Tag: Edge

Azure Hybrid Cloud Bus

An Overview at the New Azure Stack Portfolio

Last week at the Microsoft Ignite 2019 conference, the Azure team announced a lot of new updates. One of the significant focus topics at this year’s Ignite was the investment in the Azure Hybrid Cloud offerings. Starting with the buses driving attendees to the conference venue, over the Ignite keynotes, to the expo floor and breakouts, Hybrid Cloud was everywhere. Today, organizations rely on a hybrid technology approach to take advantage of utilizing cloud innovation in combination with their on-premises investments. Azure is Hybrid by design, and Microsoft is continuing the investment in our hybrid cloud technologies with the announcements of Azure Arc (link) and the new Azure Stack portfolio (link). I already was able to get an early look at Azure Arc for Servers, in this post, I am going to focus on the new Azure Stack portfolio with Azure Stack Hub, Azure Stack Edge, and Azure Stack HCI.

At and after Microsoft Ignite 2019, I got a lot of questions around the Azure Stack announcements. So in this blog, I want to give you a quick overview of that, and if you want to know more, check out the blog post from Talal Alqinawi, Senior Director Azure Marketing.

Azure Stack Portfolio

Azure Stack Portfolio

The Azure Stack family now consists of three members, Azure Stack Hub, formerly known as Azure Stack, Azure Stack HCI, and Azure Stack Edge (formerly known as Azure Databox Edge). This offers customers new capabilities, form factors, and solutions in the Azure Stack portfolio, to ensure that the customer has the right solutions for their edge infrastructure.

Azure Stack Hub

Azure Stack Hub (formerly known as Azure Stack) will continue to be the cloud-native offering for enterprise and public sector customers, especially those interested in operating a cloud environment that is disconnected from public internet or meeting regulatory and compliance requirements. It will continue to bring Azure services to locations where you need them. The Azure Stack Hub team also announced some new capabilities and features, which the team is working on:

  • Working on support for N-Series virtual machines (VMs) which included GPU support
  • Event Hubs Public Preview in 2020
  • Azure Stream Analytics Public Preview in 2020
  • General Availability (GA) of Kubernetes on Azure Stack with Azure Kubernetes Service (AKS) engine to automate the creation, update, and scaling of Kubernetes clusters.
  • Windows Virtual Desktop (WVD) Private Preview
  • Azure Data Services with Azure Arc Private Preview

Azure Stack HCI

A couple of months ago, I already wrote a blog post about Azure Stack HCI, which enables customers to run a highly efficient hyper-converged virtualization infrastructure. From small 2-node deployments up to high-performance and high capacity clusters, the Azure Stack HCI catalog offers solutions for every scenario. Together with Windows Admin Center, you can also easily connect Azure hybrid solutions and services. With the new automated deployment of Azure Stack HCI clusters, it becomes even easier to deploy new installations. I had the chance to talk about this new feature with Cosmos Darwin on the Microsoft Ignite Live stage, and you can watch the recording here.

I also have an article on ITOpsTalk.com about how Azure Stack HCI fits into the Azure Hybrid Cloud offering.

Azure Stack Edge

Azure Stack Edge (formerly known as Azure Databox Edge) is an Azure managed appliance that brings the compute, storage, and intelligence of Azure to the edge.

Azure Stack Edge

Azure Stack Edge

This is a first-party appliance which customer can order and run as an Azure service with no upfront costs (billed monthly with your Azure bill). In addition to the name change, the Azure Stack Edge team also announced that it soon will be supporting new compute and AI features and capabilities like:

  • Virtual machines on Azure Stack Edge
  • Kubernetes clusters
  • NVIDIA GPU support
  • Support for high-availability

The Azure Stack Edge will also be available in a rugged version as well as in a battery-powered form-factor that can be carried in a backpack.

Azure Stack Edge Rugged series

Azure Stack Edge Rugged series

Azure Stack Edge Rugged series with battery

Azure Stack Edge Rugged series with battery

Next to talking to Cosmos Darwin about Azure Stack HCI, I was also able to have Stephanie Krieger and Chris Dickens on the Microsoft Ignite Live stage to talk about Azure Stack Edge. You can watch the recording here.

Hybrid Cloud in combination with Azure Arc

In conjunction with Azure Arc, which brings Azure services and management to any infrastructure. With Azure Arc, you can deploy Azure Data services on any Kubernetes cluster. Azure Arc and Azure Stack portfolio are complementary.

You can combine the benefits of Azure Arc with Azure Stack portfolio where Azure Arc can manage virtual machines, containers, and run Azure Data Services on Azure Stack portfolio of validated and integrated systems while leveraging the compute and cloud capabilities of Azure Stack.

If you want to know more about Azure Arc, check out my blog post, Azure Arc – Cloud-native Management for Hybrid Cloud, or you can watch my Microsoft Ignite 2019 session about Hybrid Cloud Management.

I hope this gives you an overview of the new Azure Stack portfolio, which was announced at Microsoft Ignite 2019. If you have any questions, feel free to leave a comment.



Azure Hybrid

Azure Arc – Cloud-native Management for Hybrid Cloud

Azure Hybrid is not just Azure Stack, it also includes a couple of other Azure Hybrid services like Azure Update Management, Azure File Sync and many more. Today, Microsoft will extend the hybrid cloud solutions in Azure and announced Azure Arc, which is designed to extend Azure Management to any infrastructure. In the new world where organizations run servers, containers, and applications across multi-cloud environments, on-premises locations, and the edge, managing these hybrid resources becomes challenging. Azure Arc enables cloud-native Azure management across any infrastructure and also allows you to run Azure data services to be deployed anywhere. It includes hybrid server management, Kubernetes and Azure data services.

Azure Arc Overview

Azure Arc Overview

As you can see Azure Arc consists of a set of different technologies and components like:

  • Organize and govern all your servers – Azure Arc extends Azure management to physical and virtual servers anywhere. Govern and manage servers from a single scalable management pane. You can learn more about Azure Arc for servers here.
  • Manage Kubernetes apps at scale – Deploy and configure Kubernetes applications consistently across all your environments with modern DevOps techniques.
  • Run data services anywhere – Deploy Azure data services in moments, anywhere you need them. Get simpler compliance, faster response times, and better security for your data. You can learn more here.
  • Adopt cloud technologies on-premises – Bringing cloud-native management to your hybrid environment.

In this blog post, we will have a closer look at hybrid server management. If you want to know more about Azure Arc, check out the announcement blog post by Jeremy Winter, Director of Program Management, Microsoft Azure.

Cloud-native Azure management for hybrid environments with Azure Arc

By extending Azure Resource Manager to support hybrid cloud environments, Azure Arc to make it easier to implement cloud security across environments with centralized role-based access control, security policies. Azure Management provides you now with a single control plane for Azure native and Azure Arc resources.

Azure Management Overview

Azure Management Overview

Hybrid Server Management

Today Azure Arc allows you to onboard physical and virtual servers in your hybrid environment (on-premises, edge, and multi-cloud). By joining serves to Azure Arc, you get the benefits you are used from native Azure resources, like tags, RBAC, and many more. In the preview, you can now use Azure Management services like Azure Log Analytics and Azure Policy to make sure your servers are compliant across your hybrid environment.

Hybrid Server Management

Hybrid Server Management

I had the chance to have a very early chat with Jian Yan from the Azure Management team, a couple of weeks ago, about hybrid server management. Check out the video here:

Join the Preview

Azure Arc for Server is currently in public preview, while you can sign up for the preview to manage Kubernetes and data services. To enable hybrid server management, you must register the required Resource Providers.

  • Microsoft.HybridCompute
  • Microsoft.GuestConfiguration

You can register the resource providers with the following Azure PowerShell commands:

Login-AzAccount
Set-AzContext -SubscriptionId [subscription you want to onboard]
Register-AzResourceProvider -ProviderNamespace Microsoft.HybridCompute
Register-AzResourceProvider -ProviderNamespace Microsoft.GuestConfiguration

or with Azure CLI:

az account set --subscription "{Your Subscription Name}"
az provider register --namespace 'Microsoft.HybridCompute'
az provider register --namespace 'Microsoft.GuestConfiguration'

You can also run them from Azure Cloud Shell. If you want to know more, check out the following Microsoft Docs article.

Onboarding Servers to Azure Arc

As mentioned we will have a closer look here at how you can onboard Linux and Windows Server to Azure Arc. To onboard a server which can run Linux or Windows, physical or virtual, and can run on-premises or at another service provider, you open Azure Arc in the Azure Portal. There you can select manage servers.

