KeithMayer.com

Be an Early Expert in Hybrid Cloud - Microsoft Azure, Windows Server 2012 R2, Hyper-V and System Center 2012 R2

KeithMayer.com

  • Export Azure Subscription Usage to CSV with NEW Billing API and PowerShell

    The Azure Billing REST API was recently made available as a Public Preview, and there’s been a ton of interest from customers in leveraging this API to collect and track usage of cloud services in their Microsoft Azure subscriptions.

    UPDATE: Version 0.9.4 and later of the Azure PowerShell module now include new Azure Resource Manager cmdlets to query Azure usage data directly: Get-UsageAggregates and Get-UsageMetrics.

    • I’ve included an updated script below that leverages these new cmdlets. 
    • I’ve also retained the original script that called the Billing REST API directly at the end of this article, because it serves as a useful example of how to call REST APIs when capabilities are needed that aren’t yet exposed directly via PowerShell.

    Read this article ...

    In this article, I’ll provide a simple script that leverages Azure PowerShell to call this API and export usage data from your Azure subscription to a CSV file for further analysis …

  • TechNet Radio: (Part 22) Building Your Hybrid Cloud - Orchestrating Hybrid Cloud with Chef and Azure

    Continuing our " Build Your Cloud " series Keith Mayer welcomes Steven Murawski from Chef as they discuss how you can orchestrate Hybrid Cloud using Chef and Azure. Tune in for this in-depth, demo heavy session and learn how you can get started with Chef using the Chef cookbook. [ 3:52 ] For those listening today that may not be familiar with Chef, what can Chef do for them? [ 19:27 ] Can Chef integrate with PowerShell? [ 33:01 ] DEMO: Getting started with Chef Learn more! Step-by-Step...
  • Quick Script: List Role-Based Access Control (RBAC) Assignments for Azure Resources via PowerShell

    Role-Based Access Control (RBAC) is a great new feature of Azure Resource Manager and the Azure Preview Portal for delegating granular access to Azure resources. 

    Read this article ...

    Recently, I was asked for an easy way to enumerate the list of resources to which a particular user is assigned.  In this article, I’ll provide a brief code snippet using the latest version of the Azure PowerShell module that quickly lists the RBAC assignments for a user …

  • Enterprise Field Mobility with SEE Forge and Microsoft Azure

    James McDonough, CEO & Co-Founder of SEE Forge , joins Keith Mayer in this “Cloud Solution Innovators” edition as they discuss the various service offerings SEE Forge can help your organization implement. Tune in and learn how your business can eliminate paperwork and easily manage data that is collected any time, any where, and on any device. [ 1:02 ] Can you tell us a bit about the solution that SEE Forge delivers? [ 1:49 ] When building this solution, what attracted you most to building the...
  • TechNet Radio: (Part 21) Building Your Hybrid Cloud - Protecting Data with Encryption - part 2

    Following up on their data protection through encryption episode in their " Build Your Cloud " series, Keith Mayer and Andy Syrewicze take an inside look at transparent database encryption options for SQL Server and Azure SQL database. [ 1:42 ] What are some database encryption options? [ 5:40 ] DEMO: How to enable transparent data encryption for your database __________________________ Experience Microsoft's latest products with these FREE downloads! Build Your Lab! Download Windows...
  • TechNet Radio: (Part 20) Building Your Hybrid Cloud - Protecting Data with Encryption

    Keith Mayer and Andy Syrewicze are back for the next part in their “ Build Your Cloud ” series and in today’s episode they discuss how you can protect your data in the cloud through At-Rest Data Encryption. [ 1:59 ] What are some at-rest data encryption options? [ 20:02 ] DEMO: How to enable At-Rest Data Encryption in Azure with Windows BitLocker __________________________ Experience Microsoft's latest products with these FREE downloads! Build Your Lab! Download Windows Server 2012 R2 , System...
  • TechNet Radio: (Part 19) Building Your Hybrid Cloud - Monitoring and Alerting for Azure Workloads

