Aidan Finn, IT Pro

Understanding Azure Storage Accounts

This post will walk you through figuring out Azure Storage accounts, pricing, and redundancy. One of the first things you will want to do when deploying virtual machines, websites (they can use them), or anything else in Azure is a storage account. But I find that most people, if they bother to search for the Azure storage pricing page, find the official page and get blizzard blindness.

The Official Guides

I find these pages to be useful:

Introduction to Microsoft Azure Storage: A nice introduction to the terminology, types, etc.
Azure Storage Pricing: Get the pricing for each option.
MSDN – Azure Storage: Lots of additional links.
Windows Azure Storage – A Highly Available Cloud Storage Service with Strong Consistency: An interesting whitepaper discussing the internals and replication architecture of Azure Storage.

The Storage Account Concept

I imagine that you are the regular IT guy that asks for X GBs of a LUN at a certain RAID level. Things are different in Azure. A Storage Account is an access point to Azure storage. The account has a URL with permission-based access:

URL that is unique to the storage account accessed via TLS 1.0 (successor to SSL) or later
A primary and a secondary access key

You create the storage account with a selected resiliency level. You do not configure a size – a single storage account can storage up to 500 TB of data and you pay for the amount of each service type that is contained within the storage account. You can create containers within a storage account that are similar to folders, allowing you to logically place your data/files. And there are remote access tools for managing storage.

So all this means that your storage “request” becomes … I want a storage account with name X (which is used as the basis for the URL) of resiliency Y in region Z.

Resiliency

There are 4 models of resiliency:

Locally Redundant Storage (LRS): 3 synchronous copies in a single data centre in the region of choice. There is no facility fault tolerance – if that single data centre has a catastrophic failure then you lose everything.
Geo-Redundant Storage (GRS): 3 synchronous copies in a single data centre in the region of choice, PLUS 3 asynchronous copies in the neighbouring region. GRS gets your data replicated to another region and this is how one gets facility fault tolerance.
Read-Access Geo-Redundant Storage (RA-GRS): 3 synchronous copies in a single data centre in the region of choice, PLUS 3 asynchronous read-only copies in the neighbouring region
Zone Redundant Storage (ZRS): There are three copies of your data, “replicated three times across two to three facilities, either within a single region or across two regions”. ZRS can only be used with Block Blobs (no use for IaaS).

Service Types

I know from experience that when you consider deploying a storage account for the first time you will be be wondering “how do I know where to put my files to be sure that I’m charged at the right rate?”. Don’t worry … all this is handled for you. Store your files and they are treated appropriately. Here are the 4 service types:

Block blobs: Streaming and storing documents, videos, pictures, and other unstructured text or binary data. This is the service used by Azure Backup.
Files (still in preview at the time of writing): Used to create in-Azure SMB 2.x file shares for sharing content between applications in Azure – nothing else.
Page blobs & disks: Used to store Azure VM files (virtual hard disks in the VHD format – VHDX is not supported).
Tables & Queues: NoSQL storage for unstructured and semi-structured data, and very much a PaaS thing.

What Kind of Azure Storage for IaaS?

For the most part, we in the IaaS world are concerned with:

Block blobs for Azure Backup, LRS or GRS
Page blobs & disks for Azure virtual machine (VM) files, LRS or GRS
Page blobs & disks for Azure Site Recovery, GRS only

However, you might see other services being used for monitoring data, configuration files, metadata, etc. Don’t worry, that stuff is tiny, Azure storage is CHEAP, and Azure manages all that stuff.

Premium Storage Accounts

Everything above is related to Standard Storage accounts. However, Azure offers the ability to deploy Premium Storage where virtual machine files are stored on SSDs instead of HDDs. This increases IOPS and reduces latency, and comes at a much greater cost. Don’t be foolish and deploy Premium Storage based on gut feeling – this cost is big enough that a proof-of-concept with realistic load simulation has determined that Standard Storage was insufficient.

Choosing Azure Management Tools

In this post, I will share with you some details on the different options for managing Azure. It’s not all-encompassing; I’m leaving programing REST API and Visual Studio to the nut jobs.

Account Portal

This is where you start off creating your subscription (under Open or direct-billing), and where you go to get a breakdown on your billing. You get a simple UI to break down your costs in this period, and the ability to download a deeper dive.

Management Portal

The Management Portal is historically where techies have gone to get stuff going. You get a pretty easy to use UI, with each major element of Azure having it’s own section. When you deploy something in here, there’s usually a Quick Start, some of which can be really simple to use.

You might have noticed that there is a second UI portal – yes; it can be confusing. Here’s how I think of things:

The management portal is where I go to work with new things like Azure Site Recovery or Remote App
The preview portal is where I go to have the best marketplace experience
The preview portal is where new sub features often get surfaced, e.g. assigning a reserved IP to a virtual machine

Preview Portal (Codename Ibiza)

Microsoft launched the “Preview Portal” around 14 months ago. It’s gone through many redesigns. Rather than being quick to navigate, it’s got a very “Windows 8” crossed with PhotoShopped-insane UI. But the reality is, if you want to work with new sub-features via a UI, then this site is where you go. If you want as much stuff presented to you as possible, this is where you go. And it does seem that more effort goes into this site as time goes by.

PowerShell

There are at least 2 types of PowerShell that you’ll use with Azure:

The MSOL module for Azure Active Directory
The Azure PowerShell module

With PowerShell you really can do things much more quickly. Creating, changing (if you can), and removing things in Azure is painfully slow via the UI tools. PowerShell isn’t much quicker, but it allows you to script a number of things you want done while you get coffee or work on something else.

There are other options, but as an IaaS person, I’m focused on the above tools.

Technorati Tags: Azure,Cloud,Cloud Computing,Hybrid Cloud

Azure AD Connect is Generally Available

Thenews that AADConnect is now GA is great for anyone battling with synchronizing to Azure Active Directory (Azure AD or AAD). This tool really is going to be the start of connecting your business to Microsoft’s cloud solutions:

Azure
Office 365
Intune
RMS
CRM
And many more, including third-party solutions via AAD single sign-on

Why? Because you need to get users into the common AAD before these services become meaningful. I’ve used AAD in two different preview releases and found it really simple to get going. Any work that I’ve done with Azure RemoteApp has be done with this tool. Why didn’t I use DirSync? Because I found it to be unreliable. AADConnect solves a big problem too – which AD sync tool should I use – now you use just one tool.

According to Microsoft:

With a rich set of sync and write-back capabilities, you can:

Enable your users to perform self-service password reset in the cloud with write-back to on premises AD

Enable provisioning from the cloud with user write back to on premises AD

Enable write back of “Groups in Office 365” to on premises distribution groups in a forest with Exchange

Enable device write back so that your on-premises access control policies enforced by ADFS can recognize devices that registered with Azure AD. This includes the recently announced support for Azure AD Join in Windows 10.

Sync custom directory attributes to your Azure Active Directory tenant and consume it from your cloud applications

You can also use AADConnect to connect different AD forests.

In related news Azure AD Connect Health was also released to help customers troubleshoot what’s going on with ADFS. This new feature is included in Azure AD Premium.

This release for ADFS has 3 key capabilities:

Alerts based on events, configuration information, synthetic transactions and perf data. So, when something goes wrong, or is about to go wrong, we let you know.

Graphs of login activity that you can pivot multiple ways for easy viewing. These “usage insights,” are accessible when you enable auditing on your ADFS servers. They are based on audits generated when user’s login and tokens are generated for applications.

Access to key performance indicators across multiple servers, including token request counters, processor, memory, latency, and so forth

A Totally New Blog Design After Restoring From Azure Backup

Monday was one of those days you dread – this site’s server had a catastrophic failure and I had to restore the VM from an Azure Backup. Luckily, the process worked perfectly and I was back online. But I realised that I just wasn’t doing a very good job at running the VM, the software (MySQL and WordPress), and managing the site.

So after getting things back online, I spent a bit of time doing updates and re-engineering the site. And this is the result. The site has a whole new home page with featured posts, and recent posts in several key categories. The blog has much more imagery, and the design is brighter, more modern, and easier to read. Hopefully you agree.

Let’s Get Something Straight About GUI-Less Windows Server

I have been quite vocal about a few things:

Microsoft’s bashing of the GUI is unnecessary and unwarranted. I think Nano is a great idea. In fact, one of my first pieces of feedback as a Hyper-V MVP many years ago was that I wanted a version of Hyper-V that was even more stripped down than Hyper-V Server. However, in reality, the driver/firmware eco-system is not solid enough for Nano outside cloud-scale deployments. That’s limited to around 100 data centers in the world (guess). Nano’s biggest customer will be (or already is) Azure. And do you think that MSFT is buying the same server as you and putting up with Emulex or Broadcom crap? Hah! Moron!
I don’t like that Microsoft removed a full install from the installation of WS2016 TPv2. Out here in the real world, stuff like that affects adoption rates. The presence of Metro and lack of Start menu has actually prevented WS2012+ installations. This is not hyperbole – I deal with this quite frequently.

Some of you are self-elected thought police: “You should just get with the program”. To you I say: shut up. What’s right for you isn’t right for anyone.

Let’s get on to what I have not said:

I have not said: “Get rid of Nano”. See above.
I have not said: “Remove the core install from WS2016”. Some of you (30%) install Core/MinShell and that’s fine. How exactly does returning the Full install option hurt you?
I have not said: “Remote administration is bad”. How does having a full UI on my server prevent remote administration? I prefer to manage servers from my PC using tools on my PC. But you know what, sometimes I work from home and have to log into a server over a latent VPN connection. Sometimes sh1t happens on a server and I need to work locally because it’s faster or the network card driver/firmware is frakked (see eco-system above).
I have not said: “Automation is bad”. I use PowerShell a lot of the time, yeah, with full install Hyper-V hosts and SOFS nodes. My sessions at Ignite 2015 and TechEd Europe 2014 consisted of 75 minutes of Hyper-V/clustering PowerShell demonstrations! But there are times where a GUI is faster and more efficient. If you don’t get that then you don’t live in the real world of dealing with things breaking. Maybe you’d like to have SCOM without a UI too?

Have you imagined that I’ve said any of the above things? If so then please go search for and highlight where I said those things. Find where I said it? Hmm? Reading an comprehension issues, have you?

Microsoft News 02-June-2015

The big news of the last 24 hours is that Windows 10 will be released on July 29th. I posted before The Verge, etc, that I will be away and not reporting on the release on that date.

Hyper-V

How Shared VHDX Works on Server 2012 R2: V2.0 of SVHDX files is in WS2016.
MVP Carsten Rachfahl interviews Claus Joergenson about Storage Spaces Direct: Video interview recorded at Ignite by the Hyper-V MVP.

Windows Server

Microsoft to hike by 13 percent its user client-access license prices as of August 1: Buy now if you can. CALs are by far the most expensive part of a server purchase for mid-large companies.

Windows Client

And the Release Date for Windows 10 Is… July 29th.
Windows 10 System Requirements: No surprises here.
Will your PC run Windows 10? Use the official compatibility checker to find out
Which Version You Get For Free: You can upgrade from Windows 7 SP1 or Windows 8.1 Update 2. Enterprise editions won’t get the free upgrade offer (requires SA or purchase).
Azure AD Join on Windows 10 devices: The benefits, process, and management of devices which are joined to Azure AD.

Azure

New Azure Infrastructure Services Implementation Guidelines: Start with Azure Infrastructure Services Implementation Guidelines if you are investigating the deployment of your first production IT workload in Azure.
Managing Azure Storage from the Command-Line: Want to delete a previously used storage account? Save half a day and learn a couple of cmdlets. It’s almost like they designed the GUI to force you into it 😉
Recent Enhancements to Azure Site Recovery: The ASR team has been busy, including adding support for Generation 2 VMs, failback to new sites (there now), vSphere and physical servers.

Miscellaneous

13 Things System Administrators Hate About IT Vendors: You’re not alone. As an admin I loved making sales people squirm.
A very interesting infographic from Microsoft: Quietly released as “SMB Mentor Project” this PDF is appears to be aimed at SMB resellers, and I love the tone of it – it’s how I’ve taken to talking down to those who shrug their shoulders at XP and W2003 usage by their customers.

Technorati Tags: Microsoft,Hyper-V,Virtualisation,Storage,Storage Spaces,Windows Server 2016,Licensing,Windows 10,Azure,Active Directory,DR

How To Kill Your Business In 5 Simple Steps – By Microsoft

This infographic was released by Microsoft over the past couple of days and I love it. It’s the same sort of tone that I use to talk down to XP and W2003 usage defenders – you know the ones, they shrug their shoulders and make excuses. I haven’t seen this graphic anywhere else on Microsoft, and it was released under the title of “SMB Mentor Project”; it appears to be aimed at resellers.

Microsoft News 28-May-2015

Very little to cover here, except one possibly controversial article on Hyper-V that you long-time readers might expect me to write an angry response to …

Hyper-V

Hyper-V’s Biggest Weakness: A post that I wrote for Petri.com.
When to use Hyper-V Dynamic Memory versus Runtime Memory Resize: Similar but different tools.
Hyper-V and Disk Fragmentation: Fragmentation can happen at 3 levels.

Windows Server

Coming soon to a datacenter near you – Azure Stack: There’s little to say at the moment, so repetition is the order of the day.

Azure

Azure Diagnostics & Microsoft Operations Management Suite: A step-by-step guide.
Building your first Azure Resource Group template for IaaS: Easy, eh? Looks ass nasty to me.

Office 365

Quick tour of Office 365–recent updates and what’s coming: Jeremy Chapman is joined by Julia White to take a look at the last year of updates in Office 365 give a sneak peek of what’s coming. With White on the show, it will not be boring … or slow.

Technorati Tags: Microsoft,Windows Server 2012 R2,Windows Server 2016,Hyper-V,Virtualisation,Azure,Private Cloud,Hybrid Cloud,Cloud,Cloud Computing,Office 365

I Won’t Be Covering Windows 10 on July 29th

I’ll be away that week and I’ll have much better life changing things going on 🙂

I hop you enjoy downloading and installing whatever is available that evening at around 8pm UK/Irish time.

Technorati Tags: Windows 10

Living with & Paying for Azure VM Backup

This site is running on an Azure Basic A2 VM with 127 GB of storage. I back it up in two ways:

There is an Azure Backup (AB) agent installed in the guest OS, and that backs up an export of MySQL and the IIS content.
I use the (preview) feature that allows you to grab a daily backup of a VM. This is what I want to focus on.

I have deployed a GRS backup vault. The usage summary is:

The storage cost of the backup this month will be around €2.5776 (72 * €0.0358 per GB) and the instance cost will be €7.447 (The VM size falls into 50-500 GB).

There is a daily backup with 4 weeks of retention. Right now, there are 29 days of history:

Backup can be slow (ranges from 47 minutes to 4 hours and 13 minutes), but I haven’t had any issues.

I haven’t had to do a restore, but so far, so good.

Technorati Tags: Azure,Virtualisation,Backup