Tag: IaaS

Azure Advisor Recommendations

Azure Advisor: How to Improve performance, security, and reliability of your Azure VMs

Running virtual machines in Azure is great. However, there are a lot of things you need to think about to improve performance, security, and reliability. Your cloud environment is also constantly changing, so you will need to check your Azure VMs from time to time. Luckily, there is a service called Azure Advisor which is a personalized cloud consultant that helps you follow best practices to optimize your Azure deployments. It analyzes your resource configuration and usage telemetry and then recommends solutions that can help you improve the cost-effectiveness, performance, reliability, and security of your Azure resources.

With Advisor, you can:

  • Get proactive, actionable, and personalized best practices recommendations.
  • Improve the performance, security, and reliability of your resources, as you identify opportunities to reduce your overall Azure spend.
  • Get recommendations with proposed actions inline.

How to check your Azure Advisor recommendations for your Azure virtual machines (VMs)

You can access Azure Advisor, for all Azure services through the Azure portal or directly in as an option in the Azure VM navigation.

Azure Advisor recommendations for Azure VMs
Azure Advisor recommendations for Azure VMs

From here you can read more about the recommendation and get more details, as well as take action.

You can also create an Azure Advisor recommendation digest, so you can find your recommendations directly in your inbox.

Azure Advisor recommendation digest
Azure Advisor recommendation digest

Conclusion

Azure Advisor is a great tool to get recommendations for not just your Azure virtual machines, but also for other Azure services. Azure Advisor can also help you to optimize your Azure environment and deployments. If you want to learn more check out Microsoft Docs.

Want to learn more about tools that can help you work with Azure? Check out Azure PowerShell and the Azure CLI. These tools have some cool new features like Az Predictor PowerShell module, which helps you to predict your PowerShell commands or use the Az Next AI-powered assistant in the Azure CLI.

If you have any questions, feel free to leave a comment below.



Manage updates and patches for your Azure VMs

Manage updates and patches for your Azure VMs

In this week’s Azure tip video we are going to have a look at how to manage updates and patches for your Azure virtual machines (VMs). After watching this video, you’ll be able to enable Azure Update Management, deploy updates, review an update assessment, and manage updates for your Azure VMs.

You can use Update Management in Azure Automation to manage operating system updates for your Windows and Linux machines in Azure, in on-premises environments, and in other cloud environments. You can quickly assess the status of available updates on all agent machines and manage the process of installing required updates for servers. If you want to learn more, check out my blog post on how to manage updates on Azure VMs. Also, make sure you check out a new feature called Azure Automatic VM Guest OS patching. To learn more about that feature, check out my blog post: How to configure Azure Automatic VM guest OS patching

To learn more about Azure Update management for your Azure virtual machines, check out the following links:

I hope this video was help full when it comes to managing updates and patches for your Azure VMs. If you have any questions, comments, or another great idea for an Azure tip video, feel free to leave a comment below.



Azure Stack Hub Partner Solutions Series – RFC

Azure Stack Hub Partner Solutions Series – RFC

This week in our Azure Stack Hub Partner solution video series, I am going to introduce you to Azure Stack Hub Partner RFC. RFC is a strong partner focusing on offering a range of hosted services, managed services, and consultancy to its customers. They partner with a number of other ISVs to offer a complete solution where needed and have a range of customers. Join us in this video to explore how RFC provides value to their customer, both by partnering with other ISVs where needed or offering the Azure Stack Hub platform directly.

In this series, as we will meet customers that are deploying Azure Stack Hub for their own internal departments, partners that run managed services on behalf of their customers, and a wide range of in-between as we look at how our various partners are using Azure Stack Hub to bring the power of the cloud on-premises.

Links mentioned through the video:

I hope this video was helpful and you enjoyed watching it. If you have any questions, feel free to leave a comment below. If you want to learn more about the Microsoft Azure Stack portfolio, check out my blog post.