Azure Arc Portal

Azure Arc Portal

Here you will see your existing servers which you have on-boarded.

Azure Arc Server in Portal

Azure Arc Server in Portal

 

You can click on Add, to add another server. You will be able to add a single server or get instructions to onboard servers at scale.

Add server to Azure Arc

Add server to Azure Arc

Here you can go through a wizard that will help you to generate a script, which you can copy or download to run it on your server. You can select the subscription and resource group, as well as the region where you want to join your server.

You will also be able to configure a proxy server if your server is behind a proxy. Since this will use the Azure Resource Manager, you will also be able to use tags. After you are done with the wizard, you are able to download or copy the command to run that on your server.

Generate Script

Generate Script

After you have run that command on your on-premises server, your server will show up as an Azure resource in a couple of minutes.

Use Windows Admin Center to onboard a server to Azure Arc

Windows Admin Center and Azure Stack HCI

Windows Admin Center and Azure Stack HCI

If you are using Windows Admin Center on Windows Server or with Azure Stack HCI, you can also onboard servers directly from there. Go to the settings of the server and click on Azure Arc. Now you can sign in and select the specific subscription and resource group.

More

If you want to know more about the Azure Hybrid announcements at Microsoft Ignite 2019, check out the blog post of Julia White. If you want to know more about Azure Arc, check out the blog post from Jeremy Winter. If you have any questions about it feel free to leave a comment, or if you are at Microsoft Ignite, feel free to talk to me and the Azure team.

I will also host a Microsoft Ignite Live interview with Jian Yan, which you can watch live in Orlando or online.

Microsoft Ignite Live

Azure is built from the ground up to manage at-scale, cross-geography environments with multiple operational models and DevOps patterns. The vision is to keep Azure at the center of the enterprise as the control plane for governance, management, and modern development and bring the Azure management capabilities and services to any customer environment. In this session, we demo one of the extension services to enable you to bring servers from anywhere to Azure, and use Azure to get a compliance view for all your server assets.



Microsoft Edge WebP Image Extensions

Windows 10 adds WebP support for Microsoft Edge

Today Microsoft released a new Windows 10 insider Preview build 17692. After updating to this build you will be able to automatically download the WebP Extension for Microsoft Edge. This means Microsoft Edge now supports the Google Image format called WebP. WebP is Google’s alternative smaller image format to that of JPEGs or PNGs.

This is still only present in the Windows 10 preview builds and it looks like it will be available in the next Windows 10 update later this year.

WebP – A new image format for the Web

WebP is a modern image format that provides superior lossless and lossy compression for images on the web. Using WebP, webmasters and web developers can create smaller, richer images that make the web faster.

WebP lossless images are 26% smaller in size compared to PNGs. WebP lossy images are 25-34% smaller than comparable JPEG images at equivalent SSIM quality index.

Lossless WebP supports transparency (also known as alpha channel) at a cost of just 22% additional bytes. For cases when lossy RGB compression is acceptable, lossy WebP also supports transparency, typically providing 3× smaller file sizes compared to PNG.

WebP Support

WebP is natively supported in Google Chrome and the Opera browser, and by many other tools and software libraries. Developers have also added support to a variety of image editing tools.

WebP includes the lightweight encoding and decoding library libwebp and the command line tools cwebp and dwebp for converting images to and from the WebP format, as well as tools for viewing, muxing and animating WebP images. The full source code is available on the download page.

Source Google.



Microsoft Edge Windows Defender Application Guard

Enable Windows Defender Application Guard on Windows 10 using PowerShell

A couple of days back I saw a tweet form Stefan Stranger (Consultant at Microsoft) which reminded me of a feature called Windows Defender Application Guard, which is included in Windows 10 Enterprise since the Fall Creators Update (1709). If you have never heard of Application Guard, you might want to check out this blog post: Introducing Windows Defender Application Guard for Microsoft Edge

Basically Windows Defender Application Guard starts Microsoft Edge in a Hyper-V Container and uses Hyper-V isolation. So if a user browses on a malicious site, the site is separate from the host operating system.

