Docker Containers in Windows Server vNext

opentech

When i read this news in October 2014 I had to do a double-take, if you are anything like me (i.e. – nearly 50 and somewhat techy) then the word Docker conjures up more than one image. The predominant one in my mind is that of Doc Marten boots affectionately known in my peer group as Dockers.

dr-martens-x-swagger-10-hole-boots-0

 

 

 

 

 

 

 

Enough reminiscing,  the Docker I need to move on to is the containerization system that allows applications to be completely portable.

docker1

Here’s the description from the Docker website.

“Docker is an open platform for developers and sysadmins to build, ship, and run distributed applications. Consisting of Docker Engine, a portable, lightweight runtime and packaging tool, and Docker Hub, a cloud service for sharing applications and automating workflows, Docker enables apps to be quickly assembled from components and eliminates the friction between development, QA, and production environments. As a result, IT can ship faster and run the same app, unchanged, on laptops, data center VMs, and any cloud.”

The Founder and CTO of Docker Solomon Hykes does a pretty good job of explaining the concepts in this short video

Those of us who routinely use Virtual Machines to overcome compatibility and deployment difficulties would suggest that this is a good way of handling such things. So how does Docker differ to VM’s

Well, with a VM there is always a guest operating system running on top of the host operating system AND the hypervisor as shown in this image from the Docker website.

Docker-containeraization

Once you deploy the Docker Engine this sits above the server host operating system providing all the necessary muscle to allow the individual Docker applications to maintain resource isolation and allocation much as VM’s do but without the huge overheads.

The closest thing in the Microsoft stack at present is App-V the Application virtualization system that comes as part of MDOP, the Microsoft Desktop Optimization Pack, available only to Windows Enterprise customers.

appv

 

App-V is currently in version 5.0 and provides a way of streaming apps to a desktop when in online mode and also to run those apps when isolated from the network or in standalone mode. It is a different system and has provided many years of service. App-V applications however will only run on Client operating systems or on RDS servers.

So the Windows Server vNext edition will have support for Docker containerization. This shouldn’t come as much of a surprise to anyone who routinely uses Microsoft Azure. Since June 2014 Docker has been available in Linux VM’s on that platform. All part of Microsoft embracing open technologies.

dockeronwindowsserver

So back in October 2014, Microsoft and Docker announced that

“Under the terms of the agreement announced today, the Docker Engine open source runtime for building, running and orchestrating containers will work with the next version of Windows Server. The Docker Engine for Windows Server will be developed as a Docker open source project, with Microsoft participating as an active community member. Docker Engine images for Windows Server will be available in the Docker Hub. The Docker Hub will also be integrated directly into Azure so that it is accessible through the Azure Management Portal and Azure Gallery. Microsoft also will be contributing to Docker’s open orchestration application programming interfaces (APIs).”

What makes Docker unique is that instead of maintaining configuration files (as is the case with tools such as Puppet andChef), developers can create an image of their system and share it directly with their team. Any changes to local environments produce a new image that can be re-shared. Importantly, these images should not be confused with heavyweight Virtual Machine images, which contain everything needed, including the application, any dependencies and the operating system. In contrast, Docker containers include the application and some libraries, but the OS and common dependencies remain shared assets. Consequently, Docker containers are extremely lightweight in comparison to Virtual Machine images.

This is all relatively old news, but with the push towards DevOps, this news brings the developers and sysadmins much closer together on a platform that they know and love. There are industry rumours that the next release of the Windows Server Technical Preview is scheduled soon and that it will contain this technology. I have no insight into this, but am looking forward to getting my hands on the next release, of course once I have digested the new Windows 10 Technical preview released this week.

You can get the Server Technical Preview here now and the Windows 10 technical Preview here. (soon)

You can find out much much more about all this from my fellow Technical Evangelist Susan Smith when she expands on Docker during day 2 of the upcoming TechDays Online extravaganza – specifically Wednesday 4th February at 1330Hrs.

In the meantime if you want to hear the latest news on Azure and Docker – flip forward to the 16 minute mark of this video where Rick Claus (@RicksterCDN) interviews members of the Azure product team on the Edge Show 132.

Busy and interesting times in the wonderful world of Windows. Watch this space for more.

Microsoft Azure – Learn it, Love it, Certify in it!

Part of my role as a Technical Evangelist within Microsoft UK is to assist all and sundry to understand and engage with the whole range of Microsoft Solutions.

header

This includes our Cloud offering – Microsoft Azure. What exactly is Azure and what can we do with this service?

Well Wikipedia says;

Microsoft Azure  (formerly Windows Azure before 25 March 2014) is a cloud computing platform and infrastructure, created by Microsoft, for building, deploying and managing applications and services through a global network of Microsoft-managed datacenters. It provides both PaaS and IaaS services and supports many different programming languages, tools and frameworks, including both Microsoft-specific and third-party software and systems. Azure was released on 1 February 2010.

So we are moving towards the fifth year of Azure and it bears very little resemblance to the service that was released back in 2010. There are monthly updates to current services and releases of new services either in Preview or generally available.

Love it or hate it the Cloud is here to stay. Microsoft provide 1TB of cloud storage to Office 365 users with OneDrive (Business and Home users) 50GB Exchange Online Mailboxes to all Office 365 Business customers and with the advent of private connections into the Azure Datacenters through Azure ExpressRoute event he largest enterprises with the greatest security and bandwidth requirements can extend their datacenters into the cloud.

