#Azure Server Management Tools offers a set of web-GUI #tools to manage #AzureStack Servers #RSMT #ASMT   Leave a comment

Azure Server management tools is currently in preview. Any data collected by Server management tools will be stored in the US.!

As this is a preview you can play with this and it is Cool a nice web management. With the Management server you can manage your on premise AzureStack or Deploy a Template with SCVMM. or just turnoff al your domain controllers.  Oh ok I must re-think my security Policy.

As many Azure is External in some cases it is handled just like a server in a DMZ site. So “real dangerous” this is the Cloud directly connected to the WEB.

This DMZ is now turned and be able to manage your internal servers, what is some one has my azure account that has this gateway…. Well I think this is a cool new feature with a lot of new options. In fact I created a cluster in the Azure GUI but it is running on premises.   

Server management tools enables you to remotely manage machines running Windows Server 2016 Technical Preview. Currently, the tools offer the following capabilities:

  • View and change system configuration
  • View performance across various resources and manage processes and services
  • Manage devices attached to the server
  • View event logs
  • View the list of installed roles and features
  • Use a PowerShell console to manage and automate

The Server management tools connection is routed through a Server management tools gateway. When you create a new connection, you will have the opportunity to create a new gateway or select an existing gateway if one already exists in the same resource group. Click on Create to establish a connection to your Windows Server 2016 Technical Preview machine and start exploring the features available today.

Open your Azure management portal and search : Server management tools in the marketplace

image

Select the Server management tools and a new window opens with the network layout on how things are connected.

Image01

So Hit Create

image

The Create option opens a new menu with all kinds of options Name Subscription , Resourcegroup.

image

As this is my first server I create it all Fresh so no connections to other Resource Groups

image

Configuring a new Server management tools Gateway

If you are creating a new gateway, you will see the following status:

image

Click to open the Gateway Configuration page and read carefully and follow the directions to set up your on-premises machine or Azure VM as the gateway.

An Server management tools gateway is required to enable communication between the Microsoft Azure portal and your Windows Server 2016 machine. A gateway is typically deployed and configured on the same local network as the Windows Server machine(s) you wish to manage. The customized gateway deployment package below allows you to install the gateway software on a machine of your choice, and automatically configures the gateway profile to register with your Azure subscription. The deployment package must be run locally on the machine that you want to designate as the Server management tools gateway.

Steps to configure your gateway

image

Save the File on your Windows Server 2016

image

Use the generated link to download the gateway deployment package now, or copy the link URL to download the package later from the machine on which you intend to install the package.

  1. From the machine that you want to designate as the gateway, unzip the package and run GatewayService.MSI.

  2. Once the gateway installation completes, return to the Microsoft Azure portal and reopen your Server management tools connection.

  3. You should now be able to manage your Windows Server 2016 machine if the Microsoft Azure portal can reach it through the gateway.

image

The Extracted File is the installation file with the JSON config file.

A quick setup is needed on the Windows Server 2016.

imageimageimageimage

As you can see there is an extra Services running on the Windows Server 2016

image

When I do a Refresh in the Azure Resource Group.

image

The manage as command is there just go to the Manage As and fill in the server admin account to manage this server

 

image

Fill in the account I us a Local Account as in this scenario I’ll not jumping thru my domain. 

image

You have established a remote connection to your resource and are now able to perform management tasks on it through the Azure Portal.

image

Some errors here with no surprise My local Firewall and Remote management WINRM is not configured as the text below described.

Unable to connect to the server ‘mvpmgt01’: WinRM cannot process the request. The following error with errorcode 0x80090311 occurred while using Kerberos authentication: There are currently no logon servers available to service the logon request. Possible causes are: -The user name or password specified are invalid. -Kerberos is used when no authentication method and no user name are specified. -Kerberos accepts domain user names, but not local user names. -The Service Principal Name (SPN) for the remote computer name and port does not exist. -The client and remote computers are in different domains and there is no trust between the two domains. After checking for the above issues, try the following: -Check the Event Viewer for events related to authentication. -Change the authentication method; add the destination computer to the WinRM TrustedHosts configuration setting or use HTTPS transport. Note that computers in the TrustedHosts list might not be authenticated. -For more information about WinRM configuration, run the following command: winrm help config.

