Archive for the ‘Microsoft Azure’ Category

Microsoft Azure Virtual Machine Readiness Assessment #azure #cloud   1 comment

Microsoft Azure Virtual Machine Readiness Assessments for Active Directory, SharePoint Server and SQL Server. Also available on Windows Azure Portal here: http://www.windowsazure.com/en-us/downloads/vm-readiness-assessment

Automated Assessment

  • This tool will provide a high level checklist and a detailed report.
  • The checklist outlines areas which are ready to move and areas which may need additional configuration or design changes.
  • The detailed report offers expert guidance and advice tailored to your environment.
Expert Advice
  • Your report shows areas that are ready to move and areas that need additional configuration or design changes.
  • Click into each area to get expert guidance and advice tailored to your specific situation.

 

The installation is real easy but I noticed that the discovery is not always working. In my case I did run this on the SQL server.

 

image

When the Installer is finished I ran the Assessment toolkit.

image

In this case I used SQL server the method is the same only the result is different.

 

imageimage

Two easy steps with some questions and basically there is no right and wrong ( I checked unsure )

 

image

Yes it is not the MAP toolkit just one server at the time.

Windows  Microsoft Assessment and Planning Toolkit

The Microsoft Assessment and Planning Toolkit makes it easy to assess your current IT infrastructure for a variety of technology migration projects. This Solution Accelerator provides a powerful inventory, assessment, and reporting tool to simplify the migration planning process.

image

after a little coffee break the scan is done and the report is ready. You can save and edit this as it is a Word file.

 

 

image

As I did the Next Next method I need some planning when I migrate this SQL server to Azure.

the report is in detail and 62 pages long. It could be handy if you don’t know anything about this server.

image

But if you want to test the migration and already running VMM and have a S2S VPN to Azure read my other blog post.

https://robertsmit.wordpress.com/2014/08/27/azure-site-recovery-service-asrs-hyper-v-to-azure-recovery-mvpbuzz/

Advertisements

Posted September 12, 2014 by Robert Smit [MVP] in Microsoft Azure

Tagged with

Azure Site Recovery Service #ASR #Hyper-v to #Azure #Recovery #mvpbuzz   8 comments

Azure Site Recovery can help you protect important services by coordinating the automated replication and recovery of System Center private clouds at a secondary location. The ongoing asynchronous replication of each VM is provided by Windows Server 2012 Hyper-V Replica and is monitored and coordinated by Azure Site Recovery. In the event of a site outage at the primary datacenter, VMs can be brought up in an orchestrated fashion to help restore service quickly. This process can also be used for testing recovery, or temporarily transferring services.

Now you can replicate virtual machines from your primary site directly to Azure, instead of your own secondary site. In the event of an outage at the primary site, the service orchestrates the recovery of virtual machines in Azure.

As there is already Azure Recovery manager using Azure to protect you VM between two VMM Servers. and now there is in a preview a new option Failover to Azure.

This is a great new option and will open the door to new options for your private cloud.

You can use Azure Site Recovery in the following scenarios:

  • On-premises to cloud: Replicate Hyper-V virtual machines on a source VMM server or cluster to another VMM server or cluster located in the same datacenter or in a different site. You can also replicate between clouds on a single physical or virtual VMM server.
  • On-premises to cloud: Replicate Hyper-V virtual machines on a source VMM server or cluster to Azure storage.

In this step by step I show you what steps to take for a working situation.

We need a VMM Server and An Azure Account with the Site Recovery Preview.

Azure Site Recovery - on-premises to Azure

When opening the ASR ( azure Site Recovery ) We can select the recovery option. Lets pick hyper-v to Azure Recovery.

image

If you do not have a Certificate in place already below is the line to create a Self signed certificate.

