Tag: IaaS

Apr132021April 13, 2021June 2, 20210 Commentby Thomas Maurer

Azure Advisor: How to Improve performance, security, and reliability of your Azure VMs

Running virtual machines in Azure is great. However, there are a lot of things you need to think about to improve performance, security, and reliability. Your cloud environment is also constantly changing, so you will need to check your Azure VMs from time to time. Luckily, there is a service called Azure Advisor which is a personalized cloud consultant that helps you follow best practices to optimize your Azure deployments. It analyzes your resource configuration and usage telemetry and then recommends solutions that can help you improve the cost-effectiveness, performance, reliability, and security of your Azure resources.

With Advisor, you can:

Get proactive, actionable, and personalized best practices recommendations.
Improve the performance, security, and reliability of your resources, as you identify opportunities to reduce your overall Azure spend.
Get recommendations with proposed actions inline.

How to check your Azure Advisor recommendations for your Azure virtual machines (VMs)

You can access Azure Advisor, for all Azure services through the Azure portal or directly in as an option in the Azure VM navigation.

Azure Advisor recommendations for Azure VMs

From here you can read more about the recommendation and get more details, as well as take action.

You can also create an Azure Advisor recommendation digest, so you can find your recommendations directly in your inbox.

Conclusion

Azure Advisor is a great tool to get recommendations for not just your Azure virtual machines, but also for other Azure services. Azure Advisor can also help you to optimize your Azure environment and deployments. If you want to learn more check out Microsoft Docs.

Want to learn more about tools that can help you work with Azure? Check out Azure PowerShell and the Azure CLI. These tools have some cool new features like Az Predictor PowerShell module, which helps you to predict your PowerShell commands or use the Az Next AI-powered assistant in the Azure CLI.

If you have any questions, feel free to leave a comment below.

Nov172020November 17, 2020November 17, 20200 Commentby Thomas Maurer

Manage updates and patches for your Azure VMs

Posted in Microsoft, Microsoft Azure, Thomas Maurer, Virtualization, Windows Server

In this week’s Azure tip video we are going to have a look at how to manage updates and patches for your Azure virtual machines (VMs). After watching this video, you’ll be able to enable Azure Update Management, deploy updates, review an update assessment, and manage updates for your Azure VMs.

You can use Update Management in Azure Automation to manage operating system updates for your Windows and Linux machines in Azure, in on-premises environments, and in other cloud environments. You can quickly assess the status of available updates on all agent machines and manage the process of installing required updates for servers. If you want to learn more, check out my blog post on how to manage updates on Azure VMs. Also, make sure you check out a new feature called Azure Automatic VM Guest OS patching. To learn more about that feature, check out my blog post: How to configure Azure Automatic VM guest OS patching

To learn more about Azure Update management for your Azure virtual machines, check out the following links:

Microsoft Docs: Update Management overview
Microsoft Docs: Manage updates and patches for your VMs
Microsoft Learn: Manage Azure updates
How to configure Azure Automatic VM guest OS patching

I hope this video was help full when it comes to managing updates and patches for your Azure VMs. If you have any questions, comments, or another great idea for an Azure tip video, feel free to leave a comment below.

Nov112020November 11, 2020November 9, 20200 Commentby Thomas Maurer

Azure Stack Hub Partner Solutions Series – RFC

Posted in Microsoft, Microsoft Azure, Speaking, Thomas Maurer

This week in our Azure Stack Hub Partner solution video series, I am going to introduce you to Azure Stack Hub Partner RFC. RFC is a strong partner focusing on offering a range of hosted services, managed services, and consultancy to its customers. They partner with a number of other ISVs to offer a complete solution where needed and have a range of customers. Join us in this video to explore how RFC provides value to their customer, both by partnering with other ISVs where needed or offering the Azure Stack Hub platform directly.

In this series, as we will meet customers that are deploying Azure Stack Hub for their own internal departments, partners that run managed services on behalf of their customers, and a wide range of in-between as we look at how our various partners are using Azure Stack Hub to bring the power of the cloud on-premises.

Links mentioned through the video:

I hope this video was helpful and you enjoyed watching it. If you have any questions, feel free to leave a comment below. If you want to learn more about the Microsoft Azure Stack portfolio, check out my blog post.

