Kevin Remde's IT Pro Weblog
As you may already be aware, at TechEd this year in Orlando, several announcements about the new “R2” versions of various products were made. Windows Server 2012 R2 and System Center 2012 R2 were just two of the products being updated later this year, and for which preview releases will be available later this month for evaluation. (Watch this blog for details.)
One of my favorite things (which is why this article is my next in our “TechEd 2013 Favorites” series) announced that is coming in Windows Server 2012 R2 is new capabilities in Storage Spaces.
“Storage Spaces?”
Okay.. for those of you not familiar with Storage Spaces; from the TechNet description:
Storage Spaces in Windows Server 2012 and Windows 8 enables cost-effective, optimally used, highly available, scalable, and flexible storage solutions for business-critical (virtual or physical) deployments. Windows Server 2012 and Windows 8 deliver sophisticated storage virtualization capabilities, which empower customers to use industry-standard storage for single computer and scalable multinode deployments. It is appropriate for a wide range of customers, from consumers using Windows 8 for personal storage, to enterprise and cloud hosting companies using Windows Server 2012 for highly available storage that can cost-effectively grow with demand.
So, with cheap hardware (think JBOD arrays vs. expensive SAN solutions), and just using built-in capabilities of Windows Server, you can create pools of storage that can be dynamically provisioned and allocated. You can thin-provision virtual disks (think LUNs) that, when running short of actual space, can be added to dynamically without having to tear-it-down and replace it with something bigger.
HINT: If you want to play with Storage Spaces without dedicating hardware to it, check out this blog post on how to use a free Windows Azure Trial to try it out: http://blogs.technet.com/b/kevinremde/archive/2013/01/27/use-windows-azure-to-learn-windows-server-2012-storage-spaces-31-days-of-servers-in-the-cloud-part-27-of-31.aspx.
“That sounds pretty good, Kevin. But what’s new in R2?”
In R2 we give you the ability to add SSD storage and traditional spinning disks into storage pools, and the storage subsystem is able to prioritize how that storage will be most efficiently used. Certified hardware will be detected to be either of type SSD or HDD.
“Why is that important?”
Well.. think about your typical storage use. How much of it is actually in-use frequently?
“A very small amount compared to the rest of it.”
Exactly. Let’s just say for example that 90% of your stored data is just sitting there not being used. But 10% is actively being accessed and/or changed. It would make sense to have the idle data sitting on slower HDDs, and the frequently used data on the SSDs, wouldn’t it?
“Yeah.”
Well, that’s what Storage Spaces will do for you automatically in Windows Server 2012 R2. Every so often (at an interval that can be adjusted), the storage system will move bits around based on the “heat map” of which blocks of data are being used most frequently.
“That’s very cool. But can I also specify files that I absolutely want to give SSD preferential treatment to? I have base disks for Windows client VMs that I want to force to the SSD.”
Absolutely. In this case, it’s on a file-by-file basis. But you can definitely designate a file to be on the SSDs vs. the HDDs.
“Sounds amazing!”
I agree.
For more information, please view the following breakout session recording from TechEd 2013 NA: Storage Spaces: What’s New in Windows Server 2012 R2
Download the deck and video for offline viewing.
Session Index – Storage Spaces: What’s New in Windows Server 2012 R2
In this episode I chat with Product Marketing Manager Adam Long from BlueStripe Software. We discuss BlueStripe’s product FactFinder, which is a transaction and application monitoring tool that helps Operations Support teams manage IT systems availability and performance regardless of where it may reside…physical, virtual or cloud. Learn more about BlueStripe Software
__________________________
Experience Microsoft's latest products with these FREE downloads! Build Your Lab! Download Windows Server 2012, System Center 2012 SP1 and Hyper-V Server 2012 and get the best virtualization platform and private cloud management solution on the market. Try it FREE now!
Don’t Have a Lab? Build Your Lab in the Cloud with Windows Azure Virtual Machines. Try Windows Azure for free with no cost or obligations, and use any OS, language, database or tool. FREE TRIAL
__________________________ If you're interested in learning more about the products or solutions discussed in this episode, click on any of the below links for free, in-depth information:
Websites & Blogs:
Videos:
Virtual Labs:
Follow @technetradio Follow @KevinRemde
Become a Fan @ facebook.com/MicrosoftTechNetRadio Become a Fan @ facebook.com/KevinRemdeIsFullOfIT
Subscribe to our podcast via iTunes, Stitcher, or RSS
Download
Once again on the floor of TechEd 2013 in New Orleans, I chat with Jeffrey Bellamy, Director of Business Development at F5 Networks. Jeffrey gives us a quick overview of some of their hybrid network offerings for Windows Azure and Hyper-V. Learn more about F5 Networks
In part 7 of our Windows 8 Tips and Tricks series, Principal Technical Account Manager Lex Thomas give us a quick introduction to some of the new File Explorer (formerly “Windows Explorer”) features and capabilities.
