Jul212020July 21, 2020July 21, 20201Commentby Thomas Maurer
Download Azure Architecture Icons

Download New Azure Architecture Icons now!

Posted in Cloud, Microsoft, Microsoft Azure

With the latest Azure Portal refresh, Microsoft Azure got some new icons as well. If you want to draw some Azure architecture diagrams you can now download the latest Azure Architecture Icons from the Azure Architecture Center.

Customers and partners are permitted by Microsoft to use the Azure icons to create architecture diagrams. They are designed as a family. The icons can also be used in training manuals or documentation about a Microsoft product. The full name of the icon must always be used in proximity to the icon, but never locked to appear like a logo.

Also, make sure you aware of the do’s and don’ts on how to use the Azure Architecture Icons.

Do’s

  • Use the icon to illustrate how products can work together
  • In diagrams, make sure to include the product name somewhere close to the icon
  • In text, at first mention use the full product name: Microsoft Azure (insert name)

Don’ts

  • Never put the product name so close to the icon that it appears to be a logo
  • Don’t crop, flip or rotate icons
  • Don’t distort or change icon shape in any way
  • Don’t use Microsoft product icons to represent your product or service

To download the Azure Architecture Icons go to the Microsoft Architecture Center. If you have any questions, feel free to leave a comment. If you are interested in becoming a Microsoft Certified Azure Solutions Architect, check out my exam study guides for AZ-303 Microsoft Azure Architect Technologies and AZ-304 Microsoft Azure Architect Design.


Jul192020July 19, 2020July 19, 20200Commentby Thomas Maurer
Windows Server on Microsoft Azure

Learn about Windows Server on Microsoft Azure

Posted in Cloud, Hybrid Cloud, Microsoft, Microsoft Azure, Windows Server, Windows Server 2019

As many of you know, Microsoft Azure is the best cloud to run Windows Server workloads. Last week the team published two new Microsoft Learn Learning paths, where you can learn more about how to run Windows Server on Azure. The first two learning paths available are “implement Windows Server IaaS VM networking” and “implement Windows Server IaaS VM Identity”. These two learning paths offer a couple of modules around the specific topics.

Implement Windows Server IaaS VM networking

In this learning path, you’ll learn about Azure IaaS networking and identity. After completing the learning path, you’ll be able to implement IP addressing, manage DNS, and deploy and manage domain controllers in Azure.

Modules

  • Implement Windows Server IaaS VM IP addressing and routing
    In this module, you’ll learn how to manage Microsoft Azure virtual networks (VNets) and IP address configuration for Windows Server infrastructure as a service (IaaS) virtual machines (VM)s.
  • Implement DNS for Windows Server IaaS VMs
    In this module, you’ll learn to configure DNS for Windows Server IaaS VMs, choose the appropriate DNS solution for your organization’s needs, and run a DNS server in a Windows Server Azure IaaS VM.
  • Implement Windows Server IaaS VM network security
    In this module, you will focus on how to improve the network security for Windows Server infrastructure as a service (IaaS) virtual machines (VMs) and how to diagnose network security issues with those VMs.

You can find the full learning path on Microsoft Learn.

Implement Windows Server IaaS VM Identity

After completing this learning path, you’ll know how to implement identity in Azure. You’ll be able to extend an existing on-premises Active Directory identity service into Azure.

Modules

You can find the full learning path on Microsoft Learn.

Prerequisites for the learning paths

Before you take the learning path, make sure you are familiar with the prerequisites.

  • Experience with managing Windows Server operating system and Windows Server workloads in on-premises scenarios, including AD DS, DNS, DFS, Hyper-V, and File and Storage Services.
  • Experience with common Windows Server management tools (implied by the first prerequisite).
  • Basic knowledge of core Microsoft compute, storage, networking, and virtualization technologies (implied by the first prerequisite).
  • Basic knowledge of on-premises resiliency Windows Server-based compute and storage technologies (Failover Clustering, Storage Spaces).
  • Basic experience with implementing and managing IaaS services in Microsoft Azure.
  • Basic knowledge of Azure Active Directory.
  • Basic understanding security-related technologies (firewalls, encryption, multi-factor authentication, SIEM/SOAR).
  • Basic knowledge of PowerShell scripting.
  • An understanding of the following concepts as related to Windows Server technologies:
    • High Availability and Disaster Recovery
    • Automation
    • Monitoring

Learn more

There are even more learning paths for different technologies available on Microsoft Learn. If you want to learn more about Windows Server on Azure, check out the following resources:

  • Windows Server on Azure (link)
  • Ultimate Guide to Windows Server on Azure (link)
  • Migration Guide for Windows Server (link)
  • Windows virtual machines in Azure (link)

Windows Server on Azure is not just great because of the unmatched security features or the hybrid integration, Microsoft Azure also offers three years of extended security updates for your Windows Server 2008 and 2008 R2 servers for free, and the option to of bringing your on-premises licenses to the cloud, which provide substantial cost savings.

