Category: Windows Server

Last updated by at .

Azure Update Management Resource Group

Azure Update Management using Windows Admin Center

I already posted a couple of blogs about the Windows Admin Center. For example how you can use and configure Azure Backup or how you can configure the Azure Network Adapter directly from Windows Admin Center. Windows Admin Center does also allow you to manage Windows Updates on your Windows Server. However, if you want to have some more control over your updates and have a centralized orchestration for updates, Azure Update Management can help you. You can use the Update Management solution in Azure Automation to manage operating system updates for your Windows and Linux computers that are deployed in Azure, in on-premises environments, or in other cloud providers. With Windows Admin Center you will get a direct integration with Azure Update Management.

Setup Azure Update Management in Windows Admin Center

Windows Admin Center Windows Update Management

Setting up Azure Update management in Windows Admin Center is very simple. First you will need to register your WAC installation with Azure, if you haven’t done this already. After that you go to the Update extension and you will find a button to Set up now.

Windows Admin Center Setup Azure Update Management

Now you can configure Azure Update Management from Windows Admin Center. You can select your Azure Subscription where you want to deploy the solution. You can select an existing Resource Group and Log Analytics Workspace, or you can create a complete new setup.

Windows Admin Center Configured Azure Update Management

This will install the Microsoft Monitoring Agent on your Windows Server, which is used for the Azure Update Management.

Azure Update Management Resource Group

If you create a new setup, this will also create all the resources in Azure, like the Resource Group, Log Analytics Workspace, Azure Automation Account and adding the Update Solution.

Azure Update Management

Now you can start managing the Windows Updates centralized from Azure Update Management.

Azure Update Management supports not only Windows Server 2019 and Windows Server 2016, it supports Windows Server 2008 R2 SP1 and later.

This again shows Microsoft efforts to build Hybrid Cloud functionality directly into Windows Server and Windows Admin Center. This should help especially administrators, which are mostly managing on-premises environments, to extend and benefit from Microsoft Azure.



Remove All Docker Container Images

New Windows Server 2019 Container Images

Microsoft today released the new Windows Server 2019 again. After they quickly released Windows Server 2019 during Microsoft Ignite, they removed the builds again, after some quality issues. However, today Microsoft made the Windows Server 2019 builds available again. Microsoft also released new Windows Server 2019 Container Images for Windows, Windows Server Core and Nano Server.

Download Windows Server 2019 Container Images

You can get them from the new Microsoft Container Registry (MCR).

Microsoft was hosting their container images on Docker Hub until they switch to MCR (Microsoft Container Registry). This is now the source for all Windows Container Images like Windows Server 2019, Windows Server 2016 and all the Semi-Annual Channel releases like Windows Server, version 1709 or Windows Server, version 1803.

Download the Windows Server 2019 Semi-Annual Channel Container Images (Windows Server, version 1809). This includes also the new Windows Container Image.

The Windows Server Core Image is also available as a Long-Term Servicing Channel Image:

However, if you want to browse through container images, Docker Hub continues to be the right place to discover container images. Steve Lasker wrote a blog post about how Microsoft syndicates the container catalog and why.

Download Windows Server 2016 and Windows Server SAC Container Images

Also the existing Windows Server 2016 and Windows Server, version 1803 and Windows Server 1709 container images moved to the Microsoft Container Registry (MCR).

You should also make sure to update your Dockerfile references:

Old Windows Server Dockerfile reference

FROM microsoft/windowsservercore:ltsc2016

New Windows Server Dockerfile reference

FROM mcr.microsoft.com/windows/servercore:ltsc2016

Removing the “latest” tag from Windows Images

Starting 2019, Microsoft is also deprecating the “latest” tag for their container images.

We strongly encourage you to instead declare the specific container tag you’d like to run in production. The ‘latest’ tag is the opposite of specific; it doesn’t tell the user anything about what version the container actually is apart from the image name. You can read more about version compatibility and selecting the appropriate tag on our container docs.

Removing Container Images

Remove All Docker Container Images

If you want to remove existing container images from your PC, you can run docker rmi to remove a specific image. You can also remove all containers and container images with the following commands:

If you want to know more about Windows Containers and the Microsoft container eco system, visit the Microsoft container docs.



Thomas Maurer Speaking at Geekmania

Speaking at Geekmania 2018

This week one of my last speaking engagements for 2018 is coming up, which will be Geekmania 2018. I am happy to be again one of the speakers at the Swiss Geekmania conference. Geekmania is focused on IT Pro topics around Microsoft technology. This Friday (9.11.2018) 18 speakers will speak in 3 parallels tracks in 24 sessions, covering the latest and greatest about Windows, Windows Server, System Center and Azure.

My session will focus on Microsoft Azure Stack:

Azure Stack – Your Cloud Your Datacenter (German)

Microsoft Azure Stack ist nun verfügbar als Azure Appliance in ihrem Datacenter. Lernen sie was Azure Stack ist und wie Azure Stack als Erweiterung zu Microsoft Azure nutzen können, um services in einer Hybrid Cloud bereitzustellen.

Next to me there will be a lot of great community speakers present. Geekmania is always a lot of fun, so hopefully see you there!



Thomas Maurer speaking at Experts Live Europe

Azure Stack Operations Interview at Experts Live Europe

As you may know I was speaking at Experts Live Europe 2018 in Prague a couple of days ago, which was a lot of fun. In my sessions, I was talking about Azure Stack Operations and Windows Server 2019. Between does sessions I had time to quickly talk about Azure Stack Operations and Experts Live Europe in a short interview.

