Category: Microsoft Azure

Azure Hybrid Cloud Webinar Series

Join the Microsoft Azure Hybrid Cloud Webinar Series

Together with Microsoft Indonesia, we are offering an Azure Hybrid Cloud Webinar Series with two webinars around Azure Hybrid Cloud. The first one on September 22nd will be called: Innovation Anywhere with Azure Hybrid and on September 23rd: Deep Dive VM and Kubernetes Management to any Infrastructure with Azure Arc.

Innovation Anywhere with Azure Hybrid

Tuesday, 22nd September 2020 | 2.00 PM-3.30 PM (GMT+7) 📆

Free Registration âś”

Join us in the first session of the Azure Hybrid Cloud Training Series to learn and discover how Microsoft Azure Hybrid Cloud products and services help to manage your environment. In this session, Cloud Advocate Thomas Maurer will give you an overview of the Microsoft Azure Hybrid Cloud offering. Learn how you can use the Azure Hybrid services and products like Azure Arc, Azure Update Management, the new Azure Stack portfolio, Azure Stack HCI, and many more to introduce hybrid cloud management to your environment.

Deep Dive VM and Kubernetes Management to any Infrastructure with Azure Arc

Wednesday, 23rd September 2020 | 2.00 PM-3.30 PM (GMT+7) 📆

Free Registration âś”

Azure Arc has the ability to managed multi-cloud and on-premise. Join us on the second day of the Azure Hybrid Cloud Webinar Series to learn and discover how to manage and govern your Windows and Linux machines hosted outside of Azure on your corporate network or other cloud providers, similar to how you manage native Azure virtual machines.

When a hybrid machine is connected to Azure, it becomes a connected machine and is treated as a resource in Azure. Azure Arc provides you with the familiar cloud-native Azure management experience, like RBAC, Tags, Azure Policy, Log Analytics, and more.

Conclusion

These two sessions will be a lot of fun including an overview of the Azure Hybrid Cloud capabilities. I hope this gets your interested and I hope to see you there!



Azure Automatic VM Guest OS Patching

How to configure Azure Automatic VM guest OS patching

If you want to keep your Azure virtual machines (VMs) up-to-date, then there is a service called Azure Update Management, which helps you to manage updates on your Azure VM guest operating system. However, this needed some additional planning and configuration. To make patching of your Azure virtual machines (VMs) easier, there is a new option called Automatic VM guest patching, which helps ease update management by safely and automatically patching virtual machines to maintain security compliance.

Automatic VM guest patching is now available in public preview for Windows virtual machines on Azure.

With Azure automatic VM guest patching enabled, the VM is assessed periodically to check for available operating system patches for that Azure VM. Updates classified as ‘Critical’ or ‘Security’ are automatically downloaded and installed on the VM during off-peak hours. This patch orchestration is managed and handled by Azure and patches are applied following availability-first principles.

In a nutshell, Azure automatic VM guest patching has the following capabilities:

  • Patches classified as Critical or Security are automatically downloaded and applied on the VM.
  • Patches are applied during off-peak hours in the VM’s time zone.
  • Patch orchestration is managed by Azure and patches are applied following availability-first principles.
  • Virtual machine health, as determined through platform health signals, is monitored to detect patching failures.
  • Works for all VM sizes.

Patches are installed within 30 days of the monthly Windows Update release, following availability-first orchestration described below. Patches are installed only during off-peak hours for the VM, depending on the time zone of the VM. The VM must be running during the off-peak hours for patches to be automatically installed. If a VM is powered off during a periodic assessment, the VM will be automatically assessed and applicable patches will be installed automatically during the next periodic assessment when the VM is powered on.

You can find more information on Azure automatic VM guest patching on Microsoft Docs.

How to enable Azure Automatic VM guest OS patching

To enable Azure automatic VM guest OS (operating system) patching, we currently have a couple of requirements.

