Tag: Azure

Azure Arc enabled SQL Server

Azure Arc enabled SQL Server Preview is now available

As you know, I do a lot of work on Hybrid Cloud topics like Azure Arc, which allows you to extend Azure management and Azure services to any infrastructure. I talk a lot about how you can use Microsoft Azure to manage your servers running on-premises or at other cloud providers, or how you can connect and manage Kubernetes clusters. The Azure Data services team at Microsoft Ignite 2019 also announced the private preview of Azure Arc Data services, which allow you to deploy services like Azure SQL on any infrastructure. This week they had another news to share, and it is the private preview of Azure Arc enabled SQL Server. With Azure Arc enabled SQL Server, you can use the Azure Portal to register and track the inventory of your SQL Server instances across on-premises, edge sites, and multi-cloud in a single view. You can also take advantage of Azure security services, such as Azure Security Center and Azure Sentinel.

Onboarding SQL Server to Azure Arc

Onboarding SQL Server to Azure Arc

The preview of Azure Arc enabled SQL Server Preview includes the following features:

  • Use the Azure Portal to register and track the inventory of your SQL Server instances across on-premises, edge sites, and multi-cloud in a single view.
  • Use Azure Security Center to produce a comprehensive report of vulnerabilities in SQL Servers and get advanced, real-time security alerts for threats to SQL Servers and the OS.
  • Investigate threats in SQL Servers using Azure Sentinel.
Azure Security Center assessment of on-premises SQL Server

Azure Security Center assessment of on-premises SQL Server

You can register any Windows or Linux based SQL Server to track your inventory. Azure Security Center’s advanced data security works on Windows-based SQL Server version 2012 or higher, running on physical or virtual machines and hosted on any infrastructure outside of Azure.

If you are interested in participating in this preview, check out the official blog post. If you have any questions, feel free to leave a comment.



Add Microsoft Monitoring Agent Extension

How to Add the Microsoft Monitoring Agent to Azure Arc Servers

To use some of the functionality with Azure Arc enabled servers, like Azure Update Management, Inventory, Change Tracking, Logs, and more, you will need to install the Microsoft Monitoring Agent (MMA). In this blog post, we are going to have a look at how you can install the Microsoft Monitoring Agent (MMA) on an Azure Arc enabled server using extensions.

Introducing Azure Arc
For customers who want to simplify complex and distributed environments across on-premises, edge and multicloud, Azure Arc enables deployment of Azure services anywhere and extends Azure management to any infrastructure.
Learn more about Azure Arc here.

You can learn more about the manual MMA setup on Microsoft Docs.

How to install the Microsoft Monitoring Agent on Azure Arc enabled servers

To install the Microsoft Monitoring Agent (MMA) you can use the new extension in Azure Arc. You open the server you want to install the MMA agent in the Azure Arc server overview. Navigate to Extensions and click on Add, and select the Microsoft Monitoring Agent – Azure Arc. This works for Windows and Linux servers.

Add Microsoft Monitoring Agent Extension

Add Microsoft Monitoring Agent Extension

Now you can enter the Azure Log Analytics workspace ID and the key. This will create a job and install the Microsoft Monitoring Agent on the server.

Create Microsoft Monitoring Agent - Azure Arc

Workspace ID and Key

After that, you can start using features like Azure Log Analytics, Inventory, Change Tracking, Update Management, and more. You can also do this manually for Windows and Linux machines.

Conclusion

Azure Arc for servers makes it super simple to deploy the Microsoft Monitoring Agent to servers running on-premises or at other cloud providers.

You can learn more about how Azure Arc provides you with cloud-native management technologies for your hybrid cloud environment here, and you can find the documentation for Azure Arc enabled servers on Microsoft Docs.

If you have any questions or comments, feel free to leave a comment below.



Run Azure Container Instances from the Docker CLI

Run Azure Container Instances from the Docker CLI

Earlier Docker announced the partnership with Microsoft to bring support to run Azure Container Instances (ACI) from the Docker CLI. Yesterday, Docker announced and released the first Docker Desktop Edge version (2.3.2), which allows you to try out that new feature. Azure Container Instances (ACI) allow you to run Docker containers on-demand in a managed, serverless Azure environment. Azure Container Instances is a solution for any scenario that can operate in isolated containers, without orchestration.

Run Azure Container Instances from the Docker CLI

To be able to run ACI containers using the Docker CLI, Docker expanded the existing docker context command to support ACI as a new backend. To start using this new feature you will need to run Docker Desktop Edge version 2.3.2 and an Azure subscription. You can create a free Azure account with 12 months of free services, $200 credit, and over 25 services which are always free.

Docker Desktop Azure ACI Integration

Docker Desktop Azure ACI Integration

Now you can start your Docker CLI and login to Azure:

docker login azure

After you are logged in, you will need to create a new ACI context. You can simply use “docker context create aci” command and add your Azure subscription and Resource Group, or the CLI will provide you with an Interactive experience.

docker context create aci myazure

With “docker context ls” you can see the added ACI context.

docker context ls

Docker Desktop CLI create Azure Container Instance ACI Context Integration

Docker Desktop CLI create Azure Container Instance ACI Context Integration

Now you can switch to the newly added ACI context.

docker context use myazure

Now you can start running containers directly on Azure Container Instance using the Docker CLI.

docker run -d -p 80:80 mycontainer

You can also see the running containers using docker ps.

docker ps

Run Azure Container Instances from the Docker CLI

Run Azure Container Instances from the Docker CLI

This will also show you the public IP address of your running container to access it. In my example I used a demo container, however, you can also use your own container which you pushed to a container registry like Docker Hub.

You can also run multi-container applications using Docker Compose. You can find an example for that here.

Try Azure Container Instances from the Docker CLI

This new experience is now available as part of Docker Desktop Edge 2.3.2 . To get started, simply download the latest Edge release or update if you are already on Desktop Edge and create a free Azure account with 12 months of free services, $200 credit, and over 25 services which are always free.

Conclusion

I hope this gives you a short overview of how you can use the Docker CLI to directly run Docker containers in Azure Container Instances (ACI). If you have any questions, feel free to leave a comment.

There are also many other great examples like running Docker Linux containers on Windows, using the Windows Subsystem for Linux 2 (WSL 2).



AZ-104 Microsoft Certified Azure Administrator Associate

Passed AZ-104 Microsoft Azure Administrator Exam

I just got the great mail in my inbox that I passed the AZ-104 Microsoft Azure Administrator exam to receive and renew the Microsoft Certified: Azure Administrator Associate certification. Back in 2018, I got certified as an Azure Administrator doing the AZ-102 transition exam, which kind of later became AZ-103. Now, after two years it was time to renew my Microsoft Certified Azure Administrator certification. I took the AZ-104 Microsoft Azure Administrator beta exam online at the beginning of April. When you take a beta exam you get the test results after a couple of days the exam in generally launched, and today was the day.

What is the AZ-104 Microsoft Azure Administrator exam?

The AZ-104 exam is focused on Azure Administrators who implement, manage, and monitor identity, governance, storage, compute, and virtual networks in a cloud environment. It is the only exam you need to pass to get the Microsoft Certified: Azure Administrator Associate.

The Azure Administrator implements, manages, and monitors identity, governance, storage, compute, and virtual networks in a cloud environment. The Azure Administrator will provision, size, monitor, and adjust resources as appropriate.

Candidates should have a minimum of six months of hands-on experience administering Azure. Candidates should have a strong understanding of core Azure services, Azure workloads, security, and governance. Candidates for this exam should have experience in using PowerShell, the Command Line Interface, Azure Portal, and ARM templates.

The high-level view of the skills measured in the exam:

  • Manage Azure identities and governance (15-20%)
  • Implement and manage storage (10-15%)
  • Deploy and manage Azure compute resources (25-30%)
  • Configure and manage virtual networking (30-35%)
  • Monitor and back up Azure resources (10-15%)

How to prepare and pass the AZ-104 Microsoft Azure Administrator exam

The skills measured in AZ-104 are a mix of Azure Administrator tasks focusing on Azure Infrastructure and deployment, Azure Integration, governance and configuration. If you are just getting started with Microsoft Azure, I recommend that you take first the exam AZ-900 Azure Fundamentals. This is not a required exam, but it is a great way to validate your knowledge and get started with the cloud. If you feel comfortable you can directly start with the Azure Administrator Associate exam. I have written an AZ-104 Microsoft Azure Administrator exam study guide, with all the information and resources I used to prepare for the exam.

AZ-104 Azure Administrator Exam Study Guide

AZ-104 Azure Administrator Exam Study Guide

I also have a blog post on generally prepare for Microsoft certification exams as well as some tips on how to take Microsoft exams.

Conclusion

Are you also interested in becoming Microsoft Azure Certified? Check out my blog posts about why you should become Microsoft Azure Certifiedhow to pick the right Azure exam certification path and how to prepare and pass a Microsoft Azure certification exam. I hope this helps you to prepare, study, and pass the AZ-104 exam.

I am super happy I passed AZ-104 Microsoft Azure Administrator exam, it is a great way of validating your skills. If you have any questions, please let me know in the comments.



Add Custom Script Extension Azure Arc Server

Extensions for Azure Arc enabled Servers

With the latest update for Azure Arc for Servers, you are now able to deploy and use extensions with your Azure Arc enabled servers. Currently, you have six different Azure Arc extensions you can deploy to your servers.

  • Custom Script Extension for Linux – Azure Arc
  • DSCForLinux extension on a Ubuntu
  • OMS Agent for Linux – Azure Arc
  • Custom Script Extension for Windows – Azure Arc
  • PowerShell Desired State Configuration – Azure Arc
  • Microsoft Monitoring Agent – Azure Arc

These extensions are similar and consistent with the virtual machine extensions for Azure VMs. These are small applications that provide post-deployment configuration and automation tasks on Azure Arc enabled servers. For example, if a server requires software installation, anti-virus protection, or to run a script inside of it, an Azure Arc extension can be used. Extensions can be run with the Azure CLI, PowerShell, and the Azure portal.

Introducing Azure Arc
For customers who want to simplify complex and distributed environments across on-premises, edge and multicloud, Azure Arc enables deployment of Azure services anywhere and extends Azure management to any infrastructure.
Learn more about Azure Arc here.

You can find more information about Virtual machine extension management with Azure Arc for servers on Microsoft Docs.



List Azure Arc Machines Agent Version in Azure Cloud Shell

Get the Azure Connected Machine Agent (Azcmagent) Version

Azure Arc Enabled Servers just got another update enabling extensions. This also includes an updated version of the Azure Arc agent or Azure Connected Machine Agent (Azcmagent). To get an overview of what Azure Arc Azure Connected Machine Agent is installed on your machines, you can use several different ways. In this blog post, we are going to have a look at how you can get installed Azure Connected Machine Agent (Azcmagent) version for Azure Arc Enabled Servers.

On the Azure Arc Enabled Server

If you want to check the Azure Connected Machine Agent (Azcmagent) version directly on your Azure Arc enabled server, you can simply run the following command in PowerShell.

azcmagent version

This will list the installed version.

Azure Connected Machine Agent azcmagent Version

Azure Connected Machine Agent azcmagent Version

In the Azure Portal

You can also see the agent version in the Azure Portal. If you browse to your Azure Arc Enabled Server, you can find the agent version on the overview page.

Azure Portal - Azure Arc Enabled Server

Azure Portal – Azure Arc Enabled Server

However, if you want to see the agent version for your Azure Arc enabled servers at scale, this isn’t an ideal option.

List Azure Connected Machine Agent (Azcmagent) version for all Azure Arc machines

If you want to see the installed Azure Connected Machine Agent (Azcmagent) version for all your Azure Arce enabled servers at scale, you can use Azure Resource Graph Queries.

This query lists all the Azure Arc enabled machines and shows the installed agent version.

List Azure Arc Machines with Agent Version

List Azure Arc Machines with Agent Version

You can run the following query in the Azure Resource Graph Explorer in the Azure Portal.

 resources
| where type == "microsoft.hybridcompute/machines"
| extend agentversion = properties.agentVersion
| project name, agentversion, location, resourceGroup, subscriptionId
| order by name

You can also run the query directly in Azure Cloud Shell or on your local machine using Azure PowerShell or the Azure CLI.

List Azure Arc Machines Agent Version in Azure Cloud Shell

List Agent Version in Azure Cloud Shell

Azure CLI

az graph query -q "Resources | where type =~ 'microsoft.hybridcompute/machines' | extend agentversion = properties.agentVersion | project name, agentversion, location, resourceGroup, subscriptionId"

Azure PowerShell

Search-AzGraph -Query "Resources | where type =~ 'microsoft.hybridcompute/machines' | extend agentversion = properties.agentVersion | project name, agentversion, location, resourceGroup, subscriptionId"

If you need an overview of what Azure Connected Machine Agents we have installed and which versions do exist in our environment, you can just use the following Azure Resource Graph query.

Azure Resource Graph Explorer Chart - Azure Arc Server Agent Version

Azure Resource Graph Explorer Chart

Azure Resource Graph Explorer

 resources
| where type == "microsoft.hybridcompute/machines"
| extend agentversion = properties.agentVersion
| summarize count() by tostring(agentversion)

Azure PowerShell

Search-AzGraph -Query "Resources | where type =~ 'microsoft.hybridcompute/machines' | summarize count() by tostring(properties.agentVersion)"

Azure CLI

az graph query -q "Resources | where type =~ 'microsoft.hybridcompute/machines' | summarize count() by tostring(properties.agentVersion)"

Conclusion

I hope this blog post provides you with a short overview of how you can make sure which agent versions you have installed on your Azure Arc enabled servers. To learn more about Azure Arc for servers, check out Microsoft Docs. If you have any questions, feel free to leave a comment.



Azure Arc Enabled Servers Extension Management

Azure Arc Enabled Servers Extension Management

Azure Arc for Server just got a couple of new features. In this blog post, we are going to have a look at the new feature on Azure Arc enabled servers called extension management. This new Azure Arc enabled servers features allows you not only to deploy extensions like the Custom Script Extension, or the Microsoft Monitoring Agent but also enable features like Azure Update Management, Inventory, Change Tracking, and more for your servers running in a hybrid environment.

Introducing Azure Arc
For customers who want to simplify complex and distributed environments across on-premises, edge and multicloud, Azure Arc enables deployment of Azure services anywhere and extends Azure management to any infrastructure.
Learn more about Azure Arc here.

Azure Arc enabled servers already could benefit from several Azure Resource Manager features like Tags, Policies, RBAC, and some Azure Management features like logs and Azure Policy. With the new update, you can start using more extensions.  With these extensions available, Azure Arc enabled servers also get features like Azure Update Management, Inventory, Change Tracking, and insights capabilities.

Azure Arc Azure Management Control Plane

Azure Arc Azure Management Control Plane

Azure Arc Enabled Servers Extension Management Video

You can also watch my summary video on YouTube.