Application Guard Hardware Isolation

What is Windows Defender Application Guard and how does it work?
Designed for Windows 10 and Microsoft Edge, Application Guard helps to isolate enterprise-defined untrusted sites, protecting your company while your employees browse the Internet. As an enterprise administrator, you define what is among trusted web sites, cloud resources, and internal networks. Everything not on your list is considered untrusted.

If an employee goes to an untrusted site through either Microsoft Edge or Internet Explorer, Microsoft Edge opens the site in an isolated Hyper-V-enabled container, which is separate from the host operating system. This container isolation means that if the untrusted site turns out to be malicious, the host PC is protected, and the attacker can’t get to your enterprise data. For example, this approach makes the isolated container anonymous, so an attacker can’t get to your employee’s enterprise credentials.

Source: Windows Defender Application Guard overview

Usually Windows Defender Application Guard is configured using a Enterprise devices management tool like System Center Configuration Manager, Microsoft Intune or another third-party tool. But if you want to use this on your standalone Windows 10 PC you can also do this using PowerShell.

The only thing you need to run this is:

  • Windows 10 Enterprise 1709 (Fall Creators Update) or higher
  • A computer which supports Hyper-V
    • A 64-bit computer with minimum 4 cores is required for hypervisor and virtualization-based security (VBS)
    • Extended page tables, also called Second Level Address Translation (SLAT)
    • One of the following virtualization extensions for VBS:
      • Intel VT-x
      • AMD-V
    • Microsoft recommends 8GB RAM for optimal performance
    • 5 GB free space, solid state disk (SSD) recommended
    • Input/Output Memory Management Unit (IOMMU) support is strongly recommended
  •  Microsoft Edge and Internet Explorer

Enable Windows Defender Application Guard using PowerShell

You can simply install Application Guard using the following command:

Enable-WindowsOptionalFeature -Online -FeatureName Windows-Defender-ApplicationGuard

New Application Guard Windows in Microsoft Edge

This will reboot your computer and after this you will be able to open a new Microsoft Edge windows in Application Guard.

Microsoft Edge Windows Defender Application Guard

This does added some extra security, however it does not really protect against like the Meltdown and Spectre attacks.

Application Guard Virtual Machine Worker Process

If you have a look at the processes running on your computer you can now see that there is a new Virtual Machine Worker Process which is used by the Application Guard.

This is a great example how the Hyper-V isolation can not only be used for Hyper-V Virtual Machines but also other features like Hyper-V Containers or for example on the Xbox One.



Open website from PowerShell

Open website from PowerShell

If you want to directly open a website from the PowerShell console, you can use the Start-Process cmdlet. This will open the website in the default browser:

 
Start-Process "https://www.thomasmaurer.ch"

You can also use “Start” which is an alias for Start-Process:

 
Start "https://www.thomasmaurer.ch"

Yes this is a very short post, but I hope this was helpful and you can now open a website from PowerShell.



OneNote Overview

This is why OneNote is Awesome

Well I know I usually blog more about Microsoft Datacenter and Cloud stuff, especially Hyper-V and System Center, but I am a huge fan of Microsoft’s Office Suite. I live in Outlook and Microsoft OneNote. I organize my private life, my work, and university notes in OneNote.

I get often asked by customers or friends about how I work and how I get things done. In this case, I always show them OneNote, which is maybe one of the best keep secrets inside Microsoft. This post shows you why OneNote is awesome and shows you some of the hidden features you didn’t know about.

If you have more hidden features, leave a comment on the post.

OneNote Dock to Desktop

OneNote Dock to Desktop Title

With the Dock to Desktop feature, you can keep your notes visible by anchoring a OneNote window to the side of your desktop. Your notes will stay on top of your desktop while you are working in other programs.

Dock to Desktop

Linked Note taking

 

OneNote Linked Note Talking

While you are using the Dock to Desktop mode, you can enable Linked Note Taking. This will automatically create a link to the page or office document you have open while you have taken note. This is perfect, while I wrote a whitepaper for university and I had to do a lot of research I used this feature. While I was writing the document, I had to mention the sources as footnotes, and sometimes it’s hard to find the source of something you have found on the internet. With linked notes, I only had to check my nodes, and all the sources and references were linked.

 Visio Integration

OneNote Visio Integration

A lot of other Microsoft products to integrate into OneNote. One of them is Visio if you have Visio installed on our computer you can add an existing Visio diagram to your notes. You can also directly create a new Visio diagram from OneNote and add it to your notes.