Running and operating an Azure Stack either on a DevKit or a integrated system can be a hurdle and sometimes you need to know the state of the stamp and the portal does not always show everything.
Connecting an session to a emergency recovery console and kicking of a Test-AzureStack can give you some more insights to what is the state of the system.
If you want to know more and see the state you better look at the parameters of Test-AzureStack because there are some hidden gems there! If you run with a -ServiceAdminCredential firstname.lastname@example.org you will get some information and see what actually works on the stamp in regards of deployment and usage of the base RP´s.
If you do not want to run all Test-AzureStack tests you can specify running just -Include AzsScenarios and thus only running Operator and User Scenarios and not all other tests with fabric and storage etc. There is another parameter -timeout that can be used if you need more time for the test to run
One thing to consider is that it is cumbersome to utilize a serviceadmin credential that is MFA-enabled for the Test-AzureStack and that you have to set up a separate account for this test.
Now finally Microsoft have updated the misleading documentation on supported guest os within Hyper-V. This is quite important as some people tend to get stuck on small details and as my good friend Didier wrote on his blog, Hyper-V supports guest OS n+1, although that now gets a bit altered with the semi-anual releases.
Now the docs page is updated and shows the following:
Automatic VM activation heads-up!
There is though a small or big thing that needs to be considered if you have an environment with Hyper-V servers and utilize the AVMA. If you plan to deploy Server 2019 guest VM´s there is no way to get them auto activated on a 2016 Hyper-V host.
If you are a bit more old fashioned and utilize a KMS you will just need a KMS server that is newer than 2012 as the key for 2019 needs the KMS to be hosted on at least a 2012R2 Windows Server!
My homelab environment consists of two Intel NUC and I have been playing around with the insiders previews of Server 2019 on one of them and the other one was running Server 2016.
As you might know there is a bit of a hustle of the nic drivers with the server versions of Windows and the Intel NUC´s so there are some steps to get it working. I had some issues where the nic failed during in-place upgrade between preview versions of 2019 and as I do not have a KVM I had to move the NUC to a monitor and fix it. To get the drivers in I had to set the server into test mode:
bcdedit/set LOADOPTIONS DISABLE_INTEGRITY_CHECKS
bcdedit/set TESTSIGNING ON
bcdedit/set NOINTEGRITYCHECKS ON
After I did this and rebooted the server I could update the nic drivers that I already had modified as per this blog post.
I wanted to test and update my 2016 server with an in-place upgrade without moving it from the closet and as a precaution I changed to test mode first and then started the update…
After the upgrade went through successfully I changed back to non-test-mode:
bcdedit/set LOADOPTIONS ENABLE_INTEGRITY_CHECKS
bcdedit/set TESTSIGNING OFF
bcdedit/set NOINTEGRITYCHECKS OFF
I had a small issue with the Windows Update after the upgrade and it would not finish installing the CU of 2018-12… As a mitigation if this I went for the command line tool of System File Checker, SFC and the parameter /Scannow I also did a Dism repair and after these two successfully ran I could continue with the Windows Update!
The Azure Stack have several Resource Providers that can be utilized to bring value to the stack.
We have an Azure Stack in the company and have had an early adopter experience. To make the most of our testing and offering we added App Service, MySQL, SQL RP´s after deployment.
In our multi-tenant usage registered Stack we noticed on our own bill that it was a bit high $$ and realized that it was the shared workers that was behind this, during a couple of Azure Stack work shops we had scaled it to 12 instances for labs. The shared workers are billed to the registration CSP-subscription, the dedicated are billed to the customers subscriptions when they are in use in an app plan but you as a stack provider can have several of them running and prepared without any extra cost.
If you want to add or remove worker instances this can be mitigated with PowerShell or through the portal:
There are some caviats about this and that can be read in the app service documentation, if you want to give the user subscriptions access to serverless functions on a consumption plan you have to have enough shared workers available…. read more here
Carefully monitor the capacity and usage of your add-on RP´s so the experience for the customer always is great!
Last Friday Bruce Payette from Microsoft published the prerelease of 1.0.0 of Import-WindowsCompatibility module that you can use for being able to utilize Windows PowerShell modules in PowerShell Core
To find and install the prerelease from the PowerShell gallery you have to add a parameter in the install-module command and that is -allowprerelease.
