Category: Cloud

Windows Server on Microsoft Azure

Learn about Windows Server on Microsoft Azure

As many of you know, Microsoft Azure is the best cloud to run Windows Server workloads. Last week the team published two new Microsoft Learn Learning paths, where you can learn more about how to run Windows Server on Azure. The first two learning paths available are “implement Windows Server IaaS VM networking” and “implement Windows Server IaaS VM Identity”. These two learning paths offer a couple of modules around the specific topics.

Implement Windows Server IaaS VM networking

In this learning path, you’ll learn about Azure IaaS networking and identity. After completing the learning path, you’ll be able to implement IP addressing, manage DNS, and deploy and manage domain controllers in Azure.

Modules

  • Implement Windows Server IaaS VM IP addressing and routing
    In this module, you’ll learn how to manage Microsoft Azure virtual networks (VNets) and IP address configuration for Windows Server infrastructure as a service (IaaS) virtual machines (VM)s.
  • Implement DNS for Windows Server IaaS VMs
    In this module, you’ll learn to configure DNS for Windows Server IaaS VMs, choose the appropriate DNS solution for your organization’s needs, and run a DNS server in a Windows Server Azure IaaS VM.
  • Implement Windows Server IaaS VM network security
    In this module, you will focus on how to improve the network security for Windows Server infrastructure as a service (IaaS) virtual machines (VMs) and how to diagnose network security issues with those VMs.

You can find the full learning path on Microsoft Learn.

Implement Windows Server IaaS VM Identity

After completing this learning path, you’ll know how to implement identity in Azure. You’ll be able to extend an existing on-premises Active Directory identity service into Azure.

Modules

You can find the full learning path on Microsoft Learn.

Prerequisites for the learning paths

Before you take the learning path, make sure you are familiar with the prerequisites.

  • Experience with managing Windows Server operating system and Windows Server workloads in on-premises scenarios, including AD DS, DNS, DFS, Hyper-V, and File and Storage Services.
  • Experience with common Windows Server management tools (implied by the first prerequisite).
  • Basic knowledge of core Microsoft compute, storage, networking, and virtualization technologies (implied by the first prerequisite).
  • Basic knowledge of on-premises resiliency Windows Server-based compute and storage technologies (Failover Clustering, Storage Spaces).
  • Basic experience with implementing and managing IaaS services in Microsoft Azure.
  • Basic knowledge of Azure Active Directory.
  • Basic understanding security-related technologies (firewalls, encryption, multi-factor authentication, SIEM/SOAR).
  • Basic knowledge of PowerShell scripting.
  • An understanding of the following concepts as related to Windows Server technologies:
    • High Availability and Disaster Recovery
    • Automation
    • Monitoring

Learn more

There are even more learning paths for different technologies available on Microsoft Learn. If you want to learn more about Windows Server on Azure, check out the following resources:

  • Windows Server on Azure (link)
  • Ultimate Guide to Windows Server on Azure (link)
  • Migration Guide for Windows Server (link)
  • Windows virtual machines in Azure (link)

Windows Server on Azure is not just great because of the unmatched security features or the hybrid integration, Microsoft Azure also offers three years of extended security updates for your Windows Server 2008 and 2008 R2 servers for free, and the option to of bringing your on-premises licenses to the cloud, which provide substantial cost savings.

I hope this blog post was helpful to make you aware of the different options to learn about Windows Server on Azure. If you have additional resources or any questions, feel free to leave a comment.



Create Custom Script Extension for Windows - Azure Arc

How to Run Custom Scripts on Azure Arc Enabled Servers

With the latest update for Azure Arc for Servers, you are now able to deploy and use extensions with your Azure Arc enabled servers. With the Custom Script extension, you can run scripts on Azure Arc enabled servers and works similar to the custom script extension for Azure virtual machines (VMs). There is an extension for Windows and Linux servers, which is a tool that can be used to launch and execute machine customization tasks post configuration automatically.

When this Extension is added to an Azure Arc machine, it can download PowerShell and shell scripts and files from Azure storage and launch a script on the machine, which in turn can download additional software components. Custom Script Extension for Linux and Windows – Azure Arc tasks can also be automated using the Azure PowerShell cmdlets and Azure Cross-Platform Command-Line Interface (Azure CLI).