I really enjoyed the conference and hopefully I will be back next year. If you want to see more videos from Experts Live Europe 2018, check out the Experts Live TV YouTube channel. Thanks to the Experts Live team for the great conference and the great opportunity to speak there.



E2EVC

Speaking at E2EVC 2018 Athens

I am back from some great travel and speaking opportunities like Experts Live Europe 2018 last week. That said, I’m happy to speak at the E2EVC Conference in Athens this week. E2EVC stands for Experts 2 Experts Virtualization Conference, and brings the best people together to talk about virtualization. This will be my 11th E2EVC, I was speaking in many events since 2012 in cities like Rome, Hamburg, Dublin, Copenhagen, Brussels and last year in Prague. I am really happy to speak at this event again.

In my session I will speak about the great new feature in Windows Server 2019.

Windows Server 2019 - The Next Generation of Software-Defined Datacenter

Join this session for the best of Windows Server 2019, about the new innovation and improvements of Windows Server. Learn how Microsoft enhances the SDDC feature like Hyper-V, Storage and Networking and get the most out of the new Azure Hybrid Integration and Container features. You’ll get an overview about the new, exciting improvements that are in Windows Server and how they’ll improve your day-to-day job.   In this presentation Thomas Maurer (Microsoft MVP) will guide you through the highly anticipated innovations in Windows Server 2019 and the Semi-Annual Channel including: ○ Windows Server Containers ○ Azure Integration ○ Hyper-V features ○ Storage ○ Networking ○ Security ○ Windows Server Containers And more!

About E2EVC

E2EVC Virtualization Conference is a non-commercial, virtualization community event. The main goal of the E2EVC is to bring the best virtualization experts together to exchange knowledge and to establish new connections. E2EVC is a weekend crammed with presentations, Master Classes and discussions delivered by both virtualization vendors product teams and independent experts. I am happy to be part of the community and listen to other industry leading experts.

I am looking forward to the E2EVC and hopefully see you in Athens.



Windows Insider - Insiders2Campus

Windows Insider – Insiders2Campus visit in Redmond

If you have been following on social media in the last couple of days, you might have seen that I had the chance to speak at different conferences and events like SCOM Day in Gothenburg and Cloud Camp in Dublin. I also had the possibility to visit the Microsoft Campus in Redmond, and meet with the Windows Insider team. I was one of the lucky winners of the Insiders2Campus contest this summer and as a price I had was able to meet with the Windows team.

I have been a Windows Insider for the first day, and I am always excited to try out new features and give feedback to the engineering teams. Having the chance to meet with the team behind the Windows Insider program, was a great opportunity. I was able to visit the Microsoft Campus a couple of times already, for example for the Microsoft MVP Summits. But the Windows Insider team organized some special visits on places I never really had access to before.

Microsoft Garage

We had the chance to visit the Microsoft Garage. The Garage is a resource to Microsoft employees that supports and encourages problem solving in new and innovative ways, ultimately empowering people to achieve more. It is also a great place for hackathons within Microsoft. This is the place where cool Microsoft products like Microsoft Launcher for Android and the Outlook plugin, FindTime were created.

Microsoft Treehouse

Another place which you need to visit if you are on the Microsoft Campus, is the Microsoft Treehouse office. The Treehouse is basically an outdoor meeting space in the trees.

Tom Microsoft HoloLens

As part of the Windows Insiders2Campus visit, we also had the chance to try out Microsoft HoloLens and other Microsoft products.

There was obviously a lot more to see, like the Microsoft Envisioning Center, the Surface Lab and much more. But the greatest thing really was to meet the team behind the products. Really big thanks to the Windows Insider team, which made this possible. I think this was an unforgettable experience and if you ever have the chance to visit the Microsoft Campus in Redmond, it is definitely worth a visit.

If you are interested becoming a Windows Insider for Windows 10, Windows Server or other products and services, check out the Windows Insider site.



Azure Confidential Compute VM Deployment

Protect Workloads with Azure Confidential Computing

A year ago Microsoft announced that they were working on a new technology in Azure to protect and encrypt data in use, called Azure Confidential Computing. If you are moving sensitive data to the cloud, you also want to encrypt it. Today, you can do this for data in transit and data at rest, however data in use is a challenge. Azure Confidential Computing addresses exactly that scenario, and helps you to encrypt data in use. Microsoft was running a private preview program in the last year, and at Microsoft Ignite this year, Microsoft opened up a public preview.

What is Azure Confidential Computing

Azure Confidential Computing together with Intel SGX technology addresses the following threads:

  • Malicious insiders with administrative privilege or direct access to hardware on which it is being processed
  • Hackers and malware that exploit bugs in the operating system, application, or hypervisor
  • Third parties accessing it without their consent

There are ways to secure data at rest and in transit, but you need to protect your data from threats as it’s being processed. Now you can. Confidential computing adds new data security capabilities using trusted execution environments (TEEs) or encryption mechanisms to protect your data while in use. TEEs are hardware or software implementations that safeguard data being processed from access outside the TEE. The hardware provides a protected container by securing a portion of the processor and memory. Only authorized code is permitted to run and to access data, so code and data are protected against viewing and modification from outside of TEE.