Once you have signed up for your free trial, and your Office 365 Enterprise free trial you can start exploring all the services and features with a credit of £125 for the month. Azure is a pay as you go solution with many, many benefits from automatic scaling of websites and servers to integrating your on-premises Active Directory with Azure Active Directory and creating a Single Sign On solution.

Better still, why not sign up for one of our IT Camps. A full day of FREE hands on Training and Education from @Deepfat and I (@edbaker1965) one of which focusses on Azure.

The purpose of this post, however, is to talk about the certification paths
open to us in the Microsoft Azure platform.

pathsThere are currently two live Microsoft Azure Specialist certifications and one more currently in BETA. I have taken all three exams over the last few months.

I took the 70-532 Exam (Developing Microsoft Azure Solution) quite a while ago in its BETA phase. First I ought to explain that I am not a Developer and only really took it to witness the new Microsoft Certification Platform and interface, which is pretty cool by the way. I received my online score report from PearsonVue over Christmas and was amazed to have scored as highly as I did.

score1

This is a very detailed examination and covers many different aspects of Development over five key areas.

azure2

 

Nearly all of these were well above my head and would be a good challenge for any Developer wanting to prove their proficiency in all aspects of various SDK’s and the Azure Graph API.

There is a five day Microsoft Official Curriculum Course for this exam 20532A.

 

The 70-533 exam is far more my scene and covers Implementing Microsoft Azure Infrastructure Solutions spread over six core areas.

azure 3

There is an Official Curriculum course for this exam too, 20533A also over five days. I took this exam when I was not well enough prepared and achieved a sub-optimal score. So over Christmas I took the exam again after several weeks of intensive study and practice with the platform. I took my usual approach which is to create a OneNote Notebook based on the six categories above and all the detailed entries for skills measured. I then made sure that I had built and implemented everything in that list that was possible. Those that were not, I checked out MSDN and TechNet as well as the Azure help pages and marketing pages to ensure that my background knowledge was good enough. Lots of Azure specific PowerShell modules needed testing and learning for this exam.

I was successful second time round as you can see.

results_20150104_0002

 

 

 

 

 

 

 

 

 

 

 

I was most impressed that the Score report was available online before I had even left the car park of the exam centre. It was also on my Microsoft Learning Transcript at the same time. This used to take anywhere from a few days to a week or more.

The final Microsoft Azure Exam is the 70-534 Architecting Microsoft Azure Solutions, which is still in BETA and I do not yet know if I passed this, although I am already studying hard for the retake, just in case. This exam is pretty crucial to all those Partners and consultants wanting to advise customers what and how to implement azure solutions. This is a higher level solution design type exam, much like the old 2003 Server MCSE design exam. I did not find it at all easy but it was an enjoyable one as it made me think of the best way to do certain things.

On successfully passing any of the 70-532, 70-533 or 70-534 exams you become a Microsoft Specialist as shown by my transcript below.

azspec1

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

So if you are thinking about Certifying in Microsoft Azure, I would as usual point you to the following links

MSLearning website

MS Learning Born2Learn website

Microsoft Virtual Academy

MSDN website

TechNet website

And many more.

Just remember the exams, whilst kept as current as possible do not receive updates as often as the products, with new advances every month, some of the services and screen layouts will be very different.

 

Happy Studying.

New Year’s Resolutions for an IT Pro

newyear

 

 

 

 

 

 

I always struggle with making New Year’s resolutions for myself, so when I was asked to write this post suggesting a list of potential resolutions with which an IT Pro may wish to start 2015, I jumped at the chance.

The first has to be Get Certified and if you are certified, either renew it or branch out into other areas to broaden your skills and challenge yourself.

mscerts

The world of the IT Pro is getting ever more broad and complicated with the advent of the formalization of disciplines such as DevOps and Cloud Computing. Whatever your area of expertise or of employment, there are always new developments you can study and certify in. As a Microsoft Certified Trainer (MCT) and as an MCT Regional Lead for the UK it is part of my duty to evangelise the Microsoft Certification programme which has undergone dramatic and welcome changes over the last 12-18 months.

From January 1st you can take Microsoft Certified Professional (and Dynamics) exams at Pearson Vue centres only. All the registration and booking can be carried out directly from the Microsoft Learning Experiences site.

If you are new to the industry and would like to develop entry level qualifications you can consider either the Microsoft Technical Associate Programme (MTA) or the Strata or A+ certifications from CompTIA.

mtacerts

 

strata

 

aplusThe vast majority of hiring managers prefer to see qualifications related directly to job skills such as the MCP programme, in addition it cannot hurt when looking to progress within your current organization if you have proven your willingness to learn and self-develop. Most professions (Doctors, Lawyers, Teachers etc. have a requirement for continuing professional development). After all would you want to be flown by a pilot who hadn’t trained or studied since he qualified originally?

There is no better place to study for a daily advancement in knowledge and on to certification than the Microsoft Virtual Academy, sign up and get studying in the New Year.

The second is The Cloud. Learn it, use it. The vast majority of large and medium sized businesses are now realizing that investing in the infrastructure to develop and build and configure a data centre or even a number of server rooms is not cost effective or sensible in times of limited resources.

Why have 100 servers running 24×7 when they are only in use for 8-10 hours for 5 days of a week. Why invest in the cost of licensing and installing software that isn’t needed to run an efficient Email and messaging environment.

With every Office 365 user now receiving 1TB of storage with their subscription and a 50GB email mailbox, the requirement for on premises storage is decreasing also.