Introducing Azure Arc
For customers who want to simplify complex and distributed environments across on-premises, edge and multicloud, Azure Arc enables deployment of Azure services anywhere and extends Azure management to any infrastructure.
Learn more about Azure Arc here.

How to run Custom Scripts on Azure Arc enabled servers

To run a custom script on an Azure Arc enabled server, you can simply deploy the Custom Script Extension. You open the server you want to run the custom script in the Azure Arc server overview. Navigate to Extensions and click on Add, and select the Custom Script Extension for Windows – Azure Arc or on Linux the Custom Script Extension for Linux – Azure Arc.

Add Custom Script Extension

Add Custom Script Extension

Now you can select the PowerShell or shell script you want to run on that machine, as well as adding some optional arguments for that script.

Create Custom Script Extension for Windows - Azure Arc

Create Custom Script Extension for Windows – Azure Arc

After that, it will take a couple of minutes to run the script on the machine.

Conclusion

The Custom Script Extensions for Linux and Windows can be used to launch and execute machine customization tasks post configuration automatically.

You can learn more about how Azure Arc provides you with cloud-native management technologies for your hybrid cloud environment here, and you can find the documentation for Azure Arc enabled servers on Microsoft Docs.

If you have any questions or comments, feel free to leave a comment below.



Azure Arc Servers Log Analytics

Azure Log Analytics for Azure Arc Enabled Servers

In this blog post, we are going to have a quick look at how you can access Azure Log Analytics data using Azure Arc for Servers. The Azure Log Analytics agent was developed for management across virtual machines in any cloud, on-premises machines, and those monitored by System Center Operations Manager. The Windows and Linux agents send collected data from different sources to your Log Analytics workspace in Azure Monitor, as well as any unique logs or metrics as defined in a monitoring solution. When you want to access these logs and run queries against these logs, you will need to have access to the Azure Log Analytics workspace. However, in many cases, you don’t want everyone having access to the full workspace. Azure Arc for Servers provides RBAC access to log data collected by the Log Analytics agent, stored in the Log Analytics workspace the machine is registered.

Introducing Azure Arc
For customers who want to simplify complex and distributed environments across on-premises, edge and multicloud, Azure Arc enables deployment of Azure services anywhere and extends Azure management to any infrastructure.
Learn more about Azure Arc here.

How to enable Log Analytics for Azure Arc Enabled Servers

To enable log collection, you will need to install the Microsoft Monitoring Agent (MMA) on your Azure Arc enabled server. You can do this manually for Windows and Linux machines, or you can use the new extension for Azure Arc enabled servers. If you already have the MMA agent installed, you can start using logs in Azure Arc immediately.

Create Microsoft Monitoring Agent - Azure Arc

Create Microsoft Monitoring Agent – Azure Arc

After you have installed the agent, it can take a couple of minutes until the log data shows up in the Azure Log Analytics workspace. After the logs are collected in the workspace, you can access them with Azure Arc.

Azure Arc Servers Log Analytics

Azure Arc Servers Log Analytics

Now you can run queries using the Keyword Query Language (KQL) as you would in the Azure Log Analytics workspace, but limited to the logs for that specific server.

Conclusion

With Azure Arc for Servers, we can use role-based access controls to logs from a specific server running on-prem or at another cloud provider, without having access to all the logs in the log analytics workspace.

You can learn more about how Azure Arc provides you with cloud-native management technologies for your hybrid cloud environment here, and you can find the documentation for Azure Arc enabled servers on Microsoft Docs.

If you have any questions or comments, feel free to leave a comment below.



Azure Arc enabled SQL Server

Azure Arc enabled SQL Server Preview is now available

As you know, I do a lot of work on Hybrid Cloud topics like Azure Arc, which allows you to extend Azure management and Azure services to any infrastructure. I talk a lot about how you can use Microsoft Azure to manage your servers running on-premises or at other cloud providers, or how you can connect and manage Kubernetes clusters. The Azure Data services team at Microsoft Ignite 2019 also announced the private preview of Azure Arc Data services, which allow you to deploy services like Azure SQL on any infrastructure. This week they had another news to share, and it is the private preview of Azure Arc enabled SQL Server. With Azure Arc enabled SQL Server, you can use the Azure Portal to register and track the inventory of your SQL Server instances across on-premises, edge sites, and multi-cloud in a single view. You can also take advantage of Azure security services, such as Azure Security Center and Azure Sentinel.