  • Currently, only Windows VMs are supported (Preview). Currently, Windows Server 2012 R2, 2016, 2019 Datacenter SKUs are supported. (and more are added periodically).
  • Only VMs created from certain OS platform images are currently supported in the preview. Which means custom images are currently not supported in the preview.
  • The virtual machine must have the Azure VM Agent installed.
  • The Windows Update service must be running on the virtual machine.
  • The virtual machine must be able to access Windows Update endpoints. If your virtual machine is configured to use Windows Server Update Services (WSUS), the relevant WSUS server endpoints must be accessible.
  • Use Compute API version 2020-06-01 or higher.

These requirements might change in the future during the preview phase (for the current requirements check out Microsoft Docs).

During the preview, this feature requires a one-time opt-in for the feature InGuestAutoPatchVMPreview per subscription. You can run the following Azure PowerShell or Azure CLI command.

Azure PowerShell:

# Register AzProvider
Register-AzProviderFeature -FeatureName InGuestAutoPatchVMPreview -ProviderNamespace Microsoft.Compute
 
# Check the registration status
Get-AzProviderFeature -FeatureName InGuestAutoPatchVMPreview -ProviderNamespace Microsoft.Compute
 
# Once the feature is registered for your subscription, complete the opt-in process by changing the Compute resource provider.
Register-AzResourceProvider -ProviderNamespace Microsoft.Compute

Now you can enable automatic VM guest patching for your Azure virtual machines within that subscription. To do that you can currently use the REST API, Azure PowerShell, or the Azure CLI.

With Azure CLI, you can use the az vm get-instance-view .

az vm update --resource-group test-autopatch-rg--name azwinvm01 --set osProfile.windowsConfiguration.enableAutomaticUpdates=true osProfile.windowsConfiguration.patchSettings.patchMode=AutomaticByPlatform

You can see that there are two important parameters for this cmdlet. First the -enableAutoUpdate and secondly the -PatchMode. There are currently three different patch orchestration modes you can configure.

AutomaticByPlatform

  • This mode enables automatic VM guest patching for the Windows virtual machine and subsequent patch installation is orchestrated by Azure.
  • Setting this mode also disables the native Automatic Updates on the Windows virtual machine to avoid duplication.
  • This mode is only supported for VMs that are created using the supported OS platform images above.

AutomaticByOS

  • This mode enables Automatic Updates on the Windows virtual machine, and patches are installed on the VM through Automatic Updates.
  • This mode is set by default if no other patch mode is specified.

Manual

  • This mode disables Automatic Updates on the Windows virtual machine.
  • This mode should be set when using custom patching solutions.

If you need more control, I recommend that you have a look at Azure Update Management, which is already publicly available and also supports Windows and Linux servers running in Azure or on-premises.

To verify whether automatic VM guest patching has completed and the patching extension is installed on the VM, you can review the VM’s instance view.

az vm get-instance-view --resource-group test-autopatch-rg --name azwinvm01

This will show you the following result:

Azure Automatic VM Guest OS Patching Status

Azure Automatic VM Guest OS Patching Status

You can also create the patch assessment on-demand.

Invoke-AzVmPatchAssessment -ResourceGroupName "myResourceGroup" -VMName "myVM"

I hope this provides you with an overview of the new Azure automatic VM guest patching feature. If you want to have some advanced capabilities to manage updates for your Azure VMs and even your servers running on-premises, check out Azure Update Management. This will provide you with some advanced settings and your own maintenance schedules. If you have any questions, feel free to leave a comment.



Azure Stack Hub Partner Solutions Series – Eversource

Azure Stack Hub Partner Solutions Series – Eversource

Together with the Azure Stack Hub team, we are starting a journey to explore the ways our customers and partners use, deploy, manage, and build solutions on the Azure Stack Hub platform. Together with the Tiberiu Radu (Azure Stack Hub PM @rctibi) and myself (Azure Cloud Advocate @ThomasMaurer), we created a new Azure Stack Hub Partner solution video series to show how our customers and partners use Azure Stack Hub in their Hybrid Cloud environment. In this series, as we will meet customers that are deploying Azure Stack Hub for their own internal departments, partners that run managed services on behalf of their customers, and a wide range of in-between as we look at how our various partners are using Azure Stack Hub to bring the power of the cloud on-premises.

