Connected Machine agent for Windows or Linux, you may need to reconfigure the agent, upgrade it, or remove it from the computer if it has reached the retirement stage in its lifecycle. You can easily manage these routine maintenance tasks manually or through automation, which reduces both operational error and expenses.
Managing and maintaining the Connected Machine agent
Azure Arc Insights Performance monitor
The Azure Arc Insights Performance monitor is there by default and installed with the following dashboards :
Azure Arc Logs Analytics
Of course you can make your own custom Dashboards in the Azure Portal with your own triggers, so in this way you get the same Azure Monitor Innovative Tools for your On-Premises Servers. š
Within Microsoft Azure Arc Insights, you can also see a Service Map of the Server
Here is were the dependency agent comes in, you get a service map of the Server and see the communication lines with other resources. In this picture you see Server Yoda01 a Domain Controller of my MVPLAB.
You can see that there are three Clients are logged on the domain controller.
One of the most powerful and important features of Microsoft Azure Cloud platform is Security! Microsoft Azure Security Center (ASC)Ā is a unified infrastructure security management system that strengthens the security posture of your data centers, and provides advanced threat protection across your hybrid workloads in the cloud – whether they’re in Azure or not – as well as on premises.
Here you see my Azure Arc Servers (On-Premises) in Azure Security Center.
Azure Arc Server in Azure Security Center recommendations Summary
Five security assessments passed the test, but Azure Security assessment has two recommendations one is Medium Risk and one low.
Here you see the Security advise and the Remediation to take action on your Server.
Microsoft Azure Security Center Overview with the Overall Secure Score.
Security controlsĀ – Each control is a logical group of related security recommendations, and reflects your vulnerable attack surfaces. A control is a set of security recommendations, with instructions that help you implement those recommendations. Your score only improves when you remediateĀ allĀ of the recommendations for a single resource within a control.
To immediately see how well your organization is securing each individual attack surface, review the scores for each security control.
Ā Here you find More information about Azure Security Center Secure Score
To get your Azure Arc Servers (On-premises) complaint for the business and security, you can use Microsoft Azure Arc Policies
Azure Arc Policies to meet your Compliance state.
Microsoft is bringing Azure Cloud Power tools everywhere with Azure Arc Services to give you modern tools like Azure Monitor and Azure Security Center to keep you in control, Secure and Compliant for your business. Keep following Microsoft for Hybrid IT Management, because more awesome features are added every day in Microsoft Azure Cloud Services. Let’s start to get your Azure Security Score UP and UP š
Download this e-book to learn about Azure Migrate, Microsoft’s central hub of tools for cloud migration. In this e-book, Microsoft will cover:
Download the Free Azure Migrate E-Book here
More information about Microsoft Azure Migrate Tools on my Blog :
Microsoft Azure Migrate Assessments in Action VMWare to Cloud
Azure Arc for servers (preview) allows you to manage your Windows and Linux machines hosted outside of Azure on your corporate network or other cloud provider, similarly to how you manage native Azure virtual machines. When a hybrid machine is connected to Azure, it becomes a connected machine and is treated as a resource in Azure.
Azure ARC
Generate a script to onboard target machine.
Read more here for connecting hybrid Machine.
Connect hybrid machines to Azure from the Azure portal
The latest Azure ARC 2020 Updates via Microsoft Mechanics with Travis Wright
Microsoft Windows Admin Center is a web based App working in your modern browser like Edge or Chrome to manage your datacenter infrastructure. You can download it here
You can manage Windows Servers, Windows10 Desktops, Clusters, Hyperconverged Clusters, Storage Spaces Direct and more in a Hybrid environment and that’s what I like.
My Servers can be on-premises or in the Cloud like Azure and will manage them with Windows Admin Center.
Download the Windows Admin Center Overview Poster
Here you find all the Microsoft documentation about Windows Admin Center
When you have Windows Admin Center running you can register with Microsoft Azure first in the settings of Windows Admin Center.
Register to your Azure Subscription, just follow the instructions.
Install Azure Backup Extension at Available extensions.
From here the basic settings are done and we will have a look at my MVP LAB to backup a virtual Server.
Windows Admin Center in Domain MVPLAB.CLOUD
I have selected stormtrooper01.mvplab.cloud Windows Server 2019 and on the left Azure Backup.
You can read here more about Microsoft Azure Backup
Click on setup Azure Backup.
Here you select the Azure Subscription and the Backup Vault
and this will be a system state backup.
Next Step is Backup Schedule and Encryption key.
IMPORTANT: Keep this Encryption key somewhere save !
