Storage | Aidan Finn, IT Pro

Microsoft Ignite 2019 – Windows Server on Azure Overview, Lift-and-Shift Migrations for Enterprise Workloads

Speakers:

Rob Hindman, Microsoft
Elden Christensen, Microsoft

Why Windows + Azure

Unmatched security
Built-in hybrid
Most cost effective
Unparalleled innovation and deep trust with enterprises

Weighing Your Options

Rehost – lift and shift
Refactor, rearchitect or rebuild – modernize/transform

Workloads

Typically dictates your migration options.

Windows Server 2008/R2

Lift-and-shift to Azure offers free extended security updates beyond the normal EOL of Na 14, 2020, by 3 more years (Jan 14, 2023).

You can unlock on-prem server extended support (if you buy it) through the Azure Portal.

Hybrid Benefit

If you have Software Assurance then you can reduce your Windows Server cost (built into the cost of Azure VMs with Windows) with the Azure Hybrid Use Benefit (AHUB).

Workloads

A bunch of eyechart tests that should be downloaded for reference.

S2D with Ultra Disk support “coming soon”.

SLA

You can build HA in infrastructure or app. Focus on App availability – Azure VM SLAs are built on this concept. Other consideration is operational consistency.

Designs

A bunch of designs are shown, including S2D and Storage Spaces clusters. Two Azure options:

Premium File Shares (GA) as shared storage
Shared Azure Disks (roadmap) as shared cluster disks – witness & CSV https://aka.ms/SharedDiskSignUp Will support Premium SSD and Ultra SSD.

Lessons From The Trenches

Download the slide(s) – lots of details.

You are the operator of Azure VMs and must to updates, backups, etc, and test.
You must practice failure scenarios and have processes to deal with it.
DO not use the VM temporary disk
Do not attempt to convert from Standard to Premium disks during DR site failover – the conversion is not instant.
Large VMs do not compensate for application architecture –sometimes refactoring cannot be avoided
Do not had-code specific VM gallery image names into scripts. Images are retired after two years – use the latest version because it is recently patched.
Use DskSpd and FIO to measure performance as early as possible. Run multiple tests – because Azure Cache will kick in to improve performance. Note that some regions (East US) will perform faster than others.
Use WS2019 to capture Azure host maintenance events in the faulover clustering event logs – 1139, 1140, 1136
S2D on Azure IaaS VM guest clusters can only use 2-way and 3-way mirror reliiency types. S2D caching tiers cannot be used.
Don’t let S2D volumes become 100% full. Expanding when they are full is difficult and requires downtime.
S2D is slower on clouds that enforce VM network QoS
Mirror repair is faster on WS2019.
WS2019 for file server roles, especially the Information Worker workload is better.

Inter-Region Resiliency for Zone Redundant Storage

Microsoft has added two new kinds of resiliency to general purpose v2 (GPv2) storage accounts called Geo-Zone Redundant Storage (GZRS) and Read-Access Geo-Zone Redundant Storage (RA-GZRS).

The Old ZRS

ZRS, when it originally appeared several years ago in Azure, was a form of general purpose storage account v (GPv1) replication that had a complex definition. It kept 3 copies of your data, 2 in the region of choice, and the third was either in the same region or in a nearby region. But this was before Azure regions had zones as we know them today.

The concept of ZRS was to get over the availability limitations of LRS and GRS:

LRS keeps 3 asynchronous copies of the storage account on a single storage cluster, in a single room (co-lo), in a single data centre, in a single region. If that one cluster, co-lo, or data centre goes down, then you lose the storage account until/if it returns.
GRS is an extension of LRS, keeping an additional 3 asynchronous copies of the storage account in the paired region (secondary region) of the primary region (the region you deployed the storage account into). However, you cannot use the failover replicas until Microsoft declares a failover, which is a non-retrievable failure of the primary; this event has never occurred but there have been plenty of local outages which made the accessible (LRS) copies unavailable for periods of time.
RA-GRS extends GRS by making the additional copies in the paired region available for read access, useful if you have a custom app that only needs to read the data.