Onboarding SQL Server to Azure Arc

Onboarding SQL Server to Azure Arc

The preview of Azure Arc enabled SQL Server Preview includes the following features:

  • Use the Azure Portal to register and track the inventory of your SQL Server instances across on-premises, edge sites, and multi-cloud in a single view.
  • Use Azure Security Center to produce a comprehensive report of vulnerabilities in SQL Servers and get advanced, real-time security alerts for threats to SQL Servers and the OS.
  • Investigate threats in SQL Servers using Azure Sentinel.
Azure Security Center assessment of on-premises SQL Server

Azure Security Center assessment of on-premises SQL Server

You can register any Windows or Linux based SQL Server to track your inventory. Azure Security Center’s advanced data security works on Windows-based SQL Server version 2012 or higher, running on physical or virtual machines and hosted on any infrastructure outside of Azure.

If you are interested in participating in this preview, check out the official blog post. If you have any questions, feel free to leave a comment.



Add Microsoft Monitoring Agent Extension

How to Add the Microsoft Monitoring Agent to Azure Arc Servers

To use some of the functionality with Azure Arc enabled servers, like Azure Update Management, Inventory, Change Tracking, Logs, and more, you will need to install the Microsoft Monitoring Agent (MMA). In this blog post, we are going to have a look at how you can install the Microsoft Monitoring Agent (MMA) on an Azure Arc enabled server using extensions.

Introducing Azure Arc
For customers who want to simplify complex and distributed environments across on-premises, edge and multicloud, Azure Arc enables deployment of Azure services anywhere and extends Azure management to any infrastructure.
Learn more about Azure Arc here.

You can learn more about the manual MMA setup on Microsoft Docs.

How to install the Microsoft Monitoring Agent on Azure Arc enabled servers

To install the Microsoft Monitoring Agent (MMA) you can use the new extension in Azure Arc. You open the server you want to install the MMA agent in the Azure Arc server overview. Navigate to Extensions and click on Add, and select the Microsoft Monitoring Agent – Azure Arc. This works for Windows and Linux servers.

Add Microsoft Monitoring Agent Extension

Add Microsoft Monitoring Agent Extension

Now you can enter the Azure Log Analytics workspace ID and the key. This will create a job and install the Microsoft Monitoring Agent on the server.

Create Microsoft Monitoring Agent - Azure Arc

Workspace ID and Key

After that, you can start using features like Azure Log Analytics, Inventory, Change Tracking, Update Management, and more. You can also do this manually for Windows and Linux machines.

Conclusion

Azure Arc for servers makes it super simple to deploy the Microsoft Monitoring Agent to servers running on-premises or at other cloud providers.

You can learn more about how Azure Arc provides you with cloud-native management technologies for your hybrid cloud environment here, and you can find the documentation for Azure Arc enabled servers on Microsoft Docs.

If you have any questions or comments, feel free to leave a comment below.



Intel NUC Windows Server LAB

Install Intel NUC Windows Server 2019 Network Adapter Driver

As you know, I am using an Intel NUC as my Windows Server lab machine, where I run Windows Server 2019 and Hyper-V on. Many people asked me about how you can install the Intel NUC Windows Server 2019 Network Adapter driver because there are no Windows Server 2019 drivers for it. My blog reader, Michael Williams, shared how you can install the Windows Server 2019 Network adapter drivers on the Intel NUC 8th generation.