You need this key for recovery and Microsoft does not have access to that key.
Azure Backup Schedule settings.
When you apply here it will setup the Azure backup agent and your policies.
Backup is scheduled.
Here I did the Backup by hand.
Here you see the backup in the Azure Backup Vault.
Backup done via Windows Admin Center š
Here you see a video from Microsoft Mechanics at Ignite with Jeff Woolsey
Follow Windows Admin Center here on Twitter
Don’t forget to give feedback or great ideas !
In the following steps we install Docker for Windows enterprise on a Windows Server 2019 which is running on a hypervisor platform in this case VMware to run a Linux container in the Datacenter.
When you are on a virtualization platform like Hyper-V or VMware and you have installed de Virtual machine with Microsoft Windows Server 2019 Standard edition, you must make the virtual processors ready for virtualization.
(Nested Virtualization) otherwise you can’t install Hyper-V on VMware.
This is the error you get.
Enable this feature for virtualization to the guest OS for VMware.
When you run Microsoft Hyper-V you have to activate nested virtualization
It’s like this in PowerShell : Set-VMProcessor -VMName <VMName> -ExposeVirtualizationExtensions $true
Before you install Docker enterprise for Windows Server you have to install the Hyper-V Role and the Container Feature:
Hyper-V Role Installed
Containers Feature installed.
via Powershell is like this :
Install-WindowsFeature -Name Hyper-V,Containers -IncludeAllSubFeature -IncludeManagementTools
Now we have all the prerequisites installed on Microsoft Windows Server 2019, we can begin with Docker for Windows Enterprise via Powershell in Administrators modus :
Command: Install-Module DockerMSFTProvider
Then you type the following commands:
Import-Module -Name DockerMSFTProvider -Force
Import-Packageprovider -Name DockerMSFTProvider -Force
Command:Ā Install-Package -Name Docker -Source DockerDefault
Now we have Docker EE version 19.03.5 installed for Windows Server 2019.
It’s ready for Windows Containers.
But we want to run linux containers,
Now that we have Docker installed, we need to make some changes to the default configuration to enable support for Linux Containers.Ā This involves setting an Environment variable and creating a docker daemon configuration file.
—————————————————-
# Set LCOW_SUPPORTED Variable to 1 for enabled
[Environment]::SetEnvironmentVariable(“LCOW_SUPPORTED”, “1”, “Machine”)
Ā # Enable Experimental Features in Docker daemon.conf
$configfile = @”
{
Ā Ā Ā “experimental”: true
}
“@
$configfile|Out-File -FilePath C:\ProgramData\docker\config\daemon.json -Encoding ascii -Force
——————————————————
Because Linux Containers still need a Linux kernel, we need to deploy LCOW for it to run :
Invoke-WebRequest -Uri “https://github.com/linuxkit/lcow/releases/download/v4.14.35-v0.3.9/release.zip” -UseBasicParsing -OutFile release.zip
Expand-Archive release.zip -DestinationPath “$Env:ProgramFiles\Linux Containers\.”
Now you have to reboot the Server.
Ready for running Linux Containers.
To make Linux containers the Default you can set this environment setting :
[Environment]::SetEnvironmentVariable(“LCOW_API_PLATFORM_IF_OMITTED”, “linux”, “Machine”)
Here you can read how to Pull docker Linux images to your Docker Host on Windows Server 2019
What is handy to use is Microsoft Visual Studio Code with the Docker Extension.
Wish you all the Best with Deploying Containers.
Microsoft Virtual Training Day | NLĀ this Wednesday March 11th. This day will be full of technical sessions based on our Microsoft Learning Paths.
Explore the tracks
We offer 7 tracks including 5 sessions per track, based on the Learning Paths of Azure Cloud Native, Azure Data, Azure Infra & Ops, Business Applications, Power Platform, Modern Workplace and Surface. On the day itself you can join sessions of different tracks. Please register your sessions here :
Microsoft Azure Stack is a family of products and solutions that extend Azure to your datacenter or the edge. Includes Azure Stack Hub, Azure Stack HCI, and Azure Stack Edge.
Here you find all the information you need about the Microsoft Azure Stack Family
Here you find the Azure Stack HCI Overview
The Power of Hybrid IT Management is awesome with Azure Hybrid Services for your Servers with Microsoft Windows Admin Center. While you can set up most Azure hybrid services by downloading an app and doing some manual configuration, many are integrated directly into Windows Admin Center to provide a simplified setup experience and a server-centric view of the services. Windows Admin Center also provides convenient intelligent hyperlinks to the Azure portal to see connected Azure resources as well as a centralized view of your hybrid environment.