However, the old ZRS still didn’t understand how to divide up it’s copies into independent zones in the same region, even if it spread the data around 2 to 3 data centres in the same region; those data centres could have had shared dependencies.

Availability Zones

Microsoft is slowly adding availability zones to their Azure regions. When a region (a cluster of closely located data centres that you deploy resources into) is broken up into availability zones, Microsoft creates 4 zones that have completely independent power, networking, etc. The idea is that if one zone goes down because of an internal infrastructure failure, it should have no affect on production systems in the other zones in the same region. As a result, we can get higher SLAs by using zone-redundant deployments.

However, there is a cost. Some resources require higher SKUs, there is a micro inter-zone communications cost, and latency between tiers of a service or services can be increased by using more than one zone.

Note that a region divides the data centres of that region into 4 zones. At any one time, you will see 3 zones, “round robin” (or some other algorithm) selected for you, labelled as 1, 2, and 3.

The New ZRS

When Microsoft launched GPv2, they did two things:

The shared an end-of-life date for ZRS in GPv1
They introduced a new form of ZRS in GPv2

The new ZRS uses the availability zones of an enabled region to place 3 copies of your storage account data across three different storage clusters, across 3 different data centres that do not have shared dependencies. Now if two of those data centres, co-los, or storage clusters go down, the storage account remains available.

Adding Geo-Redundancy To ZRS

It would make sense for ZRS to be used, but it does not have geo-redundancy. So just like with LRS, Microsoft is adding (in preview today in US East) two geo-redundant options:

GZRS or Geo-Zone Redundant Storage: ZRS plus 3 asynchronous copies in the paired region.
RA-GZRS or Read-Access Geo-Zone Redundant Storage: GZRS where the asynchronous copies can be used for read operations only.

Note that:

The replicas in the paired region are stored in LRS, not ZRS. And that means that …
The paired region does not need to be in the preview for GZRS or RA-GZRS and it does not need to support availability zones – only the primary region does.

Which means that more people will be able to use GZRS and RA-GZRS.

Is ZRS the New LRS?

For those regions where ZRS is supported, and GZRS/RA-GZRS will be added, would it make sense to use ZRS as your starting point? I would like to say that the answer is yes. My default answer is “yes” but you need to check that your services will support it. For example, I use ZRS for certain things, but other things, such virtual machine diagnostics, I cannot because the IaaS diagnostics agent will not support ZRS! I guess the team responsible for that is more focused on driving revenue into Azure Monitor Logs (Log Analytics) by adding support for Workspace (preview today) in addition to LRS/GRS storage.

Cloud Mechanix – “Starting Azure Infrastructure” Training Coming To Frankfurt, Germany

I have great news. Today I got confirmation that our venue for the next Cloud Mechanix class has been confirmed. So on December 3-4, I will be teaching my Cloud Mechanix “Starting Azure Infrastructure” class in Frankfurt, Germany. Registration Link.

Buy Ticket

About The Event

This HANDS-ON theory + practical course is intended for IT professionals and developers that wish to start working with or improve their knowledge of Azure virtual machines. The course starts at the very beginning, explaining what Azure is (and isn’t), administrative concepts, and then works through the fundamentals of virtual machines before looking at more advanced topics such as security, high availability, storage engineering, backup, disaster recovery, management/alerting, and automation.

Aidan has been teaching and assisting Microsoft partners in Ireland about Microsoft Azure since 2014. Over this time he has learned what customers are doing in Azure, and how they best get results. Combined with his own learning, and membership of the Microsoft Valuable Professional (MVP) program for Microsoft Azure, Aidan has a great deal of knowledge to share.

We deliberately keep the class small (maximum of 20) to allow for a more intimate environment where attendees can feel free to interact and ask questions.