Microsoft-Cloud-Azure

Microsoft operates the group of services known as Microsoft Azure. Azure is part of the Microsoft Cloud Operating System. I don’t have enough words allocated to this post to even list all the services that are available through Azure and if I did, it would probably be out of date before you read it. This is the major reason for getting on board now. The pace of change is staggering. When I interviewed Jason Zander, Microsoft Corporate Vice President responsible for Azure at TechEd Europe in October, he explained that he expects something new or updated to be released every month.

You can prove your growing skills in Azure by becoming a Microsoft Specialist through certification either in Developing Solutions on the Azure platform or through Implementing Azure Infrastructure Solutions. Be warned though that due to the diversity of services available and the open nature of developing with Azure, the exams necessarily cover a huge body of material and are not for the faint-hearted.Yesterday I managed to pass the necessary exam to qualify for the below Logo after my second attempt. I fear the developer specialism is forever out of my reach!

MS_2013(rgb)_2617

 

 

 

 

You can sign up for a Microsoft Azure free trial with £125 of services in a month here.

My final suggestion is not technical at all. I find that the world of the IT Pro can occasionally be a little cut throat in nature. For those just starting out it can be daunting. So my final suggestion is a mixture of good things.

  1. If you are an old hand or even just experienced, offer your services as a mentor to someone new or less experienced.
  2. Learn from what others do at work and help them to learn from what you do, the cumulative result is that the organization benefits in many ways. So if someone needs help and helping them doesn’t meet your targets but does help the company then everyone benefits?
  3. My final one is one that we can all do – work can be stressful, so watch out for your colleagues, offer help even if it is just advice. You know it’s the right thing to do.

Most of all have a happy healthy and fruitful 2015.

2015

 

 

 

 

 

UK IT Camps – Enterprise Mobility – Sign up now.

Life during my first year at Microsoft has been almost exactly as I imagined it might be, but as I always do at Christmas I reflected on the year past and particularly this year on my first 9 months as a Microsoft Employee. Whilst doing so I remembered exactly what prompted me to sign up to this fun ride.

camp

Back in 2012 I attended a number of Tech Days which later became re-branded and reworked into IT Camps. The format of these really did excite me enough to take a full day out of my busy self-employed contractor type schedule. A rare thing since a day ‘off’ is actually money lost and often since my engagements were a week long, it was often a week of income lost.

So what is so good about an IT Camp that it’s worth the time trouble and sometimes lost income to come and join in the fun?

Firstly an IT Camp is a FREE day of detailed technical education with a very heavy hands-on approach. There are IT camps for all sorts of subjects but the one I lead is the Enterprise Mobility Camp. This covers all aspects of Microsoft’s people-centric IT solutions, from advances in the Windows Client operating system to deep-dives into Hybrid Identity solutions using Active Directory in both Azure and on-premises with Windows Server 2012 R2.

The unique aspect of our UK IT Camps is that we always allow the participants to build their own agenda. This adds a much greater level of relevance to the audience and requires a much deeper level of preparation by the Technical Evangelists leading the camp.

And I am pleased to say it is even more fun to deliver the camp than to present one.

The IT Camp content is created by the Technical Evangelists working for Microsoft at our HQ in Redmond (such as @simonster). For the Enterprise mobility camp there are over 500 PowerPoint slides in the material to cater for just about any part of the people-centric story.

Call me old-fashioned but I do love the superb PowerPoint application, BUT even I wouldn’t sit through a day of 500 plus slides. No thanks.

In a typical day for an IT Camp we may use 20 of those we prefer to use live demonstrations and explanations to get out point across, oh and of course PowerShell too.

So what can you expect if you sign up to one of our Enterprise Mobility Camps between now and June 2015.

As I already said, we don’t fix an agenda in advance there are only three givens in the day.

It starts – you get lunch – it finishes. The bits in between will be filled with a mixture of discussion, presentations, demonstrations and lots and lots of hands-on lab work by you the important person in the room.

For this reason it is essential that you bring along a device that can use a browser and connect to the internet (we provide the internet connection) and any lab environments you may need. For those who have been before, if you don’t like working in pairs, then either bring two devices or a large screen (as the manuals are online as well and it can be tiring switching between them all day).

As an example, during the camps this year so far, we have covered Microsoft Intune in cloud and hybrid modes when connected to Microsoft System Center Configuration Manager for Mobile Device Management. We have demonstrated Azure RemoteApp in both Cloud and Hybrid configurations. Both Workplace Join and Work Folders have also figured heavily as has Azure Active Directory Premium.  Office 365 integration and Single Sign on / multifactor authentication were also prominent. The identity piece of the puzzle is a critical one to understand so many questions have been posed and answered.

The new 2015 Camps have also been updated to include Windows 10 content and most of our demo machines also run Windows 10.

We also get to demonstrate most of these through the use of iOS devices, Windows Phones projecting their screens through Miracast and even the odd Android device too.

A large number of IT Pros prefer to learn by a mixture of listening watching and hands-on – the UK IT Camp experience provides all of these in abundance.

Why not visit http://aka.ms/ukitcamp and register to come along and find out what @Deepfat and I (@edbaker1965) get up to and how you can begin to understand how the people-centric IT vision can be applied within your own work environment?

There are other added bonuses too. Since everyone present if focusing on the same topics, you get to meet fellow IT Pros interested in similar areas, who may well turn out to be great future contacts.

Finally we also hand out odds and ends as prizes for asking that difficult (or seemingly easy question) that others are just too shy to ask.

 

What every IT Pro wants for Christmas.

This post will resonate with some if not every IT Pro. I am going to limit myself to ONE gift. (So for that reason alone it is not a very realistic scenario, but bear with me).

christmas-gifts

I am not presumptuous enough to think I know What every IT pro might want, but that was the title given to me!

IT Pros are, as a rule, rather fond of free stuff (known in the industry as SWAG) they are also fond of Gadgets (known in the industry as Gadgets) but above all IT Pros are fond of peace and quiet, being left alone by management and users alike to get on with more important stuff.

At this time of year IT Pros are all preparing for the inevitable ‘good idea’ dreamed up by project teams and management such that “users will be off over Christmas so lets plan a major release of either hardware or software or more likely a complete refresh of both the hardware and software deployed to the whole enterprise” (or at least your part of it). After all the chaps in the IT department don’t need time off at Christmas, do they?

The one thing I CAN guarantee is that the above scenario is what all IT Pros do NOT want for Christmas.

I have three suggestions for every IT Pros dream Christmas present.

First there is a cheap and cheerful piece of SWAG. When @Deepfat and I go out and talk at events, conferences or our very own IT Camps, we try to make sure we have enough swag with us to reward the most difficult questions for us to answer or for that comment that dissolves the room into laughter. Or sometimes for a delegate who can get a word in edge ways. This year we have been handing out the Microsoft Spider (as shown below).

WP_20141212_001

With the proliferation of gadgets that rely on some form of electrical power, the shouts of ‘has any got a charger for….. ‘ can often be heard around the Microsoft UK offices. For this reason the spider is a must have. Small almost unbreakable and provides power for;

Micro USB

Thunderbolt

iPhone /iPad

and connects to either a portable power pack or a standard USB 2 or USB 3 power source.

It has saved me from many embarrassing situations. In the never go anywhere without one stakes it is my number 1. If you want one – come and see us talk, ask a question or make us laugh!

Secondly, the gadget of my choice comes from a list of Surface Pro 3, Go Pro and Linx Tablets.

The Surface Pro 3 has changed the way I work. it goes absolutely everywhere with me, I have yet to find someone who doesn’t like the way the pen works, the way OneNote in A4 portrait mode is so easy to use without a keyboard attached.

sp3v1

The GoPro+ really is the epitome of a Boy’s Toy but has so many uses it has to be on my short list.

I am a dedicated motorcyclist and long ago resigned myself to the fact that the only way to survive on the road on two wheels is to make the assumption that everyone else using the road is actually trying to push you off the road.  It is also really easy to blame the nasty biker. To prevent this I now have my GoPro+ firmly fixed to the front of my bike wherever I go and record all journeys to show I rode safely and responsibly. In a tech capacity @Deepfat and I regularly use the time lapse facility to record our larger events and set up break down of the seemingly endless quantity of kit we carry everywhere.

gp1

The GoPro Hero is a 4K device taking Video, stills, time lapse and burst mode shots. All in a package the same size as a matchbox. I thoroughly recommend it.

The final gadget is actually a cheat really for two reasons, firstly I dont own one and secondly it is a package offer which contains two distinct pieces of equipment. Black Friday saw all sorts of good deals and one of those has hung around a little longer. I am sure there are other good deals from other suppliers but for me the Tescomobile.com offer for a Lumia 530 and a 7″ Linx tablet with windows 8.1 is close to unbeatable. The cost is as low as £12.50 per month for the first year (reducing in future years) and includes both devices running on Windows 8.1 and a 12 month subscription to Office 365 Personal. What more could you want?

530

linx7

The final category was Peace and Quiet. Freedom from Management and users. Well for some a Christmas at home with family and friends is the furthest from peace and quiet they can get. For me the chance to kick back, relax (maybe study for an exam I am taking on 30th December, yes really) watch the great content on the new NOW TV Windows 8.1 App (and X Box App too) or discover the amazing quality of my new XBox One console with the Kinect 2.0 Sensor, I am sure I will eventually get used to talking to a computer and issuing commands.

Of course I am also helping a friend install a Windows Server 2012 R2 Essentials and migrating a Small Business Server 2008 as well as setting up the Office 365 mailboxes for the users. A Busman’s holiday maybe but it also helps to keep connected to the real world and not just talk IT but to practice it as well.

Because this is my post I am going to cheat again (there’s a theme developing here) I would also add extending my SONOS collection to more rooms so I can play lovely Christmas music throughout the house. If you dont have SONOS – get it quickly there is a 12 month unlimited music offer on with Deezer at present

I will also make sure there is plenty of time for my children to spoil me in the way they should (I refer them to the SONOS statement above) and for lots of quality time with my long-suffering wife Sue.

Whatever you choose from this list or any other, I wish you a happy, healthy and fun-filled Christmas holiday. Of course looking forward to many more Tech adventures next year too.

Roll up, roll up get your FREE Microsoft Azure BETA Exam code here.

Within the last month, I have taken all three Microsoft Azure Certification Exams, two of them have been BETA tests. Read on and you can get you own code to take a FREE Azure BETA Exam (only 500 codes available – first come – first served)

azure exam

So, I post quite often about certification and testing but not that often about BETA exams. The Non-Disclosure Agreement we all sign when we take an exam mean that I cannot say too much about the content, other than you should study the Microsoft Learning pages for the detailed exam specifications.

