Category: Microsoft Azure Stack

Last updated by at .

Azure Stack

Azure Stack Roadmap – Update 12 February 2018

I often get ask about the Azure Stack roadmap and when new services, features and improvements will be integrated into Microsoft Azure Stack. Microsoft just released some new official update on the Azure roadmap page.

Microsoft listed some new features and improvements like:

  • Azure Stack integrated systems with 16 node scale units
    We are working on increasing the maximum number of nodes in a scale unit to 16 so that Azure Stack operators can configure a larger Azure Stack deployment. This entry applies primarily to an Azure Stack operator.
  • Azure Stack support for Azure Backup
    We’re developing the ability for Azure Stack operators to backup and recover guest OS, data disks, and volumes using Azure Backup. When complete, this new ability will give operators more options when developing a backup strategy for Azure Stack.
  • Azure Stack security—drift detection
    New and updated features are being developed to help Azure Stack operators determine if their Azure Stack integrated system has been tampered with, enhancing the Azure Stack security posture. Additionally, they will be able to remediate if configuration has drifted.
  • Azure Stack security—updated audit collection
    Azure Stack operators will be happy to hear that new and updated features are being developed to ensure Azure Stack integrated systems are “hardened by default,” meaning that since the infrastructure runs on well-defined hardware and software, we enable, configure, and validate security features that are usually left to customers to implement. This work will also include updates to the audit collection logs to better integrate with SIEM systems.
  • Azure Container Service (AKS) on Azure Stack
    Managed Kubernetes with Azure Container Service (AKS) on Azure Stack will make it even easier for Azure Stack users to manage and operate Kubernetes environments in the same ways as they do in Azure, without sacrificing portability. This new service features an Azure-hosted control plane, automated upgrades, self-healing, easy scaling, and a simple user experience for both developers and cluster operators. With Container Service, customers get the benefit of open source Kubernetes without complexity and operational overhead. This update applies primarily to Azure Stack users.
  • Templated Kubernetes deployments
    This work in development will bring support for templated Kubernetes clusters. This will simplify deployment and operations for Azure Stack users by allowing them to deploy the template to Azure or Azure Stack, thereby providing a consistent environment in each cloud. This update applies primarily to Azure Stack users.
  • Templated Service Fabric cluster deployments
    This work in development will bring templated Service Fabric clusters that will simplify deployment and operations for Azure Stack users. Once deployed, Azure Stack users will be able to manage Service Fabric clusters, applications, and services through PowerShell, the Service Fabric CLI, or the open source Service Fabric Explorer just as you can in Azure. This update applies primarily to Azure Stack users.
  • Azure Stack support for Azure Site Recovery
    With this work in development, Azure Stack operators will have more site recovery options by be able to take advantage of Azure Site Recovery to replicate and failover guest OS and data disks to Azure. This entry applies primarily to an Azure Stack operator.
  • Azure Stack infrastructure backup and cloud recovery
    We’re developing enhancements for Azure Stack that will simplify infrastructure backup by eliminating the need for manual operator intervention. These enhancements will include the enablement of operator-driven validation of cloud recovery. This post applies primarily to Azure Stack operators.
  • Managed Disks in Azure Stack
    Azure Managed Disks simplifies disk management for Azure VMs by managing the storage accounts associated with the VM disks. You only have to specify the type (Premium or Standard) and the size of disk you need, and Azure creates and manages the disk for you. This work will bring more options and simplicity to Azure Stack users when working with VMs. This update applies primarily to Azure Stack users.
  • Av2-series and F-series virtual machines in Azure Stack
    We’re working on bringing Av2-series and F-series virtual machines (VM) to Azure Stack so that users can create them when building and deploying applications. Av2 is popular for development and test scenarios, while the F-series provides more cores with lesser memory requirement than the D-series. Learn more about Azure VM sizes and Azure Stack Virtual Machines.
  • Expanded VPN Gateway interoperability
    We’re expanding support for the VPN Gateway to allow Azure Stack users greater flexibility with their settings. Once available, this will allow users to configure their own settings so that they can establish a VPN tunnel with the older devices they have in their datacenter, without requiring them to upgrade these devices.
  • Azure Storage API version 2017-04-17 updated in Azure Stack
    We’re working on bringing the 2017-04-17 version of the Azure Storage API to use in Azure Stack. When ready, this will enable Azure Stack users to perform URL-to-URL copies, simplifying the movement of data between Azure and Azure Stack. This update applies primarily to Azure Stack users, but will be beneficial to any user looking to create hybrid applications that span Azure and Azure Stack.
  • Ability to incrementally add capacity to Azure Stack
    We’re now working on adding the ability for Azure Stack operators to add a node to an existing Azure Stack scale unit within the supported scale unit limits. This will enable Azure Stack operators to increase the capacity of a single Azure Stack, and specifics should be discussed with hardware partners.
  • Azure Stack integrated systems support for multiple scale units
    For customers who want larger Azure Stack integrated systems, we’re working on adding support to have multiple scale units in an Azure Stack integrated system. This applies primarily to Azure Stack operators, and will enable them to increase the capacity of a single Azure Stack.
  • Azure Stack operator experience feature updates
    Azure Stack operators can configure Azure Stack and manage offers, plans, services, quotas, and pricing to provide resources for their users. Azure Stack operators also manage capacity and can respond to alerts. We’re developing new and updated features for the monitoring, diagnostics, and servicing experiences to ensure Azure Stack operators can keep the Azure Stack integrated system running and healthy. These include:Investments in infrastructure servicing to minimize tenant downtime.
    Improved alerting and remediations to allow the operator to maintain system health.
    Updated diagnostics for better troubleshooting.
    Continued investments in the Operator UX and Operator PowerShell.
  • Azure Stack Infrastructure—compliance certification guidance
    We’re creating documentation to describe how Azure Stack infrastructure satisfies regulatory technical controls for PCI-DSS and CSA-CCM. Azure Stack operators will be able to use this documentation to simplify the processes that companies go through when working with governing bodies. Check back for more information as the documentation is developed.
  • Display virtual machines prices in Azure Stack portal
    Work is currently in development to allow Azure Stack operators the ability to configure the virtual machine pricing and display it in the Azure Stack portal. This will provide additional flexibility when creating plans, offers, and managing subscriptions. Check back with this blog to see developments as work progresses, and get more information.

You can see Microsoft is going to work on a lot of great improvements for Azure Stack. If you want to know more about Azure Stack, check out my blog post:

Microsoft Azure Stack – Azure Extension in your Datacenter



Microsoft Tech Summit 2018 Switzerland

Speaking about Azure Stack at the Microsoft Tech Summit Switzerland 2018

I am proud to announce that I am speaking at the Microsoft Tech Summit Switzerland 2018. The Microsoft Tech Summit is a new format of Microsoft conferences all around the world, and the successor of the Microsoft TechDays in Switzerland. The Microsoft Tech Summit is a free 2 day event covering the latest in cloud technologies  for IT professionals and developers from February 28 – March 1, 2018.

We are proud to offer you an impressive line-up of keynote speakers such as Mark Russinovich, CTO of Microsoft Azure and Patrick Chanezon, chief developer advocate at Docker, the world’s leading software container platform. We further decided to dedicate 50% of all break out session to OSS to show that we don’t just say that we love OSS, but actually live it.

Plus, you will have the chance to experience the unique Microsoft HoloLens and Mixed-Reality glasses on-site! Our diverse and disruptive exhibition is also featuring surprising showcases by our partners.

In my session on day two I will speak about Azure Stack and my experience deploying it for customers.

Azure Stack - Your Cloud, Your Datacenter

Microsoft released Azure Stack as an Azure appliance for your datacenter. Learn what Azure Stack is, what challenges it solves, how you deploy, manage and operate an Azure Stack in your datacenter. Learn about the features and services you will get by offering Azure Stack to your customers and how you can build a true Hybrid Cloud experience. In this presentation Thomas Maurer (Microsoft MVP) will guide you through the highly anticipated innovations and experience during the Azure Stack Early Adaption Program and Azure Stack Technology Adoption Program (TAP).

Btw. itnetX will be there with a booth as a Gold Sponsor! I hope I will see you there!



Azure Stack Tools

Setup an Azure Stack Cloud Operator and Developer Workstation Environment

If you are responsable to manage and operate Azure Stack, you will need to enable a couple of tools to manage Azure Stack. This post should give you a summary of what you should do to setup your Azure Stack Operator and Developer workstation environment.

Operating System

Azure Stack Windows Admin Workstation

First of all you should setup a clean base system. I usually use the latest version of Windows 10, right now the latest Windows 10 version is the Fall Creators Update which give you some great features like the OpenSSH client or the Windows Subsystem for Linux build in, or I use Winodws Sevrer 2016 with Desktop Expierence. Make sure you install all the latest updates for Microsoft Update.

Install Visual Studio Code

PowerShell for Visual Studio Code

Visual Studio Code is a new, free, lightweight cross-platform code editor for building modern web and cloud applications on Mac OS X, Linux and Windows. It is perfect for editing JSON files and even writing some code. And it has a built-in Terminal so you don’t have to switch between different windows.

I recommend you install the following Extensions:

Install SSH Client or Windows Subsystem for Linux (WSL)

OpenSSH Windows 10

To manage Linux Virtual Machines running on Azure Stack or if you need to manage the hardware switches in Azure Stack or your border switches where Azure Stack is connected, SSH is the way to access it. Windows 10 now comes with several builtin options like the OpenSSH Client which you can install as addtional feature or for example the Windows Subsystem for Linux (WSL) which allows you to run several linux tools on Windows directly. If you are using another version of Winodws, the thrid party application PuTTY is your friend.

You can also using PowerShell to install it:

Install Azure Stack PowerShell

Install Azure Stack PowerShell

Azure Stack compatible Azure PowerShell modules are required to work with Azure Stack. PowerShell commands for Azure Stack are installed through the PowerShell gallery, you can run the following commands to install it: (Make sure there are no other Azure PowerShell Modules installed, if there are, the commands will remove them). If you also install Visual Studio, install Visual Studio first before you install the Azure Stack PowerShell.

If you need to install it on a machine which does not have access to the internet. check outthe offical Microsoft page: Install PowerShell for Azure Stack

Install Azure Stack tools

Azure Stack Tools

AzureStack-Tools is a GitHub repository that hosts PowerShell modules that you can use to manage and deploy resources to Azure Stack. This brings you several functionalities for Azure Stack management:

  • Deployment of Azure Stack – Helps prepare for Azure Stack deployment.
  • Resource Manager policy for Azure Stack – Constrains Azure subscription to the capabilities available in the Azure Stack.
  • Connecting to Azure Stack – Connect to an Azure Stack instance from your personal computer/laptop.
  • Setting up Identity for Azure Stack – Create and manage identity related objects and configurations for Azure Stack
  • Azure Stack Service Administration – Manage plans and subscriptions in Azure Stack.
  • Azure Stack Compute Administration – Manage compute (VM) service in Azure Stack.
  • AzureRM Template validator – Validate Azure ARM Template Capabilities
  • Azure Stack Infrastructure Administration – Manage Azure Stack Infrastructure

You can get the Azure Stack tools from GitHub:

You can directly open that folder in Visual Studio Code:

Configure Azure Stack PowerShell environment

As an Azure Stack user, you can configure your Azure Stack PowerShell environment. After you configure, you can use PowerShell to manage Azure Stack resources such as subscribe to offers, create virtual machines, deploy Azure Resource Manager templates, etc.

For an Azure Stack deployment which is using Azure Active Directory (AAD) as an Identity provider, you can use the following commands:

Install and configure CLI for use with Azure Stack

Azure CLI

You can also use the Azure CLI 2.0 to manage Azure Stack.

Install Azure CLI on Windows using MSI

To install the CLI on Windows and use it in the Windows command-line, download and run the Azure CLI Installer (MSI).

Install with apt-get for Bash on Ubuntu on Windows (WSL)

  1. Open the Bash shell.
  2. Modify your sources list.
  3. Run the following sudo commands:
  4. Run the CLI from the command prompt with the az command.

Connect to Azure Stack using the Azure CLI

If you are using Public Certificates for your Azure Stack, this is pretty staight forward, if you are using the Azure Stack Development Kit or an Internal CA, make sure your client trusts the Azure Stack CA root Certificate. You can find more here: Install and configure CLI for use with Azure Stack

Register your Azure Stack environment by running the az cloud register command.

Register as a cloud administrative environement:

  1. To register the cloud administrative environment, use:
  2. Set the active environment by using the following commands.
  3. Update your environment configuration to use the Azure Stack specific API version profile. To update the configuration, run the following command:
  4. Sign in to your Azure Stack environment by using the az login command. You can sign in to the Azure Stack environment either as a user or as a service principal.

Register the user environment, use:

  1. To register the user environment, use:
  2. Set the active environment by using the following commands.
  3. Update your environment configuration to use the Azure Stack specific API version profile. To update the configuration, run the following command:
  4. Sign in to your Azure Stack environment by using the az login command. You can sign in to the Azure Stack environment either as a user or as a service principal.

Install the Microsoft Azure Storage Explorer

Azure Stack Azure Storage Explorer

To access and manage Azure Stack Storage Accounts you can also use the Microsoft Azure Storage Explorer tool. Microsoft Azure Storage Explorer (Preview) is a standalone app from Microsoft that allows you to easily work with Azure Storage data on Windows, macOS and Linux.

If you are running the Azure Stack Development Kit, you should again have a look how you get the certificates implace, you can find that here: Connect Storage Explorer to an Azure Stack subscription

  1. Install the Microsoft Azure Storage Explorer
  2. After Storage Explorer  restarts, select the Edit menu, and then ensure that Target Azure Stack is selected. If it is not selected, select it, and then restart Storage Explorer for the change to take effect. This configuration is required for compatibility with your Azure Stack environment.
  3. To connect to the Azure Stack account, select Add an account.
  4. In the Connect to Azure Storage dialog box, under Azure environment, select Use Azure Stack Environment, and then click Next.
  5. To sign in with the Azure Stack account that’s associated with at least one active Azure Stack subscription, fill in the Sign in to Azure Stack Environment dialog box.
    The details for each field are as follows:Environment name: The field can be customized by user.
    ARM resource endpoint: The samples of Azure Resource Manager resource endpoints:For cloud operator:
    https://adminmanagement.-region-.-FQDN-
    For tenant:
    https://management.-region-.-FQDN-
    Tenant Id: Optional. The value is given only when the directory must be specified.

This should help you quickly setup an Azure Stack Cloud Operator Workstation. What other tools do you need to manage and operator your Azure Stack? leave a comment.



ExpertsLiveCafe

Speaking at Experts Live Cafe January 2018 Edition in Bern

I am happy to announce and remind you that I will be speaking at the Experts Live Cafe in Bern this Friday. The Experts Live Cafe is a Swiss IT Pro Meetup run by the Microsoft MVPs Stefan Johner and Stefan Roth. Experts Live is a non-profit organization that has a mission to enable sharing of knowledge and experience about Microsoft technologies worldwide. The ExpertsLive Cafes are user group meetups which are designed to bring IT professionals closer together.

I will be covering one of two sessions about this months Experts Live Cafe and talk about Windows Server.

What is next for Windows Server

In Fall 2017 Microsoft has updated Windows Server to the next Semi-Annual Channel release with new features and improvements and Microsoft will now release new SAC and LTSC releases. Join this session for the best of Windows Server, learn how the new Servicing Model of Windows Server works and what does it mean to use SAC or LTSC releases, and what new improvement and features Microsoft offers in the latest releases such as 1709 and 1803. You’ll get an overview about the new, exciting improvements that are in Windows Server and how they’ll improve your day-to-day job.

There should be still some free seats, so hopefully see you there!

 



Windows Server Insider Preview Build 17074

Sneak Peak of Windows Server 1803 (RS4) – Windows Server Insider Preview Build 17074

Yesterday, Microsoft announced a new Windows Server Insider Preview Build (17074) which will be released as the next Semi-Annual Channel release for Windows Server. This release will likely be called Windows Server 1803 (Codename: Restone 4), which is aligned to the Windows Client releases.

Microsoft talked about improvements in the next Windows Server releases and the investments in Containers and Storage Spaces Direct at Microsoft Ignite 2017, and we already got some early Windows Server Insider Preview builds to see what is coming next. The official list is not to big right now, but we can expect Microsoft to add and announce more features in the comment weeks and months.

What is new in Windows Server 1803 (RS4)

  • Storage Spaces Direct (S2D)
    • Microsoft adds Data Deduplication support Storage Spaces Direct and ReFS
    • Microsoft removed the requirement for SCSI Enclosure Service (SES) on the hardware, which enables more hardware to work with S2D
    • Storage Spaces Direct adds support for Persistent Memory (Storage Class Memory), which brings very fast and very low latency storage to S2D. The prices for this devices is still pretty high, but we can expect this to change in the future and we can also see them as a great use as caching devices.
    • Storage Spaces Direct now also supports Direct-connect SATA devices to AHCI controller, which also make more hardware work with S2D
    • CSV Cache is now enabled by default, which delivers an in-memory write-through cache that can dramatically boost VM performance, depending on your workload.
  • Failover Clustering
    • Azure enlightened Failover Cluster – This is a very exciting feature if you run Windows Server Failover Clusters in Microsoft Azure. This feature will let the Windows Server cluster know if there is Azure host maintenance going on and will exclude the specific cluster node from placing workloads on it.

      By making high availability software running inside of an Azure IaaS VM be aware of maintenance events of the host, it can help deliver the highest levels of availability for your applications.

  • Container
    • Microsoft promised to add more Container feature and provide updated Windows Server Container Images. One feature which made it already into this and early Preview builds is a long waited feature which caused some confusion before. Developers can now use localhost or loopback (127.0.0.1) to access services running in containers on the host.
  • Other Improvements

As mentioned before we can expect Microsoft to add and announce new feature for the next Windows Server release in the next couple of weeks and months.

How to download the Windows Server Insider Preview

You can download the Windows Server Insider Previews from the Windows Server Insider Preview download page. If you are not yet an Insider, check out how to get one on the Windows Insider for Business portal.

Careful, this is pre-release software and it is not supported in production.

Test and Provide Feedback to Windows Server

For Microsoft it is very important that they get feedback about the latest releases. To send feedback use the Feedback Hub application in Windows 10, and choose the Server category with the right subcategory for your feedback.

 

 

 



Windows SSH on WSL

Install and Configure OpenSSH Server on Windows 10 and Windows Server 1709

A couple of weeks ago I already wrote about how OpenSSH is now available on Windows 10. In this blog post I will cover how to install and configure OpenSSH Server on Windows 10 and Windows Server 1709.

Today, OpenSSH Client and Server on Windows are still in Beta, so they should only be used in secure test environments and not in production.

First you have to install the OpenSSH feature on your Windows machine. Remember that it needs to be the Windows 10 Fall Creators Update (1709) or Windows Server version 1709 or higher.

Windows OpenSSH Server

On Windows 10 you can also use the UI to install it.

Windows OpenSSH Server Folder

After the installation you can find the OpenSSH Server files and some more configuration options under C:\Windows\System32\OpenSSH

Now you need to configure the OpenSSH Server (sshd)

To enable authentication into an SSH server on Windows, you first have to generate host keys and repair the ACL on the host keys.

Configure OpenSSH Server on Windows

Windows SSH on WSL

Now you should be able to connect to the Windows Machine using SSH for an SSH client. Of course this can be the OpenSSH client or the SSH client which comes with the Windows Subsystem for Linux on Windows 10.

Azure Network Security Group SSH

If you are running OpenSSH Server on a Windows 10 or Windows Server 1709 virtual machine in Microsoft Azure, don’t forget to also configure the Network Security Group (NSG) to allow SSH inbound access on port 22.

Also check out how you can do SSH from PowerShell: Using SSH with PowerShell



Azure Stack Development Kit PowerShell Install

Developing Azure Stack compatible services in Microsoft Azure using Azure Policies

As mentioned Azure Stack brings a true hybrid Cloud experience by bringing an consistent platform from the public cloud to the private cloud. There is a little bit of a catch, Microsoft Azure Stack of course only offers some of the Azure Public Cloud services, since for some of them you need to have a specific scale or specialized hardware, and they often they are behind in feature and functionality, since Azure gets updated daily and Azure Stack gets a slower updated cycle.

But what if you want to develop services on Azure, which should be compatible with Azure Stack, how can you make sure that these services also work on Azure Stack? The anwser to that is the Azure Stack Policy Module. The Azure Stack Policy module allows you to configure an Azure subscription with the same versioning and service availability as Azure Stack using Azure Policy.  The module uses the New-AzureRMPolicyAssignment PowerShell cmdlet to create an Azure policy, which limits the resource types and services available in a subscription. You can then use your Azure subscription to develop apps targeted for Azure Stack.

You can find the Azure Stack Policy Module in Azure Stack tools on GitHub.

Install the Azure Stack Policy Module

  1. Install the required version of the AzureRM PowerShell module, as described in Step1 of Install PowerShell for Azure Stack.
  2. Download the Azure Stack tools from GitHub
  3. Configure PowerShell for use with Azure Stack
  4. Import the AzureStack.Policy.psm1 module:

Apply policy to subscription

The following command can be used to apply a default Azure Stack policy against your Azure subscription.

Apply policy to a resource group

You may want to apply policies in a more granular method. As an example, you may have other resources running in the same subscription. You can scope the policy application to a specific resource group, which lets you test your apps for Azure Stack using Azure resources.

You can find more information about this on the official documentation page: https://docs.microsoft.com/en-us/azure/azure-stack/user/azure-stack-policy-module