Introducing ExpressRoute | A safe passage to Windows Azure

Today I got an interesting e-mail from my boss which has caught my attention.  Microsoft has partnered with Equinix, AT&T and Level3 to deliver a new service offered by Windows Azure called ExpressRouteExpressRoute offers private, reliable and low latency connections between customers’ data centers and Azure. This is good news for those who willing to maximize the efficiency of their on-premise infrastructure while moving into the  hybrid cloud. Currently this is available only in US region as a preview feature.

With this new service, you have multiple ways of connecting to Azure.

  1. Aggregate your traffic over VPN connections at Equinix datacenters, or add Azure services to your MPLS VPN provided by AT&T.
  2. Level 3 offers traffic aggregation over a single hand-off or enable multiple locations to connect to Azure services as an extension of your MPLS VPN.

If you fear that your connections to the Microsoft Cloud over Internet is not secure and reliable you can use direct connections to Azure with this feature. Well folks isn’t it exciting news from Microsoft indeed?

References:

Windows Azure Hyper-V Recovery Manager

As a SysAdmin you are responsible for the protection of your data center. We are all comfy with traditional backups and DR methods with off-site backup infrastructure. But what happens if your secondary site caught up in a fire?  The worst case is you are running the whole data center in a private cloud. This gives us a good example of why we should backup our VMs to the cloud.

Windows Hyper-V Recovery Manager protects applications by coordinating the replication of virtual machines at a secondary location. It provides Hyper-V Replica asynchronous virtual machine replication capabilities in Windows Server and the Virtual Machine Manager component of system center and combines them with the power of Windows Azure to provide site-to-site protection of your virtual machines and private clouds. There are three key functions provided by this feature.

Automated Protection

Protection of VMs can be automated once configured. This integrates with Hyper-V replica and SCVMM technologies and delivers on going replication of VMs. Also all the work load data remains in your network which means they neither moved into or passes through Windows Azure.

Continuous Health Monitoring

Once automated protection is in place the Hyper-V Replica Manager monitors the health of VMs real-time with SCVMM. Keep in mind that only SCVMM servers can communicate directly with Azure.

Orchestrated Recovery

In an event of a failure, VMs can be recovered in an orderly fashion. You can predefine which VMs you need to recover first. You can create customized recovery workflow, store them in Azure and even test them before deploying.

How it works Windows Azure Recover Manager

If you have,

  • a secondary site
  • a SCVMM server
  • Unprotected workloads

Then Azure Recovery Manager is the best solution for your data center protection.

Resources

  1. Hyper-V Recovery Manager
  2. Configure Windows Azure Hyper-V Recovery Manager

Take your office to home with Work Folders

Windows Server 2012 R2 release has introduced the concept of Work Folders which is similar to the functionality of Dropbox or SkyDrive to corporate servers. Work folders is a file replication service which enables you to access your corporate files even when you are roaming or at home from your own device.

This feature is only supported in Windows 8.1/8.1 RT clienst yet but Microsoft is planning to introduce it to Windows 7, iPad and Android (may be) pretty much soon. The operation is pretty much simple. Work folders keep copies of files both in server and client, syncs the files when connected to the server. But keep in mind this feature doesn’t support web access or sharing like Dropbox which I think is clear, because you don’t wanna see your sensitive data in wrong hands.

This feature include the following functionality.

  • Data encryption capability and remote data wipe with Windows Intune
  • Security policies for PCs and devices (i.e encrypt lock folders and use a lock screen password)
  • High availability is possible with Failover clustering
  • Files can be accessed offline and will be synced with the central file server when the device is connected to the corporate network or Internet depending on the scenario

OK. What about the limitations and scope considerations on this one?

  • Work folders must reside in local storage of file servers.
  • Cannot sync arbitrary file shares. Users sync to their own folder on the file serve.r (e.g. you can’t sync sales file share to your device)
  • Doesn’t provide sharing & collaboration capabilities. Microsoft recommends using SkyDrive Pro if you need document collaboration features.

If you plan to deploy work folders in your environment, here is the comprehensive TechNet article on how to do it. You can refer the storage team blog article here if you need more insight.

See below video from BJTechNews on how to create work folders in Windows Server 2012 R2.

Migrating WSUS 3.2 to Windows Server 2012 R2

Couple months back  I was assigned a task to migrate our WSUS server which was running under W2k3 R2 to W2k12 R2. The existing WSUS server was 10+ years old and actually was installed in a Domain Controller (Don’t laugh at me. I didn’t do that). The challenge I had to face was migrate all the content along with approved updates. To be exact I worked on this for 4 days following every article I could find but each time I failed at approvals. Finally it was just a simple task (I was a fool to not look at TechNet) described as in here.

I’m gonna describe how I did it (just the facts, cut the crap)

Migrate WSUS update binaries

  1. Before starting the work, I stopped WSUS service and the synchronization schedule in the existing server.
  2. Installed WSUS role on the new server. At the end of the configuration wizard I’ve left the configuration for later. This is a  must.
  3. Then created a NT Backup task to the entire WSUS Backup content folder (in my case this was 97 GB+)
  4. As Windows Server 2008 onwards NT Backup is retired, I copied the NT Backup binaries from a W2k3 server and copied it to the 2012 server. It works just fine and from there I imported the backup to the new WSUS location.