    Keith Mayer and Andy Syrewicze continue our ongoing series on how to “ Build Your Cloud ” and in this episode they show us how to manage monitoring and alerting for Azure workloads. Tune in they cover various options for monitoring a hybrid cloud environment using built-in tools on Azure. [ 1:33 ] Why is monitoring important across the hybrid cloud? [ 11:12 ] DEMO: How to leverage and configure built-in monitoring and alerting tools on Azure __________________________ Experience Microsoft's latest...
  • TechNet Radio: (Part 2) Open Source + Microsoft Azure - Implementing MySQL databases in the Cloud

    Keith Mayer and Tommy Patterson are back for part 2 of their series on “ Open Source + Azure ” and today they show us how to implement MySQL databases inside Linux VMs on Azure. [ 2:06 ] Besides MySQL on Azure IaaS, what other options are available to me? [ 11:55 ] DEMO Quick Create and Azure Virtual Network [ 17:35 ] DEMO Creating a Storage account [ 26:54 ] DEMO How to configure MySQL in a Linux VM on Azure [ 38:10 ] DEMO How to make MySQL highly available on Azure __________________________...
  • Step-by-Step: Encrypting Data Volumes in the Azure Cloud with Windows Server 2012 R2, PowerShell and BitLocker

    The Microsoft Azure cloud platform has supported at-rest encryption of Windows Server VM data volumes via BitLocker for some time now, but I’ve found that there’s often a desire to completely automate the BitLocker configuration as part of virtual machine provisioning and startup tasks.

    Read this article ...

    In this article, I’ll walk through the PowerShell steps to automate the provisioning of BitLocker and unlocking BitLocker-protected data disks as part of a virtual machine’s startup tasks.

  • Resizing Data Disks in the Cloud on Microsoft Azure with Windows PowerShell

    Resizing existing Azure VM data disks just got a whole lot easier with the introduction of an enhanced Update-AzureDisk PowerShell cmdlet in the latest version of the Azure PowerShell module.

    Read this article ...

    In this article, I’ll step through the process of using this new cmdlet to increase the size of an existing data disk on an Azure virtual machine.

  • TechNet Radio: (Part 1) Open Source + Azure: Building Linux in the Cloud

    Keith Mayer and Tommy Patterson kick off a new series today on “ Open Source + Azure ” and in part 1 they cover the building blocks and how to for Linux in the Cloud with Microsoft Azure. [ 2:44 ] Open Source and Microsoft? How does that work? [ 8:11 ] Why should someone pick Azure for their Open Source solutions? [ 15:55 ] Let’s chat about Azure and Linux and how they play nicely together [ 22:00 ] DEMO Provisioning and Managing Linux and Azure Check out the Quick Start Guide: Building Linux...
  • TechNet Radio: (Part 18) Building Your Hybrid Cloud - Automated Provisioning for Linux in the Cloud with Microsoft Azure

    Next up in our ongoing series to “ Build a Hybrid Cloud” Keith Mayer and Andy Syrewicze look at automated provisioning for Linux in the cloud with Microsoft Azure. Tune in as they explore the various ways in which you can automate workloads for Linux in Azure by using either Azure Automation , PowerShell DSC for Linux , XPlat CLI for Azure , Docker , Chef or Puppet (just to name a few). [ 2:05 ] What are some of the tools you can use to automate Linux workloads in Azure? [ 10:10] DEMO: Getting started...
  • TechNet Radio: (Part 17) Building Your Hybrid Cloud - End-to-End IaaS Workload Provisioning in the Cloud with Azure Automation and PowerShell DSC

    Keith Mayer welcomes special guest Tommy Patterson to the series as they discuss end-to-end IaaS workload provisioning in the Cloud with Azure Automation and PowerShell DSC. Tune in as they break down automation into 3 main categories of tasks (managing and orchestrating the overall process, provisioning cloud fabric resources, and provisioning workloads, like operating systems and applications) and then go into in-depth demos showing how you can do this via Azure Automation and PowerShell DSC. ...
  • TechNet Radio: (Part 2) Supporting a Mobile First World - Identity Management with Azure Active Directory

