azure windows

Understanding SLA vs Downtime

Understanding SLA (Service Level Agreement) is very important after you choose to start from scratch OR migrate your application to Cloud.

You can find the SLA provided by Microsoft for its Azure services here.

Usually the SLAs will be 99.9 (three9s) to 99.999 (five 9s). At a first glance, you can think there is not a major difference in them. However when you are hosting a production application, it is very important to understand what the 9’s really mean w.r.t the downtime.

Here is a table for you to understand SLA vs Downtime

SLA percentage	Downtime per week	Downtime per month	Downtime per year
99	1.68 hours	7.2 hours	3.65 days
99.9	10.1 minutes	43.2 minutes	8.76 hours
99.95	5 minutes	21.6 minutes	4.38 hours
99.99	1.01 minutes	4.32 minutes	52.56 minutes
99.999	6 seconds	25.9 seconds	5.26 minutes

Azure – Provision Azure Virtual Machine with UnManaged disks

Microsoft has introduced a new type of disk called “Managed” disk wherein Azure manages the disk and the underlying storage account overhead for you. And, Microsoft recommends you create Azure virtual machines with “managed” disks, which is straightforward.

However, you might come across scenarios where your organization/client may require creating an Azure virtual machine with “unmanaged” disks. Use the below code to create an Azure virtual machine with “unmanaged” disks.

$location = "EastUS2"
$rgname = "manjuResourceGroup"
New-AzureRmResourceGroup -Name manjuResourceGroup -Location $location

# Create a subnet configuration
$subnetConfig = New-AzureRmVirtualNetworkSubnetConfig -Name mySubnet -AddressPrefix 192.168.1.0/24

# Create a virtual network
$vnet = New-AzureRmVirtualNetwork -ResourceGroupName manjuResourceGroup -Location $location `
    -Name MYvNET -AddressPrefix 192.168.0.0/16 -Subnet $subnetConfig

# Create a public IP address and specify a DNS name
$pip = New-AzureRmPublicIpAddress -ResourceGroupName manjuResourceGroup -Location $location `

    -AllocationMethod Static -IdleTimeoutInMinutes 4 -Name "mypublicdns$(Get-Random)"

# Create an inbound network security group rule for port 3389
$nsgRuleRDP = New-AzureRmNetworkSecurityRuleConfig -Name myNetworkSecurityGroupRuleRDP  -Protocol Tcp `
    -Direction Inbound -Priority 1000 -SourceAddressPrefix '125.16.236.160' -SourcePortRange * -DestinationAddressPrefix * `
    -DestinationPortRange 3389 -Access Allow

# Create an inbound network security group rule for port 80
$nsgRuleWeb = New-AzureRmNetworkSecurityRuleConfig -Name myNetworkSecurityGroupRuleWWW  -Protocol Tcp `
    -Direction Inbound -Priority 1001 -SourceAddressPrefix '125.16.236.160' -SourcePortRange * -DestinationAddressPrefix * `
    -DestinationPortRange 80 -Access Allow

# Create a network security group
$nsg = New-AzureRmNetworkSecurityGroup -ResourceGroupName manjuResourceGroup -Location $location `
    -Name myNetworkSecurityGroup -SecurityRules $nsgRuleRDP,$nsgRuleWeb

# Create a virtual network card and associate with public IP address and NSG
$nic = New-AzureRmNetworkInterface -Name myNic -ResourceGroupName manjuResourceGroup -Location $location `
    -SubnetId $vnet.Subnets[0].Id -PublicIpAddressId $pip.Id -NetworkSecurityGroupId $nsg.Id

# Define a credential object
$cred = Get-Credential

#VM config
$vmsize = "Standard_DS2"
$vmName="myVM"
$vm = New-AzureRmVMConfig -VMName $vmName -VMSize $vmSize
$pubName = ”MicrosoftWindowsServer”
$offerName = ”WindowsServer”
$skuName = ”2016-Datacenter”
$vm = Set-AzureRmVMOperatingSystem -VM $vm -Windows -ComputerName $vmName -Credential $cred
$vm = Set-AzureRmVMSourceImage -VM $vm -PublisherName $pubName -Offer $offerName -Skus $skuName -Version "latest"
$vm = Add-AzureRmVMNetworkInterface -VM $vm -Id $NIC.Id