Managing Workgroup machines

In order to manage workgroup machines (e.g. non-domain-joined Nano Servers), run this command as an administrator on the Server management tools gateway machine:

This setting is different than in the guide in Azure

winrm set winrm/config/client’@{TrustedHosts="< NAME OR IP >"}’

When creating a Server management tools connection to the workgroup machine, use the machine’s IP address as the computer name.

Additional connectivity requirements

If you wish to connect using the local Administrator account, you will need to enable this policy on the target machine by running the following command in an administrator session on the target machine:

REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1

If you wish to connect to a workgroup machine which is not on the same subnet as the gateway, run the following command in an administrator session on the target machine:

NETSH advfirewall firewall add rule name="WinRM 5985" protocol=TCP dir=in localport=5985 action=allow

Now it is play time

image

image

As you can see you can manage the local server, there are more options like powershell and event viewer but this is not easy to use in the web-GUI

image

 

Happy Stacking

Robert Smit

Twitter: @clustermvp

Cloud and Datacenter MVP

Posted February 12, 2016 by Robert Smit [MVP] in Azure, AzureStack, Windows Server 2016

Tagged with

Azure Stack POCFabricInstaller failed because the following tasks failed: EnableRemotePS #AzureStack #Azure #MAS   Leave a comment

Currently I’m testing several MAS POC deployments. With this I deployed my Servers With VMM ready for MAS.

But there are some issues during the deployment.

POCFabricInstaller failed because the following tasks failed: EnableRemotePS

 

clip_image001

Winrm is configured / installer is full admin  so why ?

As the Azure Stack is running in verbose mode I get some info in a lot of log files

clip_image002

As the Deployment failed here

Microsoft Azure Stack POC Deployment
7 out of 124 task(s) completed
[ooooooo

Running
Microsoft Azure Stack POC Fabric Installer
Running Task(s): 1, Completed Task(s): 7, Total Tasks: 52
[ooooooooooooooo

 

So time to view the log files for the cause of this error. I know it is not the WinRM config

When checking the log files I find the following info :

 

System.Management.Automation.RemoteException
Cannot stop service ‘Windows Remote Management (WS-Management) (WinRM)’
because it has dependent services. It can only be stopped if the Force flag is
set.
Job fail due state: Failed

 

So some dependency is stopping my WinRM service.  when looking at the Service and dependencies I saw this :

 

clip_image005

ah the VMM agent is causing this error during the Azure Stack deployment.

VERBOSE: Importing function ‘Start-AzureStackDeploymentScheduledTask’.
Report-Progress : The Microsoft Azure Stack POC deployment failed.
Start-PocFabricInstallerTasks : POCFabricInstaller failed because the
following tasks failed: EnableRemotePS
At C:\ProgramData\Microsoft\AzureStack\Deployment\RunAzureStackDeploymentTask.p
s1:158 char:19
+ … $result = & "Start-$moduleName`Tasks" -StatusUpdatedCallback {
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorExcep
tion
+ FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorExceptio
n,Start-PocFabricInstallerTasks

At C:\ProgramData\Microsoft\AzureStack\Deployment\Get-AzureStackDeploymentStatus.ps1:107 char:15
+ $Result = Report-Progress($status)
+ ~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException
+ FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Report-Progress

clip_image004

Uninstalling the VMM agent and kicked the Azure Stack deployment PowerShell script again and it worked smoothly

clip_image006

The Logs Can be found here :

C:\ProgramData\Microsoft\AzureStack\Logs\AzureStackFabricInstaller

Happy Stacking

Robert Smit

Twitter: @clustermvp

Cloud and Datacenter MVP ( Expertise:  High Available )

Posted February 3, 2016 by Robert Smit [MVP] in AzureStack

Tagged with

Azure Stack deployment tweaking #azurestack #azure #deployment   Leave a comment

After posting my former blog I got some questions on how to deploy the Stack and where to tweak this.

Well it is easy if you know the PDT kit.