There’s never been a better time to build for Windows! Join the App Builder Program and learn about the Windows ecosystem opportunity, design and monetization tips and partner development frameworks. Resources:
In this brief episode, I speak with Sr. Business Development Manager Joe Hielscher of Arista Networks from the floor at TechEd 2013 in New Orleans. We chat about the latest features available from their cloud networking solutions and how they support a dynamic datacenter. Learn more about Arista Networks!
Become a Fan @ facebook.com/MicrosoftTechNetRadio Become a Fan @ facebook.com/KevinRemdeisFullofIT
At the keynote on Monday of TechEd NA (June 3), we made some pretty big announcements around how Windows Azure Trials and various subscription benefits would be changing. So for today’s edition of our “TechEd 2013 Favorites” series, I thought I’d briefly introduce you to some surprising changes to the options you have for “kicking the tires” with Windows Azure.
“So.. the 90-day trial is changed?”
It is. In fact, it is no more. But don’t worry. The new trial is better. -->* http://aka.ms/DoAzure *<-- But before I get ahead of myself, the areas of change I want to cover are:
So let’s discuss them.
The Free Trial
The Windows Azure trial is now one month of up to $200 worth of usage. Rather than trying to give you three months of usage, but then suddenly disabling your trial before the end of the month if you’ve over-stepped the trial limits (which, I hope you’ll agree, was a better alternative than charging your credit card!), it was determined that a straight-up dollar limit would be given to you, with a limit of up to one month of usage. So, how ever you want to use Windows Azure, you can do it until your $200 are used up, or until the end of your month of usage.
Use of Azure in the free trial can only be for testing or training. No “production” use.
MSDN Subscription
Your Windows Azure usage available depends upon the level of subscription you have:
Like the free trial, this usage is for non-production use only, and starts with $200 worth of use for the first month. Subsequent months will grant you the dollar values you see above.
Additional Benefits:
Additional Considerations:
Microsoft Partner Network
Registered members of the Microsoft Partner Network can take advantage of $200 of usage in the first month, and then are granted $100 for subsequent months. (Not bad!)
BizSpark
Registered members of the BizSpark program can take advantage of $200 of usage in the first month, and then are granted $150 for subsequent months. (Even better!) They receive the same benefits as an MSDN Ultimate customer; however, an exception has been made for BizSpark members on the no production use restriction. BizSpark customer may use their benefit for production use. (Sweet!)
---
“So Kevin… how do I know how much I’ve spent during the month in my Windows Azure trial subscription?”
Great question! While you’re in the Windows Azure Administrator console, you’ll see your name up to the top-right. Click on it to reveal a menu, and click on “View my bill”…
Click on the subscription that you want to review, and you should see an “overview” list of the various usages (data transfer in/out, storage, transactions, compute hours, etc.) and the amount that you have spent in each area.
Good stuff? I think so. It simplifies what you can do with the free trial.
The 21st annual TechEd North America conference happened this month (June) in New Orleans, and my three IT Technology Evangelist coworkers (Brian Lewis, Keith Mayer, and Matt Hester) and I had the privilege of attending and taking part. So in the interest of sharing our experiences and impressions with you, we’ve decided to dedicate the month of June to the following series of articles.
Whether or not you were able to join us in New Orleans for TechEd, we sincerely hope that you enjoy and benefit from these writings!
Useful? I hope so! Drop a line in the comments if you have a question or comment, please!
So here it is, Day 3 of TechEd, and I’m already two days late on the first of our “TechEd 2013 Favorites” series. (sigh) But if you’ve ever been to a TechEd, or any other big conference like this, you know that it’s hard to find a spare moment to do things other than A) attend, and B) enjoy. Blogging isn’t high on the priority list this week. Sorry.
But this morning, for you I’ll make an exception.
On Monday, Day 1, was started with the traditional TechEd Keynote; this year skillfully navigated by Brad Anderson, corporate vice president of the Management and Security Division (MSD) at Microsoft. After a cute video, he “rolls” onto the stage in an Aston Martin, and hints that we are about to witness announcements on new versions “of every one of our products that run in your datacenters”. Hmm.. sounds like this might be fun!
His talk was roughly outlined in this way:
Your Cloud Platform – Devices
In the area of devices, Ian McDonald (Partner Director) came out and gave us a first look at some of the new UI features in Windows 8.1 (the version formerly codenamed “Blue”). And other than a failed wireless print demo, the features looked pretty impressive. My favorites were the built-in wireless projection support (through Miracast), being able to set up your PC as a local WiFi hotspot for other devices, and really the fact that BYOD doesn’t have to be all-or-nothing (domain joined, full control OR completely out of IT control), but that there is some room for secured access to protected resources while still maintaining company access policies. He also showed how IT can pre-populate and/or lock-down the start screen layout using Group Policy.
Ian also showed off some pretty cool looking new hardware, including Acer’s announced Iconia W3 “first Windows 8.1” mini-tablet with an 8” screen.
