Tag: Hybrid Cloud

Azure Arc enabled SQL Server

Azure Arc enabled SQL Server Preview is now available

As you know, I do a lot of work on Hybrid Cloud topics like Azure Arc, which allows you to extend Azure management and Azure services to any infrastructure. I talk a lot about how you can use Microsoft Azure to manage your servers running on-premises or at other cloud providers, or how you can connect and manage Kubernetes clusters. The Azure Data services team at Microsoft Ignite 2019 also announced the private preview of Azure Arc Data services, which allow you to deploy services like Azure SQL on any infrastructure. This week they had another news to share, and it is the private preview of Azure Arc enabled SQL Server. With Azure Arc enabled SQL Server, you can use the Azure Portal to register and track the inventory of your SQL Server instances across on-premises, edge sites, and multi-cloud in a single view. You can also take advantage of Azure security services, such as Azure Security Center and Azure Sentinel.

Onboarding SQL Server to Azure Arc

Onboarding SQL Server to Azure Arc

The preview of Azure Arc enabled SQL Server Preview includes the following features:

  • Use the Azure Portal to register and track the inventory of your SQL Server instances across on-premises, edge sites, and multi-cloud in a single view.
  • Use Azure Security Center to produce a comprehensive report of vulnerabilities in SQL Servers and get advanced, real-time security alerts for threats to SQL Servers and the OS.
  • Investigate threats in SQL Servers using Azure Sentinel.
Azure Security Center assessment of on-premises SQL Server

Azure Security Center assessment of on-premises SQL Server

You can register any Windows or Linux based SQL Server to track your inventory. Azure Security Center’s advanced data security works on Windows-based SQL Server version 2012 or higher, running on physical or virtual machines and hosted on any infrastructure outside of Azure.

If you are interested in participating in this preview, check out the official blog post. If you have any questions, feel free to leave a comment.



Add Microsoft Monitoring Agent Extension

How to Add the Microsoft Monitoring Agent to Azure Arc Servers

To use some of the functionality with Azure Arc enabled servers, like Azure Update Management, Inventory, Change Tracking, Logs, and more, you will need to install the Microsoft Monitoring Agent (MMA). In this blog post, we are going to have a look at how you can install the Microsoft Monitoring Agent (MMA) on an Azure Arc enabled server using extensions.

Introducing Azure Arc
For customers who want to simplify complex and distributed environments across on-premises, edge and multicloud, Azure Arc enables deployment of Azure services anywhere and extends Azure management to any infrastructure.
Learn more about Azure Arc here.

You can learn more about the manual MMA setup on Microsoft Docs.

How to install the Microsoft Monitoring Agent on Azure Arc enabled servers

To install the Microsoft Monitoring Agent (MMA) you can use the new extension in Azure Arc. You open the server you want to install the MMA agent in the Azure Arc server overview. Navigate to Extensions and click on Add, and select the Microsoft Monitoring Agent – Azure Arc. This works for Windows and Linux servers.

Add Microsoft Monitoring Agent Extension

Add Microsoft Monitoring Agent Extension

Now you can enter the Azure Log Analytics workspace ID and the key. This will create a job and install the Microsoft Monitoring Agent on the server.

Create Microsoft Monitoring Agent - Azure Arc

Workspace ID and Key

After that, you can start using features like Azure Log Analytics, Inventory, Change Tracking, Update Management, and more. You can also do this manually for Windows and Linux machines.

Conclusion

Azure Arc for servers makes it super simple to deploy the Microsoft Monitoring Agent to servers running on-premises or at other cloud providers.

You can learn more about how Azure Arc provides you with cloud-native management technologies for your hybrid cloud environment here, and you can find the documentation for Azure Arc enabled servers on Microsoft Docs.

If you have any questions or comments, feel free to leave a comment below.



Add Custom Script Extension Azure Arc Server

Extensions for Azure Arc enabled Servers

With the latest update for Azure Arc for Servers, you are now able to deploy and use extensions with your Azure Arc enabled servers. Currently, you have six different Azure Arc extensions you can deploy to your servers.