# Create a new storage account
New-AzureRmStorageAccount -ResourceGroupName "manjuResourceGroup" -AccountName "manjustorageaccount" -Location $location -SkuName "Standard_LRS"

# Disk setup
$diskName = ”manju-disk”
$storageaccount = "manjustorageaccount"
$STA = Get-AzureRmStorageAccount -ResourceGroupName $rgName -Name $storageAccount
$OSDiskUri = $STA.PrimaryEndpoints.Blob.ToString() + "vhds/" + $diskName? + ".vhd"
$vm = Set-AzureRmVMOSDisk -VM $vm -Name $diskName -VhdUri $OSDiskUri -CreateOption fromImage

# Create the virtual machine
New-AzureRmVM -ResourceGroupName manjuResourceGroup -Location $location -VM $vm

Click here to download my PowerShell scripts for Free !!

Click here for Azure tutorial videos !!

Azure – Attach and Initialize Data disk to Azure Virtual Machine

When you create an Azure windows virtual machine, it comes a default OS drive (C:\) and a temporary drive (D:\). An azure virtual machine allows you to attach a data disk to it to expand the storage. The number of data disks that can be attached to the VM depends on the Size and Family of the VM.

You can automate the process of attaching the data disk and initializing it using two scripts:

Script 1: initializePartition.ps1

This script contains the code to initialize the RAW partition.

Script 2: attachAndInstallCSE.ps1

This script will attach the data disk to the Azure windows virtual machine. It also installs the Custom Script Extension to the virtual machine.

initializePartition.ps1

$disks = Get-Disk | Where partitionstyle -eq 'raw' | sort number
    $letters = 70..89 | ForEach-Object { [char]$_ }
    $count = 0
    $labels = "data1","data2"

    foreach ($disk in $disks) {
        $driveLetter = $letters[$count].ToString()
        $disk |
        Initialize-Disk -PartitionStyle MBR -PassThru |
        New-Partition -UseMaximumSize -DriveLetter $driveLetter |
        Format-Volume -FileSystem NTFS -NewFileSystemLabel $labels[$count] -Confirm:$false -Force
    $count++
    }

attachAndInstallCSE.ps1

# Declaringvariables
$resourceGroupName = 'resourceGroupName'
$virtualMachineName = 'virtualMachineName'
$location = 'East US'
$storageType = 'Premium_LRS'
$dataDiskName = $virtualMachineName + '_datadisk1'

# Create a new managed data disk
$diskConfig = New-AzureRmDiskConfig -SkuName $storageType -Location $location -CreateOption Empty -DiskSizeGB 128
$dataDisk1 = New-AzureRmDisk -DiskName $dataDiskName -Disk $diskConfig -ResourceGroupName $resourceGroupName

# Get the virtual machine reference
$vm = Get-AzureRmVM -Name $virtualMachineName -ResourceGroupName $resourceGroupName

# Update the VM reference by adding the data disk
$vm = Add-AzureRmVMDataDisk -VM $vm -Name $dataDiskName -CreateOption Attach -ManagedDiskId $dataDisk1.Id -Lun 1

# Update the virtual machine
Update-AzureRmVM -VM $vm -ResourceGroupName $resourceGroupName

## Install the Custom Script Extension that inturn calls the initializePartition.ps1
$location = "East US 2"

# The name you want to give for the CSE
$extensionName = "extensionName"

$fileName = "initializePartition.ps1"

# Storage Account where the initializePartition.ps1 is present
$storageAccountName = "<INSERT_STORAGE_ACCOUNT_NAME>"

# Primary Access Key of Storage Account where the initializePartition.ps1 is present
$storageAccountAccessPrimaryKey = "<INSERT_STORAGE_PRIMARY_ACCESS_KEY>"

# Storage Account container where the initializePartition.ps1 is present
$storageAccountContainerName = "<INSERT_STORAGE_ACCOUNT_CONTAINER_NAME>"

Set-AzureRmVMCustomScriptExtension -ResourceGroupName $resourceGroupName -Location $location -VMName $virtualMachineName -Name $extensionName -TypeHandlerVersion "1.4" -StorageAccountName $storageAccountName -StorageAccountKey $storageAccountAccessPrimaryKey -FileName $fileName -ContainerName $storageAccountContainerName

Click here to download my PowerShell scripts for Free !!