    In part 2 of our Enterprise Device Management series, Jennelle Crothers and Keith Mayer discuss the importance of Identity Management and how Azure Active Directory applies to this Mobile-First, Cloud-First world. [ 1:25 ] What is Azure Active Directory? [ 6:59 ] DEMO: Creating a New Azure Active Directory tenant [ 13:10 ] DEMO: Adding applications to Azure AD [ 21:00 ] DEMO: Azure Active Directory Connect [ 33:01 ] DEMO: Azure Multi-Factor Authentication __________________________ Experience Microsoft's...
  • Automating Azure Autoscale Rules via PowerShell and REST API

    Azure Autoscale helps us align utilization of active cloud services to the volume of users and requests currently hitting an application.  As such, Autoscale helps us avoid overprovisioned scenarios where we'd otherwise be paying for excess resources that may not be needed all the time.

    When using Autoscale, the Azure cloud platform can dynamically scale-out/scale-in application instances based on defined schedules or in response to CPU utilization or volume of requests waiting on an Azure Queue, which is useful when designing an application that leverages a Queue-centric Work Pattern.  As part of the Autoscale configuration, you can customize minimum instances, maximum instances, scheduled times and thresholds to optimize scaling behavior for your unique application load patterns.

    Learn more! Watch Module 4, Virtual Machines in this MVA Hybrid Cloud Jump Start course

    Read this article ...

    We can manually configure Azure Autoscale using the Azure Management Portal, but in this article we'll walk through automating our Autoscale configuration as part of an overall scripted process for provisioning new workloads on the Azure cloud platform ...

  • Partner Tech Night - What's New in Microsoft Azure for Infrastructure and Development Partners - Deck and Resources

    Thank you for attending our recent Partner Tech Night in Columbus OH on What's New in Microsoft Azure for Infrastructure and Development Partners. In this article, I've included a copy of our session deck and additional next step resources ...

  • Early Experts Study Guide for Microsoft Specialist Certification Exam 70-534, Architecting Microsoft Azure Solutions

    Read this article ...

    This exam study guide is intended as a study reference tool to assist experienced architects with preparing for Microsoft Specialist certification via Exam 70-534, Architecting Microsoft Azure Solutions.

    Exam 70-534 is one of three exams that can be successfully passed to complete Microsoft Specialist certification on Microsoft Azure. Other exams in this Microsoft Specialist series include:

    Only one exam listed above (70-532 or 70-533 or 70-534) needs to be passed to attain Microsoft Specialist certification on Microsoft Azure.

    This exam guide presents the target exam objectives within each of the above objective domains in a checklist format to provide an easy method for experienced exam candidates to quickly self-assess their general exam preparedness and also provide specific study resources to help candidates address knowledge gap areas prior to attempting this exam. These are the same study resources that I personally used to prepare for Exams 70-534, 70-533 and 70-532 myself, so I’ve already taken time to proof and review each and every resource ...

  • Leveraging the Azure Service Management REST API with Azure Active Directory and PowerShell / List Azure Administrators

    The Azure Service Management REST API can be a great compliment to the Azure PowerShell module when automating certain Azure cloud tasks for which there's not yet a defined set of PowerShell cmdlets.  In previous articles, we've leveraged this API for specific scenarios, such as:

    However, in each of our previous articles, we've used management certificates to authenticate to our Azure subscription when calling the Azure Service Management REST API. Azure Active Directory is being used by many organizations for centralized authentication to Azure via the Azure Management Portal, Azure PowerShell using the Add-AzureAccount cmdlet, and to other cloud-based applications (over 2,400 third-party apps as of the date of this article).  This prompted me to consider leveraging Azure AD for Azure API authentication as an alternative to management certificates.

    , Read this article ...

    In this article, we'll step through the process of authenticating to the Azure Service Management REST API using Azure Active Directory via PowerShell.  Leveraging these capabilities together gives us a consistent authentication and scripting experience, along with the extensibility that the Azure API provides.