  • Custom Script Extension for Linux – Azure Arc
  • DSCForLinux extension on a Ubuntu
  • OMS Agent for Linux – Azure Arc
  • Custom Script Extension for Windows – Azure Arc
  • PowerShell Desired State Configuration – Azure Arc
  • Microsoft Monitoring Agent – Azure Arc

These extensions are similar and consistent with the virtual machine extensions for Azure VMs. These are small applications that provide post-deployment configuration and automation tasks on Azure Arc enabled servers. For example, if a server requires software installation, anti-virus protection, or to run a script inside of it, an Azure Arc extension can be used. Extensions can be run with the Azure CLI, PowerShell, and the Azure portal.

Introducing Azure Arc
For customers who want to simplify complex and distributed environments across on-premises, edge and multicloud, Azure Arc enables deployment of Azure services anywhere and extends Azure management to any infrastructure.
Learn more about Azure Arc here.

You can find more information about Virtual machine extension management with Azure Arc for servers on Microsoft Docs.



List Azure Arc Machines Agent Version in Azure Cloud Shell

Get the Azure Connected Machine Agent (Azcmagent) Version

Azure Arc Enabled Servers just got another update enabling extensions. This also includes an updated version of the Azure Arc agent or Azure Connected Machine Agent (Azcmagent). To get an overview of what Azure Arc Azure Connected Machine Agent is installed on your machines, you can use several different ways. In this blog post, we are going to have a look at how you can get installed Azure Connected Machine Agent (Azcmagent) version for Azure Arc Enabled Servers.

On the Azure Arc Enabled Server

If you want to check the Azure Connected Machine Agent (Azcmagent) version directly on your Azure Arc enabled server, you can simply run the following command in PowerShell.

azcmagent version

This will list the installed version.

Azure Connected Machine Agent azcmagent Version

Azure Connected Machine Agent azcmagent Version

In the Azure Portal

You can also see the agent version in the Azure Portal. If you browse to your Azure Arc Enabled Server, you can find the agent version on the overview page.

Azure Portal - Azure Arc Enabled Server

Azure Portal – Azure Arc Enabled Server

However, if you want to see the agent version for your Azure Arc enabled servers at scale, this isn’t an ideal option.

List Azure Connected Machine Agent (Azcmagent) version for all Azure Arc machines

If you want to see the installed Azure Connected Machine Agent (Azcmagent) version for all your Azure Arce enabled servers at scale, you can use Azure Resource Graph Queries.

This query lists all the Azure Arc enabled machines and shows the installed agent version.

List Azure Arc Machines with Agent Version

List Azure Arc Machines with Agent Version

You can run the following query in the Azure Resource Graph Explorer in the Azure Portal.

 resources
| where type == "microsoft.hybridcompute/machines"
| extend agentversion = properties.agentVersion
| project name, agentversion, location, resourceGroup, subscriptionId
| order by name

You can also run the query directly in Azure Cloud Shell or on your local machine using Azure PowerShell or the Azure CLI.

List Azure Arc Machines Agent Version in Azure Cloud Shell

List Agent Version in Azure Cloud Shell

Azure CLI

az graph query -q "Resources | where type =~ 'microsoft.hybridcompute/machines' | extend agentversion = properties.agentVersion | project name, agentversion, location, resourceGroup, subscriptionId"

Azure PowerShell

Search-AzGraph -Query "Resources | where type =~ 'microsoft.hybridcompute/machines' | extend agentversion = properties.agentVersion | project name, agentversion, location, resourceGroup, subscriptionId"

If you need an overview of what Azure Connected Machine Agents we have installed and which versions do exist in our environment, you can just use the following Azure Resource Graph query.

Azure Resource Graph Explorer Chart - Azure Arc Server Agent Version

Azure Resource Graph Explorer Chart

Azure Resource Graph Explorer

 resources
| where type == "microsoft.hybridcompute/machines"
| extend agentversion = properties.agentVersion
| summarize count() by tostring(agentversion)

Azure PowerShell

Search-AzGraph -Query "Resources | where type =~ 'microsoft.hybridcompute/machines' | summarize count() by tostring(properties.agentVersion)"

Azure CLI

az graph query -q "Resources | where type =~ 'microsoft.hybridcompute/machines' | summarize count() by tostring(properties.agentVersion)"

Conclusion

I hope this blog post provides you with a short overview of how you can make sure which agent versions you have installed on your Azure Arc enabled servers. To learn more about Azure Arc for servers, check out Microsoft Docs. If you have any questions, feel free to leave a comment.