Agenda

This course spans two days, running on December 3-4, 2018. The agenda is below.

Day 1 (09:30 – 17:00):

Introducing Azure
Tenants & subscriptions
Azure administration
Admin tools
Intro to IaaS
Storage
Networking basics

Day 2 (09:30 – 17:00):

Virtual machines
Advanced networking
Backup
Disaster recovery
JSON
Diagnostics
Monitoring & alerting
Security Center

The Venue

The location is the Novotel Frankfurt City. This hotel:

Has very fast Wi-Fi – an essential requirement for hands-on cloud training!
Reasonably priced accommodation.
Has car parking – which we are paying for.
Is near the Messe (conference centre) and is beside the Kuhwaldstraße tram station and the Frankfurt Main West train station and S-Bahn.
Is just a 25 minute walk or 5 minutes taxi from the Hauptbahnhof (central train station).
It was only 15-20 minutes by taxi to/from Frankfurt Airport when we visited the hotel to scout the location.

Costs

The regular cost for this course is €999 per person. If you are registering more than one person, then the regular price will be €849 per person. A limited number of early bird ticks are on sale for €659 each.

You can pay for for the course by credit card (handled securely by Stripe) or PayPal on the official event site. You can also pay by invoice/bank transfer by emailing contact@cloudmechanix.com. Payment must be received within 21 days of registration – please allow 14 days for an international (to Ireland) bank transfer. We require the following information for invoice & bank transfer payment:

The name and contact details (email and phone) for the person attending the course.
Name & address of the company paying the course fee.
A purchase Order (PO) number, if your company require this for services & purchases.

The cost includes tea/coffee and lunch. Please inform us in advance if you have any dietary requirements.

Note: Cloud Mechanix is a registered education-only company in the Republic of Ireland and does not charge for or pay for VAT/sales tax.

See the event page for Terms and Conditions.

Buy Ticket

Physical Disks are Missing in Disk Management

In this post, I’ll explain how I fixed a situation where most of my Storage Spaces JBOD disks were missing in Disk Management and Get-PhysicalDisk showed their OperationalStatus as being stuck on “Starting”.

I’ve had some interesting hardware/software issues with an old lab at work. All of the hardware is quite old now, but I’ve been trying to use it in what I’ll call semi-production. The WS2016 Hyper-V cluster hardware consists of a pair of Dell R420 hosts and an old DataON 6 Gbps SAS Storage Spaces JBOD.

Most of the disks disappeared in Disk Management and thus couldn’t be added to a new Storage Spaces pool. I checked Device Manager and they were listed. I removed the devices and rebooted but the disks didn’t appear in Disk Management. I then ran Get-PhysicalDisk and this came up:

As you can see, the disks were there, but their OperationalStatus was hung on “Starting” and their HealthStatus was “Unknown”. If this was a single disk, I could imagine that it had failed. However, this was nearly every disk in the JBOD and spanned HDD and SSD. Something else was up – probably Windows Server 2016 or some firmware had threw a wobbly and wasn’t wrapping up some task.

The solution was to run Reset-PhysicalDisk. The example on docs.microsoft.com was incorrect, but adding a foreach loop fixed things:

$phydisk = (Get-Physicaldisk | Where-Object -FilterScript {$_.HealthStatus -Eq “Unknown”})

foreach ($item in $phydisk)
{
Reset-PhysicalDisk -FriendlyName $item.FriendlyName
}

A few seconds later, things looked a lot better:

I was then able to create the new pool and virtual disks (witness + CSVs) in Failover Cluster Manager.

Azure Preview – Standard SSD Disks

Say what?!?! Standard SSD disks? And we thought that Standard = HDD and Premium = SSD! But that’s no longer the case.

In the coming world of Azure (we’re not there yet), Premium will be just that, but Standard will be normal deployments of either HDD or SSD. How do the three tiers of managed disks break down?