This Certificate us needed to talk to and from the VMM Server to Azure.

makecert.exe -r -pe -n CN=Certmvpvmm12 -ss my –sr localmachine -eku 1.3.6.1.5.5.7.3.2 -len 2048 -e 01/01/2016 c:\Certmvpvmm12.cer

Azure Site Recovery - on-premises to Azure

Now that we have created the Certificate We import this in the Azure portal , On manage Certificate we can import the Cer file

image

Import the Cer file

Azure Site Recovery - on-premises to Azure

I already did the Hyper-v vs Hyper-v See my blog post.

https://robertsmit.wordpress.com/2013/06/12/windowsazure-hyper-v-recovery-manager-azure-hyperv-recovery-msteched-tee13-draas/

but now we pick Hyper-v to Azure. In the Dashboard step 2 there is a link for downloading the Recovery Provider for VMM

Download Microsoft Azure Site Recovery Provider and install it on VMM servers

image

We are installing this on the VMM Server!

image

After downloading we kick the setup and as we do not read all the text, I need to stop the VMM services!

image

So there is downtime keep this in mind VMM can also takedown your Windows Azure Pack

imageimage

The setup does not need many words it is a basic next next finish setup.

imageimage

However we need to use the certificate that we created and imported in Azure in the first step. I have already multiple Certs in my VMM I just need to pick the right one. So naming convention is important!

image

After Selecting the Key we need a vault key ! this key is in Azure generated and can be copied from azure to the VMM server.

In the Azure portal in Step 1 there is a line get your vault key

image

We copy the Key and past the key in the setup an Next.

image

I pick enable encryption just to make sure I do have a secure line.

image

Pick the VMM server name in FQDN

imageimage

And your VMM server is ready make sure the services is started again.

The next step would be install the Microsoft Azure Recovery Services Agent on your Hyper-v Server

You can download this in step 3

Download the Microsoft Azure Recovery Services Agent, and install it on Hyper-V host servers.

image

The installation is just a quick install no screens to capture or things to do.

The next step is Configure a cloud that needs the protection Selecting the Vault and the Protection name as you can see the current status is not configured

image

Select Configure Protection

image

here we can select a target and we pick Microsoft Azure

image

A new screen with lots of settings opens

image

The copy Frequency is the Hyper-v Replica between Hyper-v and Azure In windows Server 2012R2 there is the option 30sec,5&15 minutes Azure is not changing this.  pick any option you want but In my case I use 15 min that is more enough for me.

one this is really nice that is the Replication time most thing are starting just wen you press enter ;-( but here you pick a scheduler.

image

Pick any time you want but I pick do this now, there is a 60GB VM that needs to get uploaded to Azure.

Then Click on Save! image ( replication will start immediately !!! )

the next step is wait for Azure to finish the settings  image This can take a few Minutes.

yes you can configure other steps but I like to make sure this step is successful.image

image

Now the Cloud is Configured We enable protection for My VM’s.

Select the Name and we pick enable protection in the Virtual Machines

image

When selecting this option and you will see no VM’s you did something wrong ! think…

Yes you are protecting a Cloud so your VM must be in a cloud on this VMM server I have only one cloud and in this cloud are 3 vm’s

image

and you can see this 3 vm’s here in azure

image

I’ll pick the MVPAZU2 VM and again I’ll wait until Azure is finishing it process.

After this the window will show you the VM and unprotected.

image

You can select more VM’s but for this demo I’ll use just one VM.

When selecting the VM we can adjust the CPU and Memory in Azure

imageimage

I’ll pick medium and hit the save button at the bottom!

In the Resources of the Vault we need to link the Networks. If you don’t have a network in azure you will need to create one.

Pick the VMM server as Source and the Target is Azure. The screen will list all your networks that are connected

image

Pick the network from the Protected network and link it to the Azure network. In my case the azure network is connected with a S2S VPN to my private network So I’ll use this network. the IP stack is showing.

image

As I picked Immediately as replication lets see Oh ok it is running

image

In the Hyper-v Manager you can see the progress. It would be nice to have it also in Azure.

image

image

My internet connection is a 1 GB but the internal routers and the networking on my Hyper-v Server needs some attention.

