Microsoft loves open source and I for one a Linux fan. Last month Microsoft has announced a partnership with Docker Inc to include Windows containers in vNext Windows server editions. Also Microsoft Azure supports Linux VMs running Azure configured with Docker containers.
The limitation to use a Linux client machine or boot2docker program on Windows to access Docker containers has been removed. Microsoft has introduced a CLI for Windows which can directly access same. It’s a actually a docker program running under windows command line.
For more information on how to build the Docker CLI in windows please refer below articles.
- Building Docker CLI in Windows
- Docker Private Registry in Azure
My worst nightmare came alive. Microsoft had an worldwide outage earlier today which affected all data centers except the new Australian ones. This had a huge impact on third party web sites that is hosted on Azure including their very own Office 365 & Xbox Live services.
According to Microsoft this has been resolved now. But we see user reports from Europe says that issue with hosted VMs and Application Insights are intermittently visible.
Security specialist have verified that there has not been any attempt of security tampering in Azure. Microsoft hasn’t made an official statement yet explaining the root cause.
This is not the first time an issue of this scale happened for any cloud provider. Amazon & Google have faced the same situation before and it’s not like everyday you face this kind of trouble. For Azure’s sake it has been almost a year since a similar issue has happened.
If anybody want latest updates of this issue, please follow Azure Service Health Page for more information.
A full explanation and RCA by Jazon Zander Azure CVP can be found here. Apparently there was a bug in a patch update they have made for the Azure storage.
Alert Management Intelligence Pack brings your on-premise SCOM alerts to Azure Operational Insights. This pack allows you to analyze your SCOM alerts in more granular level by providing below key scenarios on the fly.
- Number of Alerts raised during a specific time frame
- Top alert sources with active alerts for a specific time frame
- Top alerts (Active, Critical & Warning) during a specific time frame
- Detailed alert search
Let’s see how we can add this Intelligence Pack.
- Login to Azure Ops Insight Portal and click Add Intelligence Packs.
- Select the Alert Management Intelligence Pack.
- Click Add from the gallery.
Don’t expect the alerts to hit Ops Insight Portal instantaneously. It will take some time to gather the data and as usual I will give it 24 hours to settle in.
My IP looks blank at the moment but let me explain what each of these tiles mean.
- Tile 1 – Active Alerts which are in Critical state
- Tile 2 – Active Alerts which are in Warning state
- Tile 3 – Which servers have active alerts for the past 24 hours
- Tile 4 – Active alerts summary
You can use the Common Alert Queries tile to build your own queries to search for specific alerts.
The minimum frequency for a search is 6 hours. Beyond that you can select a custom date range as well. There are number of filters available to narrow down the search.
Also you can use the search dialog box to,
- Save a search – Star with + sign
- Use a saved search – Star
- Use recent search items – Clock
If you haven’t signed up for Azure Ops Insights yet you can request an account (public preview) from here.
I have come across a strange issue with Azure AD recently. When I requested a Azure Active Directory Premium Trial and assigned licenses for the users, some of the features were missing in the Configure tab of my directory.
What was missing?
- Customized Branding Page
- Self Service Password Reset
I have two directories in my tenant. I have requested the AAD Premium Trial through my Office 365 directory.
What went wrong?
If you request AAD premium through any other directory than your default directory, the Azure tenant administrator (Microsoft Account) would not have a license assigned by default. When you add another directory this account by default becomes an administrator of that new directory.
In order to enable the features you need to have a license for that account if you have logged into Azure using same.
- You can manually assign a license to the global administrator to resolve this issue.
- Make sure you request your trial through the default subscription. If you need you can change this to the directory you want.
Looks like a simple issue but it can cost a day’s worth for troubleshooting.
Wouldn’t it be painful just to use the web browser to manage your resources in Amazon EC2 cloud? How about managing them from VMM? That’s not going to be a problem anymore according to amazon.
Recently Amazon introduced AWS System Manager an add-on that can be installed on SCVMM 2012 SP1 onwards. This will let you to manage your EC2 Windows Instances from VMM console.
Basically you can start,stop, restart your AMIs from this tool. If you require remote access you can even RDP into same.
You can download this tool from here. Most importantly it’s FREE.
We had a basket full of new features from Microsoft Azure within last two weeks and as Azure Consultant it’s becoming harder for me to even close my eyes knowing that something new will be there in the morning. Today I thought of sharing a glimpse of two cool additions to Microsoft Cloud which enhances IT PRO productivity.
PowerShell Support for Azure Site Recovery
This is a much awaited update. As of today Azure Site Recovery can be fully implemented using PowerShell. Imagine you want to generate an html report on your last failover. Using Get-AzureSiteRecoveryJob cmdlet for an instance you can write a nice script to achieve this.
For a full reference of available Azure Site Recovery PowerShell cmdlets refer this TechNet article. Note that all these cmdlets are only available in Azure PowerShell October 2014 package so it’s time you update your binaries.
Network Security Groups
Network Security Groups are now GA which provides you to create more granular control in your VM networks such as implementing DMZs and Network Segmentation. Ideally if you are hosting a 3-Tier application in Azure and wants to implement strict traffic filtering in each tier this is the ideal solution for you.
Currently you can leverage this only via PowerShell or REST APIs. Also there are few limitations that you should consider in Network Security groups. But yet again the platform is evolving and Azure Team is working very hard to overcome any obstacles.
For a complete reference of the new feature refer the announcement in Azure Blog.
For those who were not too sure about moving into the cloud thinking that your VMs won’t be protected from security threats do not need to worry about with Microsoft Cloud. During TechEd Europe 2014 Microsoft has introduced Microsoft Antimalware, a cloud based security solution for your Azure tenants.
Microsoft Antimalware uses the same engine behind Microsoft Security Essentials and Forefront EndPoint Protection & Windows Defender. Some say that these not so great products but guess what? I’ve seen a POC where it caught 99% of security threats in a customer environment that was designed for security testing where all the other vendors were not able to get that far.
It’s actually a Security-as-a-Service products which will run real time and download all the heuristics and definitions directly from the cloud. And most importantly user interaction required is minimal in this as it would be running in background and intelligently protecting your workloads against security threats.
Lets see what is required to use Antimalware in Azure.
- Windows Server 2008 R2 or higher OS. Windows Server 2008 & Server Technical Preview is not yet supported.
- VM Agent – You can enable VM agent at the time on VM creation or enable it later.
- Latest Microsoft Azure PowerShell SDK Tools which contains the PowerShell cmdlets for Antimalware should be installed.
- Azure Storage account for antimalware event collection.
How it works
- By default this extension is installed in Cloud Services but has been disabled. You can enable it using PowerShell. Please refer here for complete reference of PowerShell cmdlets for Antimalware.
- For VMs you can install this via Azure Portal as below or use the PowerShell cmdlets.
- Use Visual Studio Server Explorer for Azure for installing in VMs
- Antimalware service management APIs- both VMs & Cloud services.
So remember to use Microsoft Antimalware for Azure workloads from now on if you are not too sure about the security that Microsoft has in place already.