Today, I want you to introduce you to Azure Stack Hub Partner Eversource. We start the are Azure Stack Hub Partner Solutions Series with a customer solution that is built across Azure and Azure Stack Hub, creating a consistent operational model and simplifying the deployment of workloads. Eversource Energy started their journey in Azure and needed an option to answer their regulated workloads, that need to be on-premises. See how their journey started and where they are today.

You can also watch the full video on Microsoft Channel 9.

Links mentioned through the video:

I hope this video was helpful and you enjoyed watching it. If you have any questions, feel free to leave a comment below. If you want to learn more about the Microsoft Azure Stack portfolio, check out my blog post.



ESPC20 Online Thomas Maurer

Speaking at ESPC20 Online

I am happy to let you know that I will be speaking at ESPC20 Online. This year ESPC20 will be a new virtual conference offering you affordable, world-class Microsoft 365 learning at your fingertips, from wherever you are in the world. Tune in live Oct 14th & 15th or catch up on-demand across 100+ sessions from SharePoint, Office 365 & Azure experts.

Next to great keynotes from Karuana Gatimu, Scott Guthrie, and Jeff Teper, I am happy to be part of one of the breakout sessions.

Join me for my ESPC20 Online session: Azure Hybrid – Learn about Hybrid Cloud Management with Azure

Windows Server, Azure Stack HCI, and Windows Admin Center not only provide you with great hyper-converged solutions but also enable you to connect to Azure Hybrid Cloud services. In this session, Thomas Maurer will show you how you can connect Azure services like Azure Site Recovery, Azure Backup, Azure File Sync, Azure Monitor and many more to your on-prem Windows Server and Azure Stack HCI environment. And how you can manage and implement governance for your hybrid servers from the cloud, using Azure Arc for servers.

ESPC is always top quality and I am truly looking forward to this year’s virtual conference. Check out some of ESPC’s reasons why you don’t want to miss this event.

Reasons to Attend ESPC20 Online

  • Refresh – With so much change, keep up with the product developments and practices that matter most.
  • Revitalise – Find new and better ways of working, to bring new energy and effectiveness to your work.
  • Investment – Invest in your team, yourself and your career by learning new skills or mastering current ones.
  • Access – With no travel, watch live or on-demand at a time that suits you from the comfort of your workspace.
  • Experts – Hear from the best of the best – Microsoft Product Team members, RDs, MVPs, MCMs and independent experts.
  • Depth – With levels catering from Level 100-400 there is something for everyone.
  • Network – Build your professional network online, with like-minded people from across the globe.
  • Vendors – Find the best solutions from the best local, European and Global providers.
  • Independence – Information and advice you can trust, learn what’s trendy and what works.
  • Breadth – Attend a variety of session types across the biggest SharePoint, Office 365 and Azure topics.
  • Affordability – Enjoy the quality of ESPC with incredibly affordable prices and options.

I hope to see you at ESPC20 Online!



Learn about Windows Server Hybrid and Azure IaaS VMs

Learn Windows Server Hybrid and Azure IaaS VMs

A couple of weeks back I promoted a post about how you can learn about Windows Server on Azure and a post on ITOpsTalk for New Microsoft Learn Modules for Azure and Windows Server IT Pros. This week I got another message by colleague Orin Thomas (Cloud Advocate and Author of the Windows Server 2019 Book), that a lot more Microsoft Learn modules have been published, covering Windows Server Hybrid and Windows Server on Azure IaaS VMs (Infrastructure-as-a-Service).

Learn about Windows Server Hybrid and Windows Server Azure IaaS VMs 🎓

Here is a full list of Microsoft Learn modules to learn about Windows Server Hybrid and Windows Server Azure IaaS VMs (virtual machines). This includes many of the Azure Hybrid Cloud services you can use together with Azure, like Azure Arc, Azure File Sync, Azure Site Recovery, and many more. These Microsoft Learn modules also cover a lot of the Azure Management services to manage your Windows Server virtual machines running on Azure, like Azure Monitor, Azure Update Management, networking, and much more.