And if we are checking in VMM the Recovery Settings it is set to 15 minutes just as we set in Azure.

image

And we need to wait until the replication is done from Hyper-v To Azure this can take some time It all depends on your Internet connection

imageimage

After the Replication is ready You can see that there is one VM protected and we can create a recovery plan.

image

Now that we have created a recovery plan this is just a step to link the VM to a recovery plan from or to Azure and what VM.

image  image

Now that the Recovery Plan is is ready we can test this with a test failover.

image

As we check the test failover a popup ask me on witch network the VM should connect.

image  As this is a TEST you can not connect to the real network that is picked in the VM

image

In the VM you can see the test VM is build but you can’t connect to the VM. There is a DNS name  image

Azure Site Recovery - on-premises to Azure

In the Job status you can see a step by step overview and for completing you have to check the complete option on the bottom.

a Popup is shown where you can put in comments and set the checkbox complete. After this step the test will continue

Azure Site Recovery - on-premises to AzureAzure Site Recovery - on-premises to Azure

Azure Site Recovery - on-premises to Azure

With these Easy steps you can use Microsoft Azure As your failover DataCenter and even With One Hyper-v Server you can be always up.

If you need more info then go to the MSDN site see below for the URL

Azure Site Recovery - on-premises to Azure

The walkthrough consists of the following steps:

  1. Deployment prerequisites: On-premises to Azure. Check deployment requirements, and complete the planning steps before you begin deployment.
  2. Step 1: Create and configure an Azure Site Recovery vault: On-premises to Azure— Create a vault and specify a vault key. Upload a management certificate (.cer) to the vault.
  3. Step 2: Install the Azure Site Recovery Provider: On-premises to Azure— Install the Hyper-V Recovery Manager agent on the VMM servers you want to register in the vault.
  4. Step 3: Install the Azure Recovery Services Agent: On-premises to Azure— Install the Azure Recovery Services agent on Hyper-V host servers located in the VMM source clouds you’re protecting.
  5. Step 4: Configure protection settings for VMM clouds: On-premises to Azure— Specify protection settings for the cloud, including source and target settings, recovery points and snapshots, and initial replication settings.
  6. Step 5: Configure network mapping: On-premises to Azure—Create mappings between VM networks on the source VMM server and destination Azure networks.
  7. Step 6: Enable protection for virtual machines: On-premises to Azure— Enable protection for virtual machines.
  8. Step 7: Create and customize recovery plans: On-premises to Azure—Create and customize recovery plans that specify how virtual machines should be grouped and failed over.

Greetings,

Robert Smit

https://robertsmit.wordpress.com/

Posted August 27, 2014 by Robert Smit [MVP] in Microsoft Azure

Tagged with

Microsoft Azure Hybrid deployment of RemoteApp Step by Step @Azure #Microsoft #RemoteApp #MVPBuzz #RDS #HRDAAS   3 comments

In this blog post I’ll show you how to create a Hybrid RemoteApp Configuration. It is still a Preview and Improvements  could be made.

If you want to run your own applications in Azure like on Citrix or with RDS till now it was not a build in services Microsoft provided.

But with RemoteApp you can easy deploy a default set as below or Create a Hybrid Environment. And there are lots of new options in a Hybrid RDS Azure Site #HRDAAS Hybrid Remote Desktop As a Service

image

The Quick Create is no fun just hit Create Smile

Now Creating a Hybrid Environment. You will need a syspreped Template with no unattend.xml in it. There For I created a fresh new template clean install with Remote Desktop Session Host installed and most important you need to set a registry key if you don’t do this all will fail!

This is not in the Microsoft Guide !

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FileSystem]
"NtfsDisableEncryption"=dword:00000001

image

After everything is Set on the Golden Image we can do a Sysprep. And keep in mind Azure support only VHD files so do not use VHDX files.

C:\Windows\System32\sysprep\sysprep.exe /generalize /oobe /shutdown

now that my golden Image is ready We can upload this image to azure.  ( I used a 50 Gb VHD file ) So If you don’t have a fast Internet connection You need to wait Winking smile a while.

 

So the next step is Create a RemoteApp With VPN. Pick a name and select create.

image

A place holder is Created and We will upload the Golden Image To Azure. ( this could take a while so we do this now )

Select the image and pick image Upload

image A popup will Come and a PowerShell script is there for download

image

Save this on place. Grab also the Command To run

Upload-AzureRemoteAppTemplateImage.ps1 -SAS "?sr=b&si=623fcaf1-63f6-406d-a749-48c2c3f0036b&sig=n%2FHLp5d1wfEgdi68hA%2FaVWOwyhDl35S1eKQ9dKxZdQg%3D" -URI https://cdvwe114758920rdcm.blob.core.windows.net/goldimages/623fcaf1-63f6-406d-a749-48c2c3f0036b.vhd

image

Running this Script a Browser will open and you can select your Golden Image.  And the Upload will start first some checking

image I was happy with my Fiber internet connection.