I hope this blog post was helpful to make you aware of the different options to learn about Windows Server on Azure. If you have additional resources or any questions, feel free to leave a comment.


Jul162020July 16, 2020July 16, 20200Commentby Thomas Maurer
Create Custom Script Extension for Windows - Azure Arc

How to Run Custom Scripts on Azure Arc Enabled Servers

Posted in Azure Arc, Cloud, Hybrid Cloud, Microsoft, Microsoft Azure, PowerShell, Windows Server

With the latest update for Azure Arc for Servers, you are now able to deploy and use extensions with your Azure Arc enabled servers. With the Custom Script extension, you can run scripts on Azure Arc enabled servers and works similar to the custom script extension for Azure virtual machines (VMs). There is an extension for Windows and Linux servers, which is a tool that can be used to launch and execute machine customization tasks post configuration automatically.

When this Extension is added to an Azure Arc machine, it can download PowerShell and shell scripts and files from Azure storage and launch a script on the machine, which in turn can download additional software components. Custom Script Extension for Linux and Windows – Azure Arc tasks can also be automated using the Azure PowerShell cmdlets and Azure Cross-Platform Command-Line Interface (Azure CLI).

Introducing Azure Arc
For customers who want to simplify complex and distributed environments across on-premises, edge and multicloud, Azure Arc enables deployment of Azure services anywhere and extends Azure management to any infrastructure.
Learn more about Azure Arc here.

How to run Custom Scripts on Azure Arc enabled servers

To run a custom script on an Azure Arc enabled server, you can simply deploy the Custom Script Extension. You open the server you want to run the custom script in the Azure Arc server overview. Navigate to Extensions and click on Add, and select the Custom Script Extension for Windows – Azure Arc or on Linux the Custom Script Extension for Linux – Azure Arc.

Add Custom Script Extension

Add Custom Script Extension

Now you can select the PowerShell or shell script you want to run on that machine, as well as adding some optional arguments for that script.

Create Custom Script Extension for Windows - Azure Arc

Create Custom Script Extension for Windows – Azure Arc

After that, it will take a couple of minutes to run the script on the machine.

Conclusion

The Custom Script Extensions for Linux and Windows can be used to launch and execute machine customization tasks post configuration automatically.

You can learn more about how Azure Arc provides you with cloud-native management technologies for your hybrid cloud environment here, and you can find the documentation for Azure Arc enabled servers on Microsoft Docs.

If you have any questions or comments, feel free to leave a comment below.


Jul142020July 14, 2020July 13, 20200Commentby Thomas Maurer
Azure Arc Servers Log Analytics

Azure Log Analytics for Azure Arc Enabled Servers

Posted in Azure Arc, Cloud, Hybrid Cloud, Microsoft, Microsoft Azure, Windows Server, Windows Server 2019, Work

In this blog post, we are going to have a quick look at how you can access Azure Log Analytics data using Azure Arc for Servers. The Azure Log Analytics agent was developed for management across virtual machines in any cloud, on-premises machines, and those monitored by System Center Operations Manager. The Windows and Linux agents send collected data from different sources to your Log Analytics workspace in Azure Monitor, as well as any unique logs or metrics as defined in a monitoring solution. When you want to access these logs and run queries against these logs, you will need to have access to the Azure Log Analytics workspace. However, in many cases, you don’t want everyone having access to the full workspace. Azure Arc for Servers provides RBAC access to log data collected by the Log Analytics agent, stored in the Log Analytics workspace the machine is registered.

Introducing Azure Arc
For customers who want to simplify complex and distributed environments across on-premises, edge and multicloud, Azure Arc enables deployment of Azure services anywhere and extends Azure management to any infrastructure.
Learn more about Azure Arc here.

How to enable Log Analytics for Azure Arc Enabled Servers

To enable log collection, you will need to install the Microsoft Monitoring Agent (MMA) on your Azure Arc enabled server. You can do this manually for Windows and Linux machines, or you can use the new extension for Azure Arc enabled servers. If you already have the MMA agent installed, you can start using logs in Azure Arc immediately.

Create Microsoft Monitoring Agent - Azure Arc

Create Microsoft Monitoring Agent – Azure Arc

After you have installed the agent, it can take a couple of minutes until the log data shows up in the Azure Log Analytics workspace. After the logs are collected in the workspace, you can access them with Azure Arc.