Hybrid IT Management with Azure Family and Windows Admin Center.
See here the Differences between global Azure, Azure Stack, and Azure Stack HCI
I really like to work with Microsoft Windows Admin Center for managing my Hybrid workloads Windows Servers in Azure Cloud Services but also our On-premises Servers on Hyper-V and VMware platform. Even our physical Windows Servers can be managed from Windows Admin Center.
You can extend on-premises deployments of Windows Server to the cloud by using Azure hybrid services. These cloud services provide an array of useful functions, including the following:
Azure hybrid services work with Windows Servers in the following configurations:
I’m working with Windows Admin Center since day one, and you see the hybrid management tool evolving with great new features to make your life as an Administrator more easier. For example you get notifications when there are updates in extensions.
Notification details about update Extensions
When you click on the link “Go to Extensions”Ā you will see the Extensions installed and the Updates which you can install from there.
Here you see an Azure Security Center Extension update.
There are not only Microsoft extensions, but also third party solution extensions and you could build your own extension for your solution. Here you find all the information about Windows Admin Center Extensions
Third Party Windows Admin Center Extensions
Installing a New extension is easy to do, the Azure Cloud Shell (Preview) was the last extension I installed in my Azure MVP Lab to work with. Azure Cloud Shell is an interactive, authenticated, browser-accessible shell for managing Azure resources. It provides the flexibility of choosing the shell experience that best suits the way you work, either Bash or PowerShell. Cloud Shell enables access to a browser-based command-line experience built with Azure management tasks in mind. So how does this look in Windows Admin Center?
Install the Azure Cloud Shell (Preview) Extension
You find the Installed Azure Cloud Shell in the pulldown menu of WAC
Copy your code here https://microsoft.com/devicelogin
You will see this screen when you copy-paste the code
When you go back to Windows Admin Center you will see you are connected with Azure Cloud Shell CLI š
Azure Cloud Shell in Windows Admin Center
from here you can manage all your Azure Cloud Services via the Azure Cloud Shell CLI with Bash or Powershell.
Here you find more about Microsoft Azure Cloud Shell tools and Features.
you can add an Azure Network Adapter to your on-premises servers to help you securely connect the server to an Azure Virtual Network.
Read more about adding Microsoft Azure Network Adapter (Preview) in the top 10 Features of Windows Server 2019. Nice link speed of 40 Gbps š
For Management of your Windows Servers you need some tools and consoles. Windows Admin Center is supporting you to get the Management consoles in one place to do your administration and updates.
The next tree Features are in Windows Admin Center to manage your Windows Server.
Powershell inside WAC of my Domain Controller
Windows PowerShell is a task-based command-line shell and scripting language designed especially for system administration. Built on the .NET Framework, Windows PowerShell helps IT professionals and power users control and automate the administration of the Windows operating system and applications that run on Windows.
Here you find more information about Windows Commands
Windows Update in Windows Admin Center.
Of course you need to update your Windows Servers, and what I like in WAC is that you get the information if an update needs a reboot before you click on Install Updates. This option is good for my Azure MVP Lab but when you need to update more then 100 Servers, you would do that centrally managed like with Update Management solution in Azure
Windows Remote Desktop in WAC
Remote Desktop is one of the Features of Windows Admin Center, to take over the desktop for installations of Applications for example.
Windows Admin Center got a lot more Features and Tools to Manage your Windows Servers in a Hybrid world.
Like these :
You can install the following Resources to Manage with WAC
Windows Admin Center Overview
Microsoft Windows Admin Center is the New Management tool for your Hybrid IT Management to Controle your Servers for your Business. It got all the Management consoles covered of Windows Servers to manage from one tool.
It’s easy to use and It keeps you Up-to-date of what is happening on your Windows Server but also what is New and updated. With Microsoft Windows Admin Center your are learning on the job and that’s what I Like š
Hope you will use Microsoft Windows Admin Center too for your Business, download it here for Free!
You don’t want to miss this Awesome Microsoft Ignite 2019 Event of the Year in Orlando, Florida !
If you can’t attend, don’t worry you can follow the Live Stream of MS Ignite here
Or here on Microsoft Ignite YouTube Channel
Have a look at the Microsoft Ignite 2019 Agenda
Plan your sessions for Microsoft Ignite 2019 ( More 1000+)
Download the Microsoft Events Mobile App for MS Ignite 2019 here
Follow @MS_Ignite on Twitter here