Basically if you extracted the files you will have this folder

image

 

in the MicrosoftAzureStackPOC.vhdx are all the scripts during the deployment this disk will be mounted as source So changing files you will need to mount this disk and edit the files before you do the deployment.

 image

First let us edit the Disk types. To make sure in this example the script will work I do only a find / replace no code added. ( you can )

After mounting the disk we edit the Invoke-AzureStackDeploymentPrecheck.ps1 file

image

in this case I added the “ file backed Virtual” for using local VHD files.

image

Or change the Memory check set this to 32 GB if you want or to 8 <> Remember this is only to pass the validation changing this could fail the installation.

image

Or if one Nic is no option in your config.

image

That’s All

now in the E:\AzureStackInstaller\PoCFabricInstaller folder there is the PoCFabricSettings.xml

 

image

In this PoCFabricSettings.xml are all the settings CPU / Memory / Naming you can all change this here but remember it could fail you installation handle with care.

image

I must say the scripts are great but not a lot of flexibility it takes some testing just to make sure it all worked. I played on a HP blade G9 with SSD’s so running the setup doesn’t take that long but still playing with this kills the day. there is no 10 minute fix troubleshooting takes time.

checkout this forum link to support others.

https://social.msdn.microsoft.com/Forums/azure/en-US/home?forum=AzureStack

 

Happy Stacking

Robert Smit

Twitter: @clustermvp

Cloud and Datacenter MVP ( Expertise:  High Available )

Posted February 2, 2016 by Robert Smit [MVP] in AzureStack

Tagged with

First Errors in Azure Stack Deployment #MAS #AzureStack #Azure #MASCUG Microsoft Azure Stack POC is ready to deploy   Leave a comment

Playing with the AzureStack deployment is no picknick there is a Pre-check but you must have the perfect machine to deploy the Azure Stack Bits. So I tweaked the scripts a bit. this is the logical architecture of the Azure Stack POC and its components. all running on a single Hyper-v host.

But even then something can go wrong. As shown below some errors are highlighted.

Check disks failed. At least 3 disks of the same bus type (RAID/SAS/SATA) and with CanPool attribute equals true are
required.   ( I added some other Storage also )

Cannot bind argument to parameter ‘PackagePath’ because it is an empty string  ( used a variable setting before running the script )

image

Welcome to the Microsoft Azure Stack POC Deployment!
There are several prerequisites checks to verify that your machine meets all the minimum requirements for deploying Microsoft A
zure Stack POC.
All of the prerequisite checks passed.
Please enter the password for the built-in administrator. The password must meet the Azure Active Directory password complexity
requirements.
Password: **********
Confirm password: **********
Setup system admin account
Please sign in to your Azure account in the Microsoft Azure sign in window.
Press any key to continue …

 

image

But after Concurring All the Pre-Requirements you are ready to go Or not ?

During the Deployment I had this error :  Method "NewTriggerByStartup" not found
This seams an updated Powershell module is in place and I have a bug in my build. After some digging in the Powershell modules I managed to fix this.

image

Microsoft Azure Stack POC is ready to deploy. Continue?
[Y] Yes  [N] No  [S] Suspend  [?] Help (default is "Y"): y
New-ScheduledTaskTrigger : Method "NewTriggerByStartup" not found
At F:\AzureStackInstaller\PoCDeployment\AzureStackDeploymentScheduledTask.psm1:27 char:16
+     $trigger = New-ScheduledTaskTrigger -AtStartup
+                ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (PS_ScheduledTask:Root/Microsoft/…S_ScheduledTask) [New-ScheduledTaskTrigger]
   , CimException
    + FullyQualifiedErrorId : HRESULT 0x80041002,New-ScheduledTaskTrigger

 

The real fix is this mofcomp C:\Windows\System32\wbem\SchedProv.mof

and after Some digging I find already a uservoice post on this issue. So vote for this

image

I must say the scripts are awesome lots of handy stuff in there.  I did the Next Next Finish setup to see what I could expect and how to Build this in a not default environment. SO no single server.

That’s All For now.

Greetings,

Robert Smit

Twitter: @clustermvp

Cloud and Datacenter MVP ( Expertise:  High Available )

Posted February 1, 2016 by Robert Smit [MVP] in AzureStack

Tagged with ,

Windows Server cluster issues moving cluster resources cno object is gone #winserv #cluster #cloud #fail #cno #migrate   Leave a comment

Suppose you have a nice cluster and one day your fellow IT guys comes and say he lets move all the Cluster Resources to a specific cluster node.

This seams a normal step but wait there is more there is also a Cluster resource that needs to be moved. “The CNO object”

image

The Cluster Resources up and running

image

Always hard to find where to move the cluster resource components. but it is Labeled “Move Core Cluster Resource”  easy

image

But what if my IT guy can’t find this option ? mmm in a normal roll you can do “ assign to another role” this sounds ok move the CNO to another role. eh ?? why is this in there ? well it is there so let me use this option and see what happened.