Azure Arc Servers Log Analytics

Azure Arc Servers Log Analytics

Now you can run queries using the Keyword Query Language (KQL) as you would in the Azure Log Analytics workspace, but limited to the logs for that specific server.

Conclusion

With Azure Arc for Servers, we can use role-based access controls to logs from a specific server running on-prem or at another cloud provider, without having access to all the logs in the log analytics workspace.

You can learn more about how Azure Arc provides you with cloud-native management technologies for your hybrid cloud environment here, and you can find the documentation for Azure Arc enabled servers on Microsoft Docs.

If you have any questions or comments, feel free to leave a comment below.


Jul102020July 10, 2020July 10, 20200Commentby Thomas Maurer
Azure Arc enabled SQL Server

Azure Arc enabled SQL Server Preview is now available

Posted in Azure Arc, Cloud, Hybrid Cloud, Microsoft, Microsoft Azure, SQL Server, Windows Server

As you know, I do a lot of work on Hybrid Cloud topics like Azure Arc, which allows you to extend Azure management and Azure services to any infrastructure. I talk a lot about how you can use Microsoft Azure to manage your servers running on-premises or at other cloud providers, or how you can connect and manage Kubernetes clusters. The Azure Data services team at Microsoft Ignite 2019 also announced the private preview of Azure Arc Data services, which allow you to deploy services like Azure SQL on any infrastructure. This week they had another news to share, and it is the private preview of Azure Arc enabled SQL Server. With Azure Arc enabled SQL Server, you can use the Azure Portal to register and track the inventory of your SQL Server instances across on-premises, edge sites, and multi-cloud in a single view. You can also take advantage of Azure security services, such as Azure Security Center and Azure Sentinel.

Onboarding SQL Server to Azure Arc

Onboarding SQL Server to Azure Arc

The preview of Azure Arc enabled SQL Server Preview includes the following features:

  • Use the Azure Portal to register and track the inventory of your SQL Server instances across on-premises, edge sites, and multi-cloud in a single view.
  • Use Azure Security Center to produce a comprehensive report of vulnerabilities in SQL Servers and get advanced, real-time security alerts for threats to SQL Servers and the OS.
  • Investigate threats in SQL Servers using Azure Sentinel.
Azure Security Center assessment of on-premises SQL Server

Azure Security Center assessment of on-premises SQL Server

You can register any Windows or Linux based SQL Server to track your inventory. Azure Security Center’s advanced data security works on Windows-based SQL Server version 2012 or higher, running on physical or virtual machines and hosted on any infrastructure outside of Azure.

If you are interested in participating in this preview, check out the official blog post. If you have any questions, feel free to leave a comment.


Jul092020July 9, 2020July 9, 20201Commentby Thomas Maurer
Add Microsoft Monitoring Agent Extension

How to Add the Microsoft Monitoring Agent to Azure Arc Servers

Posted in Azure Arc, Cloud, Hybrid Cloud, Microsoft, Microsoft Azure, Windows Server

To use some of the functionality with Azure Arc enabled servers, like Azure Update Management, Inventory, Change Tracking, Logs, and more, you will need to install the Microsoft Monitoring Agent (MMA). In this blog post, we are going to have a look at how you can install the Microsoft Monitoring Agent (MMA) on an Azure Arc enabled server using extensions.

Introducing Azure Arc
For customers who want to simplify complex and distributed environments across on-premises, edge and multicloud, Azure Arc enables deployment of Azure services anywhere and extends Azure management to any infrastructure.
Learn more about Azure Arc here.

You can learn more about the manual MMA setup on Microsoft Docs.

How to install the Microsoft Monitoring Agent on Azure Arc enabled servers

To install the Microsoft Monitoring Agent (MMA) you can use the new extension in Azure Arc. You open the server you want to install the MMA agent in the Azure Arc server overview. Navigate to Extensions and click on Add, and select the Microsoft Monitoring Agent – Azure Arc. This works for Windows and Linux servers.

Add Microsoft Monitoring Agent Extension

Add Microsoft Monitoring Agent Extension

Now you can enter the Azure Log Analytics workspace ID and the key. This will create a job and install the Microsoft Monitoring Agent on the server.

Create Microsoft Monitoring Agent - Azure Arc

Workspace ID and Key

After that, you can start using features like Azure Log Analytics, Inventory, Change Tracking, Update Management, and more. You can also do this manually for Windows and Linux machines.

Conclusion

Azure Arc for servers makes it super simple to deploy the Microsoft Monitoring Agent to servers running on-premises or at other cloud providers.

You can learn more about how Azure Arc provides you with cloud-native management technologies for your hybrid cloud environment here, and you can find the documentation for Azure Arc enabled servers on Microsoft Docs.

