Tag: Microsoft Azure

Azure Stack Hub Partner Solutions Series - Datacom

Azure Stack Hub Partner Solutions Series – Datacom

Together with the Azure Stack Hub team, we are starting a journey to explore the ways our customers and partners use, deploy, manage, and build solutions on the Azure Stack Hub platform. Together with the Tiberiu Radu (Azure Stack Hub PM @rctibi), we created a new Azure Stack Hub Partner solution video series to show how our customers and partners use Azure Stack Hub in their Hybrid Cloud environment. In this series, as we will meet customers that are deploying Azure Stack Hub for their own internal departments, partners that run managed services on behalf of their customers, and a wide range of in-between as we look at how our various partners are using Azure Stack Hub to bring the power of the cloud on-premises.

Datacom is an Azure Stack Hub partner that provides both multi-tenant environments, as well as dedicated ones. They focus on providing value to their customers and meeting them where they are by providing managed services as well as complete solutions. Datacom focuses on a number of customers ranging from large government agencies as well as enterprise customers. Join the Datacom team as we explore how they provide value and solve customer issues using Azure and Azure Stack Hub.

Links mentioned through the video:

I hope this video was helpful and you enjoyed watching it. If you have any questions, feel free to leave a comment below. If you want to learn more about the Microsoft Azure Stack portfolio, check out my blog post.



Azure Automatic VM Guest OS Patching

How to configure Azure Automatic VM guest OS patching

If you want to keep your Azure virtual machines (VMs) up-to-date, then there is a service called Azure Update Management, which helps you to manage updates on your Azure VM guest operating system. However, this needed some additional planning and configuration. To make patching of your Azure virtual machines (VMs) easier, there is a new option called Automatic VM guest patching, which helps ease update management by safely and automatically patching virtual machines to maintain security compliance.

Automatic VM guest patching is now available in public preview for Windows virtual machines on Azure.

With Azure automatic VM guest patching enabled, the VM is assessed periodically to check for available operating system patches for that Azure VM. Updates classified as ‘Critical’ or ‘Security’ are automatically downloaded and installed on the VM during off-peak hours. This patch orchestration is managed and handled by Azure and patches are applied following availability-first principles.

In a nutshell, Azure automatic VM guest patching has the following capabilities:

  • Patches classified as Critical or Security are automatically downloaded and applied on the VM.
  • Patches are applied during off-peak hours in the VM’s time zone.
  • Patch orchestration is managed by Azure and patches are applied following availability-first principles.
  • Virtual machine health, as determined through platform health signals, is monitored to detect patching failures.
  • Works for all VM sizes.

Patches are installed within 30 days of the monthly Windows Update release, following availability-first orchestration described below. Patches are installed only during off-peak hours for the VM, depending on the time zone of the VM. The VM must be running during the off-peak hours for patches to be automatically installed. If a VM is powered off during a periodic assessment, the VM will be automatically assessed and applicable patches will be installed automatically during the next periodic assessment when the VM is powered on.

You can find more information on Azure automatic VM guest patching on Microsoft Docs.

How to enable Azure Automatic VM guest OS patching

To enable Azure automatic VM guest OS (operating system) patching, we currently have a couple of requirements.

  • Currently, only Windows VMs are supported (Preview). Currently, Windows Server 2012 R2, 2016, 2019 Datacenter SKUs are supported. (and more are added periodically).
  • Only VMs created from certain OS platform images are currently supported in the preview. Which means custom images are currently not supported in the preview.
  • The virtual machine must have the Azure VM Agent installed.
  • The Windows Update service must be running on the virtual machine.
  • The virtual machine must be able to access Windows Update endpoints. If your virtual machine is configured to use Windows Server Update Services (WSUS), the relevant WSUS server endpoints must be accessible.
  • Use Compute API version 2020-06-01 or higher.

These requirements might change in the future during the preview phase (for the current requirements check out Microsoft Docs).

During the preview, this feature requires a one-time opt-in for the feature InGuestAutoPatchVMPreview per subscription. You can run the following Azure PowerShell or Azure CLI command.

Azure PowerShell:

# Register AzProvider
Register-AzProviderFeature -FeatureName InGuestAutoPatchVMPreview -ProviderNamespace Microsoft.Compute
 
# Check the registration status
Get-AzProviderFeature -FeatureName InGuestAutoPatchVMPreview -ProviderNamespace Microsoft.Compute
 
# Once the feature is registered for your subscription, complete the opt-in process by changing the Compute resource provider.
Register-AzResourceProvider -ProviderNamespace Microsoft.Compute

Now you can enable automatic VM guest patching for your Azure virtual machines within that subscription. To do that you can currently use the REST API, Azure PowerShell, or the Azure CLI.

