Last updated by at .

  • Microsoft Azure
  • Virtual Machine Manager

Category: Windows Server 2012

Distinguished Judges for the UCS Power Scripting Contest

Cisco UCS PowerShell Scripting Contest

In the Microsoft world PowerShell is the tool to automate everything especially in your datacenter. I already mentioned that Cisco offers some great enhancements for the Microsoft Datacenter stack. If you are using a Cisco UCS solution you can integrate System Center Virtual Machine Manager, Orchestrator and others. But Cisco does also offer a PowerShell module for the UCS called Cisco UCS PowerTool. The UCS PowerTool allows you to automate management and deployment tasks very easily via Windows PowerShell. By the way, one of the coolest features in the Cisco UCS PowerTool is the ConvertTo-UCScmdlet.

Cisco announced the UCS Power Scripting Contest

Everyone is invited to share their scripts and possibly win some prizes by entering the UCS Power Scripting Contest on the Cisco Communities.  The contest will run until May 11th.  A distinguished panel of judges (Jeffery Snover, Rob Willis, Don Jones, Hal Rottenberg and Thomas Maurer) along with other members of the community will select the grand prize winner from a set of five finalists.

Distinguished Judges for the UCS Power Scripting Contest

I am proud to be one of the Distinguished Judges for the UCS Power Scripting Contest and I hope we will see some great solutions. To get more information about the contest check out the Cisco Blog from Bill Shields and the UCS Power Scripting Contest website.



CLIXML Export Import

Save PowerShell Object to file for Remote Troubleshooting

This is not something new to the most of you PowerShell guys out there, but still there are a lot of IT Pros which do not know about this. Sometimes we have to do some remote troubleshooting without having access to the system itself. The thing you can do is to let the customer send you some screenshots but that doesn’t really show everything and maybe you have to contact the customer like 100 times to get the right information. A better solution is to let the customer to run a PowerShell command or script and send you the output. But even a text file or screenshot of the PowerShell output is not the best solution. If you get a lot of text in a TXT file it is hard to sort it and maybe there are some information missing because the txt output does not include all information of the PowerShell object.

I have started to use a simple method to export PowerShell objects to a XML file and import the object on another system. This can be done by the PowerShell cmdlets Export-Clixml and Import-Clixml.

What I do is, I tell the customer to run the following command to generate a XML with the PowerShell objects about his disks for example.

After I got this XML file, I can import it here on my local system and can work with it as I would be in front of the customer system.

CLIXML Export Import

As I said, this is nothing new but this can save you and your customer some time. Of course this works with other objects not just disks ;-) For example you can get Cluster Configurations, Hyper-V Virtual Switch Configurations and much more.

 

 



Windows Azure Pack Architecture

Some days ago I wrote about Windows Azure Pack which basically brings Windows Azure Services to your datacenter on top of Windows Server and System Center. I also showed a little overview how the overall architecture looks like, including the different resource providers such as VM Cloud or SQL Server.

Overall Architecture

Windows Azure Pack Archtiecture Overview

Components

If you a look on the Windows Azure Pack you have 7 different components, which need to be installed.

Service Management APIs

  • Windows Azure Pack Admin API – The Windows Azure Pack Admin API exposes functionality to complete administrative tasks from the management portal for administrators or through the use of Windows PowerShell cmdlets.
  • Windows Azure Pack Tenant API – Windows Azure Pack Tenant API enables users, or tenants, to manage and configure cloud services that are included in the plans that they subscribe to.
  • Windows Azure Pack Tenant Public API – Windows Azure Pack Tenant Public API enables end users to manage and configure cloud services that are included in the plans that they subscribe to. The Tenant Public API is designed to serve all the requirements of end users that subscribe to the various services that a hosting service provider provides.

Authentication sites

  • Admin Authentication Site - This is the authentication site where Administrators authenticate against. By default, Windows Azure Pack uses Windows authentication for the administration portal. You also have the option to use Windows Azure Active Directory Federation Services (AD FS) to authenticate users.
  • Tenant Authentication Site – This is the authentication site where Tenants (Customers) authenticate against. Windows Azure Pack uses an ASP.NET Membership provider to provide authentication for the management portal for tenants.