If you have any questions or comments, feel free to leave a comment below.


Jul072020July 7, 2020July 7, 20201Commentby Thomas Maurer
How to Manage Hyper-V VM Checkpoints with PowerShell

How to Manage Hyper-V VM Checkpoints with PowerShell

Posted in Hyper-V, Microsoft, PowerShell, Virtualization, Windows, Windows 10, Windows Server 2012 R2, Windows Server 2016, Windows Server 2019

In this blog post we are going to have a look at how you can create, manage, apply, and remove VM Checkpoints in Hyper-V using PowerShell. Hyper-V virtual machine (VM) checkpoints are one of the great benefits of virtualization. Before Windows Server 2012 R2, they were known as virtual machine snapshots. VM Checkpoints in Hyper-V allow you to save the system state of a VM to a specific time and then revert back to that state if you need to. This is great if you are testing software and configuration changes, or if you have a demo environment, which you want to reset.

Hyper-V VM Checkpoint Types

Before we got on how you can manage Hyper-V VM Checkpoints with PowerShell, let me first explain the two different types. Since Windows Server 2016 and Windows 10, Hyper-V includes two types of checkpoints, Standard Checkpoints, and Production Checkpoints.

  • Standard Checkpoints: takes a snapshot of the virtual machine and virtual machine memory state at the time the checkpoint is initiated. A snapshot is not a full backup and can cause data consistency issues with systems that replicate data between different nodes such as Active Directory. Hyper-V only offered standard checkpoints (formerly called snapshots) prior to Windows 10.
  • Production Checkpoints: uses Volume Shadow Copy Service or File System Freeze on a Linux virtual machine to create a data-consistent backup of the virtual machine. No snapshot of the virtual machine memory state is taken.

You can set up these settings in Hyper-V Manager or in PowerShell.

Hyper-V VM Checkpoint Types

Hyper-V VM Checkpoint Types

If you are using PowerShell to configure Checkpoints for virtual machines these commands may help you.

Configure and set VM for Standard Checkpoints

Set-VM -Name "Windows10" -CheckpointType Standard

Set VM to Production Checkpoints, if the production checkpoint fails a Standard Checkpoint is created

 Set-VM -Name "Windows10" -CheckpointType Production

Set VM to only use Production Checkpoints

 Set-VM -Name "Windows10" -CheckpointType ProductionOnly

Disable VM Checkpoints for the Hyper-V virtual machine

 Set-VM -Name "Windows10" -CheckpointType Disabled

Managing Hyper-V VM Checkpoints using PowerShell

Create VM Checkpoints

You can create a new VM Checkpoint with PowerShell, you can round the following command:

Checkpoint-VM -Name "Windows10"

You can find more on the cmdlet on Microsoft Docs.

You can list the VM Checkpoints of a Hyper-V VM:

Get-VMCheckpoint -VMName "Windows10"

How to Manage Hyper-V VM Checkpoints with PowerShell

How to Manage Hyper-V VM Checkpoints with PowerShell

Applying Hyper-V VM checkpoints using PowerShell

If you want to revert your virtual machine state to a previous point-in-time, you can apply an existing checkpoint, using the following PowerShell command.

Restore-VMCheckpoint -Name "checkpoint name" -VMName "Windows10" -Confirm:$false

You can find more information about the cmdlet here.

Renaming checkpoints

To rename a checkpoint you can use the following command

Rename-VMCheckpoint -VMName "Windows10" -Name "Checkpointname" -NewName "MyNewCheckpointName"

Deleting checkpoints

You can also delete or remove a Hyper-V VM checkpoint with the following PowerShell command. This will merge the .avhdx files in the background.

Remove-VMCheckpoint -VMName "Windows10" -Name "Checkpointname"

Conclusion

I hope this blog post gives you a great overview on how you can manage, apply, restore, and remove Hyper-V VM Checkpoints using PowerShell. You can learn more about Hyper-V virtual machine checkpoints on Microsoft Docs. If you have any questions, feel free to leave a comment.



  • Follow Me

  • About

    Thomas Maurer

    My name is Thomas Maurer. I am a Senior Cloud Advocate at Microsoft. I am part of the Azure engineering team (Cloud + AI) and engage with the community and customers around the world. I am located in Switzerland. I am focusing on Microsoft technologies, especially cloud and datacenter solutions based on Microsoft Azure, Azure Stack and Windows Server. Opinions are my own.

  • Get Updates

  • Sponsor

  • Sponsor

    Starwind

  • Sponsor

    SquaredUp Ad

  • Sponsor

    Altaro Ad