Nov102020November 10, 2020March 8, 20214 Commentsby Thomas Maurer

Azure VM Run Command Run PowerShell Script

How to Run Scripts in your Azure VM using Run Command

Posted in Microsoft, Microsoft Azure, PowerShell, Virtualization, Windows, Windows Server

You can access your Azure IaaS virtual machine (VM) in multiple ways like SSH or RDP, depending on your operating system and configuration. However, if you have issues with the RDP or SSH network configuration, you need to have a way to troubleshoot your virtual machine (VM). Luckily Azure offers you different management tools to work with Azure VMs for automation or troubleshooting. With the Run Command can run a PowerShell or shell script within an Azure VM remotely by using the VM agent. This scenario is especially useful when you need to troubleshoot operating system network configurations or user access configuration. For example, it can be convenient to reset RDP configurations on Windows Server virtual machines.

You use Run Command for Azure VMs through the Azure portal, REST API, Azure CLI, or PowerShell. Here are some examples:

Azure VM Run Command in the Azure Portal

You can run the command directly from the Azure Portal. In the menu of the Azure VM, you can select Run command. Here you can find some predefined scripts to troubleshoot your Azure VM. In the case of a Windows VM, you will find scripts like configuring RDP port or enable PowerShell remoting. But you can also run your custom PowerShell script.

Azure VM Run Command Run PowerShell Script

For Linux VMs, you will find predefined options to run a Linux shell script or ifconfig to list the network configuration.

Oct282020October 28, 2020October 28, 20200 Commentby Thomas Maurer

Azure Stack Hub Partner Solutions Series – myCloudDoor

Posted in Microsoft, Microsoft Azure, Thomas Maurer

Together with the Azure Stack Hub team, I am on a journey to explore the ways our customers and partners use, deploy, manage, and build solutions on the Azure Stack Hub platform. Today, Tiberiu and I had the chance to speak to myCloudDoor. MyCloudDoor is an Azure Stack Hub partner and Preferred SI that focused on managed services and creating value for its customers throughout the world. They have a wide range of customers across many verticals. Join the myCloudDoor team as we explore how they provide value and solve customer issues using Azure and Azure Stack Hub.

You can read more about the video series I created with Tiberiu Radu (Azure Stack Hub PM @rctibi) on our introduction blog: Azure Stack Hub Partner solution video series to show how our customers and partners use Azure Stack Hub in their Hybrid Cloud environment. In this series, as we will meet customers that are deploying Azure Stack Hub for their own internal departments, partners that run managed services on behalf of their customers, and a wide range of in-between as we look at how our various partners are using Azure Stack Hub to bring the power of the cloud on-premises.

Links mentioned through the video:

Oct212020October 21, 2020October 19, 20200 Commentby Thomas Maurer

Azure Stack Hub Partner Solutions Series – Salt

Posted in Microsoft, Microsoft Azure, Speaking, Thomas Maurer

Together with the Tiberiu Radu (Azure Stack Hub PM @rctibi), we created a new Azure Stack Hub Partner solution video series to show how our customers and partners use Azure Stack Hub in their Hybrid Cloud environment. In this series, as we will meet customers that are deploying Azure Stack Hub for their own internal departments, partners that run managed services on behalf of their customers, and a wide range of in-between as we look at how our various partners are using Azure Stack Hub to bring the power of the cloud on-premises.

Today, I want you to introduce you to Azure Stack Hub Partner Salt. Salt is a Service Provider that has won the Microsoft Partner of the Year 3 times since 2017. Their business focuses on bringing a multi-tenanted Azure Stack Hub environment in the Caribbean Islands. Join them as they tell us more about their journey towards becoming a trusted advisor to their customers and learn more about the types of workloads planned with Azure Stack Hub.

Links mentioned through the video:

Oct132020October 13, 2020July 1, 20211 Commentby Thomas Maurer

Automanage for Azure virtual machines

Posted in Microsoft, Microsoft Azure, Thomas Maurer, Windows Server

For me, one of the most impressive announcements at Microsoft Ignite, next to many of the Azure Arc and Azure Stack announcements, was the announcement of the Azure Automanage for virtual machines (VMs) public preview. As you know, Microsoft Azure offers many management services for Azure virtual machines (VMs). However, finding and configured these services can be some work. Azure Automanage for virtual machines helps to address precisely that. Azure Automanage for virtual machines is a service that eliminates the need to discover, know how to onboard, and how to configure certain services in Azure that would benefit your virtual machine.

UPDATE: Azure Automanage now also supports servers running outside of Azure (on-premises or other cloud providers) using Azure Arc. Check out my blog for more details: Azure Automanage for Arc enabled servers

In summary, Azure Automanage provides the following features to reduced cost by automating Windows Server management, improved workload uptime with optimized operations, and implementation of security best practices.

Intelligently onboards virtual machines to select best practices Azure services
Automatically configures each service per Azure best practices.
Monitors for drift and corrects for it when detected.
Provides a simple experience (point, click, set, forget)

You can find more information on Microsoft Docs.