Here are the simple steps you can follow to install the Intel NUC Windows Server 2019 Network Adapter Driver:

  1. Download the latest PROWinx64.exe for Windows Server 2019 from Intel including drivers for the Intel® Ethernet Connection I219-V
  2. To manually install the network drivers, extract PROWinx64.exe to a temporary folder – in this example to the C:\Drivers\Intel\ folder. Extracting the .exe file manually requires an extraction utility like WinRAR or others. You can also run the .exe and it will self-extract files to the %userprofile%\AppData\Local\Temp\RarSFX0 directory. This directory is temporary and will be deleted when the .exe terminates.
  3. The driver for the Intel I219-V network adapter can be found in the C:\Drivers\Intel\PRO1000\Winx64\NDIS68.

    Extracted Network Drivers for Windows Server 2019 - Intel NUC PROWinx64

    Extracted Network Drivers for Windows Server 2019 – Intel NUC PROWinx64

  4. Open Device Manager right click on Ethernet Controller and select Update Driver.

    Device Manager Update Driver Ethernet Controller - Intel NUC Windows Server 2019 Driver

    Device Manager Update Driver Ethernet Controller – Intel NUC Windows Server 2019 Driver

  5. Select “Browe on my computer for driver software”, and select “Let me pick from a list of available drivers on my computer”, now you can select Network Adapter.

    Update Driver

    Update Driver

  6. Click on “Have Disk…” enter the following path “C:\Drivers\Intel\PRO1000\Winx64\NDIS68.”

    Driver Location

    Driver Location

  7. Now select Intel Ethernet Connection I219-LM (The I219-V version is not shown)

    Select the Intel Ethernet Connection I219-LM

    Select the Intel Ethernet Connection I219-LM

  8. And you are done.

Huge thank you again to Michael Williams for sharing that with us. I hope this short blog post provides you a step by step guide on how you can install Windows Server 2019 Network adapter drivers on the Intel NUC. If you have any questions, feel free to leave a comment.



Run Azure Container Instances from the Docker CLI

Run Azure Container Instances from the Docker CLI

Earlier Docker announced the partnership with Microsoft to bring support to run Azure Container Instances (ACI) from the Docker CLI. Yesterday, Docker announced and released the first Docker Desktop Edge version (2.3.2), which allows you to try out that new feature. Azure Container Instances (ACI) allow you to run Docker containers on-demand in a managed, serverless Azure environment. Azure Container Instances is a solution for any scenario that can operate in isolated containers, without orchestration.

Run Azure Container Instances from the Docker CLI

To be able to run ACI containers using the Docker CLI, Docker expanded the existing docker context command to support ACI as a new backend. To start using this new feature you will need to run Docker Desktop Edge version 2.3.2 and an Azure subscription. You can create a free Azure account with 12 months of free services, $200 credit, and over 25 services which are always free.

Docker Desktop Azure ACI Integration

Docker Desktop Azure ACI Integration

Now you can start your Docker CLI and login to Azure:

docker login azure

After you are logged in, you will need to create a new ACI context. You can simply use “docker context create aci” command and add your Azure subscription and Resource Group, or the CLI will provide you with an Interactive experience.

docker context create aci myazure

With “docker context ls” you can see the added ACI context.

docker context ls

Docker Desktop CLI create Azure Container Instance ACI Context Integration

Docker Desktop CLI create Azure Container Instance ACI Context Integration

Now you can switch to the newly added ACI context.

docker context use myazure

Now you can start running containers directly on Azure Container Instance using the Docker CLI.

docker run -d -p 80:80 mycontainer

You can also see the running containers using docker ps.

docker ps

Run Azure Container Instances from the Docker CLI

Run Azure Container Instances from the Docker CLI

This will also show you the public IP address of your running container to access it. In my example I used a demo container, however, you can also use your own container which you pushed to a container registry like Docker Hub.

You can also run multi-container applications using Docker Compose. You can find an example for that here.

Try Azure Container Instances from the Docker CLI

This new experience is now available as part of Docker Desktop Edge 2.3.2 . To get started, simply download the latest Edge release or update if you are already on Desktop Edge and create a free Azure account with 12 months of free services, $200 credit, and over 25 services which are always free.

Conclusion

I hope this gives you a short overview of how you can use the Docker CLI to directly run Docker containers in Azure Container Instances (ACI). If you have any questions, feel free to leave a comment.

There are also many other great examples like running Docker Linux containers on Windows, using the Windows Subsystem for Linux 2 (WSL 2).