Migrate WSUS security groups

I didn’t do anything specific in this step. All the users, groups and security permissions were exact same in my new setup. If you are not certain go ahead  and double check as described here.

Back up the WSUS database

This is the most important step. I’m not gonna fill all the details but you can see how to do it here. Remember you need to install SQL Server 2012 Management Studio in your new server as 2005 version is not supported in 2012. This is required for WSUS database import.

Final steps

  1. After completing the WSUS database migration, open up WSUS console in the new server. You may notice that approved updates along with rest (yes 97 GB+) are there.
  2. Configure the new WSUS server with exact same configuration (products, classifications, automatic approvals, sync schedule etc… ). Most of the items are already there as we imported the WSUS database but make sure everything is same.
  3. In my organization, we had group policy in place to define the WSUS server. I just had to change the host name to the new one.
  4. Start a manual synchronization in the new server. Once it is finished make sure that the sync is Succeeded.
  5. As you have change the WSUS server in the domain group policy, you may need to log off and log in to client computers or run a gpupdate /force. Alternatively follow the step in the TechNet article to manually detect a client computer.

At the end of the day I saved a huge amount bandwidth for my company with a minimum downtime. So now you can stop worrying about downloading everything from the beginning if you are planning to migrate your WSUS setup to Server 2012 R2.

Watch below video from MVA featuring Andrew McMurry on how to perform this.

Hyper-V Server 2012 R2 | Facts that matter

For those who have been working with Microsoft Virtualization platform, the free enterprise grade hypervisor is a valuable product for running VMs on the fly. The new version of Hyper-V Server has number of advantages compared to it’s  predecessor. If you take a look at the features of Windows Server 2012 R2 with Hyper-V role installed vs. free hypervisor there is no difference. That is all the features are exact same.

Now lets focus on why you should use the Hyper-V Server 2012 R2 for you virtualization platform.

Free forever

YES it’s free as in FREE BEER (the product). You’ll need to license only the VMs. If you are a developer or an IT PRO who just needs a host to run you test lab this is it.

Shared VHDX storage

Hyper-V 2012 R2 is capable of clustering virtual machines using shared virtual hard disk (VHDX) files. I you need high availability in your private cloud deployment for large workloads this feature enables multiple VMs to access the same same virtual hard disk (VHDX) file, providing Windows Failover Clustering. VHDX files can be stored in CSV or SMB 3.0 Scale-out file server shares. This is a new feature with this release.

GEN 2 VMs

2012 R2 provides two different platforms for your VMs. Generation 1 VMs  provides the same virtual hardware as in previous versions of Hyper-V while Generation 2 VMs provide new functionality such as,

  • Secure Boot (enabled by default)
  • Boot from a SCSI virtual hard disk
  • Boot from a SCSI virtual DVD
  • PXE boot by using a standard network adapter
  • UEFI firmware support

Important fact is that IDE drives and legacy network adapter support along with legacy hardware support has been removed in Generation 2 VMs. This way the boot up time for a typical VM has been increased by 90%. Not all Guest OS are supported in this architecture (only Windows Server 2012/2012 R2, Windows 8/8.1 x64 versions are supported). You can choose what generation of a VM you’ll need in the New VM creation wizard and once created you can’t change the generation of a VM.

Enhanced Session Mode

Hyper-V now allows you to use your local resources such as Display configuration, Audio, Printers, Clipboard, Smart cards,  Drives, USB devices and Supported Plug and Play devices to be redirected to a Virtual Machine Connection session. Yet again this feature only supports Windows Server 2012 R2 and Windows 8.1 client.

Storage Quality of Service

This enables you to specify the maximum and minimum I/O operations per second (IOPS) for each virtual disk in your virtual machines. This way you have a guarantee that one VHD doesn’t impact the performance of another on the same host.

You can download the free Hypervisor from here. If you are new to virtualization with Microsoft you can have an idea about what it is by going through the below TechNet article.

http://technet.microsoft.com/en-us/library/hh831531.aspx

The era of physical machines has come to an end. Therefore get yourself familiarize with the virtualization before you become a LEGACY SysAdmin.

P.S Following is an interesting video about what’s new in Hyper-V 2012 R2 presented at TechEd 2013 North America featuring Rick Claus and Benjamin Armstrong.

OneDrive is coming

Microsoft has decided to re-brand their cloud storage offering “SkyDrive” to “OneDrive“. This was announced on January 27th and Microsoft states the transformation as,

“OneDrive name conveys the value we can deliver for you and best represents our vision for the future.”

The company hasn’t given an exact launch date yet. But we can expect this change to hit within next few weeks. Existing SkyDrive & SkyDrive PRO users will be automatically converted to the new name. Seems to me it would just be re-branding the existing service but Microsoft may surprise us with new features as they always do. I personally prefer SkyDrive over Google Drive because it’s much neat & pretty much easier to use.

You can find more information about this from OneDrive Blog. Enjoy the video from below.