Premium: For when you need the highest IOPS, throughput and lowest latency.
Standard SSD: For production workloads when you need predictable IOPS performance (500 per disk) with lower latency than HDD.
Standard HDD: Test and archive storage in VMs, with IOPS listed as up to 500 IOPS – spinning disks are based on serial access and bursts of activity lead to access queues and lower performance levels.

Let’s set expectations: Standard SSD is in very limited preview today. Only North Europe (Dublin) is supported today, with several more regions coming online internationally by mid-June:

France Central
East US 2
Central US
Canada Central
East Asia
Korea South
Australia East

There is no Azure Portal support today. If you want to deploy Standard SSD disks, you must do it using ARM templates:

apiVersion for Microsoft.Compute/virtualMachines must be set as “2018-04-01” (or later)
storageAccountType as “StandardSSD_LRS”

Won’t SSD be too expensive compared to HDD? That was my first thought. But check out the RRP pricing (North Europe in Euros). The per-GB pricing for Standard HDD is:

But the per-GB pricing for Standard SSD disks is:

The per-GB cost of Standard SSD is LOWER than that of Standard HDD. How could that be? Electricity is a huge cost in data centers, and disk arrays eat up a lot of power. SSD is way more efficient, the cost of SSD has been falling, and Microsoft eats the commodity storage hardware dog food.

If you read the pricing small print, you will notice that the micro-cost of storage transactions in Standard SSD is €0.000844 per 10,000 transactions, double the Standard HDD cost of €0.000422 per 10,000 transactions but that’s one of those costs that’s tucked away at the bottom of the bill that few ever notice because it’s tiny.

Standard SSD, managed disks only, is LRS only, as with other managed disks. They also come with the usual 99.999% availability, and Microsoft’s claimed ZERO percent annualized failure rate.

I’m looking forward to the day that Standard SSD is GA and I can start telling customers to switch over to it as their normal disk, when Premium isn’t required.

Feedback Required By MS – Storage Replica in WS2019 STANDARD

Microsoft is planning to add Storage Replica into the Standard Edition of Windows Server 2019 (WS2019). In case you weren’t paying attention, Windows Server 2016 (WS2016) only has this feature in the Datacenter edition – a large number of us campaigned to get that changed. I personally wrecked the head of Ned Pyle (@NerdPyle) who, when he isn’t tweeting gifs, is a Principal Program Manager in the Microsoft Windows Server High Availability and Storage group – he’s one of the people responsible for the SR feature and he’s the guy who presents it at conferences such as Ignite.

What is SR? It’s volume based replication in Windows Server Failover Clustering. The main idea what to enable replication of LUNs when companies couldn’t afford SAN replication licensing. Some SAN vendors charge a fortune to enable LUN replication for disaster recovery and SR is a solution for this.

A by product of SR is a scenario for smaller businesses. With the death of cluster-in-a-box (manufacturers are focused on larger S2D customers) the small-medium business is left looking for a new way to build a Hyper-V cluster. You can do 2-node S2D clusters but they have single points of failure (4 nodes are required to get over this) and require at least 10 GBE networking. If you use SR, you can create an active/passive 2-node Hyper-V cluster using just internal RAID storage in your Hyper-V hosts. It’s a simpler solution … but it requires Datacenter Edition today, and in the SME & branch office scenario, Datacenter only makes financial sense when there are 13+ VMs per host.

Ned listened to the feedback. I think he had our backs and understood where we were coming from. So SR has been added to WS2019 Standard in the preview program. Microsoft wants telemetry (people to use it) and to give feedback – there’s a survey here. SR in Standard will be limited. Today, those limits are:

SR replicates a single volume instead of an unlimited number of volumes.
Servers can have one partnership instead of an unlimited number of partners.
Volume size limited to 2 TB instead of an unlimited size.

Microsoft really wants feedback on those limitations. If you think those limitations are too low, then TALK NOW. Don’t wait for GA when it is too late. Don’t be the idiot at some event who gives out shite when nothing can be done. ACT NOW.