So let me move this CNO to node 2.

image

Done het Joe I’m ready all the resources are to node 2.

image

All fine all the resources are over. ok let me failover to the other node. And place this back to the original place. Well this sounds easy but where are all the options.

 

imageimage

Eh.. what ? let me reboot the server and the cluster, checking for updates…. call for help..

The Cloud IT pro comes back and looks at the CCR objects Gone but the cluster is still running and tons of Scom errors Cluster is down CNO etc

 image Ok but where are my Cluster objects ?

Let me do some PowerShell 

Get-ClusterGroup

image

Oh ok all the Resources are there and up. but why can’t I move the resource back in the GUI ? well I guess Microsoft keep you away from the Cluster Core Resources maybe you will break the cluster.

image

Now that we have the Cluster Resource groups and cluster Groups we can move back the CNO object to the right place.

$CLU=get-cluster
Move-ClusterResource -Cluster $clu  -Name "Cluster IP Address" -Group "Cluster Group"

image

The Cluster objects need to be online!! Else you get an error. just bring the resources online and try again.

image

So next time don’t move the CNO object to a Cluster Resource.  And this is why there are Cluster Admins Winking smile

 

 

Greetings,

Robert Smit

Twitter: @clustermvp

Cloud and Datacenter MVP ( Expertise:  High Available )

Posted January 25, 2016 by Robert Smit [MVP] in Windows Server 2016

Tagged with

Azure StorSimple Manager the on-premises StorSimple Virtual Array image #storsimple #azure #cloud #backup #msft #MVP   Leave a comment

 

The new StorSimple 8000 series hybrid storage arrays are the most powerful StorSimple systems ever and have even tighter integration with Azure, including two new Azure-based capabilities to enable new use cases and centralize data management.

The on-premises StorSimple Virtual Array, for all customers with an Enterprise Agreement for Microsoft Azure. The StorSimple Virtual Array is a version of the StorSimple solution in a virtual machine form installed on your existing hypervisors. The virtual array is built on the success of previous StorSimple technology using a hybrid cloud storage approach for on-demand capacity scaling in the cloud and cloud-based data protection and disaster recovery.

The virtual array can be run as a virtual machine on your Hyper-V or VMware ESXi hypervisors and can be configured as a File Server (NAS) or as an iSCSI server. The hybrid approach is to store the most used data (hottest) local on the virtual array and (optionally) tiering older stale data to Azure. The virtual array also provides the ability to back up the data to Azure in addition to having a quick disaster recovery (DR) capability.

Architecture

The Virtual Array is now also available  on-premise lets see to to configure this and how to play with this.

The virtual array can be run as a virtual machine on your Hyper-V or VMware ESXi hypervisors and can be configured as a File Server (NAS) or as an iSCSI server. The hybrid approach is to store the most used data (hottest) local on the virtual array and (optionally) tiering older stale data to Azure. The virtual array also provides the ability to back up the data to Azure in addition to having a quick disaster recovery (DR) capability.

Each virtual array can manage up to 64 TB of data in the cloud. Virtual arrays, in different branch and remote offices across geographies, can be managed from a central StorSimple management portal in Azure.

image

Your StorSimple Manager has been created!

Download on-premises virtual device image

Image for Hyper-V 2008 R2 and above

 

Now that we have the Image we create a VM on my Hyper-V server

image

You must make sure that the underlying hardware (host system) on which you are creating the virtual device is able to dedicate the following resources to your virtual device:

  • A minimum of 4 cores.
  • At least 8 GB of RAM.
  • One network interface.
  • A 500 GB virtual disk for system data.

image

Logon with the default password

image

The auto config is shown and to manage the device go to the local IP

image

in this case https://YourIP

image

Now that we are connected to the device we need to configure the device with the 5 steps.

image

The on premise device needs to be registered in the Azure portal. In the Azure portal is the registration ID and this ID needs to be copied in the Device.

image

In the local web browser you can copy the registration ID

image

To get the other key go to the devices in Azure and get the Key at the bottom is the second key if this is your first device in this subscription.

 

image

 

image

Placing the Keys and register the device it will do a reboot and you have your own Storsimple.

If this is the first device that you are registering with your StorSimple Manager service, a Service data encryption key will appear. Copy this key and save it in a safe location. This key will be required with the service registration key to register additional devices with the StorSimple Manager service. If this is not the first device that you are registering with this service, then you will need to provide the service data encryption key (that you saved during the registration of the first device).