I hope you enjoy the new Microsoft Learn modules for Windows Server Hybrid and Windows Server on Azure IaaS. If you have any questions feel free to leave a comment below. If you are looking forward to take some exams, also check out my Microsoft exam study guides, for example for:

Happy Learning!



Azure Architecture Best Practices Virtual Event

Azure Architecture Best Practices Virtual Event – October 20

As you might remember we did an Azure Architecture Best Practices Virtual Event back in August 2020. Since we got very high demand and great feedback, we decided to do a second event on October 20. So, I am happy to let you know about another free online event where I am presenting together with Microsoft Cloud Solution Architect, Dominik Zemp, about Azure Architecture Best Practices. This free virtual event will be on October 20 from 9:30am-12:00pm (CEST). In this session, you will learn about proven guidance that’s designed to help you, architect, create and implement the business and technology strategies necessary for your organization to succeed in the cloud. It provides best practices, documentation, and tools that cloud architects, IT professionals, and business decision-makers need to successfully achieve their short- and long-term objectives. We will be focusing on topics like the Cloud Adoption Framework and the new Enterprise-Scale landing zone architecture.

Azure Architecture Best Practices Virtual Event Agenda:

  • Introduction
  • Why Azure Architecture?
  • Introduction to the Cloud Adoption Framework
  • What is Enterprise-Scale?
    • Build landing zones with Enterprise-Scale
    • Critical design areas
    • Deployment using AzOps
    • Demo
  • Build on top of Enterprise-Scale – Well-Architected Framework for workloads and apps
  • Q&A

You can register for the event here: Microsoft Virtual Live Event

About the Speakers:

Dominik Zemp (Microsoft Cloud Solution Architect)

Dominik Zemp is a Cloud Solution Architect working with Global Swiss financial customers and has been working at Microsoft since 2008. Before Dominik changed role in late 2015, he worked as a Security and Identity Consultant in the Microsoft Services organization. Dominik’s focus areas are applications and infrastructure, including cloud-native applications, networking, and security. Dominik holds a Bachelor’s degree in IT with a Specialization in software systems.

Thomas Maurer (Microsoft Senior Cloud Advocate)

Thomas works as a Senior Cloud Advocate at Microsoft. He engages with the community and customers around the world to share his knowledge and collect feedback to improve the Azure cloud platform. Prior to joining the Azure engineering team (Cloud + AI), Thomas was a Lead Architect and Microsoft MVP, to help architect, implement and promote Microsoft cloud technology. If you want to know more about Thomas, check out his blog: www.thomasmaurer.ch and Twitter: www.twitter.com/thomasmaurer

I am really looking forward to the second Azure Architecture Best Practices virtual event, and I hope to see you there!

AZ-304 Study Guide Azure Architect Design Exam Study Guide

AZ-304 Study Guide Azure Architect Design Exam Study Guide

Also, check out my exam study guides to achieve the Microsoft Azure Solutions Architect Certification:



Filter for Azure VMs and Azure Arc Machines

Inventory for Azure Arc enabled Servers

Azure Arc for Servers allows you to manage servers running in your on-premises location, at the edge, or in a multi-cloud environment directly from the Azure portal. There are many features available to manage these hybrid Azure Arc enabled servers, like Log Analytics or Azure Arc Machine extensions. However, one of the basic features of Azure Arc enabled Servers, is that you can now get an inventory and overview of all your servers. This allows you to see and manage your Azure Arc enabled servers next to your Azure resources.

Inventory for Azure Arc enabled Servers and Azure VMs

Inventory for Azure Arc enabled Servers and Azure VMs.

You can see that your Azure Arc enabled servers show up as Azure resources. You can use the filter to limit the view to only Azure virtual machines (VMs), and Azure Arc enabled servers.