Azure VM Run Command Run PowerShell Script

How to Run Scripts in your Azure VM using Run Command

You can access your Azure IaaS virtual machine (VM) in multiple ways like SSH or RDP, depending on your operating system and configuration. However, if you have issues with the RDP or SSH network configuration, you need to have a way to troubleshoot your virtual machine (VM). Luckily Azure offers you different management tools to work with Azure VMs for automation or troubleshooting. With the Run Command can run a PowerShell or shell script within an Azure VM remotely by using the VM agent. This scenario is especially useful when you need to troubleshoot operating system network configurations or user access configuration. For example, it can be convenient to reset RDP configurations on Windows Server virtual machines.

You use Run Command for Azure VMs through the Azure portalREST API, Azure CLI, or PowerShell. Here are some examples:

Azure VM Run Command in the Azure Portal

You can run the command directly from the Azure Portal. In the menu of the Azure VM, you can select Run command. Here you can find some predefined scripts to troubleshoot your Azure VM. In the case of a Windows VM, you will find scripts like configuring RDP port or enable PowerShell remoting. But you can also run your custom PowerShell script.

Azure VM Run Command Run PowerShell Script

Azure VM Run Command Run PowerShell Script

For Linux VMs, you will find predefined options to run a Linux shell script or ifconfig to list the network configuration.



Azure Stack Partner Series MyCloudDoor

Azure Stack Hub Partner Solutions Series – myCloudDoor

Together with the Azure Stack Hub team, I am on a journey to explore the ways our customers and partners use, deploy, manage, and build solutions on the Azure Stack Hub platform. Today, Tiberiu and I had the chance to speak to myCloudDoor. MyCloudDoor is an Azure Stack Hub partner and Preferred SI that focused on managed services and creating value for its customers throughout the world. They have a wide range of customers across many verticals. Join the myCloudDoor team as we explore how they provide value and solve customer issues using Azure and Azure Stack Hub.

You can read more about the video series I created with Tiberiu Radu (Azure Stack Hub PM @rctibi) on our introduction blog: Azure Stack Hub Partner solution video series to show how our customers and partners use Azure Stack Hub in their Hybrid Cloud environment. In this series, as we will meet customers that are deploying Azure Stack Hub for their own internal departments, partners that run managed services on behalf of their customers, and a wide range of in-between as we look at how our various partners are using Azure Stack Hub to bring the power of the cloud on-premises.

 

Links mentioned through the video:

I hope this video was helpful and you enjoyed watching it. If you have any questions, feel free to leave a comment below. If you want to learn more about the Microsoft Azure Stack portfolio, check out my blog post.



Azure Stack Hub Partner Solutions Series – Salt

Azure Stack Hub Partner Solutions Series – Salt

Together with the Tiberiu Radu (Azure Stack Hub PM @rctibi), we created a new Azure Stack Hub Partner solution video series to show how our customers and partners use Azure Stack Hub in their Hybrid Cloud environment. In this series, as we will meet customers that are deploying Azure Stack Hub for their own internal departments, partners that run managed services on behalf of their customers, and a wide range of in-between as we look at how our various partners are using Azure Stack Hub to bring the power of the cloud on-premises.

Today, I want you to introduce you to Azure Stack Hub Partner Salt. Salt is a Service Provider that has won the Microsoft Partner of the Year 3 times since 2017. Their business focuses on bringing a multi-tenanted Azure Stack Hub environment in the Caribbean Islands. Join them as they tell us more about their journey towards becoming a trusted advisor to their customers and learn more about the types of workloads planned with Azure Stack Hub.

Links mentioned through the video:

I hope this video was helpful and you enjoyed watching it. If you have any questions, feel free to leave a comment below. If you want to learn more about the Microsoft Azure Stack portfolio, check out my blog post.



Automanage for Azure virtual machines

Automanage for Azure virtual machines

For me, one of the most impressive announcements at Microsoft Ignite, next to many of the Azure Arc and Azure Stack announcements, was the announcement of the Azure Automanage for virtual machines (VMs) public preview. As you know, Microsoft Azure offers many management services for Azure virtual machines (VMs). However, finding and configured these services can be some work. Azure Automanage for virtual machines helps to address precisely that. Azure Automanage for virtual machines is a service that eliminates the need to discover, know how to onboard, and how to configure certain services in Azure that would benefit your virtual machine.

UPDATE: Azure Automanage now also supports servers running outside of Azure (on-premises or other cloud providers) using Azure Arc. Check out my blog for more details: Azure Automanage for Arc enabled servers

In summary, Azure Automanage provides the following features to reduced cost by automating Windows Server management, improved workload uptime with optimized operations, and implementation of security best practices.