With Azure CLI, you can use the az vm get-instance-view .

az vm update --resource-group test-autopatch-rg--name azwinvm01 --set osProfile.windowsConfiguration.enableAutomaticUpdates=true osProfile.windowsConfiguration.patchSettings.patchMode=AutomaticByPlatform

You can see that there are two important parameters for this cmdlet. First the -enableAutoUpdate and secondly the -PatchMode. There are currently three different patch orchestration modes you can configure.

AutomaticByPlatform

  • This mode enables automatic VM guest patching for the Windows virtual machine and subsequent patch installation is orchestrated by Azure.
  • Setting this mode also disables the native Automatic Updates on the Windows virtual machine to avoid duplication.
  • This mode is only supported for VMs that are created using the supported OS platform images above.

AutomaticByOS

  • This mode enables Automatic Updates on the Windows virtual machine, and patches are installed on the VM through Automatic Updates.
  • This mode is set by default if no other patch mode is specified.

Manual

  • This mode disables Automatic Updates on the Windows virtual machine.
  • This mode should be set when using custom patching solutions.

If you need more control, I recommend that you have a look at Azure Update Management, which is already publicly available and also supports Windows and Linux servers running in Azure or on-premises.

To verify whether automatic VM guest patching has completed and the patching extension is installed on the VM, you can review the VM’s instance view.

az vm get-instance-view --resource-group test-autopatch-rg --name azwinvm01

This will show you the following result:

Azure Automatic VM Guest OS Patching Status

Azure Automatic VM Guest OS Patching Status

You can also create the patch assessment on-demand.

Invoke-AzVmPatchAssessment -ResourceGroupName "myResourceGroup" -VMName "myVM"

I hope this provides you with an overview of the new Azure automatic VM guest patching feature. If you want to have some advanced capabilities to manage updates for your Azure VMs and even your servers running on-premises, check out Azure Update Management. This will provide you with some advanced settings and your own maintenance schedules. If you have any questions, feel free to leave a comment.



Azure Stack Hub Partner Solutions Series – Eversource

Azure Stack Hub Partner Solutions Series – Eversource

Together with the Azure Stack Hub team, we are starting a journey to explore the ways our customers and partners use, deploy, manage, and build solutions on the Azure Stack Hub platform. Together with the Tiberiu Radu (Azure Stack Hub PM @rctibi) and myself (Azure Cloud Advocate @ThomasMaurer), we created a new Azure Stack Hub Partner solution video series to show how our customers and partners use Azure Stack Hub in their Hybrid Cloud environment. In this series, as we will meet customers that are deploying Azure Stack Hub for their own internal departments, partners that run managed services on behalf of their customers, and a wide range of in-between as we look at how our various partners are using Azure Stack Hub to bring the power of the cloud on-premises.

Today, I want you to introduce you to Azure Stack Hub Partner Eversource. We start the are Azure Stack Hub Partner Solutions Series with a customer solution that is built across Azure and Azure Stack Hub, creating a consistent operational model and simplifying the deployment of workloads. Eversource Energy started their journey in Azure and needed an option to answer their regulated workloads, that need to be on-premises. See how their journey started and where they are today.

You can also watch the full video on Microsoft Channel 9.

Links mentioned through the video:

I hope this video was helpful and you enjoyed watching it. If you have any questions, feel free to leave a comment below. If you want to learn more about the Microsoft Azure Stack portfolio, check out my blog post.



Learn about Windows Server Hybrid and Azure IaaS VMs

Learn Windows Server Hybrid and Azure IaaS VMs

A couple of weeks back I promoted a post about how you can learn about Windows Server on Azure and a post on ITOpsTalk for New Microsoft Learn Modules for Azure and Windows Server IT Pros. This week I got another message by colleague Orin Thomas (Cloud Advocate and Author of the Windows Server 2019 Book), that a lot more Microsoft Learn modules have been published, covering Windows Server Hybrid and Windows Server on Azure IaaS VMs (Infrastructure-as-a-Service).

Learn about Windows Server Hybrid and Windows Server Azure IaaS VMs 🎓

Here is a full list of Microsoft Learn modules to learn about Windows Server Hybrid and Windows Server Azure IaaS VMs (virtual machines). This includes many of the Azure Hybrid Cloud services you can use together with Azure, like Azure Arc, Azure File Sync, Azure Site Recovery, and many more. These Microsoft Learn modules also cover a lot of the Azure Management services to manage your Windows Server virtual machines running on Azure, like Azure Monitor, Azure Update Management, networking, and much more.

I hope you enjoy the new Microsoft Learn modules for Windows Server Hybrid and Windows Server on Azure IaaS. If you have any questions feel free to leave a comment below. If you are looking forward to take some exams, also check out my Microsoft exam study guides, for example for:

Happy Learning!



Azure Architecture Best Practices Virtual Event

Azure Architecture Best Practices Virtual Event – October 20

As you might remember we did an Azure Architecture Best Practices Virtual Event back in August 2020. Since we got very high demand and great feedback, we decided to do a second event on October 20. So, I am happy to let you know about another free online event where I am presenting together with Microsoft Cloud Solution Architect, Dominik Zemp, about Azure Architecture Best Practices. This free virtual event will be on October 20 from 9:30am-12:00pm (CEST). In this session, you will learn about proven guidance that’s designed to help you, architect, create and implement the business and technology strategies necessary for your organization to succeed in the cloud. It provides best practices, documentation, and tools that cloud architects, IT professionals, and business decision-makers need to successfully achieve their short- and long-term objectives. We will be focusing on topics like the Cloud Adoption Framework and the new Enterprise-Scale landing zone architecture.

Azure Architecture Best Practices Virtual Event Agenda:

  • Introduction
  • Why Azure Architecture?
  • Introduction to the Cloud Adoption Framework
  • What is Enterprise-Scale?
    • Build landing zones with Enterprise-Scale
    • Critical design areas
    • Deployment using AzOps
    • Demo
  • Build on top of Enterprise-Scale – Well-Architected Framework for workloads and apps
  • Q&A

You can register for the event here: Microsoft Virtual Live Event

About the Speakers:

Dominik Zemp (Microsoft Cloud Solution Architect)

Dominik Zemp is a Cloud Solution Architect working with Global Swiss financial customers and has been working at Microsoft since 2008. Before Dominik changed role in late 2015, he worked as a Security and Identity Consultant in the Microsoft Services organization. Dominik’s focus areas are applications and infrastructure, including cloud-native applications, networking, and security. Dominik holds a Bachelor’s degree in IT with a Specialization in software systems.

Thomas Maurer (Microsoft Senior Cloud Advocate)

Thomas works as a Senior Cloud Advocate at Microsoft. He engages with the community and customers around the world to share his knowledge and collect feedback to improve the Azure cloud platform. Prior to joining the Azure engineering team (Cloud + AI), Thomas was a Lead Architect and Microsoft MVP, to help architect, implement and promote Microsoft cloud technology. If you want to know more about Thomas, check out his blog: www.thomasmaurer.ch and Twitter: www.twitter.com/thomasmaurer

I am really looking forward to the second Azure Architecture Best Practices virtual event, and I hope to see you there!

AZ-304 Study Guide Azure Architect Design Exam Study Guide

AZ-304 Study Guide Azure Architect Design Exam Study Guide

Also, check out my exam study guides to achieve the Microsoft Azure Solutions Architect Certification:



Filter for Azure VMs and Azure Arc Machines

Inventory for Azure Arc enabled Servers

Azure Arc for Servers allows you to manage servers running in your on-premises location, at the edge, or in a multi-cloud environment directly from the Azure portal. There are many features available to manage these hybrid Azure Arc enabled servers, like Log Analytics or Azure Arc Machine extensions. However, one of the basic features of Azure Arc enabled Servers, is that you can now get an inventory and overview of all your servers. This allows you to see and manage your Azure Arc enabled servers next to your Azure resources.

Inventory for Azure Arc enabled Servers and Azure VMs

Inventory for Azure Arc enabled Servers and Azure VMs.

You can see that your Azure Arc enabled servers show up as Azure resources. You can use the filter to limit the view to only Azure virtual machines (VMs), and Azure Arc enabled servers.



Azure Stack Hub Partner Solutions Video Series

The Azure Stack Hub Partner Solutions Video Series

This week Tiberiu Radu (Microsoft Program Manager) and I had the chance to launch the Azure Stack Hub Partner Solutions video series. Azure Stack Hub is part of the Azure Stack portfolio, and has led the way for Microsoft’s Hybrid cloud offerings and partners have joined us to enhance the hybrid cloud journey of our customers. These partners and customers have built solutions that leverage Azure Stack Hub as part of their hybrid cloud strategy. In this video series, we explore the ways our customers and partners use, deploy, manage, and build solutions on the Azure Stack Hub platform.

Join Thomas Maurer (@ThomasMaurer) and Tiberiu Radu (@rctibi) in  this series, as we will meet customers that are deploying Azure Stack Hub for their own internal departments, partners that run managed services on behalf of their customers, and a wide range of in-between as we look at how our various partners are using Azure Stack Hub to bring the power of the cloud on-premises.

You can find more information check out Tiberiu’s blog post on Tech Community, and you can check out the first three videos:

Through August, we have quite a few partner videos following, and we will update this thread, as well as announce them on our Twitter feeds (#AzStackPartners) – follow us in this journey as we explore the partner solutions built on Azure Stack Hub!

If you want to learn more about Azure Stack and Azure Stack Hub, check out the following links:

I hope you enjoyed the blog and the videos, if you have any questions, let me know in the comments.