Sep302020September 30, 2020September 29, 20200 Commentby Thomas Maurer

Azure Stack Hub Partner Solutions Series – Datacom

Posted in Microsoft, Microsoft Azure, Thomas Maurer, Virtualization

Together with the Azure Stack Hub team, we are starting a journey to explore the ways our customers and partners use, deploy, manage, and build solutions on the Azure Stack Hub platform. Together with the Tiberiu Radu (Azure Stack Hub PM @rctibi), we created a new Azure Stack Hub Partner solution video series to show how our customers and partners use Azure Stack Hub in their Hybrid Cloud environment. In this series, as we will meet customers that are deploying Azure Stack Hub for their own internal departments, partners that run managed services on behalf of their customers, and a wide range of in-between as we look at how our various partners are using Azure Stack Hub to bring the power of the cloud on-premises.

Datacom is an Azure Stack Hub partner that provides both multi-tenant environments, as well as dedicated ones. They focus on providing value to their customers and meeting them where they are by providing managed services as well as complete solutions. Datacom focuses on a number of customers ranging from large government agencies as well as enterprise customers. Join the Datacom team as we explore how they provide value and solve customer issues using Azure and Azure Stack Hub.

Links mentioned through the video:

Sep102020September 10, 2020September 10, 20201 Commentby Thomas Maurer

How to configure Azure Automatic VM guest OS patching

Posted in Microsoft, Microsoft Azure, PowerShell, Windows, Windows Server

If you want to keep your Azure virtual machines (VMs) up-to-date, then there is a service called Azure Update Management, which helps you to manage updates on your Azure VM guest operating system. However, this needed some additional planning and configuration. To make patching of your Azure virtual machines (VMs) easier, there is a new option called Automatic VM guest patching, which helps ease update management by safely and automatically patching virtual machines to maintain security compliance.

Automatic VM guest patching is now available in public preview for Windows virtual machines on Azure.

With Azure automatic VM guest patching enabled, the VM is assessed periodically to check for available operating system patches for that Azure VM. Updates classified as ‘Critical’ or ‘Security’ are automatically downloaded and installed on the VM during off-peak hours. This patch orchestration is managed and handled by Azure and patches are applied following availability-first principles.

In a nutshell, Azure automatic VM guest patching has the following capabilities:

Patches classified as Critical or Security are automatically downloaded and applied on the VM.
Patches are applied during off-peak hours in the VM’s time zone.
Patch orchestration is managed by Azure and patches are applied following availability-first principles.
Virtual machine health, as determined through platform health signals, is monitored to detect patching failures.
Works for all VM sizes.

Patches are installed within 30 days of the monthly Windows Update release, following availability-first orchestration described below. Patches are installed only during off-peak hours for the VM, depending on the time zone of the VM. The VM must be running during the off-peak hours for patches to be automatically installed. If a VM is powered off during a periodic assessment, the VM will be automatically assessed and applicable patches will be installed automatically during the next periodic assessment when the VM is powered on.

You can find more information on Azure automatic VM guest patching on Microsoft Docs.

How to enable Azure Automatic VM guest OS patching

To enable Azure automatic VM guest OS (operating system) patching, we currently have a couple of requirements.

Currently, only Windows VMs are supported (Preview). Currently, Windows Server 2012 R2, 2016, 2019 Datacenter SKUs are supported. (and more are added periodically).
Only VMs created from certain OS platform images are currently supported in the preview. Which means custom images are currently not supported in the preview.
The virtual machine must have the Azure VM Agent installed.
The Windows Update service must be running on the virtual machine.
The virtual machine must be able to access Windows Update endpoints. If your virtual machine is configured to use Windows Server Update Services (WSUS), the relevant WSUS server endpoints must be accessible.
Use Compute API version 2020-06-01 or higher.

These requirements might change in the future during the preview phase (for the current requirements check out Microsoft Docs).

During the preview, this feature requires a one-time opt-in for the feature InGuestAutoPatchVMPreview per subscription. You can run the following Azure PowerShell or Azure CLI command.

Azure PowerShell:

# Register AzProvider
Register-AzProviderFeature -FeatureName InGuestAutoPatchVMPreview -ProviderNamespace Microsoft.Compute
 
# Check the registration status
Get-AzProviderFeature -FeatureName InGuestAutoPatchVMPreview -ProviderNamespace Microsoft.Compute
 
# Once the feature is registered for your subscription, complete the opt-in process by changing the Compute resource provider.
Register-AzResourceProvider -ProviderNamespace Microsoft.Compute

Now you can enable automatic VM guest patching for your Azure virtual machines within that subscription. To do that you can currently use the REST API, Azure PowerShell, or the Azure CLI.