  • Intelligently onboards virtual machines to select best practices Azure services
  • Automatically configures each service per Azure best practices.
  • Monitors for drift and corrects for it when detected.
  • Provides a simple experience (point, click, set, forget)

You can find more information on Microsoft Docs.



Azure Stack Hub Partner Solutions Series - Datacom

Azure Stack Hub Partner Solutions Series – Datacom

Together with the Azure Stack Hub team, we are starting a journey to explore the ways our customers and partners use, deploy, manage, and build solutions on the Azure Stack Hub platform. Together with the Tiberiu Radu (Azure Stack Hub PM @rctibi), we created a new Azure Stack Hub Partner solution video series to show how our customers and partners use Azure Stack Hub in their Hybrid Cloud environment. In this series, as we will meet customers that are deploying Azure Stack Hub for their own internal departments, partners that run managed services on behalf of their customers, and a wide range of in-between as we look at how our various partners are using Azure Stack Hub to bring the power of the cloud on-premises.

Datacom is an Azure Stack Hub partner that provides both multi-tenant environments, as well as dedicated ones. They focus on providing value to their customers and meeting them where they are by providing managed services as well as complete solutions. Datacom focuses on a number of customers ranging from large government agencies as well as enterprise customers. Join the Datacom team as we explore how they provide value and solve customer issues using Azure and Azure Stack Hub.

Links mentioned through the video:

I hope this video was helpful and you enjoyed watching it. If you have any questions, feel free to leave a comment below. If you want to learn more about the Microsoft Azure Stack portfolio, check out my blog post.



Azure Automatic VM Guest OS Patching

How to configure Azure Automatic VM guest OS patching

If you want to keep your Azure virtual machines (VMs) up-to-date, then there is a service called Azure Update Management, which helps you to manage updates on your Azure VM guest operating system. However, this needed some additional planning and configuration. To make patching of your Azure virtual machines (VMs) easier, there is a new option called Automatic VM guest patching, which helps ease update management by safely and automatically patching virtual machines to maintain security compliance.

Automatic VM guest patching is now available in public preview for Windows virtual machines on Azure.

With Azure automatic VM guest patching enabled, the VM is assessed periodically to check for available operating system patches for that Azure VM. Updates classified as ‘Critical’ or ‘Security’ are automatically downloaded and installed on the VM during off-peak hours. This patch orchestration is managed and handled by Azure and patches are applied following availability-first principles.

In a nutshell, Azure automatic VM guest patching has the following capabilities:

  • Patches classified as Critical or Security are automatically downloaded and applied on the VM.
  • Patches are applied during off-peak hours in the VM’s time zone.
  • Patch orchestration is managed by Azure and patches are applied following availability-first principles.
  • Virtual machine health, as determined through platform health signals, is monitored to detect patching failures.
  • Works for all VM sizes.

Patches are installed within 30 days of the monthly Windows Update release, following availability-first orchestration described below. Patches are installed only during off-peak hours for the VM, depending on the time zone of the VM. The VM must be running during the off-peak hours for patches to be automatically installed. If a VM is powered off during a periodic assessment, the VM will be automatically assessed and applicable patches will be installed automatically during the next periodic assessment when the VM is powered on.

You can find more information on Azure automatic VM guest patching on Microsoft Docs.

How to enable Azure Automatic VM guest OS patching

To enable Azure automatic VM guest OS (operating system) patching, we currently have a couple of requirements.

  • Currently, only Windows VMs are supported (Preview). Currently, Windows Server 2012 R2, 2016, 2019 Datacenter SKUs are supported. (and more are added periodically).
  • Only VMs created from certain OS platform images are currently supported in the preview. Which means custom images are currently not supported in the preview.
  • The virtual machine must have the Azure VM Agent installed.
  • The Windows Update service must be running on the virtual machine.
  • The virtual machine must be able to access Windows Update endpoints. If your virtual machine is configured to use Windows Server Update Services (WSUS), the relevant WSUS server endpoints must be accessible.
  • Use Compute API version 2020-06-01 or higher.

These requirements might change in the future during the preview phase (for the current requirements check out Microsoft Docs).

