Hybrid Cloud | Aidan Finn, IT Pro

Cloud Camp 2018 – It’s A Wrap!

Yesterday, Cloud Camp 2018, run by MicroWarehouse and sponsored by Microsoft Surface and Veeam, ran in the Dublin Convention Centre here in Ireland. 4 tracks, 20 (mostly MVP) sessions, 2 keynotes, and hundreds of satisfied attendees. It was great fun – but we’re all a little tired today

Photo by Gregor Reimling

The message of the day was “change” and that was what I talked about in the opening keynote. In nature, change is inevitable. In IT, you cannot accept change, you’re pushed aside. Business pressure, security & compliance needs, and the speed of cloud make change happen faster than ever. And that’s why we had 20 expert-lead breakout sessions covering Azure IaaS, Azure PaaS, productivity, security, management & governance, Windows Server 2019 and hybrid cloud solutions. The conference ended with renowned Microsoft-watchers Mary Jo Foley and Paul Thurrott discussing what the corporation has been up to and their experiences in covering the Redmond giant.

We had a lot of fun yesterday. Everything ran quite smoothly – credit to John & Glenn in MWH and Hanover Communications.

After the conference, Paul & Mary Jo hosted their Windows Weekly podcast from Dogpatch Labs in the IFSC.

And then we had a small after party in Urban Brewing next door, where one or two beverages might have been consumed until the wee hours of the morning

Picture by Gerald Versluis

Thank you to:

MicroWarehouse for running this event – Rory for OK-ing it and the team for promoting it.
John and Glenn who ran the logistics and made it so smooth
Hanover Communications for the PR work
All the breakout speakers who travelled from around Ireland/Europe to share their knowledge and experience
Kartik who travelled from India to share what Azure Backup are up to
Paul & Mary Jo for travelling from the USA to spend some time with us
Alex at TWiT for make sure things worked well with the podcast
Everyone who attended and made this event possible!

A Twitter competition with the #CloudCamp18 tag was run – a winner will be selected (after the dust settles) for a shiny new Surface Go. At one point the #CloudCamp18 tag was trending #3 for tweets in Dublin. Now I wonder what will happen with #CloudCamp19?

Microsoft Ignite 2018–Windows Server 2019 Deep Dive

Speaker: Jeff Woolsey

Azure

Hybrid is a first-thought thing in MS. It’s not bolted on. How do they make Azure one-click away for customers who need to connect.

Azure Pillar #2 is hybrid. Windows Server 2019 pillar #1 is Hybrid.

Admin Center

1.7 million servers under management since it launched a few months ago. All new features in Windows Server are in this free download. MMC development has stopped. It’s also the portal to hybrid. Feedback driven evolution. Partner solutions built in – Fujitsu and DataON for hardware management highlighted. SquaredUp SCOM and Azure monitoring highlighted. RiverBed highlighted too. HPE is in development (looks limited compared to Fujitsu and DataON). Lenovo has something coming too. No mention of Dell/EMC who are stuck in the 1990s Sad smile

Still a place for System Center – bare metal deployment, application monitoring, etc.

Hybrid

The Azure Network Adapter. If you have a machine in an isolated location that needs to connect to an Azure vNet then one click in Admin Center and it creates a point-to-site VPN connection to an existing gateway. ASR is a one-click replication. Azure Backup now can be enabled on WS2012+ without installing MARS via Admin Center. W2008 R2 still requires a manual MARS installation. Very simplified deployment for file/folder and system state backup from the OS.

Azure Update Management

Extending Windows Update management from Azure to on-premises. This was a very complex deployment in the past. But through Admin Center it’s a short wizard.

Storage Replica TO Azure

This is in preview. You create a VM in Azure via Admin center, join it to a domain, etc via Admin Center. That’s the target. Then replication magically happens – didn’t see the required networking piece here so it might be a bit of an over-simplification.

Hyper-Converged Infrastructure

Hyper-converged is a play in server hardware modernisation – performance, security, support, etc. A video from Lenovo on their XClarity server management solution, that also integrtes into Admin Center – in preview today.

Storage Class Memory

Flash first came by USB. Then it moved to SAS/SATA. Then to PCI. Then NVMe to make it faster. Moving closer to the processor to reduce latency and increase performance. Storage Class Memory is next to the processor in a DIMM socket. It can be configured to look like storage, memory, or a mix of both. Can be an “insanely high speed cache”.

Demo on HCI by Cosmos Darwin. Previous demo in 2016 was 6.69million IOPS from 16 servers. This year they tested with Intel hardware (Optane) to get more performance. They deployed 12 nodes running with just these drive (2 per node) s for caching and NVMe for capacity. Also used future version Xeons. 100 TB of usable storage with free PCI slots and drive bays. The caching devices are striped at the memory controller level. Each NVMe is 8 TB each. They fire up VMs on one node and hit 1 million IOPS. Turn on node 2 and hit 2 million IOPS. Then they power up all 12 nodes VMs and hit 13 million IOPS from 24 U of servers. The growth was linear.

System Insights

Via Admin Center
Predictive capabilities for Windows Server 2019 locally on the server.
Predictive analytics
In the charts, it shows historical metrics, and projects how this will continue into the future.
Suggested actions, e.g. Extend volume Azure File Sync, Disk cleanup
Transform reactive emergencies into proactive management experiences.

Storage Migration

Customers find moving data to be hard. Means that old OS versions are hanging around. Need data to move, shares to move, folder/share ACLs, EFS, IP address, computer naming, etc must be possible to move. Storage Migration Service allows you to move data to Azure or file servers. It has support back to W2003 and up to WS2019 as a source. It inventories the source server. It then copies the data over to target server. Cutover hides the source server, freezes it, and transfers names/addresses to the new server so it becomes the active file server. You can export a CSV file with a log of every file transfer transaction with all the file attributes.

Azure File Sync

Modernize the file server to give it virtually bottomless capacity in Azure. 100 TiB per share support.

Storage

Admin center integratin
Deduplication with ReFS
Mirror accelerated parity
Storage class memory support
Cluster sets: a cluster of clusters with hundreds of nodes in a single unified namespace
Industry leading scale

Cosmos Darwin comes back out. Storage Spaces Direct isn’t just for VMs. Another scenario is a backup target where customers want larger capacity. Now it supports 4 PB of raw storage in a single cluster. With cluster sets, that increases. 4 PB is wikipedia in every language with the complete edit history 50 times. Demo of QCT servers with 527 drives – 72 dives per physical server. 3.64 PB of raw capacity. QCT is selling this today. They’ve benchmarked with Veeam, doing 25 GB/s of sustained data writes per hour.

Scales are up. 400 TB per server, 64 volumes per cluster.

Software-Defined Networking

Virtual network peering
Encrypted subnets
Egress bandwidth metering
IPv6 support, single and dual stack
Fabric ACLs, SDN ACL logging
Gateway performance improvements

Management is coming. Windows Admin Center management for Software-defined networking. Add network Controller to Admin Center. Then add subnets. SDN for mere mortals. SDN monitoring is coming to Admin Center too.

Security

Shielded VMs.

Password Protection with Windows Server AD

Central risk: Passwords. Azure AD solved this issue in Premium. This has been projected down into ADDS. You get the same password checking on-prem that you can in the cloud. A free download that can be installed on WS2012 R2 domain controllers and later. Password enforcement will be the same in the cloud as in on-prem. Can be deployed in audit or enforcement modes. The agent on the DC talks to a proxy service and the proxy talks to the cloud. You register the proxy with the cloud and then install the agent on DCs. And then cloud-based enforcement starts to work. You can define your own weak password lists.

Features on Demand

Server Core numbers are allegedly increasing because of Admin Center.
What if I have to go to the VM and I need local tools.
What it s/w installer won’t install on Server Core?
Features on Demand is Server Core with an additional ISO of around 340 MB.
It’s to support those apps that won’t install.
It also adds local debugging and tools.
When installed you get MMC.EXE, Event Viewer, File Explorer, Device Manager, Resource Monitor, Performance Monitor, PowerSehll ISE, Faulover Cluster Manager.
Internet Explorer is in a special ISO by itself.

Exchange Server 2019 supports Core out of the box. SQL Server supports Core already.

Best practices:

Start with Windows Server Core with Admin Center – best way for server hygene
Add FOD – use it – remove it.
Finally use Windows Server with Full Desktop

Looking Forward

A new release of Windows Server and Admin Center every 2 weeks for Insiders.
There is the semi-annual channel for application innovation twice per year.
The next LTSC will be out in 2-3 years time.

Online Windows Server Mini-Conference – June 26th

Microsoft wants to remind you that they have this product called Windows Server, and that it has a Windows Server 2016 release, a cool new administration console, and a future (Windows Server 2019). In order to do that, Microsoft will be hosting an online conference on June 26th with some of the big names behind the creation of Windows Server called the Windows Server Summit.

This event will have a keynote featuring Erin Chapple, Director of Program Management, Cloud + AI (which includes Windows Server). Then the event will break out into a number of tracks with multiple sessions each, covering things like:

Hybrid scenarios with Azure
Security
Hyper-converged infrastructure (Storage Spaces Direct/S2D)
Application platform (containers on Windows Server)

The event, on June 26th, starts at 5pm UK/Irish time and runs for 4 hours (12:00 EST). Don’t worry if this time doesn’t suit; the sessions will be available to stream afterwards. Those who tune in live will also have the opportunity to participate in Q&A.

StorSimple–The Answer I Thought I’d Never Give

Lately I’ve found myself recommending StorSimple for customers on a frequent basis. That’s a complete reversal since February 28th, and I’ll explain why.

StorSimple

Microsoft acquired StorSimple, a physical appliance that is made in Mexico by a subsidiary of Seagate called Xyratex, several years ago. This physical appliance sucked for several reasons:

It shared storage via iSCSI only so it didn’t fit well into a virtualization stack, especially Hyper-V which has moved more to SMB 3.0.
The tiering engine was as dumb as a pile of bricks, working on a first in-first out basis with no measure of access frequency.
This was a physical appliance, requiring more rackspace, in an era when we’re virtualizing as much as possible.
The cost was, in theory, zero to acquire the box, but you did require a massive enterprise agreement (large enterprise only) and there were sneaky costs (transport and import duties).
StorSimple wasn’t Windows, so Windows concepts were just not there.

Improvements

As usual, Microsoft has Microsoft-ized StorSimple over the years. The product has improved. And thanks to Microsoft’s urge to sell more via MS partners, the biggest improvement came on March 1st.

Storage is shared by either SMB 3.0 or iSCSI. SMB 3.0 is the focus because you can share much larger volumes with it.
The tiering engine is now based on a heat map. Frequently accessed blocks are kept locally. Colder blocks are deduped, compressed, encrypted and sent to an Azure storage account, which can be cool blob storage (ultra cheap disk).
StorSimple is available as a virtual appliance, with up to 64 TB (hot + cold, with between 500 GB and 8 TB of that kept locally) per appliance.
The cost is very low …
… because StorSimple is available on a per-day + per GB in the cloud basis via the Microsoft Cloud Solution Provider (CSP) partner program since March 1st.

You can run a StorSimple on your Hyper-V or VMware hosts for just €3.466 (RRP) per appliance per day. The storage can be as little as €0.0085 per GB per month.

FYI, StorSimple:

Backs itself up automatically to the cloud with 13 years of retention.
Has it’s own patented DR system based on those backups. You drop in a new appliance, connect it to the storage in the cloud, the volume metadata is downloaded, and people/systems can start accessing the data within 2 minutes.
Requires 5 Mbps data per virtual appliance for normal usage.

Why Use StorSimple

It’s a simple thing really:

Archive: You need to store a lot of data that is not accessed very frequently. The scenarios I repeatedly encounter are CCTV and medical scans.
File storage: You can use a StorSimple appliance as a file server, instead of a classic Windows Server. The shares are the same – the appliance runs Windows Server – and you manage share permissions the same way. This is ideal for small businesses and branch offices.
Backup target: Veeam and Veritas support using StorSimple as a backup target. You get the benefit of automatically storing backups in the cloud with lots of long term retention.
It’s really easy to set up! Download the VHDX/VHD/VMDK, create the VM, attach the disk, configure networking, provision shares/LUNs from the Azure Portal, and just use the storage.

So if you have one of those scenarios, and the cost of storage, complexities of backup and DR are questions, then StorSimple might just be the answer.

I still can’t believe that I just wrote that!

Podcast Recording: Talking WS2016 on AnexiPod

I recently recorded a podcast with Ned Bellavance of Anexinet, where we talked about Windows Server 2016 for nearly an hour. Tune in and hear what’s up with the latest version of Microsoft’s server operating system, Hyper-V, storage, cloud, and more!

Technorati Tags: Windows Server 2016,Hyper-V,Hybrid Cloud,Storage

Cloud & Datacenter Management 2016 Videos

I recently spoke at the excellent Cloud and Datacenter Management conference in Dusseldorf, Germany. There was 5 tracks full of expert speakers from around Europe, and a few Microsoft US people, talking Windows Server 2016, Azure, System Center, Office 365 and more. Most of the sessions were in German, but many of the speakers (like me, Ben Armstrong, Matt McSpirit, Damian Flynn, Didier Van Hoye and more) were international and presented in English.

You can find my session, Azure Backup – Microsoft’s Best Kept Secret, and all of the other videos on Channel 9.

Note: Azure Backup Server does have a cost for local backup that is not sent to Azure. You are charged for the instance being protected, but there is no storage charge if you don’t send anything to Azure.

Technorati Tags: Windows Server 2016,Hybrid Cloud,Hyper-V,Virtualisation,System Center,Azure Stack,Azure,Cloud,Cloud Computing,Backup,Failover Clustering

Microsoft News – 19 October 2015

It turns out that Microsoft has been doing some things that are not Surface-related. Here’s a summary of what’s been happening in the last while …

Hyper-V

Microsoft Loves Linux Deep Dive #2 – Linux and FreeBSD Integration Services Core Features: Talking about the services that are integrated into Linux guest OSs on Hyper-V.
Shared Hyper-V virtual disk is inaccessible when it’s located in Storage Spaces on a Windows Server 2012 R2-based computer: A hotfix is available.
Recover From Expanding VHD or VDHX Files On VMs With Checkpoints: Tut tut!
Find All Virtual Machines With A Duplicate Static MAC Address On A Hyper-V Cluster With PowerShell: A handy tip from Didier to avoid networking hell.
Microsoft Loves Linux Deep Dive #3: Linux Dynamic Memory and Live Backup: Dynamic Memory for Linux guests and backup VMs with file system consistency without shutting them down.
Virtual Network Appliances I Use for Hyper-V Labs: A post by Didier Van Hoye.
Microsoft Loves Linux Deep Dive #4: Linux Network Features and Performance: More about open source on Hyper-V.
KB3095308 – VMs may not get additional memory although they’re set to use Dynamic Memory in Windows Server 2012 R2: You experience a poor performance, and IIS servers may run out of memory at peak times.
KB3093571 Update to replicate multiple VM groups and VMs that use shared VHDs in Windows Server 2012 R2 or Windows Server 2012: This article describes a hotfix that enables multiple virtual machine (VM) groups replication and the ability to replicate VMs that use shared Virtual Hard Disks (VHDs) in Windows Server 2012 R2 or Windows Server 2012. This is BIG – I’ll have more on this topic later.
Windows 10 Build 10565 Adds Nested Hyper-V: A post I wrote for Petri.com.
KB3093899 – VMs that run on CSVs fail if DCM can’t query volumes in Windows Server 2012 R2: This article describes an issue that occurs when Desired Configuration Management (DCM) can’t query volumes in Windows Server 2012 R2.
KB961804 – Virtual machines are missing, or error 0x800704C8, 0x80070037, or 0x800703E3 occurs when you try to start or create a virtual machine: This problem may be caused by antivirus software that is installed in the parent partition if the real-time scanning component is configured to monitor the Hyper-V virtual machine files. Follow Microsoft’s guidance on antimalware for Hyper-V hosts, and stop being a “yes sir, no sir” gombeen kow-towing to the know-nothing security “expert”.
Trunking With Hyper-V Networking: Trunk the virtual switch port to allow a virtual appliance connect to multiple VLANs at once.
Remove Lingering Backup Checkpoints from a Hyper-V Virtual Machine: A recovery snapshot stays and you cannot apply or delete it.
Hyper V Amigos Podcast Episode 1 – Ben Armstrong: Hyper-V MVP Carsten Rachfahl interviews Microsoft PM, the Virtual PC Guy.

Windows Server

Windows Server Containers, what are they and where do they fit? Read the Microsoft explanation, and then read my one.
Memory Compression in Windows 10 Threshold 2: Improving resource utilization with TH2, the next major Windows release, coming in November.
“Not enough server storage is available to process this command” error when you try to access file shares on an SOFS-configured server : You ignored the guidance and used SOFS as an end-user file server. Seriously – try reading!
New Windows Server 2016 Storage Video Series: A set of videos on WS2016 storage.
KB3091057 – Cluster validation fails in the “Validate Simultaneous Failover” test in a Windows Server 2012 R2-based failover cluster: This hotfix changes some timing of the “Validate Simultaneous failover” test to more accurately verify the storage compatibility with the failover cluster.
How to setup Nano Server to send diagnostic messages off-box for remote analysis: Troubleshooting Nano server will be fun if you cannot log into it. So don’t log into it.

Windows Client

Windows 10 Enterprise Feature – Credential Guard: Using VSM to protect LSASS.

Azure

Monitor your Azure RemoteApp environment with OpInsight – Part 4: Monitor the User Profile Disks.
Learn how to back up your IaaS VMs in five minutes: It’s simple: create a backup vault, discover VMs, register VMs, create a policy.
Microsoft Azure Backup Server: Download the MAB (based on DPM) to get on-premises backup of Hyper-V, SQL, Exchange, SharePoint and clients that you can forward to Azure Backup vaults.
September updates to Azure RemoteApp: New features in the RDS service. Note that Office 2016 is not supported yet.
A VM that Azure Site Recovery helps protect goes into a resynchronization state: “Resynchronization is required for the machine X. Resume replication to start resynchronization” and “Resynchronization for virtual machine ‘VMName’ was marked corrupted by the service.”.
Inside Azure File Storage: Learn more about this application data sharing facility.
Azure RBAC is GA: Implement just enough administration (JEA) in your Azure subscription.
Azure RemoteApp Custom Image Licensing Error: When you make your own RemoteApp image from scratch.
Introducing Microsoft Azure Backup Server: A post I wrote for Petri.com on “Project Venus” progress.
Azure AD Domain Services is now in Public Preview – Use Azure AD as a cloud domain controller: We’re getting closer to Server Zero. Note the lack of integration with legacy AD.
The Azure AD App Proxy just keeps getting better and better: Cloud-enable legacy apps.
KB3090067 – Azure Backup performance update: Update MARS to avoid when incremental backups by using the Azure Backup agent may run slowly for servers that have many files.
User Environment Management in Azure RemoteApp – Part 1: Using UE-V with the user profile disks.
IIS and Azure Files: Can I host my IIS web content in the cloud using Azure Files? Yes you can put your websites in Azure Files and use shared configuration for shared web content between a farm of auto-scaling, load balanced VMs in an availability set with auto-scaling enabled. Yum!
Get Fast + Easy Support with OMS: Add Microsoft support users to a workspace so they can see the same thing as you.

Office 356

Cloud security controls series – OneDrive for Business: Compliance and security stuff.
Data Loss Prevention in OneDrive for Business, SharePoint Online and Office 2016 is rolling out: PDB is finally starting to improve.
Share with the click of a button in Office 2016: How to edit cooperatively.
What’s new – September 2015: A bit of a quiet month in Office, right? It was just Office 2016, Exchange 2016, …
I sync therefore I am…: A preview of the new ODB sync client
Azure PowerShell 1.0 Preview: A preview of v1.0 which appears to focus on improving admin of Azure Resource Manager.

Miscellaneous

A message to our customers about EU – US Safe Harbour: A comment by Microsoft’s legal honcho, Brad Smith, following the recent ECJ ruling that Safe Harbour is “invalid”.

Azure Backup Project Venus Has Gone Live

Woohoo! Azure Backup has started the evolution from a very basic online backup service to something very interesting – the price is already super competitive versus MozyPro and the gazillions of Ahsay-based vendors but functionality has been a challenge.

If you’re not aware of Venus, then read this article I wrote for Petri.com. In short, Azure Backup customers can get a customized version of DPM (being referred to as a new Azure Backup server) to perform on-premises backups of files & folders as before, but now it adds Hyper-V, VMs, SQL Server, SharePoint Server, Exchange, and Windows clients. You then configure a policy to send an encrypted copy of all/subset of your data to Azure. The Azure Backup server keeps short-term retention and the Azure Backup vault keeps long term retention.

I found a download URL last week. At the time, it only shared a file saying “come back next week”. Well, it’s next week now. I checked it last night – no change. Mark Taylor (@ChorusMark) pinged me on Twitter late last night (I saw it this morning) and sure enough, the download went live:

The description goes as follows:

With Microsoft Azure Backup, you can protect application workloads such as Hyper-V VMs, Microsoft SQL Server, SharePoint Server, Microsoft Exchange and Windows clients to:

Disk (D2D), giving high RTOs for tier 1 workloads
Azure (D2D2C) for long term retention.
And, you can manage the protection of various protected entities (servers and clients) from a single on-premises user interface.

You can deploy Microsoft Azure Backup server as:

A physical standalone server.
A Hyper-V virtual machine – You can run DPM as a virtual machine hosted on an on-premises Hyper-V host server, to back up on-premises data.
A Windows virtual machine in VMWare – You can deploy DPM to provide protection for Microsoft workloads running on Windows virtual machines in VMWare. In this scenario DPM can be deployed as a physical standalone server, as a Hyper-V virtual machine, or as a Windows virtual machine in VMWare.
An Azure virtual machine – You can run DPM as a virtual machine in Azure to back up cloud workloads running as Azure virtual machines.

If you log into your Azure subscription, you’ll see that Azure Backup vaults show the new feature too:

The system requirements are as follows:

Operating system – you must supply a license, either via virtualization rights or normal physical licensing:

Windows Server 2008 R2 SP1, Windows Server 2012, Windows Server 2012 R2
Windows Server 2012 R2, Windows Server 2012 and Windows Server 2008 R2 SP1

Processor:

Minimum: 1 GHz, dual-core CPU
Recommended: 2.33 GHz quad-core CPU

RAM:

Minimum: 4GB
Recommended: 8GB

Hard Drive Space:

Minimum: 3GB
Recommended: 3GB
Disks for backup storage pool: 1.5 times size of data to be protected

SQL 2014 is included in the setup. This license is free and can only be used for Azure Backup server. FYI, I’ve been pre-warned that a pre-requisite is .NET 3.5.1 and this can take about 1 hour to install. Plan your time around this!

I haven’t found a launch announcement from Microsoft and the AB site doesn’t have any documentation yet. But this will be very similar to a DPM setup for Azure Backup.

[EDIT]

I forgot to address the localisation of the above Microsoft Azure Backup Server (MABS). The Azure Backup team wanted to get MABS out as quickly as possible, so English was released first. More localisations will be released over time – the team really is customizing DPM to Azure Backup to make MABS, which you’ll see when you’re required to supply backup vault credentials to complete the setup, and they want to get more functionality into people’s hands as rapidly as they can.

Technorati Tags: Azure,Backup,Hybrid Cloud,DPM