Service Management portals

  • Management portal for administrators - A portal for administrators to configure and manage resource clouds, user accounts, tenant plans, quotas, and pricing. In this portal, administrators create Web Site clouds, virtual machine private clouds, create plans, and manage user subscriptions.
  • Management portal for tenants - A customizable self-service portal to provision, monitor, and manage services. In this portal, users sign up for services and create services, virtual machines, and databases.

Source: TechNet

In addition to the Windows Azure Pack components you also have the Resource providers such as VM Cloud (IaaS), Websites, SQL and more, which integrate in WAP.

Design

You can install all of the Windows Azure Pack components on different servers and also make them highly available and scalable. First you have to understand that there are multiple types of components, you have the Tenant Portal, Tenant authentication site and the tenant public API which are public and should be accessible for the customers, Tenant API, Admin API, Admin Portal, Admin Authentication site as well as the SQL database behind are so called privileged services which should be protected.

Windows Azure Pack ditributed deployment architecture

 

Microsoft describes several different scenarios which you can mix. The minimal installation shows you two “servers” or tiers, one for the public facing services and one for the privileged services. To make them highly available you would have two servers for each tiers behind a load balancer.

Windows Azure Pack minimal deployment architecture

The make the deployment more scalable you can split up the different components on different tiers.

Windows Azure Pack scaled deployment architecture

Well and Microsoft also offers you an express installation which should only be used for lab or proof of concept installations. This installs all the needed components on to a single server.

Windows Azure Pack Express Deployment

At the end you and the customer have to decide how you deploy your environment based on scale, availability and security. You can get more information about the Windows Azure Pack Architecture on TechNet.



Hyper-V Gernal Access dinied error

Hyper-V over SMB: Set SMB Constrained Delegation via PowerShell

When you are having configured a Hyper-V over SMB configuration, which means the virtual machines are running on Hyper-V host and are stored on a SMB file share, and you try to manage the virtual machine remotely from Hyper-V Manager or Failover Cluster Manager, you will run into access denied errors. The same error can also happen if you try live migrate the virtual machine. This error is caused because you are using the credentials from the machine which Hyper-V or Failover Cluster Manager is running on to access the file share via the Hyper-V host. This “double-hop” scenario is not by default not allowed because of security reasons. You can find more about Kerberos Authentication on TechNet.

To avoid this error you have to configure the SMB Constrained Delegation in Active Directory to allow this scenario for specific “double-hops”. In Windows Server 2012 Microsoft made setting up Kerberos constrained delegation much easier by introducing resource-based Kerberos Constrained Delegation. This it wasn’t that easy to deploy and required some step. In Windows Server 2012 R2 Microsoft introduced new Windows PowerShell cmdlets to configure SMB Constrained Delegation directly from PowerShell. These cmdlets are offered by the Active Directory PowerShell module.

On your management box or where ever you want to configure SMB Constrained Delegation you have to install the Active Directory PowerShell module. (You don’t need the module on the Hyper-V host or SMB file servers)

Now you can use the following cmdlets.

  • Get-SmbDelegation –SmbServer FileServer
  • Enable-SmbDelegation –SmbServer FileServer –SmbClient HyperVHost
  • Disable-SmbDelegation –SmbServer FileServer [–SmbClient HyperVHost] [-Force]

For example if you are running a two node Hyper-V cluster and you use a Scale-Out File Server cluster (SOFS01) as virtual machine storage, the configuration could look like this.

Because these cmdlets only work with the new resource-based delegation, the Active Directory forest must be in “Windows Server 2012” functional level. A functional level of Windows Server 2012 R2 is not required.

And as I mentioned before you can also use System Center Virtual Machine Manager (VMM) to manage your storage, which uses a different approach and does not need the configuration of Kerberos Constrained Delegation.