70-532 – Implementing Microsoft Azure Solutions

70-533 – Developing Microsoft Azure Solutions

70-534  – Architecting Microsoft Azure Solutions

The exam I want to talk about is Exam 534 Architecting Microsoft Azure Solutions. This is exam is not as deep-dive technical as the other two which if I am honest are pretty hard. The first because I am not a developer and it was wall to wall coding (not expecting a pass here!) The Implementing Infrastructure one was almost wall to wall PowerShell but was also a disappointing experience, not because the test was poor but because I was poorly prepared and did not pass (this was not a BETA test). I am retaking that exam on 30th December so watch this space for all sorts of whooping and hollering if I pass.

There are several distinctions between a BETA test and a live one. First the questions although checked and prepared can have some small typo or content errors, that is why we are testing them in a live situation to see how they fly. Secondly the exam has a much longer time allowance, so that you can make detailed comments on those questions that do have typos or content errors. Thirdly when you complete the exam there is no result passed down to you and your printout just says ‘Thanks for coming – the result will be with you in a few weeks’.

I take a large number of exams and often these are the BETA ones so I am used to waiting for results, but I also often get a feel for those where I have been ‘sub-optimal’ and I am expecting to retake 70-534 when it is released.

The key content difference for me with the Architects exam is that it is very similar to the old, old MCSE Design exams which regularly tripped up even technical product gurus. This exam covers Microsoft Azure end to end and requires a broad knowledge of all the services and how they hang together, but also how you implement them for a customer. For that reason this is aimed more at implementation consultants, partners and contractors who may be delivering Microsoft Azure services to their customers.

The 70-532 and 70-533 are, in my opinion aimed more at those customer implementing solutions directly.

Now for those who have read the post or even just scrolled down, here are the beta instructions. Good Luck.

Your Invitation to The Microsoft Azure Architecture Beta Exam

Microsoft recently released a new Azure architecture certification exam in beta: Exam 534 Architecting Microsoft Azure Solutions. This is an invitation to take the beta version of the exam at no cost for the first 500 respondents. Passing this beta exam earns you a Microsoft Specialist certification.

The beta exam is available  at Pearson VUE testing centers or through the online proctoring option.  To take advantage of this exclusive invitation:

Here’s the fine print:

  1. As this is a beta exam, your will not receive a score report immediately upon completion of the exam.  Your results will be delayed for a period of several months until the exam goes live.
  2. The code will only be available to the first 500 people who register for this beta exam.
  3. This beta exam is not available in India, Pakistan, China, or Turkey.
  4. Please review Microsoft’s beta exam policies in full.

Good luck on your next exam, whether you’re taking this beta or have another one scheduled.

The above is due to be posted on the Microsoft Learning Born to Learn Site on Monday, so hurry up if you want to register the exam before they are all gone. That’s a £100 Christmas present right there!

Early Christmas present for Azure RemoteApp fans.

ara1

Yesterday Microsoft announced that Azure RemoteApp would be generally available from Thursday 11th December.

Anyone who reads this blog will know that I rate this service very highly indeed. The ability to run Windows applications from any platform without having to run the infrastructure on your own premises is of huge benefit. But when you add to that the ability to upload your own images containing line of Business applications and authenticate against your on-premises Active Directory or run the application in the cloud and store the data in your own data centre, it just about ticks ALL the boxes for me.

The blog post here announces both the date and the pricing details for the service. I have already posted about the technical aspects and the benefits to be gained. Now that the pricing has been released I am even more excited at the prospect of this becoming a major Azure service for all sizes of customer.

The Azure RemoteApp service will be available on standard pay as you go terms from 11th December and also as part of Volume Licensing from February 1st 2015.

The pricing page can be found here.

So from next Thursday you can reliably, in a scalable manner run any application that will run on Windows Server 2012 R2 from iOS, Android, Windows RT, Mac OSx. You can run them from Azure Active Directory or link to your own on-premises Active-Directory.

Secure, Scalable, Solutions.

what an early Christmas Present that is!

What are the best IT Pro Tools for automation – and why?

Each month here in the @TechnetUk #ITPro office there is a mad scramble (bunfight / race / polite debate) to bid for the best blog topics for the month. Each quarter has a theme, this quarter it is ‘the right tools for the job’. I was lucky enough to see the email early and our editor Charlotte accepted my bids for my post last week on Windows Server Technical Preview and for this one on automation tools.

As you might imagine this was a pretty popular one to bid for especially as all IT Pros will always try and find the quickest most efficient way to carry out their allotted tasks while it is yet day, all so that they can carry on with important things like Wolfenstein (the original of course) and even a quick toe-dipping into the world of Xbox One.

Anyone who has ever read any of my posts would be forgiven for thinking automation, well that’s going to be another exposition on the glories of PowerShell and why we need to learn it or learn golf… and in part you may be correct but I decided to read the title in full and this gave me the opportunity to go further than a single tool. PowerShell could be described as the framework for a whole bunch of excellent tools (or modules) but in this post I will be treating it as one tool and will be including it as it is simply the number one productivity and automation tool available in the world of Microsoft Server operating systems and business platforms such as Exchange, SharePoint, Office 365 etc.

What else is available to an IT Pro as an automation tool, I had to think long and hard about this as I haven’t really used much else on a day to day basis for quite some time, to automate routine tasks.

What does the landscape look like in the world of automation?

What does an IT Pro want to automate?

Well the roles of an IT Pro, even though they are changing and being a little blurred by the new DevOps school of thinking, are many and varied, from a network specialist who really doesn’t want to do all the IP Planning, management and administration manually (or by spreadsheet) to the deployment specialist who absolutely doesn’t want to wander round a building and install images, agents and other software on client and or server machines when everyone else has gone home.

But let us start with the traditional view of an IT pro – the server administrator and yes PowerShell. I am not going to offer up the whole of PowerShell as that is something I do on a regular basis. I am going to talk about DSC, or more formally titled PowerShell Desired State Configuration.

As I usually do I am going to quote the TechNet description of the feature and then dive a little deeper into it.

“DSC is a new management platform in Windows PowerShell that enables deploying and managing configuration data for software services and managing the environment in which these services run.

DSC provides a set of Windows PowerShell language extensions, new Windows PowerShell CmdLets, and resources that you can use to declaratively specify how you want your software environment to be configured. It also provides a means to maintain and manage existing configurations.”

 Now that sounds all very well but it doesn’t tell me exactly what the feature does in layman’s terms, nor does it describe how to do it or really sell to me the impact that can have on my infrastructure and thereby the amount of time I will have released to carry out other important tasks.

So PowerShell DSC gives us the ability to define exactly what we want our server to look like in terms of roles and features installed, configuration and even right down to detailed single registry settings or environment variables.

The seasoned IT Pro may well say at this point, ‘So What?’ I can do that with Group Policy if I am in a Domain environment (and most It Pros work in such an environment). The answer would be yes, of course you can. But Group Policy has default refresh rate of 90 minutes with a randomized offset of 0 to 30 minutes to prevent all machines hogging the network at the same time. The seasoned IT pro will also tell you that up to 120 minutes is a very long time indeed in the world of Server configuration.

DSC uses a set of built in resources (which are growing all the time) to control a range of features, functions and roles in an entirely automated manner. DSC also allows the IT Pro to create custom resources.  At this point I should add that as with all things PowerShell, the community tends to share and a large number of custom resources are already available for free.

The descriptions of the original built in resources can be found here.

In a default install, the built in resources are those as shown below.

dsc1

 

 

 

 

 

 

 

I should also add here that this is not basic level scripting or PowerShell and this post is not aimed at teaching you the skills required to script or to understand complex PowerShell commands. I will list out several script blocks to show what is involved. TechNet again provides a great tutorial on custom DSC resources here. In that tutorial the reader is shown how to create a custom resource that will either create, configure or delete a website on a particular server.

All this can be run on a schedule to ensure that the Desired State is maintained across your entire server estate. It can also be pushed or pulled whichever you prefer. There is also a great deal more DSC goodness coming with PowerShell 5.0 in Windows Server vNext.

There are also some good TechNet Virtual Labs for DSC and other PowerShell features. Check them out here. (33 of them covering PowerShell, DSC, Azure PowerShell, Automation etc.)

dsc2

 

 

I shall save some deeper DSC diving for other posts as this was NOT meant to be a PowerShell love in.

So what other tools can I use to automate IT pro tasks.

I have already alluded to the IP planning and deployment / management tasks that need automating and easing. Well I have posted many times about the super effective IP Address Management feature in Windows Server 2012 and 2012 R2. Suffice it to say that if you read this blog regularly you are already sufficiently acquainted with its principles to realize its value. Of course Windows PowerShell 4.0 also added these PowerShell CmdLets to enable automating your IPAM deployment and management.

ipam2

TechNet Virtual Labs also do a rather good job of highlighting this feature in this LAB. I ought also to mention here that the Microsoft Virtual Academy has a number of courses covering IPAM and PowerShell for Active Directory that includes DSC.

The Final set of automation tools (I wanted to pick Azure Automation using PowerShell but I promised I wasn’t going to use all PowerShell today) that I am going to select today are those that enable the deployment of Operating System images. I was spoilt for choice, since I could have picked System Center 2012 R2, Hyper-V, or many other useful tools.

I have chosen some tools that are cost free once you have licensed a server operating system (Server 2012 or 2012 R2).

The mix of tools are Windows Deployment Services (WDS) and the Microsoft Deployment Toolkit (MDT) 2013. But before I discuss those, I would like to mention the Microsoft Assessment and Planning (MAP) Toolkit.

“The Microsoft Assessment and Planning (MAP) Toolkit is an agentless inventory, assessment, and reporting tool that can securely assess IT environments for various platform migrations—including Windows 8.1, Windows 7, Office 2013, Office 2010, Office 365, Windows Server 2012 and Windows 2012 R2, SQL Server 2014, Hyper-V, Microsoft Private Cloud Fast Track, and Windows Azure.”

This is a must have tool for anyone planning to do anything to their network or clients / servers. Another free tool. Available here. All the above mentioned tools are part of the Microsoft Solution Accelerator Programme which seems to expand every time I look at this page. The MDT Team blog also has masses of useful information.

So why have I chosen this set of tools? WDS allows me to deploy operating systems across the network to all my clients in a Light Touch manner (LTI) this means that I would have to have some interaction with the client. Currently the preferred Zero Touch solution uses System Center 2012 R2, but this can be a costly option.

To assist you in using this free service Microsoft have provided the MDT and also the Windows Assessment and Deployment Kit (ADK). This kit is a hefty installation and provides a raft of useful tools. See the screenshot below, if you select all as I have here, the result is over 6GB of installation.

adk1

There are a number of TechNet Virtual Labs for the MDT, although most are focused on the integration with System Center Configuration Manager, for larger enterprises. There is one for creating images using the MDT though.

mdt2

In short the tools allow you to create images or capture them from reference PC’s then store them until required for deployment to new / refreshed PC’s in your network. Why am I considering this automation?  Well the use of an image in the new(ish) Windows Image Format (WIM) allows you to update, service and add / remove features, drivers and programs from the image at any time. It can also be used to deploy VHD and VHDX files to allow client PC’s to boot from VHD too. All this would take a long time configuring at each machine that you want to deploy.

As with most tools that save you time in the long run the deployment and configuration of this suite of tools is not a small task and it will involve a degree of learning the principles and processes, which can be confusing, there are capture images, install images boot images, reference images as well as thin thick and hybrid types of images. Enough images for you?

Oh and I am sure it won’t surprise you to find out that MDT uses PowerShell to carry out all its tasks, as I have said ‘ad nauseum’ PowerShell is the future.

I don’t have enough space this time to do a run through of MDT / ADK for developing and deploying images with WDS, but they are freely available on the internet and I will do a YouTube one when I get time. It may flow better that way.

But all new tools take time, whether they be PowerShell, Azure Automation or any other new feature. That is why learning and certification is still such a good thing to be involved with. All of the products and features I have talked about today appear in Microsoft Official Curriculum Courses and in Microsoft Certification Exams too.

With the landscape changing so often, it is wise to invest in your career by learning and certifying so that your employer or your prospective employer can have some benchmark to judge you by.

Use the MVA and the other training avenues wisely. For all things training and Certification you can use the many resources available to you at

Microsoft learning website

lex1

Born to learn website

b2l1

Microsoft Virtual Academy

va1

Watch this space for more on PowerShell DSC, Windows Server Technical Preview top five features and more.

Windows Server Technical Preview – My Favourite Features – Part 1

Microsoft released the first Technical Preview of Windows 10 to much acclaim back in October. There have been three releases so far and we currently sit on the ‘last release of the Calendar year’ – Build 9879.

The Technical Preview is intended primarily for the enterprise to evaluate the changes and inform the development of new and evolved features of the client operating system. This is a brave and intelligent step. Most followers of Windows in an enterprise will know that Microsoft traditionally release their Client and Server platforms in pairs. XP/ 2003, Vista/2008, Win 7/ 2008R2, Win 8/2012 and most recently Win8.1/2012R2.

The dramatic changes inside Microsoft have not led to a change in this pattern and there is a new server platform being developed alongside Windows 10, this Server is as yet un-named but is also in Technical Preview.

If you have an MSDN subscription you can find it there in both ISO and VHD formats (the new Hyper V server is there too). If you do not subscribe then you can find it here. The new Remote Server Administration Tools for Windows 10 Technical Preview have also been released to allow you to remotely manage your new server from your new client. The RSAT can be found here. They are available in 32bit and 64bit flavours.

For anyone interested in the Server Technical Preview, just about everything you could want to know can be accessed from this blog site. This is Jose Barreto’s blog, Jose is a member of the File Server team within Microsoft and has put together this invaluable survival guide. As you might imagine, it is Storage focussed but does cover most other areas too.

There is one final way you can have a look at and run the Server Technical Preview and that is as a Virtual machine in Microsoft Azure. If you do not have an Azure subscription, again this is part of your MSDN benefit. (MSDN is sounding more and more like good value). Otherwise you can sign up for a cost free trial, here

azpreview1

Windows Server 2012 was a huge leap in performance and function for the Windows Server family and despite the familiar look and feel to the new server and most of its tools, there have been significant new features and improvements to old one. BUT please remember when looking at and playing with this new server operating system.

THIS IS A TECHNICAL PREVIEW – do not use it in production, do not rely on it for any tasks you cannot afford to lose. Having said that I have found it stable and reliable (as with the Windows 10 client. The difference being I use the Windows 10 client on my main work machine and just about all other machines I use – a couple of exceptions) Whereas the server version is very definitely a test rig setup for me at present.

So, what is new and of those new things, what are my favourite features and why. This is the first post in a series examining major new functionality in the Technical Preview.

In Server 2012 one of the big five features for me was Hyper-V Replica. The first new feature of the Technical Preview I want to describe is called Storage Replica.

To quote the TechNet site, Storage Replica (SR) is a new feature that enables storage-agnostic, block-level, synchronous replication between servers for disaster recovery, as well as stretching of a failover cluster for high availability. Synchronous replication enables mirroring of data in physical sites with crash-consistent volumes ensuring zero data loss at the file system level. Asynchronous replication allows site extension beyond metropolitan ranges with the possibility of data loss.

Ok that sounds a.) A lot of technical stuff and b.) Pretty exciting and revolutionary for an out of the box no cost inclusion in a server operating system. So what exactly does it do and how does it do it.

Well, Server 2012 introduced the next version of SMB (SMB 3.0) this allowed a vast number of performance and reliability improvements with file servers and storage as well as normal communications using the SMB protocol.

In short the feature allows an All-Microsoft DR solution for both planned and unplanned outages of your mission-critical tasks. It also allows you to stretch your clusters to a Metropolitan scale.

What is it NOT?

  • Hyper-V Replica
  • DFSR
  • SQLAlwaysOn
  • Backup

Many people use DFSR as a Disaster Recovery Solution, it is not suited to this but can be used. Storage Replica is true DR replication in either synchronous or asynchronous fashion

Microsoft have implemented synchronous replication in a different fashion to most others providers, it does not rely on snapshot technology but continuously replicates instead. This does lead to a lower RPO (Recovery point objective – meaning less data could be lost) but it also means that SR relies on the applications to provide consistency guarantees rather than snapshots. SR does guarantee consistency in all of its replication modes.