With Azure CLI, you can use the az vm get-instance-view .

az vm update --resource-group test-autopatch-rg--name azwinvm01 --set osProfile.windowsConfiguration.enableAutomaticUpdates=true osProfile.windowsConfiguration.patchSettings.patchMode=AutomaticByPlatform

You can see that there are two important parameters for this cmdlet. First the -enableAutoUpdate and secondly the -PatchMode. There are currently three different patch orchestration modes you can configure.

AutomaticByPlatform

This mode enables automatic VM guest patching for the Windows virtual machine and subsequent patch installation is orchestrated by Azure.
Setting this mode also disables the native Automatic Updates on the Windows virtual machine to avoid duplication.
This mode is only supported for VMs that are created using the supported OS platform images above.

AutomaticByOS

This mode enables Automatic Updates on the Windows virtual machine, and patches are installed on the VM through Automatic Updates.
This mode is set by default if no other patch mode is specified.

Manual

This mode disables Automatic Updates on the Windows virtual machine.
This mode should be set when using custom patching solutions.

If you need more control, I recommend that you have a look at Azure Update Management, which is already publicly available and also supports Windows and Linux servers running in Azure or on-premises.

To verify whether automatic VM guest patching has completed and the patching extension is installed on the VM, you can review the VM’s instance view.

az vm get-instance-view --resource-group test-autopatch-rg --name azwinvm01

This will show you the following result:

Azure Automatic VM Guest OS Patching Status

You can also create the patch assessment on-demand.

Invoke-AzVmPatchAssessment -ResourceGroupName "myResourceGroup" -VMName "myVM"

I hope this provides you with an overview of the new Azure automatic VM guest patching feature. If you want to have some advanced capabilities to manage updates for your Azure VMs and even your servers running on-premises, check out Azure Update Management. This will provide you with some advanced settings and your own maintenance schedules. If you have any questions, feel free to leave a comment.

Sep032020September 3, 2020September 3, 20200 Commentby Thomas Maurer

Learn about Windows Server Hybrid and Azure IaaS VMs

Learn Windows Server Hybrid and Azure IaaS VMs

Posted in Certification, Microsoft, Microsoft Azure, Windows Server

A couple of weeks back I promoted a post about how you can learn about Windows Server on Azure and a post on ITOpsTalk for New Microsoft Learn Modules for Azure and Windows Server IT Pros. This week I got another message by colleague Orin Thomas (Cloud Advocate and Author of the Windows Server 2019 Book), that a lot more Microsoft Learn modules have been published, covering Windows Server Hybrid and Windows Server on Azure IaaS VMs (Infrastructure-as-a-Service).

Learn about Windows Server Hybrid and Windows Server Azure IaaS VMs 🎓

Here is a full list of Microsoft Learn modules to learn about Windows Server Hybrid and Windows Server Azure IaaS VMs (virtual machines). This includes many of the Azure Hybrid Cloud services you can use together with Azure, like Azure Arc, Azure File Sync, Azure Site Recovery, and many more. These Microsoft Learn modules also cover a lot of the Azure Management services to manage your Windows Server virtual machines running on Azure, like Azure Monitor, Azure Update Management, networking, and much more.