Click here for Azure tutorial videos !!

Azure – Understand your Azure resource utilization using Azure Metrics

Understanding resource utilization is very crucial in determining how your resources are performing. Using this data, you can them make decisions on cost optimization. From my experience, clients are very keen on having a scheduled Resource Utilization Report.

If you are working in an infrastructure team, then your report for a virtual machine may include, CPU utilization, memory, disk usage, network in/Out etc.,

You can use Azure PowerShell to download Azure Insight Metric Data.

As an example, below code shows you how to retrieve CPU Utilization data for an Azure virtual machine.

# Get the virtual machine object
$vm = get-azurermvm -ResourceGroupName "automationResourceGroup" -Name "hybridworker"

# Get the resource ID for the virtual machine
$resourceID = $vm.Id

# Retrieve Azure Insight metric definitions for virtual machines
Get-AzureRmMetricDefinition –ResourceId $resourceID -DetailedOutput

Output of the above cmdlet will fetch a lot of metrics. I have selected the “Percentage CPU”.

sourceId : /subscriptions/aaaaaaa-bbbb-cccc-dddd-eeeeeeeee/resourceGroups/automation/providers/Microsoft.Compute/virtualMachines/hybridworker

Name :

LocalizedValue : Percentage CPU

Value : Percentage CPU

Unit : Percent

PrimaryAggregationType : Average

Id : /subscriptions/aaaaaaa-bbbb-cccc-dddd-eeeeeeeee/resourceGroups/automation/providers/Microsoft.Compute/virtualMachines/hybridworker/providers/microsoft.insights/metricdefinitions/Percentage CPU

The “Value” will give you the correct Metric Name.

Below code will pull the CPU utilization of the virtual machine for the last 40 minutes.

$endTime = Get-Date
$startTime = $endTime.AddMinutes(-40)
$timeGrain = '00:01:00'
$metricName = 'Percentage CPU'
$metricData = Get-AzureRmMetric -ResourceId $resourceID -TimeGrain $timeGrain -StartTime $startTime -EndTime $endTime -MetricNames $metricName
$metricData.Data

I have shown you how to fetch one such metric for an Azure resource (Azure virtual machine in this case). Similarly, you can fetch metrics for any Azure resource by obtaining the relevant “resourceID” and fetching the appropriate Azure Metric Definition.

Click here to download my PowerShell scripts for Free !!

Click here for Azure tutorial videos !!

Azure -Forgot Azure Virtual machine password?

While troubleshooting RDP issues, one of the approaches is to connect to the Azure windows machine using its local admin credentials. What if you forgot the credentials? Use the below code to reset them using VMAccess extension and PowerShell:

$resourceGroupName = "<ENTER_RESOURCE_GROUP_NAME>"
$virtualMachineName = "<ENTER_VIRTUAL_MACHINE_NAME>"
$location = "<ENTER_VM_LOCATION>"
Set-AzureRmVMAccessExtension -ResourceGroupName $resourceGroupName -location $location -virtualMachineName $virtualMachineName -Credential (get-credential) -typeHandlerVersion "2.0" -Name VMAccessAgent

Post troubleshooting, you conclude that by resetting the RDP configuration, the RDP issue will get resolved. How do you reset the RDP configuration, when you are not able to RDP? You may cause service disruption if you decide to restart or redeploy the VM to reset the RDP configuration.

Azure allows you to reset the RDP configuration without logging into the Azure windows virtual machine.

Use the below code to reset the Remote Desktop Services Configuration:

The code resets the access extension named “myVMAccess” on the VM named “myVM” in the “myResourceGroup” resource group:

Set-AzureRmVMAccessExtension -ResourceGroupName "myResoureGroup" -VMName "myVM" -Name "myVMAccess" -Location WestUS -typeHandlerVersion "2.0" -ForceRerun

Click here to download my PowerShell scripts for Free !!

Click here for Azure tutorial videos !!

Azure – Generate report for unattached Azure disks (managed and un-managed)

When you delete a virtual machine (VM) in Azure, by default, any disks that are attached to the VM aren’t deleted. This feature helps to prevent data loss due to the unintentional deletion of VMs. After a VM is deleted, you will continue to pay for unattached disks.

Unattached MANAGED disks:

When a managed disk is attached to a VM, the ManagedBy property contains the resource ID of the VM. When a managed disk is unattached, the ManagedBy property is null. The script examines all the managed disks in an Azure subscription. When the script locates a managed disk with the ManagedBy property set to null, the script determines that the disk is unattached.

Unattached UN-MANAGED disks:

When an unmanaged disk is attached to a VM, the LeaseStatus property is set to Locked. When an unmanaged disk is unattached, the LeaseStatus property is set to Unlocked. The script examines all the unmanaged disks in all the Azure storage accounts in an Azure subscription. When the script locates an unmanaged disk with a LeaseStatus property set to Unlocked, the script determines that the disk is unattached.

SCRIPT:

Download the script here

PowerShell script to generate a report of unattached VHD disks. This script will create two files – unattached_managed_disks.csv, unattached_un_managed_disks.csv

These two files will contain details about VHD files that are not attached to an Azure virtual machine.

NOTE: You have to login into your account before running the script. “login-azurermaccount” to log in to your account.

You can use the generated CSV to better manage your Azure infrastructure. Understand why the disks are not in use and take an informed decision on whether you want to delete or re-use them. Thus helping you to identify resources that are not being utilized and to reduce cost.

Click here to download my PowerShell scripts for Free !!

Click here for Azure tutorial videos !!

Azure – Who de-allocated my virtual machine?

Many a time we might want to know details about certain operations performed on our Azure resources.

Once such case study would be to track how many virtual machines are being de-allocated by users, so we can make a decision on not to monitor them.

I have written a simple script that would make the tracking easy.

Download the script

This script will fetch information of certain Azure operation against Azure resources and create a CSV file. Specifically, this script will create a CSV file that contains a list of Azure operations that de-allocates an Azure virtual machine.

You may alter the IF condition statement to produce desired results.

Example, fetch operational logs for Azure Storage only. Or fetch operational logs for re-start VM or any operation on any Azure resource.

The CSV file will be saved in the same folder from where you run the script and will be saved as “Azure_activity_logs.csv”

Click here to download my PowerShell scripts for Free !!

Click here for Azure tutorial videos !!

Azure – Install exe files (BigFix) on Azure windows virtual machine using Azure Custom Script Extension (CSE)

What is custom script extension?

The Custom Script Extension downloads and executes scripts on Azure virtual machines. This extension is useful for post-deployment configuration, software installation, or any other configuration/management task. Scripts can be downloaded from Azure storage or GitHub, or provided to the Azure portal at extension runtime. The Custom Script extension integrates with Azure Resource Manager templates, and can also be run using the Azure CLI, PowerShell, Azure portal, or the Azure Virtual Machine REST API.

This document details on how to use Custom Script Extension using the Azure PowerShell Module against an already provisioned Azure Windows virtual machine to install BigFix client.

Pre-requisites:

Operating System

The Custom Script Extension for Windows can be run on Windows 10 Client, Windows Server 2008 R2, 2012, 2012 R2, and 2016 releases.

Script Location

The script needs to be stored in Azure Blob storage, or any other location accessible through a valid URL.

Internet Connectivity

The Custom Script Extension for Windows requires that the target virtual machine is connected to the internet.

The BigFix client files are stored in the storage account:

We shall be naming the extension as “bigfixinstallextension.” Make sure that an extension with the same name already does not exist.

Step 1: Get the Azure virtual machine config object

$vm = get-azurermvm -ResourceGroupName “datadog-test” -Name “dg-private-1”

Step 2: Query the Virtual Machine object for existing extensions:

$vm.Extensions

You should see an output similar to below if it does not have any custom extensions.

Note: any azure virtual machine will have one default extension – “MicrosoftMonitoringAgent.” This is because Azure installs “Microsoft Monitoring Agent” on every virtual machine. Make sure, the virtual machine does not have another extension with the name “ bigfixinstallextension.” If it does have, we have to remove that extension.

Below link provides an Azure Powershell cmdlet to remove the extension:

https://docs.microsoft.com/en-us/powershell/module/azurerm.compute/remove-azurermvmextension?view=azurermps-5.5.0

Once, we have confirmed that a custom extension with name “ bigfixinstallextension” does not exists, we can proceed in adding one. Below is the powershell code:

# Resource group of virtual machine

$resource_group = “datadog-test”

# location of virtual machine

$location = “East US 2”

# azure virtual machine name

$vm_name = “dg-private-1”

# storage account name where the custom script is stored

$storage_account_name = “xxxx”

# storage account key of where the custom script is stored

$storage_account_key = “xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx”

# custom script file name

$file_name = “azure_custom_script_execution_install_bigfix.ps1”

# container name where the custom script is stored

$container_name = “msifiles”

# extension name for the custom script extension

$extension_name = “bigfixinstallextension”

# azure powershell cmdlet to execute add the custom script extension and to execute the powershell file

Set-AzureRmVMCustomScriptExtension -ResourceGroupName $resource_group -Location $location -VMName $vm_name -Name $extension_name -TypeHandlerVersion “1.1” -StorageAccountName $storage_account_name -StorageAccountKey $storage_account_key -FileName $file_name -ContainerName $container_name

Output:

Now login to the Azure windows virtual machine to confirm if the BigFix client is installed and running:

The downloaded file can be found inside the virtual machine at the below file path:

C:\Packages\Plugins\Microsoft.Compute.CustomScriptExtension\1.9\Downloads\1

Extension execution output is logged to files found under the following directory on the target virtual machine. For troubleshooting.

C:\WindowsAzure\Logs\Plugins\Microsoft.Compute.CustomScriptExtension

Explaining the PowerShell script – azure_custom_script_execution_install_bigfix.ps1

This script gets executed as part of the Custom Script Execution. And it is responsible for installing the BigFix agent.

Below is the code:

# Create a directory to hold BigFix files

new-item ‘c:\bigfix’ -ItemType directory

# Copy BigFix files from Azure storage to local directory

Invoke-WebRequest -Uri https://customsc.blob.core.windows.net/msifiles/clientsettings.cfg -outfile ‘c:\bigfix\clientsettings.cfg’

Invoke-WebRequest -Uri https://customsc.blob.core.windows.net/msifiles/masthead.afxm -outfile ‘c:\bigfix\masthead.afxm’

Invoke-WebRequest -Uri https://customsc.blob.core.windows.net/msifiles/setup.exe -outfile ‘c:\bigfix\setup.exe’

# Execute the setup file

$arguments = “/S /v/qn”

$filepath = “c:\bigfix\setup.exe”

Start-Process $filepath $arguments -wait

Execution Flow:

1. Create a directory to hold big fix files.

2. Copy the three files associated with BigFix installation to the directory created in Step 1.

3. Execute the setup file in silent mode.

Click here to download my PowerShell scripts for Free !!

Click here for Azure tutorial videos !!

Azure – Configure Storage Spaces for Azure VM for increased disk performance

This blog will walk you through on how to configure Storage Spaces for Azure Virtual Machine (Windows). Finally, we get to see some IOPS benchmarks.

Each data disk (Standard Storage Account) has about 500 IOPS. In this example, we are going to create a Storage Space by attaching 4 data disks to a Standard A2 sized Azure VM. In theory, this should increase the IOPS to 2k. (500 x 4 = 2000)

Configuring Storage Spaces for Azure windows VM

Step 1: Attach four data disks to your virtual machine.

From the azure portal, select your virtual machine >> Click on “Disks” >> click on the “+ Add data disk” >> Fill out the details accordingly >> Save the disk.

Repeat this process 3 more times and we will have 4 data disks attached to our virtual machine as shown below:

Inside the VM, we can see the disks attached:

4_disk_not_initialized

Step 2: Login to the virtual machine and run the following PowerShell cmdlets. This will configure Storage Space and will create a drive for you.

In our example, we will configure one volume. Hence, only one storage pool. If you are implementing SQL Server or any other architecture, you may need more than one storage pool.

New-StoragePool –FriendlyName StoragePool1 –StorageSubsystemFriendlyName “Storage Spaces*” -PhysicalDisks (Get-PhysicalDisk -CanPool $True)

Retrieve the disks from the pool and store it in a variable:

$Disks = Get-StoragePool –FriendlyName StoragePool1 -IsPrimordial $False | Get-PhysicalDisk

Create a new virtual disk using all the space available from the storage pool using a Simple configuration. The interleave is set to 256KB. We are also setting the number of columns to be equal to the number of disks in the pool

New-VirtualDisk –FriendlyName VirtualDisk1 -ResiliencySettingName Simple –NumberOfColumns $Disks.Count –UseMaximumSize –Interleave 256KB -StoragePoolFriendlyName StoragePool1

Format the disk with NTFS filesystem and a 64KB allocation unit size.

Get-VirtualDisk –FriendlyName VirtualDisk1 | Get-Disk | Initialize-Disk –Passthru | New-Partition –AssignDriveLetter –UseMaximumSize | Format-Volume –AllocationUnitSize 64KB

Below is a snippet of the PowerShell console after executing the above cmdlets.

Finally, we can see the drive. A drive named “E” will be created with a free space of ~4TB.

Benchmark Tests

Obviously, this works. However, I have run IOPS test to have a visual. You may choose any standard benchmark testing tools. To keep it simple, I have used a PowerShell script authored by Mikael Nystrom, Microsoft MVP. This script is a wrapper to the SQLIO.exe. You may download the PowerShell script and SQLIO.exe file, HERE.

Download the archive file to your local system and copy it to the server. Extract the contents to any folder.

Below is a sample script to estimate IOPS:

.\DiskPerformance.ps1 -TestFileName test.dat –TestFileSizeInGB 1 -TestFilepath F:\temp -TestMode Get-SmallIO -FastMode True -RemoveTestFile True -OutputFormat Out-GridView

Feel free to tweak the parameter values for different results.

Explaination of parameters:

-TestFileName test.dat

The name of the file, it will create the file using FSUTIL, but it checks if it exists and if it does it stops, you can override that with the –RemoveTestFile True

–TestFileSizeInGB 1

Size of the file, it has fixed values, use the TAB key to flip through them

-TestFilepath C:\VMs

The folder can also be an UNC path, it will create the folder so it does not need to exist.

-TestMode Get-SmallIO

There is too test modes Get-LargeIO or Get-SmallIO, you use Get-LargeIO to measure the transfer rate and you use Get-SmallIO to measure IOPS

-FastMode True

Fast mode true runs each test for just 10 seconds, it gives you a hint, if you don’t set it or set it to false it will run for 60 sec (it will take a break for 10 sec between each run)

-RemoveTestFile True

Removes the test file if it exists

-OutputFormat Out-GridView

Choose between Out-Gridview or Format-Table

IOPS for C drive on Azure VM [OS Disk]:

C_drive

IOPS for D drive on Azure VM [Temporary Disk]:

D_drive

IOPS for E drive on Azure VM [Standard data disk]:

E_drive

IOPS for F drive on Azure VM [Storage Spaces]:

F_drive

We can use this storage strategy when we have a small amount of data but the IOPS requirement is huge.

Example scenario:

You have 500GB of data, and the IOPS for that data exceeds 1K. Storing 500GB of data in one data disk will create IOPS problems since each data disk has a 500 IOPS limit. But, if we combine 4 disks and create a storage space, the IOPS will increase to ~2k [we have to consider latency etc., to have a correct figure]. Since we are using the same Standard A2 virtual machine and Azure charges for the overall data and not per disk, the pricing will be the same.