Yesterday we experienced some issues in a large hyper-v cluster that had nodes evicting and restarting the cluster service resulting in VM´s beeing restarted on other nodes and that is not great when trying to have a High Available service for the end users.
Reading about the Global Update Manager and how it works and also getting help from the Microsoft CSS helped us getting out of the issue. In default async mode in 2012 R2 the cluster update is commited when a majority of the nodes have processed it, when reading the cluster state the nodes need to check with a majority of the nodes once again to get a valid state so this means more traffic.
The problem is when you have a large Hyper-V 2012 R2 cluster with lots of cluster resource updates and VMM, SCOM agents hammering the cluster database function gets lots of traffic and that can be cumbersome and at last it might start going bananas and evicting hosts that does not respond in time. Your logs will start filling up with event 5377 and 1135.
GUM cluster synchronous mode
There have been some work under the covers and now the cluster database read write mode has changed to a default of synchronous mode in a Hyper-V 2016 cluster. When doing it synchron it means all nodes in the cluster will process the state and that also means that all nodes have the latest info and thus can read it locally and that means less net traffic!
I am right now digesting the full and exciting last week and wanted to update you on the top 10 sessions of all that I attended in person. We are all different and have different taste and here you can see what I picked out.
I had like 50 sessions in my schedule that I did not manage to attend but will try to find time to watch the recordings and I will do another follow up post with the top sessions of all from Ignite later!
GS001 – An end-to-end tour of the Microsoft developer platform
Allthough I am more of an Operations guy I did not attend the infrastructure foundation session with Corey Sanders and I am happy I went for the Scott Hanselmans instead and have an insight into how the total developer experience now is within the Microsoft space and it was a great session that i can highly recommend you check out the recording of.
DT1001 – Voices from the top: Leaders get real on building inclusive work cultures
This year the Ignite conference had a track on Diversity and Tech and the first day I attended this lunch-session and being a nerd-techi and attending a non-technical session was great! This session gave me some great insight on how we as an industry that is very much still male-focused and need to work on our culture values to be able to get more people in.
BRK2215 – Real World architecture considerations for Azure: how to succeed and what to avoid
This first session on the Tuesday morning gave some insights from the Fasttrack team on how to do best practices when setting up environments within Azure.
BRK3062 – Architecting Security and Governance Across your Azure Subscriptions
On this session we got a high level overview on governance work within Azure and very valuable insights in the releases that had been announced regarding policys, resource graph, cost, management groups and blueprints. Also we got an insight into the in-guestvm policy work that Michael Greene with the powershell team have enabled.
BRK2269 – WinOps: Lessons learned from Enterprise devops with Microsoft technologies
Avesome session on how to apply devops thinking within the Microsoft Technologies and IT Pro space by the DevopsGuys Stephen Thair. He had some great valuable points and case studies where devops principles had been successfully implemented.
DT1003 – Service degraded: Recognizing mental burnout in your colleagues and yourself
Another great session from the Diversity track and this time it was Sonia Cuff (Azure Ops Advocate) that presented on the health topic and how to get into control of signs of burnout within yourselves or your colleagues. She did a splendid job and I did really value being here and not in Snovers PowerShell session that this one collided with in the schedule (Some sessions can be saved for later via the recording)
BRK1094 – Accelerating your IT career
Thursday morning and the room was almost full with the one and only Ned Pyle talk about how to survive in the changing landscape and how to see and work on your career. He had several tips on how to succed. The four pillars of success that included Discipline, Technical powerhouse, Communication, Legacy.
BRK2362 – The SRE role: An unexpected journey
I have not heard Jared talk before but this was a great session on the path for him and Microsoft adopting SRE (Site Reliability Engineers) practices that Facebook, Netflix and Google have been utilizing for years. It was fun analogies and his story going from being a server hugger to a cattle farmer made most of the crowd to recognise themselves.
BRK3085 – Deep dive into Implementing governance at scale through Azure Policy
Last session before the Microsoft Ignite celebration party but the room was full and everyone wanted to get more insigt into the work with Azure Policy, Azure Resource Graph and Azure Blueprints. Always a deep dive gives that extra layer of understanding and this time was no exclusion having the product team presenting their stuff gives that extra nudge.
DT1005 – In conversation – raising the next generation of IT pros as diversity and inclusion champions
The final day I listened to this panel that talked on an interesting topic that I can truly recommend you to watch the recording. Among the people on stage was Donovan Brown talking about the struggle to hire the right staff as a People Manager.