Implement Hybrid Identity Windows Server
In this module, you’ll learn to configure an Azure environment so that Windows IaaS workloads requiring Active Directory are supported. You’ll also learn to integrate on-premises Active Directory Domain Services (AD DS) environment into Azure.
Implement DNS for Windows Server IaaS VMs
In this module, you’ll learn to configure DNS for Windows Server IaaS VMs, choose the appropriate DNS solution for your organization’s needs, and run a DNS server in a Windows Server Azure IaaS VM.
Implement Windows Server IaaS VM IP addressing and Routing
In this module, you’ll learn how to manage Microsoft Azure virtual networks (VNets) and IP address configuration for Windows Server infrastructure as a service (IaaS) virtual machines (VM)s.
Deploy and Manage Azure IaaS Active directory Domain Controllers in Azure
In this module, you’ll learn how to extend an existing Active Directory environment into Azure by placing IaaS VMs configured as domain controllers onto a specially configured Azure virtual network (VNet) subnet.
Implement Change Tracking and File Integrity Monitoring
In this module, you’ll learn how to monitor Windows Server Azure IaaS VMs for changes in files and the registry, as well as other monitor modifications made to application software.
Implement Windows Server IaaS VM Network Security
In this module, you will focus on how to improve the network security for Windows Server infrastructure as a service (IaaS) virtual machines (VMs) and how to diagnose network security issues with those VMs.
Implement a hybrid file server infrastructure
In this module, you’ll learn to deploy Azure File Sync, migrate from DFS, and use Storage Migration Services to migrate file servers to Azure.
Implement hybrid backup and recovery with Windows Server IaaS
You’ll learn about Azure Backup before learning to implement Recovery Vaults and Azure Backup Policies. You’ll learn to implement Windows IaaS VM recovery, perform backup and restore of on-premises workloads, and manage Azure VM backups.
Implement scale and high availability with Windows Server VM
You’ll learn how to implement scaling for virtual machine scale sets and load-balanced VMs. You’ll also learn how to implement Azure Site Recovery.
Manage hybrid workloads with Azure Arc
You will learn to describe Azure Arc, implement Azure Arc with on-premises server instances, deploy Azure policies with Azure Arc, and use role-based access control (RBAC) to restrict access to Log Analytics data.
Monitor Windows Server IaaS Virtual Machines and hybrid instances
You’ll be able to implement Azure Monitor for IaaS VMs in Azure, implement Azure Monitor in on-premises environments, and use dependency maps.
Manage Azure updates
You’ll be able to enable Azure Update Management, deploy updates, review an update assessment, and manage updates for your Azure VMs.
Migrate on-premises Windows Server instances to Azure IaaS virtual machines
You’ll be able to plan a migration and select appropriate server migration tools. You will also learn how to use Azure Migrate, how to assess physical servers, and how to migrate those servers.
Audit Security of IaaS VMs
You’ll learn about Azure Security Center and how to onboard Windows Server computers to Security Center. You’ll also learn about Azure Sentinel, security information and event management (SIEM), and security orchestration, automation, and response (SOAR).
Implement Windows Server Azure Hybrid Network Infrastructure
You’ll learn to connect your on-premises environment to Azure, implement subnets and routing between your on-premises and cloud environments, and ensure that workloads in the cloud and on-premises perform DNS resolution to locate each other.
Configure BitLocker disk encryption for Windows IaaS Virtual Machines
You’ll be able to configure Azure Disk Encryption for Windows IaaS VMs and back up and recover encrypted data.
Plan and deploy Windows Server IaaS Virtual Machines
You’ll be able to describe Azure compute and storage in relation to Azure VMs, and deploy Azure VMs by using the Azure portal, Azure CLI, or templates.
Automate the configuration of Windows Server IaaS Virtual Machines
You’ll be able to deploy Desired State Configuration (DSC) extensions, implement those extensions to remediate noncompliant servers, and use custom script extension.
Administer and manage Windows Server IaaS Virtual Machine remotely
You’ll be able to use suitable tools and techniques to manage Windows IaaS VMs remotely. You’ll also be able to restrict administrative connections to those VMs.
Understand Windows Server IaaS Virtual Machine cost management
You’ll be able to use the Pricing calculator to assess likely costs, use Azure Advisor to monitor actual costs for Azure resources, implement Spot VMs and Azure Reservations, and describe benefits of Azure Hybrid licensing.
Customize Windows Server IaaS Virtual Machine images
You’ll be able to create new VMs from generalized images and use Azure Image Builder templates to create and manage images in Azure.
Create and implement application allowlists with adaptive application control
You’ll be able to implement Adaptive application controls within your organization to protect your Windows Server IaaS VMs.
Upgrade and migrate Windows Server IaaS virtual machines
Learn to migrate a workload running in Windows Server to an infrastructure as a service (IaaS) virtual machine (VM) and to Windows Server 2019 by using Windows Server migration tools or the Storage Migration Service.

I hope you enjoy the new Microsoft Learn modules for Windows Server Hybrid and Windows Server on Azure IaaS. If you have any questions feel free to leave a comment below. If you are looking forward to take some exams, also check out my Microsoft exam study guides, for example for:

Happy Learning!

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Tag: IaaS

Manage updates and patches for your Azure VMs

Azure Stack Hub Partner Solutions Series – RFC

How to Run Scripts in your Azure VM using Run Command

Azure VM Run Command in the Azure Portal

Azure Stack Hub Partner Solutions Series – myCloudDoor

Azure Stack Hub Partner Solutions Series – Salt

Azure Stack Hub Partner Solutions Series – Datacom

How to configure Azure Automatic VM guest OS patching

How to enable Azure Automatic VM guest OS patching

Learn Windows Server Hybrid and Azure IaaS VMs

Learn about Windows Server Hybrid and Windows Server Azure IaaS VMs 🎓

About Thomas Maurer

Follow Me

Subscribe

Sponsors