Tag: Management

Azure Hybrid

Azure Arc – Cloud-native Management for Hybrid Cloud

Azure Hybrid is not just Azure Stack, it also includes a couple of other Azure Hybrid services like Azure Update Management, Azure File Sync and many more. Today, Microsoft will extend the hybrid cloud solutions in Azure and announced Azure Arc, which is designed to extend Azure Management to any infrastructure. In the new world where organizations run servers, containers, and applications across multi-cloud environments, on-premises locations, and the edge, managing these hybrid resources becomes challenging. Azure Arc enables cloud-native Azure management across any infrastructure and also allows you to run Azure data services to be deployed anywhere. It includes hybrid server management, Kubernetes and Azure data services.

Azure Arc Overview

Azure Arc Overview

As you can see Azure Arc consists of a set of different technologies and components like:

  • Organize and govern all your servers – Azure Arc extends Azure management to physical and virtual servers anywhere. Govern and manage servers from a single scalable management pane. You can learn more about Azure Arc for servers here.
  • Manage Kubernetes apps at scale – Deploy and configure Kubernetes applications consistently across all your environments with modern DevOps techniques.
  • Run data services anywhere – Deploy Azure data services in moments, anywhere you need them. Get simpler compliance, faster response times, and better security for your data. You can learn more here.
  • Adopt cloud technologies on-premises – Bringing cloud-native management to your hybrid environment.

In this blog post, we will have a closer look at hybrid server management. If you want to know more about Azure Arc, check out the announcement blog post by Jeremy Winter, Director of Program Management, Microsoft Azure.

Cloud-native Azure management for hybrid environments with Azure Arc

By extending Azure Resource Manager to support hybrid cloud environments, Azure Arc to make it easier to implement cloud security across environments with centralized role-based access control, security policies. Azure Management provides you now with a single control plane for Azure native and Azure Arc resources.

Azure Management Overview

Azure Management Overview

Hybrid Server Management

Today Azure Arc allows you to onboard physical and virtual servers in your hybrid environment (on-premises, edge, and multi-cloud). By joining serves to Azure Arc, you get the benefits you are used from native Azure resources, like tags, RBAC, and many more. In the preview, you can now use Azure Management services like Azure Log Analytics and Azure Policy to make sure your servers are compliant across your hybrid environment.

Hybrid Server Management

Hybrid Server Management

I had the chance to have a very early chat with Jian Yan from the Azure Management team, a couple of weeks ago, about hybrid server management. Check out the video here:

Join the Preview

Azure Arc for Server is currently in public preview, while you can sign up for the preview to manage Kubernetes and data services. To enable hybrid server management, you must register the required Resource Providers.

  • Microsoft.HybridCompute
  • Microsoft.GuestConfiguration

You can register the resource providers with the following Azure PowerShell commands:

Login-AzAccount
Set-AzContext -SubscriptionId [subscription you want to onboard]
Register-AzResourceProvider -ProviderNamespace Microsoft.HybridCompute
Register-AzResourceProvider -ProviderNamespace Microsoft.GuestConfiguration

or with Azure CLI:

az account set --subscription "{Your Subscription Name}"
az provider register --namespace 'Microsoft.HybridCompute'
az provider register --namespace 'Microsoft.GuestConfiguration'

You can also run them from Azure Cloud Shell. If you want to know more, check out the following Microsoft Docs article.

Onboarding Servers to Azure Arc

As mentioned we will have a closer look here at how you can onboard Linux and Windows Server to Azure Arc. To onboard a server which can run Linux or Windows, physical or virtual, and can run on-premises or at another service provider, you open Azure Arc in the Azure Portal. There you can select manage servers.

Azure Arc Portal

Azure Arc Portal

Here you will see your existing servers which you have on-boarded.

Azure Arc Server in Portal

Azure Arc Server in Portal

 

You can click on Add, to add another server. You will be able to add a single server or get instructions to onboard servers at scale.

Add server to Azure Arc

Add server to Azure Arc

Here you can go through a wizard that will help you to generate a script, which you can copy or download to run it on your server. You can select the subscription and resource group, as well as the region where you want to join your server.

You will also be able to configure a proxy server if your server is behind a proxy. Since this will use the Azure Resource Manager, you will also be able to use tags. After you are done with the wizard, you are able to download or copy the command to run that on your server.

Generate Script

Generate Script

After you have run that command on your on-premises server, your server will show up as an Azure resource in a couple of minutes.

Use Windows Admin Center to onboard a server to Azure Arc

Windows Admin Center and Azure Stack HCI

Windows Admin Center and Azure Stack HCI

If you are using Windows Admin Center on Windows Server or with Azure Stack HCI, you can also onboard servers directly from there. Go to the settings of the server and click on Azure Arc. Now you can sign in and select the specific subscription and resource group.

More

If you want to know more about the Azure Hybrid announcements at Microsoft Ignite 2019, check out the blog post of Julia White. If you want to know more about Azure Arc, check out the blog post from Jeremy Winter. If you have any questions about it feel free to leave a comment, or if you are at Microsoft Ignite, feel free to talk to me and the Azure team.

I will also host a Microsoft Ignite Live interview with Jian Yan, which you can watch live in Orlando or online.

Microsoft Ignite Live

Azure is built from the ground up to manage at-scale, cross-geography environments with multiple operational models and DevOps patterns. The vision is to keep Azure at the center of the enterprise as the control plane for governance, management, and modern development and bring the Azure management capabilities and services to any customer environment. In this session, we demo one of the extension services to enable you to bring servers from anywhere to Azure, and use Azure to get a compliance view for all your server assets.



New Windows Server Performance Monitor

New Performance Monitor for Windows Server

In this blog post, I am going to show you the new Windows Performance Monitor feature in Windows Admin Center. This feature was announced publicly at Microsoft Ignite 2019. But before we are going to have a look at the new Windows Admin Center Performance Monitor extension, it is time for some history. If you have worked with Windows or Windows Server in the past, you almost certainly have used a tool called perfmon.exe, or Windows Performance Monitor.

You can use Windows Performance Monitor to examine how programs affect your computer’s performance, both in real-time and by collecting log data for later analysis. It uses performance counters, event trace data, and configuration information, which can be combined into Data Collector Sets. Perfmon exists already for a long time. It is super powerful for troubleshooting Windows. However, it is definitely if you look at the classic MMC user-interface and the user-experience in general, probably not your favorite tool to use. That is why we needed something better.

Perfmon

Perfmon.exe

Windows Reliability and Performance Monitor is a Microsoft Management Console (MMC) snap-in that provides tools for analyzing system performance. From a single console, you can monitor application and hardware performance in real time, customize what data you want to collect in logs, define thresholds for alerts and automatic actions, generate reports, and view past performance data in a variety of ways.

You can find more about the classic perfmon.exe here.

A couple of weeks ago, I was contacted by Windows Server Program Manager Cosmos Darwin, who works at great features in Windows Server like Storage Spaces Direct. He asked me if I remember my feedback item in user voice, which I created a couple of years ago.

Windows Server Windows Admin Center User Voice Feedback

Windows Server Windows Admin Center User Voice Feedback

Back then, I wasn’t working for Microsoft, but I was working in a couple of different projects where we were using Windows Server and needed to build a real-time performance monitoring system. Which allowed us to monitor remote servers and clusters.

And here it is, the shiny new Windows Admin Center Performance Monitor extension. This new UI is integrated into the web-based Windows Admin Center management tool.

Windows Admin Center Performance Monitor

Windows Admin Center Performance Monitor

Using the Performance Monitor extension in Windows Admin Center uses the same performance data as perfmon, like performance counters, which means that it will just work with your existing configuration. However, it adds a couple of benefits. No worries, the classic perfmon.exe is still there for you to use it.

  • Easy Remoting ✔ – You can easily use it on your remote machine. Windows Admin Center uses PowerShell remoting in the background to connect to the remote computer.
  • Share Workspaces ✔ – You can create workspaces that you can save and use for multiple systems within the same Windows Admin Center instance. But you can also export them and import them on other Windows Admin Center gateway installations.
    Upload and Download Workspaces

    Upload and Download Workspaces

  • Search and highlighting ✔ – You can easily search for objects and counters. Performance Monitor also highlights the useful objects for your system. So you don’t have to guess which counter to use.
    Performance Monitor Search Counter

    Performance Monitor Search Counter

  • Different Graph Types ✔ – You can use different types of graphs, which make it easier to find and compare the right information depending on your scenario.
    Min-Max View

    Min-Max View

    Windows Server Performance Monitor Heatmap

    Windows Server Performance Monitor Heatmap

     

I hope this gives you a quick overview of the new Performance Monitor extension in Windows Admin Center. You can get Windows Admin Center from here. If you have any questions, feel free to leave a comment. There is also a short survey, about different tools like perfmon, this will directly influence the work on Windows Admin Center. You can check out the official announcement blog here.

By the way, Windows Admin Center also offers a great set of Azure Hybrid services integration. Check out my blog post and videos about the Azure Hybrid services in Windows Admin Center.



Connect Azure VMs with Windows Admin Center

How to manage Azure VMs with Windows Admin Center

Windows Admin Center is a browser-based management tool to manage your servers, clusters, hyper-converged infrastructure, and Windows 10 PCs. You can deploy it anywhere you want. If you run on-prem, you can install it on a Windows Server running in your infrastructure, or you can also install Windows Admin Center on an Azure virtual machine (VM). In this post, we want to address scenarios where you have deployed Windows Admin Center on-premises, and you want to manage some Azure VMs. In this post, I am going to show you how you can manage Azure VMs with Windows Admin Center (WAC).

If you want to know more about Windows Admin Center in general, check out my blog post.

How to manage Azure IaaS VMs with your on-premises Windows Admin Center gateway

As mentioned before, you can also install a Windows Admin Center server running on Azure IaaS virtual machine, but more on that in another post. In this post, I will cover how you can connect to an Azure VM from your on-prem Windows Admin Center (WAC) installation. There are two ways you can connect from WAC to Azure VMs.

The first one would be using the public IP address of a virtual machine running in Azure. This would mean that you need to open the PowerShell remoting port in the network security group (NSG), to be able to connect. I wouldn’t recommend this scenario since this exposes your virtual machines to the public internet. However, if you want to know more about that solution, check out the Microsoft Docs.

What I wound recommend is that you use a VPN connection to connect to your Azure virtual network where your VM is running. However, I know that in a lot of cases, you might not have a Site-2-Site VPN connection to your Azure virtual network. To still be able to connect form Windows Admin Center to an Azure VM, you can use the Azure Network Adapter feature. The Azure Network Adapter will create a Point-2-Site VPN connection from your Windows Server to Azure. And we are going to use this feature on our WAC gateway, so the WAC gateway is able to reach the virtual machine in Azure.

Add Azure Network Adapter

Add Azure Network Adapter

First, you will need to add a new Azure Network Adapter. This can be done in the Network extension in Windows Admin Center. This will open up a wizard that will guide you through the setup and if needed also helps you to register WAC in Microsoft Azure.

Create Azure Network Adapter

Create Azure Network Adapter

The setup can take a while, depending on if you already have a VPN gateway in Azure or not. WAC will create all the necessary resources in Azure, and create the Point-to-Site VPN connection for you. Also, keep in mind that the VPN gateway is an additional resource and will have an additional cost.

Connect to an Azure Virtual network

Connect to an Azure Virtual network

Now you can add and connect to your virtual machine running in Azure, using the private IP address of the machine.

Connect Azure VMs with Windows Admin Center

Connect Azure VMs with Windows Admin Center

You add a server by directly entering the IP address or you can use the Add Azure Virtual Machine wizard, to discover the VM in your Azure subscription.

Add Azure VM in Windows Admin Center

Add Azure VM in Windows Admin Center

I hope this helps you to connect your Azure virtual machines security without exposing ports to the public internet. If you have a site-to-site VPN connection to your Azure virtual network, you can use this as well without the need of setting up Azure Network Adapter.

If you are interested in other Azure Hybrid services in Windows Admin Center, check out the following blog post including the video series: Configure Azure Hybrid Services in Windows Admin Center

Besides, you can also have a look at my other blog post about how to set up Azure hybrid cloud services.

If you want to download Windows Admin Center, check out the download page. If you have any questions, feel free to leave a comment.



VeeamON Virtual 2019

Experts Lounge at VeeamON Virtual 2019 Conference

I am happy to announce that I will be part of this year’s VeeamON Virtual Conference for Cloud Data Management. I will be part of the virtual expert’s lounge during the online event. As a Veeam Vanguard, this is a great opportunity and I am already looking forward to being part of this event. VeeamON Virtual will be on November 20, 2019, and you can find more information here.



Microsoft MVP Award 2018

Microsoft MVP 2018-2019 Cloud and Datacenter Management

I am proud to announce that I was awarded today by Microsoft, with the Microsoft Most Valuable Professional (MVP) Award for 2018-2019 in two major categories Cloud and Datacenter Management and Microsoft Azure. This is my 7th Microsoft MVP award since 2012, and I couldn’t be more excited about this one.

Dear

Thomas Maurer,

We’re once again pleased to present you with the 2018-2019 Microsoft Most Valuable Professional (MVP) award in recognition of your exceptional technical community leadership. We appreciate your outstanding contributions in the following technical communities during the past year:

 

·   Cloud and Datacenter Management

The Microsoft MVP award title is a huge honor and it stand for the contributions I have been doing in the IT community as an Microsoft expert for the past years. The Microsoft MVP award also comes with some benefits, like a NDA and access to the Microsoft Product Groups, as well as the yearly Microsoft MVP Global Summit on the Microsoft Campus in Redmond. But one of the biggest benefit overall is that it gives you the opportunity to speak at different conferences all over the world. This and having the chance to speak with people from all over the world, which share the same passion is priceless.

Who are MVPs?

Microsoft Most Valuable Professionals, or MVPs, are technology experts who passionately share their knowledge with the community. They are always on the “bleeding edge” and have an unstoppable urge to get their hands on new, exciting technologies. They have very deep knowledge of Microsoft products and services, while also being able to bring together diverse platforms, products and solutions, to solve real world problems. MVPs make up a global community of over 4,000 technical experts and community leaders across 90 countries and are driven by their passion, community spirit, and quest for knowledge. Above all and in addition to their amazing technical abilities, MVPs are always willing to help others – that’s what sets them apart.

 

Source https://mvp.microsoft.com/en-us/Overview

I need to thank many people which are helping me to achieve this and making the most out of it. I would like to thank my employer itnetX which is supporting me in the best possible way all these years, my current and former colleagues from which I can learn a lot, the Microsoft MVP community and of course Microsoft employees in Redmond and all over the world, to work with us and collect feedback. Last but definitely not least, I have to thank my girlfriend, which not only helps me out with many things, but also needs to be patient, with my extra work so many times. She is also one of my biggest and also most critical supporters. She helps me to understand things better, promote my activities better, fixing my blog post ;) and makes all the traveling more joyful.

If you want to know more about the Microsoft MVP Program, check out the Microsoft Most Valuable Professional website.



Windows Admin Center

Windows Admin Center – The Next Generation Windows Server Management Experience

Back in September Microsoft released Project Honolulu, which is the codename for a new Windows Server management experience. Today Microsoft announced the Windows Admin Center. Windows Admin Center is a flexible, locally deployed, browser-based management platform and tools to manage Windows Server locally and remote. Windows Admin Center (WAC) gives IT Admins full control over all aspects of their Server infrastructure and is particularly useful for management on private networks that are not connected to the Internet.

I had the chance to test and work with Windows Admin Center for a while in a private preview program. This allows me to test and work with WAC for quite some time.

Windows Admin Center is the modern evolution of the “in-box” management tools of Windows Server, like Server Manager, MMC, and many others. It is complementary to other Microsoft Management solutions such as System Center and Operations Management Suite. And as Microsoft clearly states, WAC is not designed to replace these products and services. WAC is a replacement for the local-only tools and is especially handy if you run Windows Server Core.

Windows Admin Center also became the management user interface for the Azure Stack HCI solutions.

Windows Admin Center Deployment Overview

(Picture for Microsoft)

You might remember the Azure Server Management Tools (SMT). SMT were management tools hosted in Azure and allowed you to manage your servers in the cloud and on-primes. A hosted services of Windows Admin Center. The feedback, however, was, that a lot of customers preferred an on-premise solution for their management experience. Microsoft took that feedback and created Windows Admin Center formally known as Project Honolulu.

Windows Admin Center Functionality

Windows Admin Center PowerShell

  • Simplified server management – WAC consolidates many distinct tools into one clean and simple web interface. Instead of switching between different tools, you can finally have everything in one place.
  • Illuminate your datacenter infrastructure – With WAC you can manage Windows Server 2016, 2012/2012 R2, Hyper-V Server 2012 and higher. WAC not only allows you to manage standalone servers but also complete solutions such a failover clusters, hyper-converged clusters based on Storage Spaces Direct and much more. And I am sure you can bet it will also support Windows Server 2019 when it arrives.
  • The tools you know, reimagined – Windows Admin Center provides the familiar core tools you have used in the past.
  • Manage Hyper-Converged Infrastructure –  WAC brings solutions to manage your Hyper-Converged systems. You get a single pane of glass to manage and operate your Storage Spaces Direct Clusters. You can quickly get an overview of resources, performance, health, and alerts.
  • Extend your on-prem environment with Azure Hybrid Services – Windows Admin Center lets you easily extend our on-premises environment, or an environment hosted on another cloud platform with Azure services.

Configure Azure Hybrid Services in Windows Admin Center Video Series

I have created a short video series which shows how to set up the Azure Hybrid services directly from Windows Admin Center. You can start with the intro here and then follow the different videos, and check out our overview blog about Configure Azure Hybrid Services in Windows Admin Center.

 

 

Windows Admin Center Management Experience

Windows Admin Center Solutions

WAC has different solutions which give you different functionality. In the technical preview, there are three solutions available, Server Manager, Failover Cluster Manager, and Hyper-Converged Cluster Manager.

Server Manager

The server manager lets you is kind of like the Server Manager you know from Windows Server, but it also replaces some local only tools like Network Management, Process, Device Manager, Certificate and User Management, Windows Update and so on. The Server Manager Solution also adds management of Virtual Machines, Virtual Switches, and Storage Replica.

Failover Cluster Manager

As you might think, this allows you to manage Failover Clusters.

Hyper-Converged Cluster Manager

The Hyper-Converged Cluster Manager is exciting if you are running Storage Spaces Direct clusters in a Hyper-Converged design, where Hyper-V Virtual Machines run on the same hosts. This allows you to do the management of the S2D cluster as well as some performance metrics.

WAC Deployment Options

Windows Admin Center Deployment

(Picture from Microsoft)

WAC can be deployed in several different ways, depending on your needs.

WAC Topology

Windows Admin Center On-Premise Architecture

Windows Admin Center leverages a three-tier architecture, a web server displaying web UI using HTML, a gateway service and the managed nodes. The web interface talks to the gateway service using REST APIs and the gateway connected to the managed nodes using WinRM and PowerShell remoting (Similar to the Azure Management Tools).

Windows Admin Center On-Premise and Public Cloud Architecture

You can access the Web UI from every machine running modern browsers like Microsoft Edge or Google Chrome. If you publish the webserver to the internet, you can also manage it remotely from everywhere. The installation and configuration of Windows Admin Center is straight forward and very simple.

The WAC Gateway Service can be installed on:

  • Windows Server 2016 (LTSC)
  • Windows Server, version 1709 (SAC)
  • and higher

You can manage the following operating systems

  • Windows Server 2012
  • Windows Server 2012 R2
  • Windows Server 2016 and higher

Identity Provider and RBAC

Windows Admin Center Azure Active Directroy

In Project Honolulu during the preview time, one of the missing pieces was the missing RBAC (Role-Based Access Control). Windows Admin Center now comes with RBAC so you can configure it for your needs. Also new is the possibility to use Azure Active Directory as an Identity Provider. In this case, you can use your Azure AD users and groups to access the Windows Admin Center.

Conclusion

In my opinion, Windows Admin Center provides us with the Windows Server management tools we were looking for. It helps us to manage our systems form a centralized, modern HTML5 web application and makes managing GUI-less servers easy.

I still think the Server Management Tools hosted in Azure were a better overall solution. Since we only needed to deploy a gateway in our datacenter and we could access and manage our systems from the Azure portal. However, a lot of customers didn’t like the dependency on the cloud, so the Windows Admin Center makes perfect sense as an on-premise solution with the option to extend the on-prem environment with Azure. The possibility to extend it with solutions and extensions from third parties makes it even better.

You can download Windows Admin Center here.



Project Honolulu Server Overview

Microsoft Project Honolulu – The new Windows Server Management Experience

Last week Microsoft introduced the world to Project Honolulu, which is the codename for a new Windows Server management experience. Project “Honolulu” is a flexible, locally-deployed, browser-based management platform and tools to manage Windows Server locally and remote.

Microsoft today launched the Hololulu Technical Preview for the world, I had the chance to already work with Microsoft during the last couple of months in a private preview. Project Honolulu helps you to managed your servers remotely as a new kind of Server Manager. This is especially handy if you run Windows Server Core, which I think is the new black, after Microsoft announced that Nano Server is only gonna live as a Container Image with the next version of Windows Server.

Project Honolulu took many features for the Azure Server Management Tools which were hosted in Azure, and allowed you to manage your servers in the cloud and on-premise. But the Feedback was simple, People wanted to install the Management expierence on-prem, without the dependency to Microsoft Azure. Microsoft listened to the feedback and delivered the with Project Honolulu a web-based management solution, which you can install on your own servers.

Honolulu Management Experience

Project Honolulu Server Overview

Project Honolulu has different solutions which give you different functionality. In the technical preview there are three solutions available, Server Manager, Failover Cluster Manager and Hyper-Converged Cluster Manager.

Server Manager

The server manager lets you is kind of like the Server Manager you know from Windows Server, but it also replaces some local only tools like Network Management, Process, Device Manger, Certificate and User Management, Windows Update and so on. The Server Manager Solution also adds management of Virtual Machines, Virtual Switches and Storage Replica.

Failover Cluster Manager

As you might think, this allows you to manage Failover Clusters.

Hyper-Converged Cluster Manager

The Hyper-Converged Cluster Manager is very interesting if you are running Storage Spaces Direct clusters in a Hyper-Converged design, where Hyper-V Virtual Machines run on the same hosts. This allows you to do management of the S2D cluster as well as some performance metrics.

Honolulu Topology

Project Honolulu On-Premise Architecture

Project Honolulu leverages a three-tier architecture, a web server displaying web UI using HTML, a gateway service and the managed nodes. The web interface talks to the gateway service using REST APIs and the gateway connected to the managed nodes using WinRM and PowerShell remoting (Similar like the Azure Management Tools).

Project Honolulu On-Premise and Public Cloud Architecture

You can basically access the Web UI from every machine running modern browsers like Microsoft Edge or Google Chrome. If you publish the webserver to the internet, you can also manage it remotely from everywhere. The installation and configuration of Project Honolulu is straight forward, but If you want to know more about the installation check out, my friend and Microsoft MVP colleague, Charbel Nemnom’s blog post about Project Honolulu.

Project Honolulu Gateways Service can be installed on:

  • Windows Server 2012 R2
  • Windows Server 2016

You can manage:

  • Windows Server 2012
  • Windows Server 2012 R2
  • Windows Server 2016 and higher

Conclusion

In my opinion Microsoft Project Honolulu provides us with the Windows Server Management Tool we need so much. It helps us to manage our servers from a centralized HTML5 web application, and really makes management of GUI less servers easy. Deployment and configuration is very easy and simple and doesn’t take a lot of effort, while drastically removing the need to locally logon to a server for management reasons. I hope with that we will see a higher deployment of Windows Server Core installations, since we don’t need the GUI on every single server anymore.

You can download the Project Honolulu Technical Preview here: Project Honolulu Technical Preview

You can give feedback to Project Honolulu here: User Voice Project Honolulu