Azure Arc Enabled Servers Extension Management

Azure Arc Enabled Servers Extension Management

Azure Arc for Server just got a couple of new features. In this blog post, we are going to have a look at the new feature on Azure Arc enabled servers called extension management. This new Azure Arc enabled servers features allows you not only to deploy extensions like the Custom Script Extension, or the Microsoft Monitoring Agent but also enable features like Azure Update Management, Inventory, Change Tracking, and more for your servers running in a hybrid environment.

Introducing Azure Arc
For customers who want to simplify complex and distributed environments across on-premises, edge and multicloud, Azure Arc enables deployment of Azure services anywhere and extends Azure management to any infrastructure.
Learn more about Azure Arc here.

Azure Arc enabled servers already could benefit from several Azure Resource Manager features like Tags, Policies, RBAC, and some Azure Management features like logs and Azure Policy. With the new update, you can start using more extensions.  With these extensions available, Azure Arc enabled servers also get features like Azure Update Management, Inventory, Change Tracking, and insights capabilities.

Azure Arc Azure Management Control Plane

Azure Arc Azure Management Control Plane

Azure Arc Enabled Servers Extension Management Video

You can also watch my summary video on YouTube.



Azure Singapore Virtual Meetup Azure Arc

Speaking about Azure Arc at the Azure Singapore Virtual Meetup

On Wednesday, June 10, I will be joining the Azure Singapore Virtual Meetup to talk about managing and govern Hybrid Environment using Azure Arc. The event will be held online from 7 pm (GMT+8) and you can find more information about the event and the Azure Singapore User Group here.

Manage and govern your hybrid environment using Azure Arc
Wednesday, 10 June 2020 7:00 pm to 8:00 pm GMT+8 📅 (Link)

Thomas Maurer shows you how you can manage and govern your Windows and Linux machines hosted outside of Azure on your corporate network or at other cloud providers, similar to how you manage native Azure virtual machines.

When a hybrid machine is connected to Azure, it becomes a connected machine and is treated as a resource in Azure. Azure Arc provides you with the familiar cloud-native Azure management experience, like RBAC, Tags, Azure Policy, Log Analytics, and more.

I hope you tune in for this week’s Azure Singapore Virtual Meetup and see you in the live stream! If you have any questions or comments, feel free to leave a comment below.



Windows Server webinar miniseries - Month of Cloud Essentials Speakers

Windows Server webinar miniseries – Month of Cloud Essentials

I want to let you know that in June I will be speaking in the Windows Server webinar miniseries focusing on how you can leverage the power of Azure together with Windows Server. Jeff Woolsey, Pierre Roman, Orin Thomas and I will be speaking about different scenarios using Windows Server in a Hybrid environment.

Join this four-part Windows Server webinar miniseries to learn tips and best practices for bringing the efficiencies and cost savings of Azure to your Windows Server workloads. Each 30-minute session includes demos and a live Q&A with Microsoft technical experts.

The Windows Server webinar miniseries – Month of Cloud Essentials sessions will focus on:

Intro to Windows Server Apps in the Cloud
June 4, 9:00 AM–9:30 AM Pacific Time by Jeff Woolsey 📅
Get an overview and explore resources to help you start running your Windows Server workloads on Azure.

How to Manage Windows Server Roles with Azure Services
June 11, 9:00 AM–9:30 AM Pacific Time by Orin Thomas 📅
Learn best practices to help improve security and scalability for apps by easily migrating Windows Server roles such as Active Directory, Windows File Server, and DNS to Azure.

Create Highly Available Apps with Azure VMs
June 18, 9:00 AM–9:30 AM Pacific Time by Pierre Roman 📅
Find out how to run business-critical Windows Server applications on Azure with consistent security, identity, and management features.

Modernize Windows Server Apps on Azure
June 25, 9:00 AM–9:30 AM Pacific Time by Thomas Maurer 📅
Explore hybrid cloud approaches for connecting your on-premises and multicloud environments to Azure with strategies that include containers.

I am looking forward to seeing you in the Windows Server webinar miniseries – Month of Cloud Essentials. If you miss any of the sessions, watch them on demand. You can register here.

If you have any questions, feel free to leave a comment.