People-Centric I.T.
Brad next discussed how I.T., and the business users they support, will benefit from the ability to support BYOD and identity using the cloud and tools like Windows Intune. To support this, he introduced the world to Windows Server 2012 R2 – the next version of Windows Server. He also announced System Center 2012 R2, and a new release of Windows Intune, also coming later this year.
Molly Brown, a principle development lead, came out to show off more of the “people-centric I.T.” to be found in the new versions of those product. One very interesting idea was something called “Workplace Join”, where a user can easily user can use their own un-trusted (from the perspective of the company) device to still gain access to company assets, like the company SharePoint. Think of it as “a modern domain join, where users basically let I.T. know about all of the devices that they use. And the user can then go through an additional step to enroll their device for management, which essentially registers it with Windows Intune and allows the company to manage and publish apps and policies to the device. Once under management, it even pushed down the VPN configuration and certificates for the user for when (and how) they need to access the corporate network.
“Work Folders” was introduced. From whatever device a user is using, they can be granted access to a set of folders over the Internet. It creates a local encrypted and protected copy that can be used offline, and when the user leaves the company, the device is un-enrolled and file access (even to the local copy) is lost.
Enable Modern Business Applications
Microsoft is the very first cloud provider to have a presence in mainland China.
Big news: In Windows Azure there is no longer a charge for stopped VMs! Yes, you read that correctly. For months we’ve been recommending that you remove your VMs if you’re not using them, because even stopped VMs were being charged for compute-hours. But no longer. This is GREAT NEWS.
Also great news is that Windows Azure is moving to a charge-per-minute model. And doing so immediately. You only pay for the two minutes you use the machine, and not the entire hour. Nobody else does that.
And another announcement was a new MSDN subscription model – MSDN credits. $50/month, pro. $100 / month Premium. $150 Ultimate. No, this is not what it will cost you. It is the credit that you get and can use in Windows Azure per-month. It’s also per-person, so each person on your team can use this.
And also, that is how the Windows Azure free trial will be handled going forward. It will be a credit of $200 that you can just use for a month, or until the credit is used up.
In the area of “big data”, corporate VP Quentin Clark came out to discuss some examples of how data can be used and managed behind the scenes. Scenario – How about phone app at a store that guides you through the store? At checkout, all loyalty programs are automatically known and applied. Behind all of that is big data. Telemetry. New data types and new data sources. “Data Changes Everything”. Our approach - find data, form theories, analyze, and refine, and then take action (operationalize).
Announcing: SQL Server 2014 – making it easier to create availability, take advantage of Windows Azure, do more transaction processing in-memory. It began in Excel in power-pivot, and brought that work back into analysis server.
Transform the Datacenter – the cloud platform itself.
Delivering everything we learn in Windows Azure and delivering it to you.
Announced: Previews of Windows Server 2012 R2 and System Center 2012 R2 will be available by the end of June, and released by the end of this year.
And the new “Windows Azure Pack” will be delivering Windows Azure on top of Windows Server and System Center. So it drops right on top of your own servers.
Jeff Woolsey came out to talk about some of the new innovations in Windows Server 2012 R2 such as automated storage tiering, where you can create storage spaces made up of traditional and SSD storage, and the tiering will automatically keep more frequently used data on the SSD and the other storage on the slower device.
You can also greatly reduce costs through deduplication. But can you run VMs on that storage? Yes. R2 will provide better performance on a de-duped storage location, and in fact it actually will be faster than traditional storage because of the caching taking place. “VMs booted twice as fast.” Common blocks are intelligently cached, so it just goes faster.
Live Migration has also improved in the area of performance . “Live Migration with Compression” takes advantage of surplus compute power to compress for the migration.
Hyper-V Replica – “We want to be able to manage replication at scale”, and across sites. Hyper-V Recovery Manager, in Azure! Azure just manages (orchestrates) the replication. And you can even set up a recovery plan in the cloud that can document manual or automated steps for performing the recovery in an orderly fashion.
Some amazing stuff! Now you see why it took me so long to create this blog post!
Here is the complete keynote, in case you don’t just want to take my word for it.
The introduction…
I begin this post as I’m sitting at the gate in Minneapolis, waiting to board. I’ll finish it while I’m flying south. My name is Kevin, and I’m huge TechEd fan.
“Hi, Kevin!”
Hi.
I’m being joined at TechEd once again by several thousand of my closest friends, and also a few coworkers (even closer friends). And since TechEd is the highlight of our busy, geeky lives, the four of us (Brian Lewis, Keith Mayer, Matt Hester and I) decided it would be fun (and hopefully useful to you) if we created a series of blog articles around our impressions of TechEd in this year 2013. What did we learn? Who did we see? What will you find most interesting that was announced? What did we have to eat? Did we actually make it back to the hotel?, etc…
Here is my link to the complete list of series posts, which will be updated through the month of June: “TechEd 2013 Favorites”
So… if you’re not able to make it to TechEd this year, we hope that these articles will be yet another way that you can keep tabs on what’s new and exciting coming out of Microsoft.