Writing a blog and uploading Winking smile

image

when the upload in done you will see a check and a ready state on the Image.

imageimage

Next Step is creating a network Is this also my improvement point Whay not using my Site to Site VPN that already is connected to my environment.

Therefor we create a new network that will host the Machines.

Create New network and pick a name.

imageimage

Fill in the IP networks and use the Internet address of your Router ( Same as S2S VPN )

image  image image

When the Network is created we can download the S2S Script and run this on your Gateway server. I use a Windows 2012R2 RRAS server but there are other options. image

After running the script the Gateway has an extra dail-in option On this gateway I have already a few connections but this is all configurable to your needs.

 

image

Now that the network is ready We can start building. When opening the MYMVPAPP with VPN created in the beginning you will see the Status with check marks

Now I have to create a OU and a service account in my domain on-premise

imageimage

Next step is linking the Golden Image To the App. You can do all this is now with a upload but as we already did the we need only a connection this is a faster and fail save method.

So check the Link an existing Image

imageimageimage

You will see your 50Gb uploaded golden Image. This is only available if the Image is correctly uploaded !

image

We are almost ready, while the provisioning can take up to 30 minutes. Second Improvement point. Show Some Status step 1 from 10 maybe. Now we have to wait.

image  image

Please Note** during several test I change the name but the steps are the same

the next step is assign a user to the image , this must be a default Azure directory User.

 

image  image

I created a demouser ( I deleted this user after this blog )

We assign this user to the Remote App

image

Next we assign Applications of the Image I created earlier.  I did not install special apps in this image so it looks a bit basic.

imageimage

I published all the apps that Azure Scanned for me in my own image. but suppose you have installed office and other apps it will be there in the image.

Next step is login to the RDP session image

 

image The fun part is I configured MFA ( multi factor Authentication ) Really nice option

When Logged on We see all the Apps I made a Text change in de Word app

image

However I logged on the session is still inactive

image

This is still a Preview what I really like is using your own apps in your own domain there are still some issues with the creation of the RemoteApp but if you have configured all this and it is working you can even use this On a Android and or on your Surface how Cool is that.

I installed the latest version of RDP on my android phone I opened a CMD box on my phone totally useless but you can. It works much better on my Surface.

Running Published Apps on my Devices in Azure What will ne next ?

 imageimage

#HRDAAS Hybrid Remote Desktop As a Service

Posted June 20, 2014 by Robert Smit [MVP] in Microsoft Azure

Tagged with

Microsoft Azure File Server “System error64” or “New-AzureStorageShare Cannot bind parameter Context“ #azure #cloud #MVPBuzz   9 comments

Microsoft Azure launched a new Option in the Azure Suite a cloud File server. Sounds great how does it work and how to set this up.

First you need to create a new Storage Account

image

When this account is created you will see a new option in the Dashboard of this storage Account

image

The next steps will be in Powershell, there is no GUI option here Winking smile

Before you can connect to your Azure Files network share, we have to download a special powershell package for working with the Azure Files, the package can be found http://go.microsoft.com/fwlink/?LinkID=398183

image

After Downloading this file and extracted we can import the PSD1 file.

# import module and create a context for account and key
import-module "C:\AzureStorageFile\AzureStorageFile.psd1" –Verbose

image

Next We will create the new storage contex

image
$ctx=New-AzureStorageContext ‘rsmfile01’ ‘q+35EmhlLUikunngOWvZK8ysEqWpOLaobJNbS7bUtjTDZIRUI72siY956xHEVCS8ckFq5Vo188hmFfTY1XdPeQ==’

Use the Name and the Primary key.

