Category: Microsoft Azure

Last updated by at .

Azure Update Management Resource Group

Azure Update Management using Windows Admin Center

I already posted a couple of blogs about the Windows Admin Center. For example how you can use and configure Azure Backup or how you can configure the Azure Network Adapter directly from Windows Admin Center. Windows Admin Center does also allow you to manage Windows Updates on your Windows Server. However, if you want to have some more control over your updates and have a centralized orchestration for updates, Azure Update Management can help you. You can use the Update Management solution in Azure Automation to manage operating system updates for your Windows and Linux computers that are deployed in Azure, in on-premises environments, or in other cloud providers. With Windows Admin Center you will get a direct integration with Azure Update Management.

Setup Azure Update Management in Windows Admin Center

Windows Admin Center Windows Update Management

Setting up Azure Update management in Windows Admin Center is very simple. First you will need to register your WAC installation with Azure, if you haven’t done this already. After that you go to the Update extension and you will find a button to Set up now.

Windows Admin Center Setup Azure Update Management

Now you can configure Azure Update Management from Windows Admin Center. You can select your Azure Subscription where you want to deploy the solution. You can select an existing Resource Group and Log Analytics Workspace, or you can create a complete new setup.

Windows Admin Center Configured Azure Update Management

This will install the Microsoft Monitoring Agent on your Windows Server, which is used for the Azure Update Management.

Azure Update Management Resource Group

If you create a new setup, this will also create all the resources in Azure, like the Resource Group, Log Analytics Workspace, Azure Automation Account and adding the Update Solution.

Azure Update Management

Now you can start managing the Windows Updates centralized from Azure Update Management.

Azure Update Management supports not only Windows Server 2019 and Windows Server 2016, it supports Windows Server 2008 R2 SP1 and later.

This again shows Microsoft efforts to build Hybrid Cloud functionality directly into Windows Server and Windows Admin Center. This should help especially administrators, which are mostly managing on-premises environments, to extend and benefit from Microsoft Azure.



Remove All Docker Container Images

New Windows Server 2019 Container Images

Microsoft today released the new Windows Server 2019 again. After they quickly released Windows Server 2019 during Microsoft Ignite, they removed the builds again, after some quality issues. However, today Microsoft made the Windows Server 2019 builds available again. Microsoft also released new Windows Server 2019 Container Images for Windows, Windows Server Core and Nano Server.

Download Windows Server 2019 Container Images

You can get them from the new Microsoft Container Registry (MCR).

Microsoft was hosting their container images on Docker Hub until they switch to MCR (Microsoft Container Registry). This is now the source for all Windows Container Images like Windows Server 2019, Windows Server 2016 and all the Semi-Annual Channel releases like Windows Server, version 1709 or Windows Server, version 1803.

Download the Windows Server 2019 Semi-Annual Channel Container Images (Windows Server, version 1809). This includes also the new Windows Container Image.

The Windows Server Core Image is also available as a Long-Term Servicing Channel Image:

However, if you want to browse through container images, Docker Hub continues to be the right place to discover container images. Steve Lasker wrote a blog post about how Microsoft syndicates the container catalog and why.

Download Windows Server 2016 and Windows Server SAC Container Images

Also the existing Windows Server 2016 and Windows Server, version 1803 and Windows Server 1709 container images moved to the Microsoft Container Registry (MCR).

You should also make sure to update your Dockerfile references:

Old Windows Server Dockerfile reference

FROM microsoft/windowsservercore:ltsc2016

New Windows Server Dockerfile reference

FROM mcr.microsoft.com/windows/servercore:ltsc2016

Removing the “latest” tag from Windows Images

Starting 2019, Microsoft is also deprecating the “latest” tag for their container images.

We strongly encourage you to instead declare the specific container tag you’d like to run in production. The ‘latest’ tag is the opposite of specific; it doesn’t tell the user anything about what version the container actually is apart from the image name. You can read more about version compatibility and selecting the appropriate tag on our container docs.

Removing Container Images

Remove All Docker Container Images

If you want to remove existing container images from your PC, you can run docker rmi to remove a specific image. You can also remove all containers and container images with the following commands:

If you want to know more about Windows Containers and the Microsoft container eco system, visit the Microsoft container docs.



WLinux WSL Setup Wizard for Windows 10

WLinux – The best WSL for Windows 10

A couple of Windows 10 releases back, Microsoft delivered the Windows Subsystem for Linux. The Windows Subsystem for Linux allows you to run Linux distros, like Ubuntu, Debian, Suse and others, on Windows 10. Around the Microsoft Ignite 2018 timeframe another distro was released to the Windows Store called WLinux. WLinux is a Linux environment for Windows 10 built on work by Microsoft Research and the Debian project. WLinux is a custom Linux distro built from Debian specifically for use on the WSL. While other distros are available for WSL, WLinux is the first optimized for use by users of WSL for WSL. It helps developer run Linux tooling on Windows and integrates into perfectly into Windows.

WLinux Setup

WLinux WSL Setup Wizard for Windows 10

WLinux comes with a custom setup, to prepare your environment in a very simple and easy wizard. It lets you setup some predefined software and settings and configure integration into Windows.

WLinux WSL Docker Bridge to Windows

WLinux Docker Bridge

If you want to run Docker in the Windows Subsystem for Linux, you can bring the Docker Client to the Windows Docker Engine. This allows you to run Docker directly from WSL and from PowerShell at the same time.

Microsoft Tooling

WLinux Installing Azure CLI

Of course WLinux brings the usual Linux development tools and easy setup for Ruby, NodeJS, Go, Java, Python, editors like emacs and even different shells. You can also easily add Microsoft tooling by adding Azure CLI, PowerShell Core and even Visual Studio Code.

Windows Explorer Integration and WSL Utilities (wslu)

It easily lets you to setup Windows Explorer integration and brings wslu, a collection of utilities for WSL, preinstalled. Wslu bringt the following features to the WSL

  • wslusc This is a WSL shortcut creator to create a shortcut on your Windows 10 Desktop.
  • wslsys This is a WSL system information printer to print out some basic system information.
  • wslfetch This is a WSL Screenshoot Information Tool to print information in an elegant way.
  • wslupath This is a WSL Windows path Converter that can convert Windows path to other styles of path.
  • wslview This is a fake WSL browser that can help you open link in default Windows browser.

WSLfetch

If you want to know more about WLinux, check out the website Whitewater Foundry.

Or download WLinux from the Microsoft Store.

You can also contribute on the project on GitHub.



Thomas Maurer Speaking at Geekmania

Speaking at Geekmania 2018

This week one of my last speaking engagements for 2018 is coming up, which will be Geekmania 2018. I am happy to be again one of the speakers at the Swiss Geekmania conference. Geekmania is focused on IT Pro topics around Microsoft technology. This Friday (9.11.2018) 18 speakers will speak in 3 parallels tracks in 24 sessions, covering the latest and greatest about Windows, Windows Server, System Center and Azure.

My session will focus on Microsoft Azure Stack:

Azure Stack – Your Cloud Your Datacenter (German)

Microsoft Azure Stack ist nun verfügbar als Azure Appliance in ihrem Datacenter. Lernen sie was Azure Stack ist und wie Azure Stack als Erweiterung zu Microsoft Azure nutzen können, um services in einer Hybrid Cloud bereitzustellen.

Next to me there will be a lot of great community speakers present. Geekmania is always a lot of fun, so hopefully see you there!



Thomas Maurer speaking at Experts Live Europe

Azure Stack Operations Interview at Experts Live Europe

As you may know I was speaking at Experts Live Europe 2018 in Prague a couple of days ago, which was a lot of fun. In my sessions, I was talking about Azure Stack Operations and Windows Server 2019. Between does sessions I had time to quickly talk about Azure Stack Operations and Experts Live Europe in a short interview.

I really enjoyed the conference and hopefully I will be back next year. If you want to see more videos from Experts Live Europe 2018, check out the Experts Live TV YouTube channel. Thanks to the Experts Live team for the great conference and the great opportunity to speak there.



HPE Azure Stack Innovation Center

Let’s talk about the HPE Azure Stack Innovation Center

Together with HPE, I did some short videos about HPE Azure Stack and the HPE Azure Stack Innovation Center in Geneva. The videos are very short to just give you a quick idea about the different scenarios and the benefits of the Innovation Center as well as the HPE solutions. If you want to know more about it, you can check out my blog and look for my articles on Azure Stack and Azure.

About the Azure Stack Innovation Centers

To help you get started on your journey with Microsoft Azure Stack, HPE and Microsoft have built Azure Stack Innovation Centers. Staffed by HPE and Microsoft experts, and leveraging the latest industry-leading Azure Stack hardware and software solutions, the Azure Stack Innovation Centers are designed to help simplify and accelerate your hybrid cloud journey.

In simple words, the Innovation Centers are a place to try out Azure Stack multi-node systems, do proof of concepts and test your real-world workloads. We used the Azure Stack Innovations Centers to work with customers, to try out their workloads directly on a full multi-node system. This helps to better understand the benefits and challenges for the specific customer workloads and get some hands-on experience. It is also a great possibility to test out the Azure Stack Operator capabilities and tasks.

Thomas Maurer about the HPE Azure Stack Innovation Center

Thomas Maurer talks about how the HPE Microsoft Azure Innovation Center helps partners and customers on Azure Stack Implementation projects!



Azure Confidential Compute VM Deployment

Protect Workloads with Azure Confidential Computing

A year ago Microsoft announced that they were working on a new technology in Azure to protect and encrypt data in use, called Azure Confidential Computing. If you are moving sensitive data to the cloud, you also want to encrypt it. Today, you can do this for data in transit and data at rest, however data in use is a challenge. Azure Confidential Computing addresses exactly that scenario, and helps you to encrypt data in use. Microsoft was running a private preview program in the last year, and at Microsoft Ignite this year, Microsoft opened up a public preview.

What is Azure Confidential Computing

Azure Confidential Computing together with Intel SGX technology addresses the following threads:

  • Malicious insiders with administrative privilege or direct access to hardware on which it is being processed
  • Hackers and malware that exploit bugs in the operating system, application, or hypervisor
  • Third parties accessing it without their consent

There are ways to secure data at rest and in transit, but you need to protect your data from threats as it’s being processed. Now you can. Confidential computing adds new data security capabilities using trusted execution environments (TEEs) or encryption mechanisms to protect your data while in use. TEEs are hardware or software implementations that safeguard data being processed from access outside the TEE. The hardware provides a protected container by securing a portion of the processor and memory. Only authorized code is permitted to run and to access data, so code and data are protected against viewing and modification from outside of TEE.