And if you’ll be joining us at TechEd, please don’t hesitate to contact us, or look for us in the Exhibit Hall. And if you follow us on Twitter (and me on Foursquare, too), I’m sure we won’t be hard to track down, either.
Brian Lewis: @BrianLewis_
Keith Mayer: @KeithMayer
Matt Hester: @MatthewHester
Kevin (me) Remde: @KevinRemde (and FourSquare: https://foursquare.com/kevinremde)
I’m sitting here at MSP (Minneapolis / Saint Paul International Airport) playing my favorite pre-TechEd game: Spot the Geek. And this year is turning out to be as easy as ever. I guess isn’t a much better to go to New Orleans early on a Sunday morning.
Being as this is our last business/work-day of the month, it is also the last day of articles in our “20 Key Scenarios with Windows Azure Infrastructure Services” series.
“Yay!”
I agree. And once again Keith Mayer comes through for us with an outstanding topic: How to migrate virtual machines out of Amazon AWS and up into Windows Azure. (FREE TRIAL HERE)
CLICK HERE TO READ HIS EXCELLENT ARTICLE
If you want to catch-up on the complete series, or save the list as a browser favorite for future reference, you will find the full series here: http://aka.ms/2013may.
And if you’re interested in catching up on ALL of the series’ that our team did over the past year, you’ll find the list here: http://aka.ms/FY13Series
“Are you guys doing anymore series’ anytime soon?”
As a matter of fact, yes! During the month of June, my Central Region counterparts and I will be blogging about our impressions of TechEd 2013. We’ll kick it off this Sunday, June 2nd – the day I leave for TechEd. (I can’t wait!)
This this episode of TechNet Radio: Cloud Innovators, I welcome Managing Director at Cognizant Technology Solutions, Ramesh Panuganty to the show. We discuss their product Cloud360, an enterprise-class cloud management platform that helps you quickly and cost-effectively deploy, manage and operate applications on private, public and hybrid clouds. Tune in as they discuss its features and benefits as well as how you can get started with this powerful cloud management service. Click here to learn more about Cloud360!
If you're interested in learning more about the products or solutions discussed in this episode, click on any of the below links for free, in-depth information:
Follow @technetradio Become a Fan @ facebook.com/MicrosoftTechNetRadio Subscribe to our podcast via iTunes, Stitcher, or RSS
You read that title correctly.. We know that many of you are still using VMware. And just about as many of you are already migrating or considering the migration of some (or all) of your virtualization to Microsoft’s Hyper-V. And if you’re already going that route, perhaps you should also investigate moving some (or all) of those virtual machines up to Windows Azure. (FREE TRIAL HERE).
Today in our “20 Key Scenarios with Windows Azure Infrastructure Services” series, my friend Keith Mayer addresses this very topic in great detail. In fact, he even provides an extremely useful “Guided Lab” that you can walk through and actually experience the process; all from the comfort of your own browser.
READ HIS EXCELLENT ARTICLE HERE
One of the first questions that IT Pros have when considering using Windows Azure to host some (or all) of their company’s computing infrastructure is, “How do I move an existing virtual machine to the cloud?”
“I was just about to ask that!”
I bet you were.
So, how does one take a virtual machine and duplicate it up “in the cloud”? In this article – a part of our 20 Key Scenarios with Windows Azure Infrastructure Services series - I am going outline the process for you, and hopefully leave you with some useful resources and other things to consider.
The steps are pretty basic:
This is makes a pretty good outline for what we need to cover here, so let’s go with it. But before we do, I need to encourage you to set up your local machine’s PowerShell to authenticate with, connect to, allow you to manage your Windows Azure subscription and objects using PowerShell. To do this, read and follow the steps in my article: Configuring PowerShell for Windows Azure.
Create a place to store your hard disk in Windows Azure
Once you have your Windows Azure subscription (and if you don’t yet have one, you can START A FREE TRIAL HERE), you’ll need to create a storage account that will host your .vhd file. The steps for doing this are well documented in the article, “Creating and Uploading a Virtual Hard Disk that Contains the Windows Server Operating System”. The section specifically regarding the creation of a storage account can be found here. (NOTE: Some of the steps in this article are out-dated, but the creation of the storage account is still documented correctly.
You can also create your storage account using Windows PowerShell. Assuming you’ve configured your local machine’s PowerShell to connect to your Windows Azure subscription, you can run a command like this:
New-AzureStorageAccount -Location "West US" -StorageAccountName krtempstorageaccount
NOTE: The name of your storage account must be a 3-24 letter name made up of lowercase letters and numbers only. It must also be globally unique, because it will be used in URLs such as “https://krtempstorageaccount.blob.core.windows.net/”
Prepare your virtual hard disk
If you are going to upload a machine to the cloud, your hard disk file has to be configured a certain way. It must be a .VHD file (not a VHDX file, must be between 20MB and 2TB in size, and must be a fixed-size virtual disk
Also, if you’re going to use this hard disk as an image from which multiple machines will be created, then you’ll want to make sure to either sysprep the machine first before shutting down and uploading the hard disk, or creating the machine in Windows Azure and doing the sysprep and then “capture” the stopped machine as an image.
Upload your virtual hard disk
Now that you have your hard disk ready to upload, you have a couple of ways of getting it up to the cloud:
The CSUPLOAD tool is a part of the Windows Azure SDK, which will require you to first install that SDK. As I’m more of an IT Pro than a developer, I’m going to choose to use PowerShell.
Assuming…
(Yes, the name of that disk is a little telling. It’s a hard disk that has MS-DOS on it. It’s nice and small, so the upload doesn’t take as long for demonstration purposes.)
I can use the following script to set up variables, add (upload) the VHD into storage, and then add that storage as a useable Azure disk:
# Storage Account $storageAccountName = "krtempstorageaccount" # Source VHD $vhdsource = 'C:\Scripts\Dos20.vhd' # Upload Location $vhddestination= 'http://' + $storageAccountName + '.blob.core.windows.net/vhds/dos20.vhd' Add-AzureVhd -LocalFilePath $vhdsource -Destination $vhddestination Add-AzureDisk -OS Windows -MediaLocation $destosvhd -DiskName 'dos20'
# Storage Account $storageAccountName = "krtempstorageaccount"
# Source VHD $vhdsource = 'C:\Scripts\Dos20.vhd'
# Upload Location $vhddestination= 'http://' + $storageAccountName + '.blob.core.windows.net/vhds/dos20.vhd' Add-AzureVhd -LocalFilePath $vhdsource -Destination $vhddestination Add-AzureDisk -OS Windows -MediaLocation $destosvhd -DiskName 'dos20'
And it’s just that easy. Now when I have a disk configured as an OS disk up in storage named “dos20” that I can use as the basis for a virtual machine.
Create your machine in Windows Azure
Of course once your machine’s disk is up in your storage account, you’ll want to use it. Here’s how I created a machine using the “dos20” disk that I just uploaded.
I can create my machine in the Windows Azure Administration Portal, or I can use PowerShell.
Using the Windows Azure Administration Portal:
Logged in to your Windows Azure subscription, click “New+” at the bottom left, and choose to create a new machine from the Gallery…
Once there, select MY DISKS on the left, and you should see the disk(s) you’ve uploaded…
Select your disk, and complete the wizard. Once completed, your machine will be provisioned and will start running.
Using the Windows PowerShell:
Here is a simplistic use of the New-AzureVMConfig and New-AzureVM cmdlets, that does the very same thing as our Admin Console example (all one line):
New-AzureVMConfig -Name KRDOS20 -DiskName 'dos20' -InstanceSize 'Small' | New-AzureVM -ServiceName "krdosservice" -Location "West US"
Note: the service name must be unique. You can verify that a name is unique by using the Test-AzureName cmdlet prior to actually creating new cloud services or cloud storage.
Other Considerations
“Hey Kevin – Can I upload a new-style .VHDX file into Windows Azure?”
Not at this time, no. Currently Windows Azure only supports fixed-size .VHD files as the basis for storage disks or virtual machines running in Windows Azure.
“You mention ‘storage disks’. Does this mean I can just create .VHDs and populate them with stuff, and then use them as attached disks to Windows Azure virtual machines?”
Absolutely. Once you have that disk in a Windows Azure storage account, you’ll see it as a disk you can either use as a machine’s OS disk, or attach to an existing VM as an attached disk. (But it can’t be both at the same time!)
“I’m running VMware machines. Can I run them in Windows Azure?”
No. They’ll first need to be converted. The good news is, it’s easy to do with the free Microsoft Virtual Machine Converter.
“Can I use tools such as System Center 2012 Virtual Machine Manager or App Controller to copy virtual machines up to Windows Azure?”
Yes! If you have virtual machines managed by VMM, you can easily save them to a library and then copy them to Windows Azure. You’ll do all of that through the management of clouds using App Controller. To connect App Controller to your Windows Azure subscription, read my blog article: Step-by-Step: Connecting System Center 2012 App Controller to Windows Azure. Once that’s in place, follow the instructions in my other blog article: Creating Azure Virtual Machines with App Controller.
Was this useful? Have you started your FREE TRIAL yet? Have you been keeping up with the series? Give us your comments in the blog comments, please!
What is the plural of Series? (And how is it pronounced?) Well.. that’s not so important. What’s important is that we – the Technology Evangelists of Microsoft DPE in the U.S. have been busy busy bloggers these past several months. You’ve seen many articles, and many links to articles and resources, and we sincerely hope that you’ve found them useful.
In the interest of summarizing our efforts through June (which not coincidentally, is through the end of Microsoft’s “fiscal year 2013”), I’ve created this post as a place to send people who are interested in drilling down to all of our various monthly topics.
Enjoy!
In April of 2013 our team’s blogging focus was on how to build your Private Cloud.
I hope you found our articles informative, that you have downloaded your free System Center 2012 SP1 trial, your Windows Server 2012 evalution, and have started your Windows Azure FREE TRIAL.
Here is our complete April 2013 series:
So, you’ve got your Windows Azure subscription all set up (and if you don’t you can set up a FREE TRIAL HERE), and now you want to use PowerShell to work with your Windows Azure-based resources. In case you weren’t aware, Microsoft provides a Windows Azure PowerShell module for scripted management of Windows Azure services.
“Yes! That’s what I want, Kevin!”
Okay then… here’s how you do it:
If you’re running Windows 7 w/SP1, Windows Server 2008 R2 w/SP1, or Windows Server 2008 w/SP2, you’ll need the most recent version of the Windows Management Framework installed. This includes updates to Windows Remote Management (WinRM), Windows Management Instrumentation (WMI), and, importantly, Windows PowerShell 3.0. If you’re running Windows 8 or Windows Server 2012, then you’re all set with the newest version of PowerShell.
Download and install the Windows Azure PowerShell cmdlets. Note that a restart may be required after installing this module.
Right-click on Windows PowerShell in your Start Menu or Start Screen and choose Run As Administrator.
Set the PowerShell Execution Policy for scripts by running the following command at the PowerShell command prompt:
PS C:\> Set-ExecutionPolicy RemoteSigned
Import the Windows Azure PowerShell module and supporting cmdlets by running the following command at the PowerShell command prompt:
PS C:\> Import-Module Azure
Download and save your Windows Azure Publish Settings file by running the following command at the PowerShell command prompt:
PS C:\> Get-AzurePublishSettingsFile
Import the saved Windows Azure Publish Settings file by running the following command (no "<"s, and with your full path to your .publishsettings file) at the PowerShell command prompt:
PS C:\> Import-AzurePublishSettingsFile "<full_path_to_your_saved_file>.publishsettings"
And there you have it! The importing of that .publishsettings file has installed the proper certificate locally so that your PowerShell session will be authenticated, and have a secured interaction with your Windows Azure subscription.
To test it, run the following command from the PowerShell command prompt:
PS C:\> Get-AzureSubscription
This should return some details about your subscription.
In part 6 of our Windows 8 Tips and Tricks series, Principal Technical Account Manager Lex Thomas and I show off some of the new kinds of customization options found in Windows 8.
As a Microsoft employee and as a $MSFT stockholder, I have to confess that I was THRILLED last night when I saw this commercial for the first time on TV…
So, if you were thinking of buying that iPad..you should think again and get a real Windows 8 tablet!
(Here’s the one in the commercial, if you’re interested: ASUS VivoTab Smart.)
If you are a developer, or if you are a member of an IT organization which supports a software development organization, then you know that sometimes you need more hardware than you can realistically afford. And if you do buy the hardware, it becomes obsolete all-too-soon, or just sits there idle because the need for it was short-lived.
Windows Azure Infrastructure Services can actually help with this. Now you have a place to create machines that can host your development tools, and your test environment for quickly spinning up new machines for various configurations and scenarios. (HINT: Get your FREE TRIAL HERE)
“One of the roadblocks to building a Windows 8 new interface application is that you need Windows 8 or Server 2012 to develop on. It just so happens that Microsoft has this great virtual server environment, called Windows Azure, where we can remote into a 2012 Server and build Windows 8 applications.”
That quote comes from today’s article by my friend Brian Lewis. He covers this topic in today’s entry of our “20 Key Scenarios with Windows Azure Infrastructure Services” series.
CLICK HERE READ HIS EXCELLENT ARTICLE
Welcome to another main installment of our “20 Key Scenarios with Windows Azure Infrastructure Services”. For those of you who are just now starting to follow along, make sure to start your FREE TRIAL of Windows Azure, so that you can follow along.
Those of you who are familiar with System Center 2012, and in particular the Configuration Manager component, are already familiar with the concept of Distribution Points. But for those of you who are new to it, here is a very brief definition that will make it all clear: Ahem… : A Distribution Point is a point from which things are distributed.
“Oh yeah, crystal-clear, Kevin.”
You’re welcome.
It’s really not complicated (or at least, the idea isn’t complicated). In a large organization, with centralized IT Management, and perhaps with many locations around the globe, it’s important to be able to define locations from which those far-flung users are getting their software or updates from. So System Center 2012 Configuration Manager has
But consider this: What if I were able to use Windows Azure – a cloud-based, highly available and globally scalable service - to act as my distribution points?
“You mean, give immediate, secured, authenticated global reach to your organization’s operating system deployments and software distributions? That would be amazing, Kevin.”
I knew you’d like it. This capability is new in System Center 2012 SP1, and was first announced on the System Center Configuration Manager Team Blog here : New Distribution Points in Configuration Manager SP1.
It is further documented at TechNet here: Install Cloud-Based Distribution Points in Windows Azure. NOTE: The cloud-based distribution point is going to be used deployments other than Microsoft updates. Updates are already available “in the cloud” through Microsoft Update, and it’s just as easy to configure your company’s devices to use Microsoft for operating system and application updates.
For the rest of this article, I’ll break the task of installing and testing this into these steps:
Install System Center 2012 SP1 Configuration Manager
To test creating a cloud-based distribution point, I installed the evaluation of System Center 2012 SP1 Configuration Manager on a local virtual machine in my test domain. My installation was a new Configuration Manager standalone primary site:
(Prior to this installation I had installed the evaluation of SQL Server 2012 on the same machine, but I could have used the “typical installation” option to also install SQL Express to use as the local database. For a good write-up on installing a test machine like this as a Windows Azure Virtual Machine, read THIS EXCELLENT ARTICLE by Keith Mayer.)
After installing and configuring the prerequisites, I also just took the defaults from that point on.
Certificates
Of course to make an authenticated, secured (SSL) connection between your Configuration Manager installation and your Windows Azure subscription, you’re going to need to generate use a management certificate. And like most situations where we’re just trying new capabilities out that require certificates, there is a simple way, and there is a recommended-for-production way. The recommended-for-production way is to use a PKI, and use the templates and certificate types for Server and Client authentication as described in this document: PKI Certificate Requirements for Configuration Manager
For my purposes, just to get the distribution point created and the trust established between my local Configuration Manager site server and the Azure subscription, I exported both a .CER and a .PFX file from the local machine certificate that was created for my SCCM server and its relationship with SQL Server. It was already of the proper type (from the proper template), so worked fine for my test. Here’s how I did that…
Open MMC (On the start screen, type MMC and run MMC.EXE).
On the File Menu, choose Add/Remove Snap-in… then in the left-hand list, select Certificates, and click Add.
When prompted for what your want to manage certificates for, select Computer Account, click Next, and then click Finish. Click OK to close the Add/Remove Snap-ins form.
Now, in the MMC, navigate to Certificates (Local Computer) –> Personal –> Certificates. You should find a Server Authentication certificate there with the name of your server in the Issued To column.
We’re going to do two export operations on this certificate; one to get a .cer file that we’ll upload to Windows Azure, and the other to create a password-protected .pfx file that we’ll use to configure the connection from our local Configuration Manager to create the cloud-based distribution point.
First we’ll export a .cer file:
Now we’ll export a .pfx file:
Upload the .cer file to our Windows Azure subscription. (If you don’t have one, it’s easy to START A FREE TRIAL HERE.):
And there you go. The certificate for our test is in place. Now we’re ready to create and connect Configuration Manager to a new cloud-based distribution point.
Create the Distribution Point
And now you’ll see your new Cloud Distribution Point listed in the main part of the page, that will have a status of Provisioning. Eventually that status will change to Ready.
Go back to your browser and to your Windows Azure administration page. Navigate to the Cloud Services section on the left. It will take several minutes but eventually you will see a new cloud service with a long-and-ugly name show up.
Note toward the right that you have a value in the URL column. That value (which is essentially <your service name>.cloudapp.net) is the DNS name that your clients will use for connecting to the distribution point and getting their software.
Below Cloud Services, find and click on Storage. Here you’ll see that a new storage account has been created with the same ugly name that the new cloud service has.
As I’m sure you’ve guessed, this is the storage account that will hold all software and other items that you’ve deployed to your distribution point.
And now you’re ready to distribute some software to your new distribution point in the clouds. Try it out by distributing the Configuration Manager Client Package up to the your distribution point.
Now let’s see if that package is being distributed.
Another way to show that you’ve succeeded is to go back to your Windows Azure administration page, click on Storage, click on the your storage account, and select the Containers tab. You’ll see new containers being created that you can drill-down into and actually see the files and their URLs.
Good stuff!
Considerations for Client Access
“So.. is that it?”
Almost, but not quite. The Planning for Content Management in Configuration Manager document has an important section describing how and when clients will access your cloud based distribution points: Client to Cloud-Based Distribution Point Communication. Make sure you read and understand the points made there.
Summary
System Center 2012 SP1 Configuration Manager adds the ability to configure and use a Windows Azure-base service to hose a Distribution Point as what is now known as a “Cloud-Based Distribution Point”. Once certificates are in place, the actual creation of the distribution point in your Windows Azure subscription is fairly straight-forward, and for distributing content, it becomes just another option when choosing where to distribute your deployed applications and packages.
What do you think? Are the wheels turning as you’re now envisioning all of the flexibility that this new capability will give you? If not, you’d better read this article again.
In part 5 of our Windows 8 Tips and Tricks series, Principal Technical Account Manager Lex Thomas and I briefly introduce you to some of the new security-centric improvements in Windows 8.
There’s never been a better time to build for Windows! Join the App Builder Program and learn about the Windows ecosystem opportunity, design and monetization tips and partner development frameworks.
Resources:
Video/Audio Downloads:
Perhaps you’re not aware of this, but Windows Azure supports web sites. In fact, it makes it very easy to create and run any web site – from the most simple to the most high-end, complex web application scaled for global reach.
To show off how easy it is to get started, my friend Brian Lewis has submitted today’s article for our “20 Key Scenarios with Windows Azure Infrastructure Services”, in which he demonstrates – in great detail - what he’s done to build a WordPress blog hosted with Windows Azure Web Sites.
READ HIS ARTICLE HERE
Well, do you?
“Yes! And I bet you’re going to tell me to use Windows Azure.”
You’re catching on! In today’s article in our “20 Key Scenarios with Windows Azure Infrastructure Services”, my friend Keith Mayer shares some excellent tips, resources, and a step-by-step for building a SharePoint 2013 lab housed completely in Windows Azure. All you need is a Windows Azure Free Trial subscription.
Welcome to another installment of our May series of articles – “20 Key Scenarios with Windows Azure Infrastructure Services”.
Today I’m going to describe a scenario, a problem, and then propose a solution.
The Scenario: Single Sign-On support using Active Directory, Windows Azure Active Directory, ADFS (Active Directory Federation Services), and Office 365 and/or Windows InTune.
For those of you who may not be familiar with it, you have the ability to set up a federated identity relationship between your local Active Directory and your Office 365 authentication. In this way, your people, simply logging in with their local domain accounts, are able to be automatically authenticated against Office 365, because Office 365’s use of Windows Azure Active Directory, and you have the ability to set up an ADFS relationship between the authentication in Office 365 and your company’s Active Directory domain. So, you manage one set of user accounts locally, just like you always have, and Office 365 can grant access based on the “claim” that the user account is known and valid. Your client (laptop, tablet, or other mobile device) gets the claim from your Active Directory (preferably by accessing an ADFS Proxy in your company’s perimeter network), and then passes that acquired claim up to Office 365.
In short – Your users are either already authenticated, or just have to set up the authentication parameters one time for their use of the cloud-based services such as Office 365, Windows InTune, or other such services.
For details on setting up Single Sign-On for Office 365, see “Plan for and deploy AD FS for use with single sign-on”
So this is great. No matter where I am, or where my people are in the world, they can use their domain account and local profile and just open up Outlook or access the cloud-based SharePoint or their SkyDrive Pro storage, and they’re authenticated. And even if they’re using a non-domain machine or a mobile device, they’ll use the same company credentials they’re already familiar with to connect to their company e-mail or other resources.
The Problem: I’m outside the office, and the connection to my ADFS Proxy is unavailable. What happens then?
“Yeah.. what happens then?!”
I’ll tell you what happens then. It’s a problem, because, your device needs to get to the ADFS (STS) proxy to verify that you are who you say you are, and to give you the claim token that is passed up to Office 365. If it is unavailable, then your users can’t be trusted by their cloud-based resources. Outlook won’t be able to connect to the Office 365 Exchange server. Yeah.. a big problem. That’s why so much documentation (and even the promise of Microsoft support) is devoted to the configuration of a load-balanced farm of servers to keep that proxy service high-performing and highly available.
Granted, it’s an even bigger problem for the people who are sitting in that office. Presumably they can’t access the Internet at all. So assuming that your company, like most others, is becoming more and more dependent upon that Internet connection being live in order to get their work done, you’ve probably already addressed alternatives. And many people nowadays have multiple personal paths to the Internet that would restore some amount of personal access. But that doesn’t fix their problem of not being able to get Outlook to connect.
The Solution: Put a copy of your domain in “the cloud”!
Think about it: If I have a replicated copy of my domain up on a virtual machine running in Windows Azure, then that domain controller can also serve as the trusted location where Office 365 and the ADFS trust can be connected!
“Sounds like an interesting idea. But what if I don’t want a copy of my domain up in the cloud?”
Then another option would be to Windows Azure virtual machines as your ADFS Proxies. Basically think of Windows Azure as an alternative to (or an extension of) your Perimeter network (DMZ). Of course in this case if the availability of your home datacenter goes down, you’re still going to have authentication issues.
Here’s a thought: Do both! Have an AD site up in Windows Azure, with a secured/authenticated/encrypted connection back to the corporate network. And then build an externally available, load-balanced set of machines in a separate “perimeter” network in Windows Azure as well. In this way, even if your connection back to your main office and the local AD DCs goes down, you still have AD authentication available “locally” within your Windows Azure subscription.
Here’s a document that describes the process in great detail:
Office 365 Adapter: Deploying Office 365 Single Sign-On using Windows Azure
What do you think? Do you have any other ideas or suggestions? Any concerns? I’d love to hear about them in the comments. Let’s discuss!
And if you’ve missed any of our ““20 Key Scenarios with Windows Azure Infrastructure Services” series, please click on this link to find all of the other great articles.