    Along the way, we'll also show a useful example for keeping track of the administrators and co-administrators for your Azure subscription.

  • Extending SQL Server 2014 AlwaysOn Resource Groups with Storage Spaces on Microsoft Azure

    The new Azure Preview Portal makes it super-easy to configure a highly available SQL Server 2014 AlwaysOn Availability Group cluster with a new Azure Resource Group Template.  After completing 4 fields of information and clicking a single Create button, a complete cluster environment including an Azure Storage Account, Virtual Network, Active Directory Domain Controllers and SQL Server 2014 AlwaysOn cluster will be automatically configured.  Of course, if you wish to customize any of the options, you're given the ability to do that too - but that's a few extra clicks! ;-)

    When the cluster provisioning process is completed, your new cluster will look like this:

    Read this article ...

    However, when attempting to add additional storage to your new cluster, you'll likely encounter some warning messages that may challenge you.  In this article, we'll leverage a bit of PowerShell to sidestep those warnings and continue on our way towards expanding storage capacity and throughput for our AlwaysOn Availability Groups cluster.

  • TechNet Radio: (Part 16) Building Your Hybrid Cloud - Migrating Applications to Microsoft Azure from Hyper-V, VMware, Amazon AWS & Physical Servers

    Keith Mayer and Andy Syrewicze are back for Part 16 in our “ Build a Hybrid Cloud ” series and in today’s episode they focus on how you can migrate your existing server workloads from Hyper-V, VMware and Amazon AWS to Microsoft Azure using the Microsoft Migration Accelerator for Azure tool. [ 6:45 ] You mentioned the “Microsoft Migration Accelerator” … what is that? [ 8:10 ] How does the MMA help with migrating large datasets to the cloud? [ 13:05 ] DEMO: Microsoft Migration Accelerator Read the...
  • Diagnose Azure Virtual Network VPN connectivity issues with PowerShell

    Azure Virtual Network Gateways provide a great solution for quickly building secure cross-premises network connectivity for a Hybrid Cloud via IPsec site-to-site VPN tunnels. However, VPN tunnels can sometimes be a bit tricky to configure with certain on-premises VPN gateways.  When the VPN tunnel isn't able to connect between Azure and your on-premises gateway device due to configuration or networking issues, you'll see a broken connection displayed in the Azure Management Portal for that Virtual Network Gateway.

    Read this article ...
    Azure Virtual Network - Disconnected

    Until recently, the only options for diagnosing VPN connection problems were to either troubleshoot via logs from the on-premises VPN gateway, or open an Azure support ticket for assistance with troubleshooting from the Azure side of this VPN tunnel. With the latest Azure PowerShell module, we now have the ability to directly troubleshoot VPN connections from Azure with three new PowerShell cmdlets: Start-AzureVNetGatewayDiagnostics, Stop-AzureVnetGatewayDiagnostics, and Get-AzureVNetGatewayDiagnostics.

    In this article, we'll step through leveraging these new Azure PowerShell cmdlets to diagnose a site-to-site VPN gateway connection issue.

  • Step-by-Step: Revoking and Reinstating Client VPN Certificates for Azure Point-to-Site VPNs

    Microsoft Azure provides Point-to-Site VPN (aka. Client VPN) connectivity for secure remote access by development and operations teams to cloud-based workloads that are provisioned on an Azure Virtual Network.  Azure Point-to-Site VPN connectivity uses SSTP as a firewall-friendly tunneling protocol and certificates for mutual authentication of each client connection.

    Read this article ...

    You can find more details on configuring Azure Point-to-Site VPNs at the following link location:

    When discussing Azure Point-to-Site VPN connectivity, one of the questions I frequently hear is ...

    Great! But ... how do I disable a Point-to-Site VPN user when they're leaving my organization?

    Azure Point-to-Site VPNs use certificates for user authentication and authorization, so we can simply revoke a user's certificate to disable their Point-to-Site VPN access.  In this article, we'll step through the process of revoking and reinstating user certificates for Azure Point-to-Site VPNs by using the Azure PowerShell module and the Azure Service Management REST API.

  • Quick Tip: List Current Client Connections on Azure Point-to-Site VPN with PowerShell and REST API

    Microsoft Azure provides secure access to cloud-based VMs for developers and IT operations teams via Point-to-Site VPN (aka. Client VPN) connectivity.  This solution uses SSTP (Secure Socket Tunneling Protocol) to provide a secure, firewall-friendly solution that uses the native VPN client built-in with Windows 7 and later.  In a future article, we'll also look at a cross-platform Client VPN connectivity option to Azure for Linux and Mac OS X clients.

    After configuring Point-to-Site VPN connectivity in Azure, it's pretty easy to see the overall connection status on the Virtual Networks Dashboard page of the Azure Management Portal, as shown below.

    Read this article ...

    Azure Management Portal: Virtual Network Dashboard page

    BUT ... what if we want to see the details of each individual client IP address that is currently connected to the VPN? Luckily, with a bit a PowerShell and the Azure Service Management REST API, we can fetch those details as well! In this article, we'll show you how ...

  • Step-by-Step: Automated Provisioning for Linux in the Cloud with Microsoft Azure, XPlat CLI, JSON and Node.js ( Part 2 )

    There's lots of tools that can be leveraged for automating Linux workloads on Microsoft Azure, including Azure Automation, PowerShell DSC for Linux, VM Agent Custom Scripts, Cloud-Init, XPlat CLI for Azure, Vagrant, Docker and third-party tools such as Chef and Puppet.  Azure provides a wide variety of automation options so that you can choose the tools with which you're most familiar and, in some cases, may already have an existing investment.

    Read this article ...

    In Part 1 of this two-part article series, we stepped through the process for getting our Linux admin workstation setup for Azure cloud automation using the XPlat-CLI and Cloud-Init.

    This article is Part 2 of this series. In this article, we'll leverage these tools for automatically provisioning an end-to-end highly available Linux server farm environment, including storage, networking, load-balancing, virtual machines and application workloads.  As we proceed through this article, we'll be build a Linux shell script that implements this provisioning logic.

  • Step-by-Step: Automated Provisioning for Linux in the Cloud with Microsoft Azure, XPlat CLI, JSON and Node.js ( Part 1 )

    Since previously publishing the Quick Start Guide for Building Highly Available Linux Servers in the Cloud on Microsoft Azure, several people have asked me about ways in which Linux workload provisioning can be automated with Azure.

    Read this article ...

    There's lots of tools that can be leveraged for automating Linux workloads on Microsoft Azure, including Azure Automation, PowerShell DSC for Linux, VM Agent Custom Scripts, Cloud-Init, XPlat CLI for Azure, Vagrant, Docker and third-party tools such as Chef and Puppet.  The Azure team provides a wide variety of automation options so that you can choose the tools with which you're most familiar and, in some cases, may already have an existing investment.

    This article is part 1 of a two-part series.  In this article, we'll step through the process for getting our Linux admin workstation setup for Azure cloud automation using the XPlat-CLI for Azure and Cloud-Init

    In part 2 of this series, we'll leverage these tools for automatically provisioning a highly available Linux server farm environment using the scenario outlined in the Quick Start Guide referenced above.

About the Author ...

Keith Mayer is a Senior Technical Architect at Microsoft, focused on helping ISV partners leverage the Azure cloud platform. Keith has over 20 years of experience as a technical leader of complex IT projects, in diverse roles, such as Network Engineer, IT Manager, Technical Instructor and Consultant. He has consulted and trained thousands of customers and partners worldwide on design of enterprise technology solutions.

Keith is currently certified on several Microsoft technologies, including Azure, Private Cloud, System Center, Hyper-V, Windows, Windows Server, SharePoint, SQL Server and Exchange. He also holds other industry certifications from VMware, IBM, Cisco, Citrix, HP, CheckPoint, CompTIA and Interwoven.

You can contact Keith online at http://aka.ms/AskKeith.