Next step is creating a new Share and this can be tricky why ? well you may have the preview as enabled but it can be still not activated. if so you need to make a call to the Support team from Azure.

a simple check will do the trick Can you ping the DNS name ?

image

But if the result is this :

image

You can’t create a share and will se an error

New-AzureStorageShare : Cannot bind parameter ‘Context’. Cannot convert the "Microsoft.WindowsAzure.Commands.Storage.Model.ResourceModel.AzureStorageContext" value of type
"Microsoft.WindowsAzure.Commands.Storage.Model.ResourceModel.AzureStorageContext" to type "Microsoft.WindowsAzure.Commands.Storage.File.Model.AzureStorageContext".
At line:2 char:48

image

 

But if your account is enabled and activated it will work

image

# create a new share
$s = New-AzureStorageShare ‘newshare1’ -Context $ctx
 
# create a directory in the test share just created
New-AzureStorageDirectory -Share $s -Path testdir

 

The next step is mounting the fileshare to a drive letter.

image

net use * \\rsmfile01.file.core.windows.net\newshare1 /u:rsmfile01 q+35EmhlLUikunngOWvZK8ysEqWpOLaobJNbS7bUtjTDZIRUI72siY956xHEVCS8ckFq5Vo188hmFfTY1XdPeQ==

image

But also here this will only work from a Azure VM and not from your home computer.

image

 

Again this is just a preview Just be sure to understand the limitations of Azure Files the most important are:

  • 5TB per share
  • Max file size 1TB
  • Up to 1000 IOPS (of size 8KB) per share
  • Up to 60MB/s per share of data transfer for large IOs
  • SMB 2.1 support only

But for most parts this is fine just another great @azure option !

Posted June 16, 2014 by Robert Smit [MVP] in Microsoft Azure

Tagged with

#Microsoft #Azure #Security Extensions #SCEP @TechEd_NA #msTechEd   Leave a comment

If you Create a new VM in Azure you will see new options as a custom script and some build in virus protections.  As the Teched_NA is starting this week new options an features will rule the week, who is the first with all the new stuff Winking smile checkout the Teched_NA twitter feed.

Azure VM’s is getting better and richer even with the ExpressRoute that is available for preview

Installing the System Center Endpoint Protection is one of the options

image

and yes I want antimalware and I could run a custom script.

image

image

As you can see the SCEP is fully installed only the management is unavailable at the moment so no adjustments can be made.

image

Posted May 12, 2014 by Robert Smit [MVP] in Microsoft Azure

Tagged with

Microsoft Azure #ExpressRoute preview #Azure #cloud #VPN   Leave a comment

With all the fiber connections today, connectivity is today so common and easy. Azure ExpressRoute enables you to create private connections between Azure datacenters and infrastructure that’s on your premises or in a colocation environment. ExpressRoute connections do not go over the public Internet, and offer more reliability, faster speeds, lower latencies and higher security than typical connections over the Internet. In some cases, using ExpressRoute connections to transfer data between on-premises and Azure can also yield significant cost benefits.

image

ExpressRoutePreview

Experience a faster, private connection to Azure

With ExpressRoute, you can establish connections to Azure at an ExpressRoute location (Exchange Provider facility) or directly connect to Azure from your existing WAN network (such as a MPLS VPN) provided by a network service provider.

 

ExpressRoute connection options

Storage, Backup and Recovery

ExpressRoute gives you a fast and reliable connection to Azure making it suitable for scenarios like periodic data migration, replication for business continuity, disaster recovery and other high availability strategies. It can also be a cost-effective option for transferring large amounts of data such as datasets for high performance computing applications or moving large VMs between your dev/test environment in Azure and on-premises production environment.

Extend your datacenter

ExpressRoute allows you to securely add compute and storage capacity to your existing datacenter. With high throughput and fast latencies, Azure will feel like a natural extension to your datacenter so you enjoy the scale and economics of the public cloud without having to compromise on network performance.

Build hybrid applications

With predictable, reliable and high-throughput connections offered by ExpressRoute, you can build applications that span on-premises infrastructure and Azure without compromising security or performance. For example, you can have your corporate intranet application running in Azure that authenticates users using an on-premises Active Directory, and serve all corporate users without traffic ever routing through the public Internet.

get more info here

Posted May 10, 2014 by Robert Smit [MVP] in Microsoft Azure

Tagged with

  • Twitter

  • Advertisements
    %d bloggers like this: