Backup | Aidan Finn, IT Pro

Clarifying Some Of Yesterday’s Azure Announcements

Yesterday, Microsoft marketing published a blog post where they said a lot of things about new services, features, and locations for Azure. Let’s just say that some content in the announcement was less … correct or clear than one might hope for. I’m not saying that this was deliberate, but there is a history of this in Microsoft – Mary Jo Foley and Paul Thurrott joke that this is why they have jobs!

Microsoft announced that 3 new regions went live in India yesterday. I tried a few times to create stuff in those regions, but none of the new regions appeared in my personal subscription (MSDN) or my work one (Open VL). I guessed that “ went live today” meant at some time during the day in the PDT time zone, so I decided to wait until the next morning (Irish time) but India was still not there. So I went looking.

So the India regions are live, but like the Australian and New Zealand regions, they are not available to me because I do not have a business presence in India (or Australia and New Zealand).

The announcement also said:

The general availability of Azure Backup of application workloads. Included as part of Microsoft Operations Management Suite, Azure Backup now supports direct backup of SQL Server, SharePoint, and Microsoft Dynamics.

There are three things that I could have read from that statement (please note that both of the following are incorrect):

Azure Backup MARS agent now can backup applications without DPM and without Project Venus
This service is live now
Azure Backup only comes with OMS

I asked my contacts for some clarification. Project Venus is still happening and it is the only way that Azure Backup will be eventually able to directly backup applications. Project Venus is not GA yet, but will be soon – you can bet that I’ll blog about it! I’ve stung Marketing before over the hints that Azure Backup is only available in OMS – that is simply not true; yes, AB credit is included in the add-on, but the full AB service is available to anyone with an Azure subscription.

There might be more incorrect information in that announcement that I’m currently unaware of.

I wish these announcements were more clear and correct. If you’re honest and describe the plans with some sort of timeline then we’ll forgive things that aren’t perfect. But if we are lead on a wild goose chase, wasting time and money, to find contradicting facts buried elsewhere, then we think less of the company making the announcement.

Technorati Tags: Azure,Cloud,Cloud Computing,Hybrid Cloud,Backup

News for IT Pros from AzureCon

Microsoft announced a bunch of new stuff in the Azure world today for AzureCon. Here’s a summary of the stuff relevant to IT pros. Azure is growing still:

Azure Container Service

Microsoft describes this as:

… an open source container scheduling and orchestration service which builds on our partnerships with both Docker and Mesosphere, as well as our contributions to open source projects in this space.

This gives you Docker service delivery and Apache Mesos orchestrator. Other pieces included are Marathon for launching/scaling container-based application and Chronos, offering distribute cron job and batch workload management.

Azure Container Service will be in preview before the end of 2016.

Note that in the above slide (presented at AzureCon by Scott Guthrie) mentions the future on-premises Azure Stack.

More Regions

Three new regions just opened in India:

Central Indi (Pune)
South India (Chennai)
West India (Mumbai)

That should add about 60 new jobs to the Indian economy – it doesn’t take much labour to run one of these regions! Azure is available now, O365 will be there in October, and Dynamics CRM will come in H1 2016.

Azure Security Center

This is similar to something that was launched for O365 recently. Azure Security Center is:

… an integrated security solution that gives customers end to end visibility and control of the security of their Azure resources, helping them to stay ahead of threats as they evolve.

This solution integrates with partner solutions from the likes of Barracuda, Checkpoint, Cisco, CloudFlare, F5 Networks, Imperva, Incapsula, and Trend Micro.

You’ll get the usual monitoring and policy management, but ASC will also use information about global threats and your environment to make recommendations; that’s an interesting development! ASC will be broadly available by the end of 2016.

Guthrie said at AzureCon that there is DDOS detection built into this service.

Easier deployment of security appliances. And there’s best practices and scanning of network security groups (Extended Port ACLs in Azure). There is security alerting, that ingests data from the various partner vendors. Hadoop is analysing this data. SQL injection and DDOS attacks will appear in the alerts, maybe even pinpointing the location of those attacks.

This is a huge achievement of integrated advanced services.

N-Series VMs

This had to come – N-Series VMs can be thought of as the NVIDIA VMs, because that’s exactly what they are, VMs with GPU capabilities. GPUs are great for graphic and compute intensive workloads. N-Series will be available in preview in the coming months, and will feature:

… NVIDIA Tesla Accelerated Computing Platform as well as NVIDIA GRID 2.0 technology, providing the highest-end graphics support available in the cloud today.

I think I heard Guthrie say that N-Series has Infiniband networking.

DV2 D-Series Virtual Machines

DV2 is D-Series Version 2 virtual machines. These VMs use a customized 2.4 GHz Intel Zeon E5 v3. With turbo boost 2.0 the clock can run up to 3.2 GHz, making it 32% faster than current D-series VMs.

Other News

Some bullets:

The general availability of ExpressRoute for O365 and Skype for Business, as well as the ability to connect to Microsoft Azure’s Government Cloud via ExpressRoute.
New pricing plans for ExpressRoute. Effective Oct 1st 2015, customers will have two different data plans for their ExpressRoute connections.
A8-A11 VM instances will be reduced in price by as much as 60%, starting Oct 1st. They needed this – it’s been much cheaper to run big workloads in traditional hosting or on-premises.
Azure File Storage is GA. Whoah – it’s based on SMB 3.0!
The general availability of Azure Backup of application workloads … Hmm, I’m reading this in-between the lines as the start of Project Venus, and “direct” might not be “direct”. [EDIT] It was confirmed to me that this is Project Venus, and it is not live yet.
Upcoming availability of Azure Resource Health, a new service that exposes the health of each of Azure resources such as Virtual Machines, websites and SQL Databases to help customers quickly identify the root cause of a problem.

Lots of stuff there to keep the Azure bigwigs busy in their AzureCon keynotes.

Technorati Tags: Azure,Virtualisation,Networking,Cloud,Cloud Computing,Backup,Hybrid Cloud

Microsoft News – 28 September 2015

Wow, the year is flying by fast. There’s a bunch of stuff to read here. Microsoft has stepped up the amount of information being released on WS2016 Hyper-V (and related) features. EMS is growing in terms of features and functionality. And Azure IaaS continues to release lots of new features.

Hyper-V

The Mysterious Case of Infrequent Network Connectivity Issues on 2 Hyper-V VMs Out of 40 Guests: Some PowerShell troubleshooting.
Storage Migration “Operation not allow for VM because Hyper-V State is yet to be initialized from Virtual Machine Configuration” (0x80070015): A fix or workaround to solve this problem.
Missing Hyper-V VMs on Windows 10 – Build 10547: A bug in this insider build hides non v5.0 VMs.
Hyper-converged with Windows Server 2016: Run your storage (Storage Spaces Direct, not SOFS) and Hyper-V cluster on the same hardware.
Configuring site awareness for your multi-active disaggregated datacenters: Solving one of the biggest issues with using Failover Clustering as a DR solution.
Introduction to Linux and FreeBSD on Hyper-V: The Linux Integration Services (LIS). Note that LIS 4.0 can be installed on some distros that have previous versions of LIS built in.
Running Hyper-V on Nano in Windows Server 2016 TP3: For you large scale customers that can afford to lose a host.
Running Nano from Windows Server 2016 TP3 on Hyper-V: Teeny tiny VMs for running born-in-the-cloud services.
Do you know how fast your disks are? I’ve seen expensive customer deployments with over-specced hosts and sh1te SANs where one ordinary VM could effectively shut down the cluster because the SAN couldn’t keep up.
Virtual Machine Storage Resiliency in Windows Server 2016: A very nice resiliency feature from the Hyper-V storage folks.

Windows Client

Windows 10 servicing and deployment guidance now available: Learn about Windows as a Service.
Introduction to Windows 10 servicing: How enterprises can keep devices current with the latest feature upgrades, make better use of Windows Update, and what the new servicing options mean for support lifecycles.
Windows 10 – Reducing the disk footprint: how to deploy Windows 10 with the new smaller installation footprint – great for machines with smaller storage (tablets and ultrabooks)

Azure

Azure Backup – Announcing general availability of backup for Azure IaaS VMs: This vital service for VMs has gone GA with a number of improvements.
Azure Backup of IaaS VMs Generally Available: A post I wrote for Petri.com.
Remote Desktop Services DR Solution using ASR – Guidance: A best practices guide from Microsoft.
SharePoint DR Solution using ASR – Guidance: A best practices guide from Microsoft.
Microsoft Exchange DR Solution using ASR – Guidance: A best practices guide from Microsoft.
A VM that Azure Site Recovery helps protect goes into a resynchronization state: Each VHD must be 1023 GB or less.
Source Control Integration in Azure Automation: Manage your automations scripts.
Monitor your Azure RemoteApp environment with OpInsight – Part 1: A nice hack.
Monitor your Azure RemoteApp environment with OpInsight – Part 2: Continuing the hack.
Microsoft showcases the Azure Cloud Switch (ACS): Linux? Linux! Linux?! Yes; Linux.
September update – Azure Preview Portal improvements: Ibiza continues to evolve in the very long preview. This is starting to feel like the GMail beta. There are some good improvements here, but the lateral scale of the UI needs to be chopped by 80%, or we should get an 80″ Surface Hub for free with every Azure subscription.
Use Azure as Virtual DR Site for VMware and Physical Servers: A post I wrote for Petri.com.
August updates to Azure RemoteApp: Some updates.
How does Azure RemoteApp save user data and settings? I really do not like this solution – I prefer to use a virtual file server with domain membership on the VNet because I have some measure of control.
ADFS Publishing via Azure Traffic Manager : Ah yeah, geo-redundant ADFS.

System Center

Near Real-time Performance Data Collection in OMS: Could this be the start of the replacement of SCOM with a cloud service?
Deploy Software Defined Networks using Virtual Machine Manager : A document based on TP3 of System Center 2016.
2nd Edition of Microsoft System Center: Building a Virtualized Network Solution now available and free to download: Featuring Irish MVP, Damian Flynn.
How to Deploy Host Guardian Service using Service Templates in VMM Tech Preview 3: The new WS2016 Hyper-V security feature.

Office 365

The New Office is Here: In case you missed it, Office 2016 launched this week. O365 customers will get is based on which servicing branch they are in. You might not see it for months if you are in the Current Branch for Business (Pro Plus plans default to this).
What’s new in Office 2016: Why should you upgrade, and what should you look for if you have upgrade rights?
Admins—get ready for Office 2016, rollout begins September 22: I’d tweeted several months ago that I’d heard September was the month, so I am not surprised at all.
Announcing the Office 365 Service Trust Portal: STP is a service feature in Office 365 designed to provide deeper information on how Microsoft manages security, compliance and privacy.
Office 365 Import Service—migration to SharePoint Online and OneDrive for Business just became easier: An out-of-band transfer using hard disks, similar to the Azure import service.
Introducing Office 365 Planner: A “simple and highly visual way to organize teamwork”.
Step-By-Step – Setting up AD FS and Enabling Single Sign-On to Office 365: Set up single sign-on.
How to use your Office 365 subscription with Azure RemoteApp: There’s a new “with O365” template that you can use now. Use your ProPlus installation rights in Azure’s RDS.

EMS

Coming soon – New features for managing Windows 10 and iOS devices: New features between September 25 and October 5.
Day Zero Support for iOS 9 with Intune: Manage your iPhones and iPads.
Azure Active Directory B2B collaboration: Inter-company federation via Azure AD.
Azure AD Premium Dashboard is in preview: Microsoft has turned on the Azure Active Directory Premium Dashboard – available in North America only at this point.
Azure AD B2C and B2B are now in Public Preview:
Learn all about the Azure AD B2B Collaboration Preview: Learn more about the Biz-2-Biz preview.

Security

Tracking a Bluetooth Skimmer Gang in Mexico: A whole new way of skimming your card at the ATM, thanks to the ATM engineers.
Tracking Bluetooth Skimmers in Mexico, Part II: More on this story.
Who’s Behind Bluetooth Skimming in Mexico? A very professional criminal operation.

Miscellaneous

Microsoft heads back to court on September 9th: A post I wrote about the Irish datacenter and US warrant appeal.

Technorati Tags: Microsoft,Hyper-V,Virtualisation,Failover Clustering,Storage,Storage Spaces,Linux,Windows 10,Azure,Cloud,Cloud Computing,Hybrid Cloud,Backup,Remote Desktop Services,DR,Active Directory,System Center,VMM,Security,Office,Office 365,Licensing,EMS,Intune

Microsoft GAs The Last Vital Piece For VM Hosting

Microsoft announced that Azure Backup for Azure IaaS virtual machines (VMs) was released to generally availability yesterday. Personally, I think this removes a substantial roadblock from deploying VMs in Azure for most businesses (forget the legal stuff for a moment).

No Backup – Really?

I’ve mentioned many times that I once worked in the hosting business. My first job was as a senior engineer with what was then a large Irish-owned company. We ran three services:

Websites: for a few Euros a month, you could get a plan that allowed 10+ websites. We also offered SQL Server and MySQL databases.
Physical servers: Starting from a few hundred Euros, you got one or more physical servers
Virtual machines: I deployed the VMware (yeah, VMware) farm running on HP blades and EVA, and customers got their own VNET with one or more VMs

The official line on websites was that there was no backup of websites or databases. You lose it, you LOST it. In reality we retained 1 daily backup to cover our own butts. Physical servers were not backed up unless a customer paid extra for it, and they got an Ahsay agent and paid for storage used. The same went for VMware VMs – pay for the agent + storage and you could get a simple form of cloud backup.

Backup-less Azure

Until very recently there was no backup of Azure VMs. How could that be? This line says a lot about how Microsoft thinks:

Treat your servers like cattle, not pets

When Azure VMs originally launched in beta, the VMs were stateless, much like containers. If you rebooted the VM it reset itself. You were supposed to write your applications so that they used Azure storage accounts or Azure SQL databases. There was no DC or SQL Server VM in the cloud – that aws silly because no one deploys or uses stateful machines anymore. Therefore you shouldn’t care if a VM dies, gets corrupted, or is accidentally removed – you just deploy a new one and carry on.

Except …

Almost no one deploys servers like that.

I can envision some companies, like an Ebay or an Amazon running stateless application or web servers. But in my years of working in large and small/medium businesses, I’ve never seen stateless machines, and I’ve never encountered anyone with a need for those style of applications – the web server/database server configuration still dominates AFAIK.

So this is why Azure never had a backup service for VMs. A few years ago, Microsoft changed Azure VMs to be stateful (Hyper-V) virtual machines that we are familiar with and started to push this as a viable alternative to traditional machine deployments. I asked the question: what happens if I accidentally delete a VM – and I got the old answer:

Prepare your CV/résumé.

Mark Minasi quoted me at TechEd North America in one of his cloud Q&A’s with Mark Russinovich 2 years ago – actually he messed up the question a little and Russinovich gave a non-answer. The point was: how could I possibly deploy a critical VM into Azure if I could not back it up.

Use DPM!

Yeah, Microsoft last year blogged that customers should use System Center Data Protection Manager to protect VMs in Azure. You’d install an agent into the guest OS (you have no access to Azure hosts and there is no backup API) and backup files, folders, databases to DPM running in another VM. The only problem with this would be the cost:

You’d need to deploy an Azure VM for DPM.
You would have to use Page Blobs & Disks instead of Block Blobs, doubling the cost of Azure storage required.
The cost of System Center SMLs would have been horrific. A Datacenter SML ($3,607 on Open NL) would cover up to 8 Azure virtual machines.

Not to mention that you could not simply restore a VM:

Create a new VM
Install applications, e.g. SQL Server
Install the DPM agent
Restore files/folders/databases
Pray to your god and any others you can think of

Azure Backup

Azure has a backup service called Azure Backup. This was launched as a hybrid cloud service, enabling you to backup machines (PCs, servers) to the cloud using an agent (MARS). You can also install the MARS agent onto an on-premises DPM server to forward all/subset of your backup data to the cloud for off-site storage. Azure Backup uses Block Blob storage (LRS or GRS) so it’s really affordable.

Earlier this year, Microsoft launched a preview of Azure Backup for Azure IaaS VMs. With this service you can protect Azure VMs (Windows or Linux) using a very simple VM backup mechanism:

Create a backup policy – when to backup and how long to retain data
Register VMs – installs an extension to consistently backup running VMs
Protect VMs: Associate registered VMs with a policy
Monitor backups

The preview wasn’t perfect. In the first week or so, registration was hit and miss. Backup of large VMs was quite slow too. But the restore process worked – this blog exists today only because I was able to restore the Azure VM that it runs on from an Azure backup – every other restore method I had for the MySQL database failed.

Generally Available

Microsoft made Azure Backup for IaaS VMs generally available yesterday. This means that now you can, in a supported, simple, and reliable manner, backup your Windows/Linux VMs that are running in Azure, and if you lose one, you can easily restore it from backup.

A number of improvements were included in the GA release:

A set of PowerShell based cmdlets have been released – update your Azure PowerShell module!
You can restore a VM with an Azure VM configuration of your choice to a storage account of your choice.
The time required to register a VM or back it up has been reduced.
Azure Backup is in all regions that support Azure VMs.
There is improved logging for auditing purposes.
Notification emails can be sent to administrators or an email address of your choosing.
Errors include troubleshooting information and links to documentation.
A default policy is included in every backup vault
You can create simple or complex retention policies (similar to hybrid cloud backup in MARS agent) that can keep data up to 99 years.

Summary

With this release, Microsoft now has solved my biggest concern with running production workloads in Azure VMs – now we can backup and restore stateful machines that have huge value to the business.

Technorati Tags: Azure,Backup,Virtualisation

Microsoft News – 7 September 2015

Here’s the recent news from the last few weeks in the Microsoft IT Pro world:

Hyper-V

Configuring Default Checkpoint type in Windows 10: How to automatically get the legacy style checkpoint behaviour – might be useful in test/dev/demo labs.
Hyper-V Dynamic Memory Versus Virtual NUMA: The two incompatible memory optimization techniques. A post I wrote for Petri.com.
Workgroup and Multi-domain clusters in Windows Server 2016: Note: Workgroup clusters do not support Live Migration (hence useless to most).
Site-aware Failover Clusters in Windows Server 2016: Making stretch clusters more suitable. An interesting option is “preferred site” of a (entire) cluster.
Linux Integration Services 4.0 Update: An update to the Linux integration components for Hyper-V.

Windows Server

How to enable and disable SMBv1, SMBv2, and SMBv3 in Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, and Windows Server 2012: You might disable SMBv1 in totally modern deployments, but I prefer to stay on the well walked path.
Announcing Windows Server 2016 Containers Preview: Post by Scott Guthrie.
Microsoft and Mesosphere partner to bring Mesos container orchestration across Windows and Linux worlds: Container orchestration comes to Windows.
Microsoft and Intel showcase Storage Spaces Direct with NVM Express at IDF ’15: 4.2 million IOPS with S2D.
Data Deduplication in Windows Server Technical Preview 3: BIG improvements for scalability and backup.
Comparing Work Folders and Offline Files: I bet you’ve never heard of Work Folders – what I call “company owned DropBox”.
Work Folders encryption on Windows: Security with replicated files.
Windows Server 2016 Installation Option Changes: Our feedback was listened to.

Windows

Adjusting the Network Protocol Bindings in Windows 10: I guess the same applies to Windows Server 2016.
Windows 10 Pre-Upgrade Validation using SETUP.EXE: Using /Compat ScanOnly.
MDOP 2015 and more tools are now available: Windows 10 support.

System Center

DPM 2012 R2 UR7 re-released: Wow, a System Center update rollup had issues. Whoda thunk it?!?!?!

Azure

Mandatory update for Azure Backup to avoid an authentication error for ongoing backups: You must have a MARS agent that released August 19 2015 or later.
AzCopy – Introducing Append Blob, File Storage Asynchronous Copying, File Storage Share SAS, Table Storage data exporting to CSV and more: AzCopy 3.2.0 and AzCopy 4.2.0-preview are now released.
Azure Backup update – New features in IaaS VM backup support: Support for up to 16 data disks, retention up to 99 years, improved performance, and reporting.
Azure Premium Storage expanding in more regions: Adding Central US, East US, East Asia, and North Europe.
Announcing the GS-Series: Adding Premium Storage Support to the Largest VMs in the Public Cloud: Big and fast.
Boot Diagnostics for Virtual Machines: Needed because there’s not KVM access.
A Look at Microsoft’s New Hybrid Cloud Features: A post I wrote for Petri.com.
How to Link an Azure RemoteApp collection to your existing Azure Virtual Network Without Domain Join: If you have applications that don’t require domains. Beware that this will cause messy session hosts without GPO to control user access/storage from a central point.

Office 365

What’s new – July 2015: Apps galore.
What’s new – August 2015: The education SKUs are getting a “shake up”.
Microsoft is reducing its number of portals, merging Intune with Office 365: Good idea … but I am sceptical of the success/future of this.

Intune

Windows 10, Azure AD and Microsoft Intune: Automatic MDM enrollment powered by the cloud: See the new Active Directory in action.
Microsoft Advanced Threat Analytics in now GA: This EMS bundle member is now available for detecting nefarious usage of company identity.

Events

Meet AzureCon: A virtual event on Azure on September 29th, starting at 9am Pacific time, 5pm UK/Irish time.

Technorati Tags: Hyper-V,Virtualisation,Failover Clustering,Linux,Windows Server 2016,Windows Server 2012 R2,Storage,Networking,Windows 10,Deployment,DPM,System Center,Azure,Cloud,Cloud Computing,Hybrid Cloud,Backup,Remote Desktop Services,Office 365,Intune,Active Directory,Events

Microsoft News 13-August-2015

Hi folks, it’s been a while since I’ve posted but there’s a great reason for that – I got married and was away on honeymoon 🙂 We’re back and trying to get back into the normal swing of things. I was away for the Windows 10 launch, happily ignoring the world. Windows 10 in the businesses is not a big deal yet – Microsoft needs to clear up licensing and activation for businesses before they’ll deliberately touch the great new OS – I’ve already had customers say “love it, but not until we get clarification”.

Hyper-V

What’s New for Hyper-V on Windows 10: The new features in Windows 10 Client Hyper-V.
Why Does Hyper-V Have Network Issues with 1 GbE NICs? Because OEMs write crappy drivers and firmware.
PowerShell Direct – handling authentication for better scripting: 4 options for authenticating your remote access.
Using PowerShell Direct for Script Locking: Stop your script until the VM is responsive.
Sending a script file into the VM using PowerShell Direct: Copy a script file into a VM to run it.
PowerShell Direct + Hot Add NIC == Give me an IP address: Add a NIC to a VM and configure it.
PowerShell Direct & Waiting for an IP Address: Wait for a VM to get an IP address before running your PowerShell.
Upgrading your Virtual Machine version: A new manual step to allow your VM to use new features.
Production Checkpoints in Windows 10: A new way of doing checkpoints where a restore is like restoring a VM from backup.
Integration components available for virtual machines not connected to Windows Update: Out of band methods for updating the Hyper-V ICs for VMs on Windows 10 or WS2016.
Hyper-V Storage QoS in Windows Server 2016 Works on SOFS and on LUNs/CSVs: Distributed Storage QoS will also work with block level storage (CSV required).

Windows Server

Introducing pen remoting for Windows 10 and Windows Server 2016: Handy.
Receive Side Scaling for the File Servers: Enable RSS on file servers with 10 GbE or faster networks.

Windows

Windows 10 – Available for Business Today: Unfortunately, no one has the answers on volume licensing upgrades, product keys and activation.
90 day Windows 10 Enterprise Evaluation: Handy to have access to for demos, trials, etc.
Announcing the availability of System Center 2012 R2 Configuration Manager SP1 and System Center 2012 Configuration Manager SP2: Adding support for Windows 10.
Step-By-Step – How to Clean Install Windows 10: This is not easy, thanks to licensing and activations. I have no idea how this will work in mid-large businesses.
Windows Assessment and Deployment Kit (ADK) for Windows 10: Automate a large-scale deployment of Windows 10 – when you’ve figured out the licensing.
Windows 10 ADK and Configuration Manager: Large scale image deployment.
Find and Update Your KMS Service Host Key To Activate Windows 10: A post by Didier Van Hoye, MVP.

Azure

Working with Marketplace Images on Azure Resource Manager: Include templates in your mass deployments.
Azure Marketplace announces new features and functionality: Big thing here is the ability to deploy Multi-VMs.
Azure Site Recovery GA – Move VMware, AWS, Hyper-V and Physical Servers to Azure: Not just a DR solution, but also an official migration solutions for Hyper-V, vSphere, and AWS. The post is quite unclear about the mechanisms/methods being employed (aka Marketing Gone Wild).
Can’t recover VMs in Azure with volumes greater than 1TB? Use Storage Spaces: I am not sure that this is supported on Hyper-V, so I am advising caution.
Enterprise Grade Disaster Recovery with Azure Site Recovery, EMC VMAX, VMAX3 and SRDF – Now Generally Available: SCVMM/Hyper-V environments that use EMC VMAX and VMAX3 SAN arrays can leverage industry leading technology in SRDF with ASR to protect complex multi-vm applications in a group consistent manner while ensuring that the most stringent RPO and RTO SLA requirements are met.
Tagging on Compute, Network and Storage Resources: Consistent use of tags on Compute, Network, and Storage resources created through the Azure Resource Manager allows organizations to track their usage in a new way.
Scheduling Azure Automation Runbooks with Azure Scheduler: Scheduled automation.
Azure Backup enables backup of large volumes, VMs, databases and more: Data sources up to 54400 GB now supported. Note that file servers with > 1 million files in a volume may require up to 20% of that volume for caching.
Microsoft’s Project Venus – Extending Azure Backup Features: How Microsoft will extend the functionality of Azure Backup, using a free DPM as a stepping stone.
Budgeting Struggles with Cloud Computing: Azure prices went up 10% in the Euro zone and 26% in Australia this month.
Azure Virtual Machines SLA – A Primer: People are making assumptions about SLA that will get them into trouble.
July updates to Azure RemoteApp: Not much that I can see.
Step-By-Step – Protect physical servers with Azure Site Recovery: Using Azure as a DR site for physical servers.

System Center

Description of Update Rollup 7 for System Center 2012 R2: Wait at least one month before installing. And make sure you read the instructions.

Office 365

Office 2016 for Mac is here: Those of you with overpriced handbag laptops get an Office update.
Office Mobile apps for Windows 10 are here: Office is now a universal app. Can’t wait to try this on a phone with Continuum.

Miscellaneous

Windows 10’s Continuum Killed the Personal Computer: An opinion piece I wrote for Petri.com.

Technorati Tags: Microsoft,Hyper-V,Windows Server 2016,Windows 10,PowerShell,Scripting,Networking,Storage,Deployment,RDS,Licensing,Azure,Hybrid Cloud,Cloud Computing,DR,Backup,System Center,Office

Microsoft Modifies The Azure Backup Announcement

Yesterday I posted an “Aidan Smash” article about the messed up Azure Backup Announcement. Microsoft had originally stated in their announcement of improvements that were coming to Azure Backup. Let’s remind ourselves what Microsoft said:

Why did I take a screenshot of the text instead of copying/pasting it? I’ve learned that when Microsoft makes a controversial announcement, or something that is just plain dumb, that text can change without any notice.

Controversy? Yes; Microsoft pretty much stated that the requests for feature improvements in Azure Backup that would make the product marketable to the breadth market (that will actually use Azure Backup) was going to be restricted to System Center customers that paid extra for OMS Add-On for Azure (not the breadth market).

That sounded pretty stupid. I reached out for a correction but did not get one within the 24 hours before I posted my rant. So it seemed that someone had made yet another dumb packing/pricing decision with a Microsoft online service.

24 hours later, the announcement was changed by Microsoft:

Note that the post does not say the following anymore:

… we are now announcing new Azure Backup services that are available today to OMS customers.

In fact, all mention of OMS in this section and the bullet points has been removed. Queue cautious celebration!

How do I read this (as a person that does not have access to OMS Add-On and cannot verify what OMS customers have access to)?

The new features will not be restricted to OMS Add-On customers
The new features are not available yet

This is much better. Now if only the author had bothered to communicate clearly in the first place – I’m guessing they were made walk the plank.

[Update]

Microsoft confirmed that the improvements to Azure Backup will be coming to everyone. These features will be coming before the end of the calendar year. I look forward to trying them out, and hopefully selling them.

Technorati Tags: Azure Backup,Azure,Backup,Hybrid Cloud

An Open Letter To Scott Guthrie About Azure Backup

Oh baby, it’s one of those posts where Aidan Smash! I think Azure Backup has amazing potential to OWN the online backup market, but thanks to the leadership of that group, Azure Backup is irrelevant. Read on to find out why.

[Update]

Microsoft modified the below announcement and details were confirmed to me. Read here to learn more.

What’s Online Backup and What is the Market?

We all know what on-premises backup is:

Something like DPM, Veeam, Altaro, Commvault, ArcServe, etc runs a job to backup files, folders, system state, VMs, or whatever
Data is sent to a disk and/or tape archive
We restore data from there when it’s corrupted or lost

An old saying in IT goes: you don’t have a backup if you don’t have 3 copies. In IT we know that we should keep off-site copies of data. In the old days, Iron Mountain would pick up a bag of tapes and courier them off to some place. If we needed to go back more than a week, then we’d have to call those tapes in (cost + delay) and that sucked. Plus tapes are fragile.

Some folks implemented site-to-site replication of backup (DPM, Veeam, etc) to counter this. Data is sent off to another location so the data is available no matter what happens to the primary site. But … there’s a cost to keeping an archive.

This is where online backup is meant to come into play. A hosting company can offer huge amounts of cheap storage. An agent is deployed to required machines (roaming user devices, servers, hosts, VMs) and does an online backup. Data might be proxied/stored locally with a short retention period, and stored in the cloud with a long retention period. There’s lots of variations in the offerings so don’t get caught up in the details here.

The Challenge with Online Backup

It’s simple: Price. The dominant service in Ireland (based on reseller-friendly Ahsay) costs anywhere from €0.30 to €1.00 per GB stored per month. So when Microsoft came along with Azure and offered a cheaper alternative you’d think that they’d wipe the floor with the competition, right?

What’s Wrong with Azure Online Backup?

I break up AB into three offerings, to try clarify the mess that Azure Marketing/Branding has created:

Azure Backup for IaaS/VMs: Backs up VMs running in Azure to block blob storage
DPM + Azure Backup: DPM backs up Hyper-V, files/folders, SQL Server, SharePoint, Exchange, etc, and an AB agent on the DPM server forwards selected data to Azure block blob storage
Azure Backup: An agent (called MARS) is installed on each machine that will be backed up, and it can only support files and folders, only files and folders, and nothing but files and folders, and if you ask about anything other than files and folders then you are a complete moron that should walk onto the street and ask to be hit in the head with a baseball bat (it might improve your IQ)

The market for Azure Backup is not the large enterprise. It’s SMEs … as I said it was quite some time ago with Azure Site Recovery (the ASR team has since acknowledged that I was correct). When Azure first went on sale via Open licensing (SMEs) I talked to Microsoft partners about this. The price then was around €0.25 per GB, which then dropped to €0.149/GB and now sits at as little as €0.0.17/GB (approx – I’m too lazy to Google it) plus “instance” charge. So Azure Backup completely took over the Irish market, right? Uh, not so fast, my friend! Anyone selling the incumbent is still selling the incumbent, and that’s because the AB leadership continues to ignore overwhelming feedback. Instead, they focus on scenarios for System Center customers, and although “sales” of System Center to SMEs might be green on the scorecard, that’s because of some “clever tricks” that various news sites have alluded to and the occasional large customer that refuses to buy Select/EA. In the real world, SMEs do not use System Center, so focusing on System Center customers is ignoring the huge breadth market that currently uses online backup solutions that cost much more than AB.

Note: Any Redmond-ites that think SMEs are just single-server companies are free to step off of their ivory tower and visit the real world outside of insulated and misinformed bubble.

What feature blockers are there to using AB?

Centralised management: There is no centralised management for AB. All management is done on a per-machine basis – which sucks. Customers hate this, and the resellers that are the IT department of those customers detest it because it’s unmanageable.
Backup support: Ab only does files and folders. Customers always ask about SQL Server, Exchange, Hyper-V and more. The Microsoft answer is: Use DPM. However, SMEs cannot afford DPM because it’s hidden in System Center licensing.
Pricing complexity: Have you met instances? Go on – google the pricing for Azure Backup and see what you think. We’ve actually lost Azure deals because of this BS that was introduced on April Fool’s Day.

We kept hearing that the AB team was going to fix all of this. And then yesterday, I read a post about Operations Management Suite (OMS) Add-On for System Center. There you will find this piece of text:

Here’s what you need to know first: The OMS Add-On can only be bought by System Center customers: 1 Std Add-On for 1 Std SML, 1 DC Add-On for 1 DC SML. And the new features of AB are only available to OMS Add-On customers:

Adding DPM technology to the AB agent: I don’t have OMS and I tested the latest agent that I can download. I still can only backup files and folders. It appears that this new agent for AB to solve the issue that AB can only backup files and folders, is only available to customers with DPM licensing. Some genius thought that to solve the lack of DPM, you need to buy DPM, to use a backup agent that isn’t DPM. Friggin’ Einstein, right? Give that person a job running the economy for Greece or Zimbabwe!
Centralised management: Only available to DPM customers, the sort that don’t do much online backup, while ignoring the breadth market that will and does backup to the cloud with more expensive alternative vendors that do offer what those customers need.

It’s quite clear that the AB group either doesn’t understand the feedback and/or refuses to listen.

A Request for Scott Guthrie

Scott, I know you’re a smart man. Why do you and how can you tolerate this continued failure? I know you could sell a lot more Azure storage if you opened up Azure Backup to the SME market with improved backup support and centralised management. I could probably have half of the Irish market switched over by now if someone in Microsoft was actually acting on the feedback that they’ve been getting since last summer. Ireland is a tiny market in the grand scheme of things, but the nature of our market is the same across the entire EU and I doubt the USA is much different. That’s a lot of money you’re leaving on the table for competition to take.

I know that someone in Microsoft (probably Dublin) will complain about “that loud MVP” again, and I’ll have the usual conversations. But I know I’m right and I’ve repeatedly given the feedback via forum, direct emails to relevant PMs, and Lync conversations. Give us the product we need, and we’ll sell the heck out of it to people that will use it. So, Scott, I’m imploring you to make the necessary changes. Stop focusing Azure Backup on System Center customers; it’s a waste of dev/test time. Focus on SMEs and resellers and you will take over the online backup market in a year with customers that are actually adopting or using Azure.

Microsoft News – 29 June 2015

As you might expect, there’s lots of Azure news. Surprisingly, there is still not much substantial content on Windows 10.

Hyper-V

What is the Windows Server Network Controller? A post I wrote for Petri.com.
Virtual Machine Compute Resiliency in Windows Server 2016: Dealing with transient cluster failures and keeping VMs online.
NEW RDS deployment model – Personal Session Desktops: A VDI scenario without using a client OS. In Windows Server 2016 additional improvements have been added to the Desktop Experience feature to make the Server OS look even more as a (Windows 10) Client OS. You will “… essentially be able to do “VDI” in Azure where every user will have a fully persistent desktop with options to allow user installed applications or maybe even local admin privileges”.
Script – Image Factory for Hyper-V: A handy solution from Ben Armstrong.
Handy Tool for Converting KVM / VMware Images to Hyper-V: A solution for V2V conversions from KVM to Hyper-V for when you’ve realised that your boss was an idiot.

Windows Server

DNS Server Startup Time Improvements in Windows Server 2012 R2: Tuning for those people running HUGE DNS databases (40,000 to 50 million records!).
PowerShell Script to build your Nano Server Image: Deploying Nano Server
How to use WDS to PxE Boot a Nano Server VHD: Do a network boot with Nano Server – How UNIX-y!
Microsoft Support for Secure Shell (SSH): Light on details: ” the PowerShell team will support and contribute to the OpenSSH community”.

Windows Client

Most IT Pros Expect To Deploy Windows 10 Within 2 Years: “40 percent of IT pro participants were planning to deploy Windows 10 within the first year of release … [another] 33 percent were planning Windows 10 deployments within two years”.
Windows 10 – What’s next for Microsoft’s Insider testers: Microsoft gets it “right” on the 3rd attempt. Maybe.
Azure AD, Microsoft Intune and Windows 10 – Using the cloud to modernize enterprise mobility: Azure AD is the glue (a common theme).

Azure

Azure RemoteApp – User Connection Error: For “With VPN” or hybrid deployments, sort out your UPNs to ensure that the AAD and the LAD user accounts match up. First a user signs into AAD via the RemoteApp client, and then they sign into AAD using Remote Desktop.
Azure RemoteApp – App-V Support Part 1: Deliver apps to RemoteApp using virtualization. App-V Standalone.
Azure RemoteApp – App-V Support Part 2: Full App-V infrastructure.
Step through creating a Resource Manager-based Azure Virtual Machine with PowerShell: A LOT of code is required, but once you have it, it’s quicker to create VMs using PoSH than via the GUI.
Container Apps now available in the Azure Marketplace: It’s Docker time!
Troubleshoot Secure Shell (SSH) Connections to a Linux-based Azure Virtual Machine: Steps to fix this complex scenario.
Sync Azure RemoteApp Collection Membership with Azure Automation: A clever solution to populate an App Collection with the members of an AD group.
How to Create and Validate a Microsoft Azure Active Directory Domain: A post I wrote for Petri.com.
How To Upload Files to Microsoft Azure: A post I wrote for Petri.com.
Wormhole Area Networking and Microsoft Azure: Pending patent – a post I wrote for Petri.com.
Easier Azure VM Deployment with the Custom Script Extension: A post I wrote for Petri.com.
Using the Microsoft Azure Storage Explorer Tools: A post I wrote for Petri.com.
Sharing Files in the Cloud using Azure Files: How to use the Storage Accounts Files service between VMs.
Improving Microsoft Azure File Server Performance with BranchCache: A post I wrote for Petri.com.
Enable Distributed BranchCache on a Microsoft Azure File Server: A post I wrote for Petri.com.
Does Azure Backup Work? A post I wrote for Petri.com.
Microsoft Launches New Microsoft Azure VM Pricing Tool: A post I wrote for Petri.com.
Key Vault is now generally available: This HSM in the cloud offering is now GA. Example usage: central SSL cert storage and VM full disk encryption (coming soon).
Azure Active Directory Premium reporting now detects leaked credentials: Detect when your users have lost control of their usernames and passwords.
DevOps Basics – Infrastructure as Code: Deploying VMs using ARM templates via the Ibiza portal.
DevOps Basics – Infrastructure as Code – The PowerShell Method: An alternative to the previous.
Azure AD Conditional Access preview update – More apps and blocking access for users not at work: Note conditional access to Azure RemoteApp.
May updates to Azure RemoteApp: What changed?

Office 365

Announcing auto-expanding, highly scalable archives for Office 365 email: To accommodate customers who require very, very large archiving storage, Microsoft announced new auto-expanding, highly scalable archiving.
Exchange Online Advanced Threat Protection is now available: A new subscription service for unknown malware, real-time protection against malicious URLs, and reporting.
7 new Exchange Online Protection enhancements: Improving the basic service.
What’s new – May 2015: A summary of O365 improvements.
Introducing Compliance Search in Office 365: A faster and more lightweight way of searching within your organization’s data in Office 365.
Rights Management Service departmental templates comes to Office 2013: A feature that allows organizations to define different policies that will be deployed to different departments (or roles) for their use in documents and emails, now natively supported in Office 2013.
New Intune capabilities for Outlook on iOS and Android: Customers using Outlook for iOS and Android can now use built-in MDM for Office 365 or Microsoft Intune to secure email data on mobile devices within their organization.

EMS

New features coming to Intune over the next week: Starting June 22 and ending July 2.
Microsoft adds Advanced Threat Analytics to its Enterprise Mobility Suite: More security coming to EMS (cloud) and ECS (on-prem).

Misc

Samsung Accused of Blocking Security Updates in its PCs: Are OEMs stupid, ignorant, or do they just not care? IMO, this one is a grey area.

Technorati Tags: Microsoft,Hyper-V,Windows Server 2016,Windows Server 2012 R2,DNS,Virtualisation,PowerShell,Deployment,Remote Desktop Services,Scripting,Linux,Failover Clustering,Windows 10,Azure,Cloud,Cloud Computing,Hybrid Cloud,Networking,Security,Backup,Active Directory,Office 365,Intune

Living with & Paying for Azure VM Backup

This site is running on an Azure Basic A2 VM with 127 GB of storage. I back it up in two ways:

There is an Azure Backup (AB) agent installed in the guest OS, and that backs up an export of MySQL and the IIS content.
I use the (preview) feature that allows you to grab a daily backup of a VM. This is what I want to focus on.

I have deployed a GRS backup vault. The usage summary is:

The storage cost of the backup this month will be around €2.5776 (72 * €0.0358 per GB) and the instance cost will be €7.447 (The VM size falls into 50-500 GB).

There is a daily backup with 4 weeks of retention. Right now, there are 29 days of history:

Backup can be slow (ranges from 47 minutes to 4 hours and 13 minutes), but I haven’t had any issues.

I haven’t had to do a restore, but so far, so good.

Technorati Tags: Azure,Virtualisation,Backup