There is a step-by-step guide available here, but I have included some other notes below for those who don’t want to read it all now (all 38 pages of it). (Images are taken from that guide and live screenshots too)

The Technical Preview does not currently allow cluster to cluster replication.

ss

 

 

 

 

sc1

 

 

 

 

 

Storage replica is capable of BOTH synchronous and asynchronous replication as shown below. And anyone who knows anything about replication knows that to do this there must be some significant hardware and networking requirements.

synch1
asynch1

So what are the pre-requisites to be able to use Storage Replica in a stretch cluster?

The diagram below represents such a stretch cluster.

sc2

 

 

 

 

 

There must be a Windows Active Directory (not necessary to host this on Technical preview)

Four servers running Technical Preview all must be able to run Hyper-V have a minimum of 4 cores and 8GB RAM. (Note Physical servers are needed for this scenario, you can use VM’s to test Server to Server but not a stretch cluster with Hyper-V).

There needs to be two sets of shared storage each one available to one pair of servers.

Each server MUST have at least one 10GB Ethernet connection.

Ports open for ICMP, SMB (445) and WS-Man (5985) in both directions between all 4 Servers

The test network MUST have at LEAST 8Gbps throughput and importantly round trip latency of less than or equal to 5ms. (This is done using 1472 byte ICMP packets for at least 5 minutes, you can measure that with the simple ping command below)

ping1

Finally Membership in the built-in Administrators group on all server nodes is required.

This is no small list of needs.

The step by step guide uses two ways of demonstrating the set up. And is a total of 38 pages long.

All scenarios are achievable using PowerShell 5.0 as available in the Technical Preview. Once the cluster is built it requires just a single command to build the stretch cluster.

pshell1

You could of course choose to do it in stages using the New-SRGroup and New-SRPartnership CmdLets.

If, like me you do not have the hardware resources lying around to build such a test rig you may want to try and test the server to server replica instead.

This requires,

Windows Server Active Directory domain (does not need to run Windows Server Technical Preview).

Two servers with Windows Server Technical Preview installed. Each server should be capable of running Hyper-V, have at least 4 cores, and have at least 4GB of RAM. (Physical or VM is ok for this scenario)

Two sets of storage. The storage should contain a mix of HDD and SSD media.

(Note USB and System Drives are not eligible for SR and no disk that contains a Windows page file can be used either)

At least one 10GbE connection on each file server.

The test network MUST have at LEAST 8Gbps throughput and importantly round trip latency of less than or equal to 5ms. (This is done using 1472 byte ICMP packets for at least 5 minutes, you can measure that with the simple ping command below)

ping1

Ports open for ICMP, SMB (445) and WS-Man (5985) in both directions between both Servers.

Membership in the built-in Administrators group on all server nodes.

NOTE – the PowerShell CmdLets for the Server to Server scenario work remotely and locally, but only for the creation of the Replica, not to remove or amend using Remove or Set CmdLets (make sure you run these CmdLets locally ON the server that you are targeting for the Group and Partnership tasks).

I do urge you to go off and read more about this solution and test it if you can but remember things are not yet fully baked and will change with each release AND do not use them in Production yet. Read the guide for known issues as well, there are a few.

Finally – why do I love this feature – NO one likes to think of a disaster but if you don’t plan for it, when it does happen it truly will be a disaster in every respect. This allows a much cheaper but effective way of maintaining a current accurate replica of data either on a separate server or on a separate site within a stretch cluster.

Still pricey on hardware and networking, BUT much cheaper than a full hot site DR centre with old style full synchronous replication.

Watch this space for more Server Technical Preview hot features.

Future Decoded – 12th November – Enterprise Mobility

 

fdpic

If you are at all interested in Enterprise Mobility then Wednesday 12th November at Excel in London is the place to be. This FREE event has lots going for it.

Enterprise mobility is not all that is on offer. The morning is dedicated to some big-hitting keynote speakers. Including Professor Brian Cox, Sir Nigel Shadbolt and Michael Taylor.

keynotes

The afternoon agenda is packed with excellent Enterprise mobility sessions, from customer case studies to demonstrations of the latest Windows 8.1 gadgets and deep diving sessions including demonstrations of the journey into mobile device management on an enterprise level.

No better time to get yourself up to speed on the Enterprise Mobility Suite from Microsoft, which includes Microsoft Azure Active Directory Premium, Windows Intune and Azure RMS. All of which work together with Windows Server to provide an end to end mobility and identity solution, irrespective of your end users device choice.

ems1

Some of Microsoft UK’s top technical specialists will be presenting and answering your EMS related questions.

jamie

 

Devices, devices everywhere

Jamie Burgess

Mobility Lead, Microsoft UK

dan

 

Hybrid Identity Management

Daniel Kenyon-Smith

Solution Architect Microsoft Consulting Services

elsey

 

Desktop and Application Virtualisation

Doug Elsley

Application and Desktop as a Service Lead, Microsoft UK.

The session is being kicked off with a case study from Andy Turner of Mitchells and Butlers a customer story well worth following.

You can register here, I do hope you have time to spare to attend this fantastic event. I will be there hosting the mobility track so do come and find me and introduce yourself.

Oh and did I mention it is completely FREE!