You are browsing the archive for 2016 February.

Replica DCs on Microsoft Azure – Create the VMs with Azure PowerShell

4:43 pm in Azure, Cloud, DC, IaaS, PowerShell, Public Cloud by Wim Matthyssen

This blog post is part of the step by step to deploy replica DCs on Azure which can be found here: http://scug.be/wim/2015/09/28/deploying-replica-dcs-in-windows-azure/

In this part I will setup the replica DC VMs with the use of an Azure PowerShell script. To do so follow the steps below:

1) Download the Built_DCs.xlsx file here. When downloaded rename the extension from .xlsx to .csv and adjust the file to your needs. In my example I saved it in the following folder C:\Temp\Azure_setup_DC

 

clip_image003

2) To check if the Cloud Service name used in the .csv already exists on Azure, run the below PowerShell cmdlet. If the name exists, the cmdlet returns $True. If the name does not exist and can be used, it returns $False

 
3) Deploy both Azure IaaS VMs with the following Azure PowerShell script, in my example named Azure_built_DCs.ps1. This file is also stored under the folder C:\Temp\Azure_setup_DC. This script accesses the previously created Built_DCs.csv file were all necessary variables are declared. Both VMs will be built from the Azure Windows Server 2012 R2 Datacenter image, will be placed in an Availability Set and an extra data disk will be attached (stored in the azudata01 Storage Account) with a size of 1023 GB and the host-cache mode set to None

 

clip_image005

4) When the script has run you can verify if all settings are applied correctly from the Azure classic portal

clip_image007

clip_image009

clip_image011

clip_image013

5) You should also be able to RDP into both VMs

clip_image015

image

That ends the second part of this series. Please continue through the rest of the series to complete the setup (if all are available).

Till next time!

Wim Matthyssen (@wmatthyssen)

Step by step: How to install Microsoft Azure Backup Server (MABS)

3:11 pm in Azure, Azure Backup, Cloud, Hyper-V, IaaS, Private Cloud, Public Cloud, SCDPM by Wim Matthyssen

Microsoft Azure Backup Server (MABS) previously known as “Project Venus”, which was released by Microsoft on October 7th 2015 is a disk-to-disk-to-cloud backup (D2D2C) product, which uses an Azure Backup vault for long-term offsite retention. Basically it’s a lightweight customized version of System Center Data Protection Manager 2012 R2 (SCDPM) which offers centralized management and monitoring for your Azure Backup setup(s) and agents in a single console. Just like SCDPM, it can protect business applications workloads such as Exchange, SQL Server, Active Directory, IIS, Hyper-V virtual machines (VMs), VMware VMs, physical servers and Windows clients which can be running on premise or in the Azure cloud. MABS also comes with support for backup of large data sources, long-term retention up to 99 years and the capability to recover data in your Azure Backup vault using an alternate server. As part of the Operations Management Suite (OMS), one of the primary use cases for MABS will be for hybrid cloud backup scenarios.

clip_image001

 

Before we start whit the installation also a list of some things to keep in mind:

  • MABS is included as a free download with Azure Backup (link on your Azure Backup vault page) or you can download it directly via following link: https://www.microsoft.com/en-us/download/details.aspx?id=49170
  • MABS can be installed as an on premise standalone physical server or VM, but also as an Azure IaaS VM (size A2 or higher).
  • When you run MABS on an Azure VM you can only protect workloads also running on Azure VMs.
  • MABS will run on following supported Operating Systems: W2K8 R2 SP1, W2K12 or W2K12 R2 (is recommended).
  • MABS must be domain joined. Be sure to add the server to the domain before the MABS installation, because adding this server to the domain after the MABS installation is not supported.
  • MABS must have .Net 3.5, .Net 4.0 and .Net 3.5 SP1 features installed as a prerequisite.
  • The processor minimum requirements for a MABS server are 1GHz dual-core CPU, recommended 2.33 GHz quad-core CPU.
  • The minimum RAM needed by a MABS server is 4GB, recommended is 8 GB.
  • A free SQL Server 2014 license, which can only be used with MABS is included.
  • MABS will not work with a remote SQL Server instance. The instance being used needs to be local.
  • MABS cannot be installed on a server already running SCDPM or a SCDPM agent. It also cannot be installed on a server running any Microsoft Azure backup agent version.
  • A valid Windows Server license is needed for the MABS server.
  • You need to add  local backup storage to use MABS, because in the current architecture of MABS, the Azure Backup vault holds the second copy of the data while the local storage holds the first (and mandatory) backup copy.
  • An Azure Subscription and an Azure Backup vault needs to be in place before setting up the MABS server.
  • The MABS sever needs to have access to the Internet because Microsoft Azure should be accessible.
  • In contrast to SCDPM there is no support for tape drives
  • Some scratch space is needed to temporarily store the largest restore from the Azure cloud when needed. So keep approximately 5 % of the total amount of data that needs to be backed-up to the cloud free on the C: drive.
  • MABS doesn’t integrate with products of the System Center suite.
  • A separate data disk for the backup storage pool is needed. Like every other backup product the recommendation for the size of this disk is 1.5 times the size of the data you’re going to protect.
  • The default storage replication setting (storage redundancy option) when you create an Azure Backup vault is Geo Redundant Storage (GRS), be aware that for most customers Locally Redundant Storage (LRS) is more than enough.
  • There will be no charges for restores, outbound bandwidth and storage transactions when you use MABS.
  • If the MABS server fails with errors during the setup or while taking a backup or restoring data, refer to following link to find more information: https://support.microsoft.com/en-us/kb/3041338
  • You can find Azure Backup pricing details via following link: https://azure.microsoft.com/en-in/pricing/details/backup/
  • In my example I’m installing MABS on a W2K12 R2 Hyper-V VM. Before starting I first added the .NET Framework 3.5 Features via the Add Roles and Features Wizard.

So after this brief introduction and things to keep in mind, it’s time to setup the MABS sever. To do so follow the steps described below:

 

1) First we need to setup an Azure Backup vault. So logon to your Azure Subscription via the classic portal (https://manage.windowsazure.com/). When your logged go to the bottom of the screen and click New, select Data Services, select Recovery Services and select Backup Vault

clip_image003

2) Next select Quick Create and fill in a Name and the proper Region (in my case the region is West Europe).

clip_image005

clip_image007

clip_image009

3) When the Azure Backup vault is created you can change the storage replication setting if preferred. In my example I will switch it to LRS. To switch select Recovery Services, select your Azure Backup vault, select Configure, select Locally Redundant and click Save at the bottom of the screen

clip_image011

4) Download the vault credential and when downloaded, place it the C:\Temp folder on the MABS server. To do so click on DASHBOARD and click Vault credentials. When you’re asked to open or save the vault credentials, click Save. After the download move it to the correct folder

clip_image013

clip_image015

clip_image017

5) When the Azure Backup vault is created we need to download the necessary files to install MABS. In my example I will download all necessary software packages from the separate link. When you go to this link select all files and click Next. Be aware that because of the size of all files together (approximately 3 GB), this download could take a while

clip_image019

6) I’ve stored all the files under my C:Temp folder on the MABS server

clip_image021

7) Run MicrosoftAzureBackupInstaller.exe from the download folder (C:\Temp) as an administrator

clip_image022

8) Click Next

clip_image023

9) Leave the default location and click Next

clip_image024

10) Click on Extract to begin extracting the setup files

clip_image025

clip_image026

11) Select Execute setup.exe (if not already selected) and click Finish

clip_image027

12) Click Microsoft Azure Backup to launch the setup wizard

clip_image029

13) The Microsoft Visual VC++ 2010 Redistributable Package (x64) will be installed in the foreground

clip_image030

14) On the Welcome screen click the Next

 

clip_image032

15) This opens up the Prerequisite Check section. On this screen, click on the Check button to determine if the hardware and software prerequisites for Azure Backup Server have been met. If all of is OK, you will see a message indicating that the machine meets the requirements. Click Next

clip_image034

16) On the SQL Settings page select Install new Instance of SQL Server with this Setup, to install SQL 2014 Standard. Click Check and Install. You could encounter some error messages. If so follow the instructions and most likely you should reboot the server and start the MABS installation all over again

clip_image036

clip_image038

17) If the computer meet the software and hardware requirements click Next

 

clip_image040

18) Provide a location for the installation of all the files and click Next. In my example I changed all locations to my E: drive

 

clip_image042

19) Provide a strong password for restricted local user accounts (this password will not expire) and click Next

 

clip_image044

20) It’s strongly recommended to use Microsoft update when you check for updates because this will offer all security and important updates for MABS. Select whether to use Microsoft Update or not and click Next

clip_image046

21) Review all settings and if all are OK click Install

clip_image048

clip_image050

22) Click Next to start the Microsoft Azure Recovery Service Agent installation

clip_image052

23) Click Install

clip_image054

clip_image056

24) When the agent installation is completed, click Next

clip_image058

25) Provide your vault credentials to register the machine to the Azure backup vault. Click Next

 

clip_image060

26) Provide a passphrase to encrypt/decrypt the data sent between Azure and your premises. You can automatically generate a passphrase or provide your own minimum 16-character passphrase. Also enter a location to save the passphrase. If all is done click Next

clip_image062

27) Once registration is done, the wizard proceeds with the installation and configuration of SQL Server 2012. This could take some time

clip_image064

clip_image066

28) When the installation is completed with success, click Close

 

clip_image068

29) Go to your desktop, were you will see two new icons. Double click the Microsoft Azure Backup server icon to launch MABS

clip_image069

clip_image071

Now you’re ready to start backing up with MABS. Have fun and till next time!

Wim Matthyssen (@wmatthyssen)

Step by step: How to connect SCAC 2012 R2 to SCVMM 2012 R2 and Microsoft Azure

10:43 am in Azure, Cloud, hybrid cloud, Private Cloud, Public Cloud, SCAC 2012 R2, SCVMM 2012 R2 by Wim Matthyssen

11-02-2016 16-14-33What’s a System Center App Controller (SCAC) server without a connection to System Center Virtual Machine Manager (SCVMM) or Microsoft Azure … right nothing! That’s why in this blog post I will show you how you can connect your SCAC server to your private (SCVMM) and public cloud (Microsoft Azure) environments.

Before we start some things to keep in mind:

To connect SCAC to SCVMM, complete these steps:

1) Open the SCAC web portal, expand Settings and click Connections. On het menu bar, click Connect and select SCVMM

clip_image002

2) In the Add a new VMM connection screen, enter a Connection name (this is the name the user sees), a Description, the SCVMM server name in FQDN format, and the TCP port of that same SCVMM server (default is 8100). Check the “Automatically import SSL Certificates” check box if you plan to copy files and templates to and from SCVMM libraries (this option is recommend). Click OK

clip_image003

3) SCAC establishes the connection and begins a session with the SCVMM server. You can follow the completion in the Jobs section

clip_image004

clip_image006

clip_image008

4) If all is setup without any errors, you will be able to connect to your different on premise Clouds and Virtual Machines (VMs)

clip_image010

clip_image012

To connect SCAC to your Azure Subscription, complete these steps:

1) To create the Self-Signed Certificate open up the IIS Manager on the SCAC server. Double-click on Server Certificates

clip_image014

2) In the Actions pane select Create Self-Signed Certificate

clip_image016

 

3) Name the certificate (in my example AzureSCACCert) and click OK

clip_image018

4) Now we need to export this certificate as a .pfx file. To do so, right-click on the certificate and choose Export…

clip_image020

5) Choose a file name, a location and set a password. If all is filled in click OK

clip_image021

6) In my example the .pfx file is created under the C: root

clip_image023

7) Now open run an type mmc and add the Certificates Snap in for the “Local Computer Account”

 

clip_image025

8) Go to Personal, right-click Certificates and under All Tasks select Import…

 

clip_image027

9) Follow all steps to import the .pfx file (AzureSCACCert) in the personal certificate store

clip_image028

clip_image030

10) To generate the .cer file by right clicking on the certificate, and under All Tasks, select Export

 

clip_image032

 

11) Use the defaults trough the wizard, as file name I used AzureSCAC.cer and as location C: At the end of the wizard press Finish

clip_image033

12) As a next step we need to upload the .cer file to Azure. To do so logon into your subscription in the classic portal (https://manage.windowsazure.com). When logged on, select Settings at the bottom left, select MANAGEMNT CERTIFICATES and finally select Upload at the bottom

clip_image035

13) Browse to the .cer file (located under the C: drive) select it, and click the check box. After a few seconds you should see a notification telling you that your upload is successful and the certificate should be added to the list of management certificates

clip_image036

clip_image038

clip_image040

14) Before we can connect SCAC to this Azure Subscription we need the Azure subscription ID. Because were already at the MANAGEMENT CERTIFICATES page, you can find this ID under the field SUBSCRIPTION ID. Copy the subscription ID to the clipboard

clip_image042

15) Open up the SCAC web console again, in the Overview pane, under Public Clouds, select Connect a Windows Azure Subscription

 

clip_image044

 

16) Fill in a Name and a Description, past the Azure Subscription ID, and select the correct certificate and add the password. If all is foreseen click OK

clip_image045

17) If all went well, you can see that you have an Azure subscription is now connected in the Overview page

clip_image047

18) Under the Virtual Machines section you can see your Azure IaaS VMs running

clip_image049

This concludes this blog post, hope it helps. Till next time!

Wim Matthyssen (@wmatthyssen)

Step by step: Installing SCAC 2012 R2

3:31 pm in Azure, Cloud, hybrid cloud, Private Cloud, scac by Wim Matthyssen

Even in these fast changing times where everybody speaks about Windows Azure Pack (WAP) and the just released Microsoft Azure Stack Technical Preview, there are still customers interested in using System Center App Controller (SCAC) 2012 R2 for easily controlling their clip_image002hybrid cloud environment. Like you probably already know, SCAC is a self-service web portal which enables users (mostly application and service owners) to manage their virtual machines (VMs) and services on their private (System Center Virtual Machine Manger –SCVMM) or public cloud infrastructures (Windows Azure). Shortly said it’s a web console (Microsoft Silverlight web application) which provides users with a self-service experience and which simplifies the management of their VMs across their private and public cloud(s). In this blog post I will go through the installation process for setting up a standalone SCAC configuration on a dedicated VM.

To start, I will list some things up which need to be kept in mind:

  • In contrast to the other System Center products, which can be used independently, SCAC highly depends on SCVMM. So to setup the SCVMM server I will refer you towards a previous post of mine: http://scug.be/wim/2015/12/20/step-by-step-installing-a-standalone-scvmm-2012-r2-management-server/
  • The SCAC server needs to be a member of your Active Directory domain.
  • For complete SCAC software and hardware requirements go to the following Microsoft TechNet page: https://technet.microsoft.com/en-us/library/dn249764.aspx
  • The name of the server can have a maximum length of 15 characters.
  • You can setup a high available (HA) deployment by load-balancing multiple SCAC servers.
  • The SCAC database can reside on a SQL server with other application databases. For example, in combination with the SCVMM database.
  • The SCAC database must be in the same domain as the SCAC server or a two-way trust must be in place.
  • Choose the port for the web portal with care, because the only way to change it is by uninstalling and reinstalling SCAC.
  • Always install all necessary Windows updates before starting the installation
  • Create all necessary account(s) in advance: SCAC service account.
  • For easy access afterwards you can create a  DNS alias record (CNAME) for the SCAC website URL. For exampe: AppController.
  • For security SCAC depends on SCVMM, so all available options for a user depends completely on the rights and permissions that that user has in SCVMM.
  • The SCAC server will be installed on a W2K12 R2 VM with the Windows Firewall disabled.
  • For the installation, log on with a domain account which is a member of the SCVMM Administrators group and which has membership in the local Administrators group. Also insure this account has sufficient rights to access the SQL server.
  • When SCAC is installed all users and groups in the local Administrator group are automatically added to the SCAC Administrator role and by this they will have unrestricted access to all SCAC resources.
  • The SCAC PowerShell module is automatically installed when you install SCAC.
  • If the installation is completed with success, don’t forget to install the latest Update Rollup package for the SCVMM console, you can do this via Windows Update or manually.

After this brief introduction and remarks, let’s start with the installation.

1) Open run and type lusrmgr.msc

clip_image003

2) Add the SCVMM administrators group and the SCAC service account to the local Administrators group

clip_image005

clip_image006

3) Attach the SCVMM installation disk and select setup to Run as administrator

clip_image008

4) Select Install

clip_image010

5) Select the VMM console and press Next

clip_image012

6) Agree to the terms and press Next

clip_image014

7) On the CEIP screen, click Next

clip_image016

8) Accept the default installation location and press Next

clip_image018

9) Accept the default port number and press Next

clip_image020

10) Review the settings and if all are good click Install to start the VMM console installation

clip_image022

clip_image024

clip_image026

11) Attach the SCAC installation disk and select setup to Run as administrator

 

clip_image028

12) Select Install

clip_image030

13) Fill in the license key and press Next

clip_image032

14) Agree to the terms and press Next

clip_image034

15) On the “Install missing software” page click Install to install all prerequisites

clip_image036

clip_image038

16) Leave the default path and click Next

clip_image040

17) Type in the SCAC service account under which the App Controller services will run. Leave the default port and press Next

clip_image042

18) Configure the binding settings and select the correct SSL certificate and click Next

clip_image044

19) Configure the database connection and press Next

clip_image046

20) Choose to participate in CEIP or not and click Next

clip_image048

21) Review the settings and if OK click Install

clip_image050

clip_image052

clip_image054

22) After setup is completed, you can connect to your App Controller website

clip_image056

clip_image057

clip_image059

This concludes this blog post, till next time!

Wim Matthyssen (@wmatthyssen)