 



Windows Server 2012 Logo

Configure CSV Cache in Windows Server 2012 R2

In Windows Server 2012 Microsoft introduced CSV Cache for Windows Server 2012 Hyper-V and Scale-Out File Server Clusters. The CSV Block Cache is basically a RAM cache which allows you to cache read IOPS in the Memory of the Hyper-V or the Scale-Out File Server Cluster nodes. In Windows Server 2012 you had to set the CSV Block Cache and enable it on every CSV volume. In Windows Server 2012 R2 CSV Block cache is by default enabled for every CSV volume but the size of the CSV Cache is set to zero, which means the only thing you have to do is to set the size of the cache.

Microsoft recommends using 512MB as cache on a Hyper-V host. On a Scale-Out File Server node, things are a little bit different. In Windows Server 2012 Microsoft allowed you to use a cache size up to 20% of the server, in Windows Server 2012 R2 Microsoft changed this, so you can now finally use up to 80% of the RAM of a Scale-Out File Server Node.

Back in the days of Windows Server 2012 I made a little benchmark of CSV Cache on my Hyper-V hosts.



Sort Network Adapter via PowerShell

Sort Windows Network Adapter by PCI Slot via PowerShell

If you work with Windows, Windows Server or Hyper-V you know that before Windows Server 2012 Windows named the network adapters randomly. This was a huge deal if you were trying to automate deployment of servers with multiple network adapters. And of course Hyper-V Servers normally have multiple network adapters. In Windows Server 2012 Microsoft had some different ways how this was fixed. First there is CDN (Consistent Device Naming) which allows hardware vendors to integrate the names so the OS can pick them up and the second one being the possibility of Hyper-V Converged Fabric which is basically making our lives easier by having less network adapters.

Well a lot of vendors have not integrated CDN or you have some old servers without CDN support. Back in May 2012 before the release of Windows Server 2012 I wrote a little Windows PowerShell script to sort network adapters in Windows Server 2008 R2 and Hyper-V Server 2008 R2 by using WMI (Configure Hyper-V Host Network Adapters Like A Boss). Now for a Cisco UCS project I rewrote some parts of the script to use Windows PowerShell in for Windows Server 2012, Windows Server 2012 R2 and Hyper-V.

First lets have a look how you can get the PCI slot information for network adapters, luckily there is now a PowerShell cmdlet for this.

Now lets see how you can sort network adapters via Windows PowerShell.

This will get you a output like this:

Sort Network Adapter via PowerShell

Lets do a little loop to automatically name them:

So this names all the network adapters to NIC1, NIC2, NIC3,…

So lets do a PowerShell function for this:

Now you can run this by using Sort-NetworkAdapter for exmaple:

or

You can also get this script from the Microsoft Technet Gallery or Script Center.



Capacity Planner for Hyper-V Replica

Capacity Planner for Hyper-V Replica updated

Back in 2013 Microsoft released a tool called Capacity Planner for Hyper-V Replica. Hyper-V Replica Capacity Planner allowed IT Administrators to measure and plan their Replica integration based on the workload, storage, network, and server characteristics. Today Aashish Ramdas announced on the TechNet Virtualization blog that Microsoft has updated the Hyper-V Replica Capacity Planner. The new version now support Windows Server 2012 R2 Hyper-V, Windows Azure Hyper-V Recovery Manager and some other cool stuff based on the feedback of customers.

  • Support for Windows Server 2012 and Windows Server 2012 R2 in a single tool
  • Support for Extended Replication
  • Support for virtual disks placed on NTFS, CSVFS, and SMB shares
  • Monitoring of multiple standalone hosts simultaneously
  • Improved performance and scale – up to 100 VMs in parallel
  • Replica site input is optional – for those still in the planning stage of a DR strategy
  • Report improvements – e.g.: reporting the peak utilization of resources also
  • Improved guidance in documentation
  • Improved workflow and user experience

It’s great to see Microsoft improving free tools which help implement their solutions.