During the preview, this feature requires a one-time opt-in for the feature InGuestAutoPatchVMPreview per subscription. You can run the following Azure PowerShell or Azure CLI command.

Azure PowerShell:

# Register AzProvider
Register-AzProviderFeature -FeatureName InGuestAutoPatchVMPreview -ProviderNamespace Microsoft.Compute
 
# Check the registration status
Get-AzProviderFeature -FeatureName InGuestAutoPatchVMPreview -ProviderNamespace Microsoft.Compute
 
# Once the feature is registered for your subscription, complete the opt-in process by changing the Compute resource provider.
Register-AzResourceProvider -ProviderNamespace Microsoft.Compute

Now you can enable automatic VM guest patching for your Azure virtual machines within that subscription. To do that you can currently use the REST API, Azure PowerShell, or the Azure CLI.

With Azure CLI, you can use the az vm get-instance-view .

az vm update --resource-group test-autopatch-rg--name azwinvm01 --set osProfile.windowsConfiguration.enableAutomaticUpdates=true osProfile.windowsConfiguration.patchSettings.patchMode=AutomaticByPlatform

You can see that there are two important parameters for this cmdlet. First the -enableAutoUpdate and secondly the -PatchMode. There are currently three different patch orchestration modes you can configure.

AutomaticByPlatform

  • This mode enables automatic VM guest patching for the Windows virtual machine and subsequent patch installation is orchestrated by Azure.
  • Setting this mode also disables the native Automatic Updates on the Windows virtual machine to avoid duplication.
  • This mode is only supported for VMs that are created using the supported OS platform images above.

AutomaticByOS

  • This mode enables Automatic Updates on the Windows virtual machine, and patches are installed on the VM through Automatic Updates.
  • This mode is set by default if no other patch mode is specified.

Manual

  • This mode disables Automatic Updates on the Windows virtual machine.
  • This mode should be set when using custom patching solutions.

If you need more control, I recommend that you have a look at Azure Update Management, which is already publicly available and also supports Windows and Linux servers running in Azure or on-premises.

To verify whether automatic VM guest patching has completed and the patching extension is installed on the VM, you can review the VM’s instance view.

az vm get-instance-view --resource-group test-autopatch-rg --name azwinvm01

This will show you the following result:

Azure Automatic VM Guest OS Patching Status

Azure Automatic VM Guest OS Patching Status

You can also create the patch assessment on-demand.

Invoke-AzVmPatchAssessment -ResourceGroupName "myResourceGroup" -VMName "myVM"

I hope this provides you with an overview of the new Azure automatic VM guest patching feature. If you want to have some advanced capabilities to manage updates for your Azure VMs and even your servers running on-premises, check out Azure Update Management. This will provide you with some advanced settings and your own maintenance schedules. If you have any questions, feel free to leave a comment.



Learn about Windows Server Hybrid and Azure IaaS VMs

Learn Windows Server Hybrid and Azure IaaS VMs

A couple of weeks back I promoted a post about how you can learn about Windows Server on Azure and a post on ITOpsTalk for New Microsoft Learn Modules for Azure and Windows Server IT Pros. This week I got another message by colleague Orin Thomas (Cloud Advocate and Author of the Windows Server 2019 Book), that a lot more Microsoft Learn modules have been published, covering Windows Server Hybrid and Windows Server on Azure IaaS VMs (Infrastructure-as-a-Service).

Learn about Windows Server Hybrid and Windows Server Azure IaaS VMs 🎓

Here is a full list of Microsoft Learn modules to learn about Windows Server Hybrid and Windows Server Azure IaaS VMs (virtual machines). This includes many of the Azure Hybrid Cloud services you can use together with Azure, like Azure Arc, Azure File Sync, Azure Site Recovery, and many more. These Microsoft Learn modules also cover a lot of the Azure Management services to manage your Windows Server virtual machines running on Azure, like Azure Monitor, Azure Update Management, networking, and much more.

I hope you enjoy the new Microsoft Learn modules for Windows Server Hybrid and Windows Server on Azure IaaS. If you have any questions feel free to leave a comment below. If you are looking forward to take some exams, also check out my Microsoft exam study guides, for example for:

Happy Learning!