If you cannot get the hint, complete the survey!

Video–Azure File Sync

I’ve produced and shared a short video (12:33 minutes) to explain what Azure File Sync is, what it will do for you, and there’s a quick demo at the end. If you want to:

Synchronise file shares between offices
Fix problems with full file servers by using tiered storage in the cloud
Use online backup
Get a DR solution for file servers, e.g. small business or branch office

… then Azure File Sync is for you!

Was This Post Useful?

If you found this information useful, then imagine what 2 days of training might mean to you. I’m delivering a 2-day course in Amsterdam on April 19-20, teaching newbies and experienced Azure admins about Azure Infrastructure. There’ll be lots of in-depth information, covering the foundations, best practices, troubleshooting, and advanced configurations. You can learn more here.

Faster & Bigger Azure Backup for Azure VMs

Azure Backup recently rolled out an update to their service for protecting Azure VMs to improve backup speed, restore performance, and to add support for larger disks.

Support for Large Disks

Azure Backup didn’t support disks that were larger than 1 TiB (1 TB is the marketing measure of 1000 GB, and 1 TiB is the computer science measure of 1024 GiB). Those large disks must be popular – I know that people couldn’t get their head around the idea of a volume being spread across disk aggregation (they never heard of RAID, I guess) and wouldn’t touch Azure VMs because of this.

Today, Azure Backup, once upgraded by you, does support the large disks that Azure can offer (over 1 TiB).

Snapshot-Based Backup

People who deploy large VMs have seen that the traditional process of protecting their machines has been slow. Historically Azure Backup would:

Create a snapshot of the virtual machine.
Transfer the backup data from the storage cluster to the recovery services vault (standard tier block blob storage) over a network.

The snapshot was then dispensed with.

The backup was slow (the process of calculating changes, the network transfer and the write to standard storage), and restores were just as slow. It’s one thing for a backup to be slow, but when a restore is a 12 hour job, you’ve got a problem!

Azure made some changes, and now the process of a backup is:

Create a snapshot of the virtual machine and keep 7 snapshots (7 backups).
Use the previous snapshot to speed up the process of identifying changes.
Transfer the backup data from the storage cluster to the recovery services vault (standard tier block blob storage) over a network.

Two things to note:

The differencing calculation is faster, speeding up the end-to-end process.
But after you upgrade Azure Backup, you can do a restore once the snapshot is complete, and while the backup job (transfer) is still happening!

7 snapshots are kept, and you can restore a virtual machine from either:

A snapshot from the last 7 backups)
A recovery point in the recovery services vault from up to the last 99 years, 9999 recovery points, depending on your backup policy.

Restoring from a snapshot should be much quicker, and this will benefit large workloads, such as database servers, where a restore is usually from as recent a backup as possible.

Distributed Disks Restore

The last new feature is that when you restore a virtual machine with un-managed disks (storage account disks) then you can opt to distribute the disks to different storage accounts.

Accessing the Features

A one-time one-way upgrade must be done in each subscription to access the new Azure Backup for IaaS VM features. When you open a (single) recovery services vault, a banner will appear at the top. Click the banner, and then read the blade that opens. When you understand the process, click Upgrade. A quick task will complete and approximately two hours later, your entire subscription will be upgraded and able to take advantage of the features described above.

Was This Post Useful?

First Cloud Mechanix Azure Course Completed

Last week, I delivered my first ever Cloud Mechanix Azure training course, to a full room in the Lancaster Gate area of London, UK.

It was a jam-packed full 2 days of Azure storage, networking, virtual machines, backup, DR, security, and management, with lots of hands-on labs. Half the attendees were from the UK, the rest from countries such as Denmark, Netherlands, Belgium, and even Canada! I had a lot of fun teaching the class – there were lots of questions and laughs. And as often happens in these classes, the interactions lead me to picking up a couple of ideas from the attendees.