 

image

 

My device is configured and domain joined

image

Going to the Azure portal you can see the on premise device.

image

With just a few more steps we have the appliance ready for use, just drill in to the device and the two steps are there to guide you.

 

image

 

imageimage

Specify a storage account to be used with your device. You can select an existing storage account in this subscription from the dropdown list or specify Add more to choose an account from a different subscription.
Define the encryption settings for all the data that will be sent to the cloud. To encrypt your data, check the combo box to enable cloud storage encryption key.

Enter a cloud storage encryption that contains 32 characters.  Keep in mind if you loose this key there is no way that you can access this backup again. Not even microsoft is gona fix this!

image

image

 

The next step is add a share to the device

 

image

 

Select a usage type for the share.

The usage type can be Tiered or Locally pinned, with tiered being the default. For workloads that require local guarantees, low latencies, and higher performance, select a Locally pinned share. For all other data, select a Tiered share.

A locally pinned share is thickly provisioned and ensures that the primary data on the share stays local to the device and does not spill to the cloud.

A tiered share on the other hand is thinly provisioned and can be created very quickly. When you create a tiered share, 10% of the space is provisioned on the local tier and 90% of the space is provisioned in the cloud. For instance, if you provisioned a 1 TB volume, 100 GB would reside in the local space and 900 GB would be used in the cloud when the data tiers.

This in turn implies that if you run out of all the local space on the device, you cannot provision a tiered share.

Specify the provisioned capacity for your share. Note that the specified capacity should be smaller than the available capacity. If using a tiered share, the share size should be between 500 GB and 20 TB. For a locally pinned share, specify a share size between 50 GB and 2 TB. Use the available capacity as a guide to provision a share. If the available local capacity is 0 GB, then you will not be allowed to provision local or tiered shares.

imageimage

During this creation I had some errors so I did create a Second device with More Storage Winking smile

The thing was the Disk would not come online. so I did do some testing and playing but at the end I got tons of Ideas on what if but for this… #fubar.

image

So I created several shares on the Device

 

imageimage

 

Testing the shares in my domain and yes it is working.

 

imageimage

A quick overview of my shares from the file server. You can also build your Storsimple ISCSI device

 

image

A quick overview of the two storsimple devices

image

In the Azure storsimple Maintenance tab you can scan the device for a software update. this comes in two phases download and installing 

Update downloading

imageimageimage

Now that the updates are downloaded we can update the device

imageimage

If anything goes wrong you can access the diagnostic logs from the local device

 

image image

all windows and storsimple logs are there in just one zip file.

image

Think we can create new options to get the most out of Azure. Suppose I add this in Azure Pack #wapack or add this in the Azure stack #mas.

Stay tuned I’ll show you as the Azure playground gets better more Azure credits are spend in this environment.

I’ll do some troubleshooting/performance testing the next blogs staytuned

Greetings,

Robert Smit

Cloud and Datacenter MVP ( Expertise:  High Available )

Posted January 11, 2016 by Robert Smit [MVP] in StorSimple

Tagged with

Update hyper-converged in Microsoft Azure Performance testing   Leave a comment

As an update on the previous blog post on Using Windows Storage Spaces direct with hyper converged in Microsoft Azure with Windows Server 2016

I did only test the performance on Read and not on write.

image

and the disk that I created are all with no host cache so we need to change this for all the 80 disk in the VM as currently I have a max of 10K write IOPS.

So there is a limit on 4 disks to set the Cache.!

image

 

image

 

With this I set on all the 5 nodes 4 disk with cache

image

But after some testing the results are basically the same

but the write latency’s are way to high to get optimal results that is with standard disk and with read-write cache

image But it all depends on what test dis I run and how deep it the test going. block size

image 

After lots of runs and I got great results from the read but not much more write IOPS than 15K Only on the local D drive (SSD) I got 35K IOPS on write Winking smile

Conclusion when building Storage Spaces and you do not only need fast read but  also fast write you better create different pools and when using Azure use the local disk for write or use premium disk currently My Azure credits are gone but my next test will be same config but then with a Premium SSD disk.

Posted January 9, 2016 by Robert Smit [MVP] in Azure

Tagged with

  • Twitter

  • Follow

    Get every new post delivered to your Inbox.

    Join 1,866 other followers

    %d bloggers like this: