Deploying Azure Marketplace VMs

The first step is to gather information about the Market Place Virtual Machine (VM) image that we want to deploy. For this example I decided to deploy a Tableau Server image.

Login-AzureRmAccount

$location = 'eastus'
  
Get-AzureRmVMImagePublisher -Location $location `
    | Where-Object -Property PublisherName -Like Tableau*
 
$publisherName = 'tableau'
  
Get-AzureRmVMImageOffer -Location $location `
                        -PublisherName $publisherName
 
$offer = 'tableau-server'
  
Get-AzureRmVMImageSku -Location $location `
                      -PublisherName $publisherName `
                      -Offer $offer `
      | Select-Object -Property 'Skus'

Skus                  
----                  
bring-your-own-license

Now that we have the image information, it’s time to create an Azure Resource Manager (ARM) Template. Continue Reading…

45.501689 -73.567256

Geo-HA Service Fabric Cluster

One of the biggest challenges that we face when we build an Internet-scale solution, is high availability across geographic locations (Geo-HA). Why is this important? Well, there can be a few different reasons. The most common reason, is to be able to survive data center outages. Another reason, is to bring services closer to end users so that we can provide good user experiences.

Geo-HA brings challenges to the table. For example, should we use an Active-Passive or Active-Active strategy for data across regions? Keeping in mind that Active-Active is difficult to get right, we need to take time to analyze and to make the correct choices. We need to consider our Disaster recovery (DR) plan, target RPO and RTO. Azure has a whole bunch of mechanisms for replication, backup and monitoring, so how do we decide what’s the right combination?

Today’s Internet-scale services are built using microservices. Service Fabric is a next-generation middleware platform used for building enterprise-class, Tier-1 services. This microservices platform allows us to build scalable, highly available, reliable, and easy to manage solutions. It addresses the significant challenges in developing and managing stateful services. The Reliable Actors API is one of two high-level frameworks provided by Service Fabric, and it is based on the Actor pattern. This API gives us an asynchronous, single-threaded programming model that simplifies our code while still providing the advantages of scalability and reliability guarantees offered by Service Fabric.

A Service Fabric cluster is HA within its geographic region by default. Thinking about our heritage of on premise data centers, we’ve poured thousands of man-hours to deploy Disaster Recovery sites in secondary physical locations, because we know that everything is possible. Over the past few years, we’ve experienced many interesting scenarios, for example, a cut cable, or a faulty DNS entry broke the Internet. So why should we do anything differently in the cloud? We must treat each region as we treat our own data centers and think about Geo-HA.

The rest of this post is about taking high availably to the next level by deploying a Geo-HA Service Fabric cluster. Continue Reading…

45.501689 -73.567256

The 95th Percentile

Imagine a reality, where you can detect and fix issues without your users noticing that something went wrong.

We all aspire to measure performance in some way, and choosing what to measure can be a challenge in itself. By default, we think about averages, and we forget that there are many other possible measurements. Continue Reading…

45.501689 -73.567256

Keeping ARM CMDLETs Fresh

Open a PowerShell Console as an Administrator and used the following commands. It usually takes about 15 minutes to complete, so don’t do this if you’re in a hurry =)

Install-Module AzureRM -AllowClobber -Force

Installing AzureRM modules.
AzureRM.Profile 1.0.5 updated [1/29]...
Azure.Storage 1.0.5 updated [2/29]...
AzureRM.Backup 1.0.5 updated [3/29]...
AzureRM.RedisCache 1.1.3 updated [4/29]...
AzureRM.Tags 1.0.5 updated [5/29]...
AzureRM.SiteRecovery 1.1.4 updated [6/29]...
AzureRM.Insights 1.0.5 updated [7/29]...
AzureRM.OperationalInsights 1.0.5 updated [8/29]...
AzureRM.DataLakeAnalytics 1.0.5 updated [9/29]...
AzureRM.Dns 1.0.5 updated [10/29]...
AzureRM.Storage 1.0.5 updated [11/29]...
AzureRM.UsageAggregates 1.0.5 updated [12/29]...
AzureRM.HDInsight 1.0.6 updated [13/29]...
AzureRM.RecoveryServices 1.0.6 updated [14/29]...
AzureRM.Network 1.0.5 updated [15/29]...
AzureRM.Compute 1.2.4 updated [16/29]...
AzureRM.TrafficManager 1.0.5 updated [17/29]...
AzureRM.Websites 1.0.5 updated [18/29]...
AzureRM.LogicApp 1.0.1 updated [19/29]...
AzureRM.DataFactories 1.0.5 updated [20/29]...
AzureRM.DataLakeStore 1.0.5 updated [21/29]...
AzureRM.Sql 1.0.5 updated [22/29]...
AzureRM.Automation 1.0.5 updated [23/29]...
AzureRM.ApiManagement 1.0.5 updated [24/29]...
AzureRM.StreamAnalytics 1.0.5 updated [25/29]...
AzureRM.Batch 1.0.5 updated [26/29]...
AzureRM.Resources 1.0.5 updated [27/29]...
AzureRM.NotificationHubs 1.0.5 updated [28/29]...
AzureRM.KeyVault 1.1.4 updated [29/29]...

Making a Self-Signed Certificate

A lot of services on Azure and on-premis require us to create or buy certificates. Now there are a couple of ways to create certificates. I used to do it using makecert

makecert -sky exchange -r -n "CN=<Domain Name>" -pe -a sha1 -len 2048 -ss My -sv <Domain Name>.pvk <Domain Name>.cer 
 
pvk2pfx -pvk <Domain Name>.pvk -pi <Password> -spc <Domain Name>.cer -pfx <Domain Name>.pfx

Recently, I started making my certificates using PowerShell Continue Reading…

45.501689 -73.567256

Copying Files Over a PSSession

I recently bought a Raspberry Pi 3, and now that it’s running Windows IoT Core, I wanted to make it do something. So I wrote a basic UWP App and I was looking for a way to deploy it to the device. Luckily, WinRM is enabled on Windows IoT Core. This allowed me to use PowerShell to remote into the device and copy my appx package.

net start WinRm

$ip = "192.160.0.100"

Set-Item WSMan:\localhost\Client\TrustedHosts -Value $ip -Force

$PWord = ConvertTo-SecureString –String "p@ssw0rd" –AsPlainText -Force
$Credential = New-Object –TypeName System.Management.Automation.PSCredential `
                         –ArgumentList "$ip\Administrator", $PWord

$session = New-PSSession -ComputerName $ip -Credential $Credential

Copy-Item -ToSession $session `
          -Path "C:\Users\brise\Downloads\worker.appx" `
          -Destination "C:\Data\Users\Administrator\Documents"

45.501689 -73.567256

Has Something Gone Wrong?

Generally, we choose to leverage Read-Access Geo-Redundant Azure Storage Accounts (RA-GRS) because we can use it as part of our disaster recovery (DR) plan. And sometimes, we forget that our devil is in the details. Disaster recovery (DR) plans are rarely tested and can cause headaches when they are. So let’s relieve some of those headaches.

Headache…

“Geo Replication Lag” for GRS and RA-GRS Accounts is the time it takes for data stored in the Primary Region of the storage account to replicate to the Secondary Region of the storage account. Because GRS and RA-GRS Accounts are replicated asynchronously to the Secondary Region, data written to the Primary Region of the storage account will not be immediately available in the Secondary Region. Customers can query the Geo Replication Lag for a storage account, but Microsoft does not provide any guarantees as to the length of any Geo Replication Lag under this SLA.

The Recovery Time Objective (RTO) and Recovery Point Objective (RPO) are the first items that come up in DR discussions. When we use RA-GRS we control the RTO because we decide when to read from the secondary location. The RPO is a bit different because that can vary due to physics and load. The best way get current Recovery Point (RP) is to get the last sync time for the RA-GRS in question. This post is all about getting the right information, when we need it, because we need facts to make the right decisions. Continue Reading…

45.501689 -73.567256

Deploying Nano Server to Azure

Based on the current builds, compared to Server, Nano Server has 93 percent lower VHD size, 92 percent fewer critical bulletins and 80 percent fewer reboots!

I’ve been curious about Nano Server for a while now. And I recently noticed that it was available on Microsoft Azure. This post is definitely from a developers point-of-view. It goes through the steps required to create a functional Nano Server Virtual Machines (VM) on Microsoft Azure.

Nano Server is ideal for many scenarios:

• As a “compute” host for Hyper-V virtual machines, either in clusters or not
• As a storage host for Scale-Out File Server.
• As a DNS server
• As a web server running Internet Information Services (IIS)
• As a host for applications that are developed using cloud application patterns and run in a container or virtual machine guest operating system.

The Adventure

Nano Server is a remotely administered server operating system (OS). Wait. Let me repeat this because it’s important… Nano Server is a remotely administered server operating system (OS). Developers, Nano Server is a server OS optimized for clouds and data centers. It’s designed to take up far less disk space, to setup significantly faster, and to require far fewer restarts than Windows Server. So why does this matter? Well it means more resources, more availability and stability for our Apps. And it also means that it’s time to learn new skills, because there is no local logon capability at all, nor does it support Terminal Services. However, we have a wide variety of options for managing Nano Server remotely, including Windows PowerShell, Windows Management Instrumentation (WMI), Windows Remote Management, and Emergency Management Services (EMS). Continue Reading…

45.501689 -73.567256

Upload a VHD to Storage Using AzCopy

What’s the best way to upload a VHD to Azure Storage? This question comes up on a regular basis and I decided that it was time to share an example that uses PowerShell and AzCopy to upload a VHD to Azure Blob Storage. As you go through this post, remember that a VHD must be uploaded as a Page Blob for it to be usable as a Virtual Machine (VM) image. Continue Reading…

45.501689 -73.567256

Using ARM to Deploy Global Solutions

Imagine deploying your secure load balanced solution to three datacenters, putting in place a worldwide load balancer and doing so in roughly 24 minutes. Did I mention that this deployment is predictable and repeatable?

Good, now that I’ve got your attention, it’s time to dive in!

Building on my previous post about managing compute resources on Azure I decided to modify the Azure Resource Manager(ARM) template to deploy a real-world environment to three datacenters (Yes I know, the diagrams shows two locations, but as I built the demo, I got greedy…). Using Azure Traffic Manager we are able positively affect a users experience by directing them to the closest datacenter.

Its important to note that ARM does not support nested copy operation. This means that we have to use a different strategy to deploy identical environments in multiple Azure regions. After a bit of research it became apparent that I had to use nested deployments. This technique requires us to break our template into multiple files. The parent template in this demo is the azuredeploy-multi-geo.json file. It contains the full list of parameters, a nested deployment that deploys instances of our environment to multiple Azure regions, and a Traffic Manager definition. The azuredeploy.json template file was refactored from the template used in my previous blog post. It contains networking, storage and Virtual Machine definitions. Continue Reading…

45.501689 -73.567256