In my class, everyone gets hands-on labs a few days before the event. That allows them to get their laptops ready. On the day, they get copies of the slides so they can follow/along or make notes on their laptops – the labs and slides are updated with the latest information that I have. The goal of the class isn’t to teach you where to click, but why to click. In the cloud, things move and get renamed so detailed instructions age very quickly. But what lasts is understanding the why. Not everyone got to finish the hands-on labs, but I am available to help the attendees complete the labs.

If this course sounds interesting to you, then we have another class running in Amsterdam in April. Some tweaks are being made the labs/slides (which the London class will be getting too) and, as always, the April class will be getting the latest that I can share on Azure.

Amsterdam – Starting Azure Infrastructure Course

I am happy to announce that our Cloud Mechanix venture is bringing my custom-written Starting Azure Infrastructure course to Amsterdam on April 19-20.

This course is intended for IT professionals and developers that wish to start working with or improve their knowledge of Azure virtual machines. The course starts at the very beginning, explaining what Azure is (and isn’t), administrative concepts, and then works through the fundamentals of virtual machines before looking at more advanced topics such as security, high availability, storage engineering, backup, disaster recovery, management/alerting, and automation. The frequently updated content is focused on real world applications, with a focus on best practices, security, stability, control, and uptime. I’ve also added lots of useful links to additional reading & how-to’s, as well as my own tips and tricks.

Cloud Mechanix has gotten off to a great start. We quickly sold 11 of 10 (!) seats in London for Feb 22-23. The room we booked actually can hold 24 people in classroom format. So we expanded that to 20 seats, and 19 of those seats were booked by early January – one seat is still available. That gave me some confidence to expand our operations, especially with some of the market knowledge I have about Azure’s success in Europe. So the next stop is Amsterdam!

The Location

Why Amsterdam? Obviously, the Netherlands is a big economy, but Amsterdam is one of Europe’s hubs – you can get to Amsterdam with a direct & cheap flight from almost every major city in Europe, and it’s easily driven to from a large part of western Europe.

The venue is the Radisson Blu hotel at Schiphol. This hotel:

Is on public transport.
Has a car park, an we are covering 25% of the day rate.
Is accessible by direct flights from large parts of Europe (and the World) thanks to being near Schiphol Airport – 866 NOK return from Oslo, 589 DKK from Copenhagen, £105 from London City, €150 from Rome.
Is just 9 minutes by taxi.
Provides a hotel shuttle from to/from the airport.
If you wish to stay in the hotel, check for prices on 3rd party sites, for as low as €114 per night.

All travel & accommodation prices were searched for on Jan 20th for the dates of Apr 18-20 using Skyscanner and Trivago.

The Class Agenda

This course spans two days, running on April 19-20, 2018. The agenda is below.

Day 1 (09:30 – 17:00):

Introducing Azure
Tenants & subscriptions
Azure administration
Admin tools
Intro to IaaS
Storage
Networking basics

Day 2 (09:30 – 16:00):

Virtual machines
Advanced networking
Backup
Disaster recovery
JSON
Diagnostics
Monitoring & alerting
Security Center

By the end of this course you should have new/additional knowledge to help you deploy business services using Azure virtual machines, with best practices on performance, security, and availability … in the real world.

Past Feedback

Here are some recent comments from courses that I have written and delivered:

“Aidan covers all the information and workarounds so that you know what not to do, rather than having to learn the hard way from your mistakes. Also happy to answer question and off-topic questions.”

“I found it very useful for my job. I especially liked that we covered aspects that weren’t in the course but provided useful context, e.g. applying learnings like MS Flow and MigAz. I learned a lot about networking – not just the tools but the aspects that the tools are applied to.”

“Excellent as always.”

Costs & Registration

You can read all about the course, venue, terms & conditions, and register here.

Further Dates & Private Training

Future dates will be announced in the EU. I’m investigating running training in the USA – accounting/tax is the challenge there! If you want private runs of this training, then please contact me.