Category Archives: Virtual Machine Manager

OMS and System Center: What's New in April 2018

Microsoft announces constantly news about Operations Management Suite (OMS) and System Center. Our community releases this summary monthly, allowing you to have a general overview of the main new features of the month, in order to stay up to date on these arguments and have the necessary references to conduct any insights.

Operations Management Suite (OMS)

Log Analytics

Microsoft has decided to extend the Alerts in Log Analytics from OMS to the Azure Portal, centralizing on Azure Monitor. This process will be done automatically starting from 14 May 2018 (the date has been postponed, Initially it was planned for 23 April), will not result in any change to the configuration of Alerts and related queries, and it does not foresee any downtime for its implementation. For further details please consult the specific article “The extension of Log Analytics Alerts in Azure Monitor“.

Figure 1 – Notification of alerts extension in the OMS portal

To avoid situations where, the resources managed in Log Analytics may send in an unexpected way a high volume of data to the OMS Workspace, is introduced the ability to set a Daily Volume cap. This allows you to limit the data ingestion for your workspace. You can configure the Data volume cap in all regions, accessing to the section Usage and estimated costs:

Figure 2 – Setting the Daily volume cap

The portal also shows the trend of the volume of data in the last 31 days and the total volume of data, grouped by solution:

Figure 3 – Data ingestion for solution (latest 31 days and total)

Log Search API usage, used by the old Log Analytics query language, has been deprecated since 30 April 2018. The Log Search API has been replaced with theAzure Log Analytics REST API, which supports the new query language and introduces greater scalability than the results you can return. For more details on this you can consult theofficial announcement.

Agent

This month the new version ofOMS agent for Linux systems resolves a significant number of bugs and introduces new versions of the various components. It also introduced support for Debian 9, AWS 2017 and Open SSL 1.1. To obtain the updated version of the OMS agent you can access to the official GitHub page OMS Agent for Linux Patch v 1.6.0-42.

Figure 4 – Bug fixes and what's new for the OMS agent for Linux

Azure Backup

As for Azure Backup, have been announced the following improvements in service scalability:

  • Ability to create up to 500 recovery services vaults in every subscription for region (previously the limit was 25).
  • The number of virtual machines that can be registered in each vault is increased to 1000 (it was previously 200).

Azure Backup, for the protection of Azure Iaas VM, now supports the storage account secured using storage firewalls and Virtual Networks. More details about this can be found on Microsoft's official blog.

Figure 5 - Protection of Azure Iaas VM in storage protected scenarios

There are different rules to enable the long-term backup for Azure SQL Database . The procedure, to keep the backup of Azure SQL DB up to 10 years, expected saving in an Azure Recovery Vault Service. By introducing this new feature, you have the option to keep the long-term backup directly within an Azure Blob Storage and will terminate the need for a Recovery Vault Service. All this gives you more flexibility and greater control of costs. For more details about it you can see the article SQL Database: Long-term backup retention preview includes major updates.

System Center

System Center Configuration Manager

For System Center Configuration Manager has been released the version 1804 for the Technical Preview branch. In addition to general improvements in the solution this update introduce new features concerning the OSD, the Software Center and the Configuration Manager infrastructure. All the new features included in this update can be found in the article Update 1804 for Configuration Manager Technical Preview Branch. Please note that the releases in the Technical Preview Branch help you evaluate the new features of SCCM and it is recommended to apply these updates only in test environments.

System Center Operations Manager

Microsoft has released theUpdate Rollup 5 (UR5) for System Center 2016 Long-Term Servicing Channel (LTSC). This update does not introduce new features, but fixes several bugs.

Following, are the references, about this update, for each System Center product:

There are no updates regarding Service Provider Foundation.

System Center Operations Manager 1801 introduces support for Kerberos authentication when the protocol WS-Management is used from the management server for the communication with UNIX and Linux systems. This allows you to have a higher level of security, eliminating the need to enable basic authentication for Windows Remote Management (WinRM).

Also in System Center Operations Manager 1801 introduces the following improvements on the management of the Linux log file monitor:

  • Support for Wild Card characters in the name and path of the log file.
  • Support for new match patterns that allow customized searches of log.
  • Support for pluging Fluentd published by fluentd community.

Below there are the news concerning the Management Pack of SCOM:

  • MP for Windows Server Operating System 2016 and 1709 Plus 10.0.19.0
  • MP for SQL Server 2008-2012 7.0.4.0
  • MP for SQL Server 2014 7.0.4.0
  • MP for SQL Server 2016 7.0.4.0
  • MP for Microsoft SQL Azure Database 7.0.4.0
  • MP for SQL Server Dashboards 7.0.4.0
  • MP for UNIX and Linux 7.6.1085.0

Evaluation of OMS and System Center

Please remember that in order to test and evaluate for free Operations Management Suite (OMS) you can access this page and select the mode that is most appropriate for your needs.

To test the various components of System Center 2016 you can access theEvaluation Center and after the registration you can start the trial period.

Virtual Machine Manager 1801: The Upgrade Process and the Possible Issue

Starting from this year for Virtual Machine Manager, as well as for other System Center products, an updated version will be released each 6 months (semi-annual channel). In February it was announced that version 1801 of System Center Virtual Machine Manager and the update is recommended to take advantage of the new features and to have greater integration with Microsoft Azure. This article describes a specific issue that you can encounter while upgrading, reporting in detail the causes and how you can resolve it.

In order to upgrade to version 1801 of System Center Virtual Machine Manager (SCVMM 1801) you can not do an upgrade in place, but you must completely uninstall SCVMM maintaining the database, and perform a new installation by using the existing database. The detailed procedure is described in this Microsoft's document and it requires a careful preliminary verification of the requirements as well as to have, for precautionary purposes, a backup of the SCVMM database. If you are using more System Center products it is important to proceed with the update according to the sequence in the document.

Figure 1 - Installation Wizard Step with the use of the existing VMM DB

During the setup the installation of Virtual Machine Manager 1801 may fail with the following error: “Unable to connect to the VMM database because of a general database failure. Ensure that the SQL Server is running and configured correctly, then try the operation again“.

Figure 2 – Error during the upgrade to version 1801

As can be seen it is a generic error and to obtain further details it is necessary to consult the log of the Wizard (“C:ProgramDataVMMLogsSetupWizard.log“) which include the following details:

Figure 3 - Error reported in the installation logs

The error refers to a known issue documented in the release notes of VMM 1801:

Figure 4 – Documented known issue

The problem occurs if in the current Virtual Machine Manager installation has been changed the name of one of the port classifications present by default. In the specific case, controlling the table “[dbo].[tbl_NetMan_PortClassification]” in the Virtual Machine Manager database, there is an entry, with the ID reported in the error, that has the name that is “Management” instead of “Host management” (default name).

Figure 5 – Entry with non-default name in the table "tbl_NetMan_PortClassification"

The difficulty, when this error comes, is to accurately know which are the default names of the port classifications. For this reason we report the default port classifications that it is necessary that they are not changed in the name to successfully upgrade to SCVMM 1801.

Figure 6 – Port classifications present by default

If you are in this condition it is necessary to change the names of port classifications, above reported, bringing them all to default and then repeat the installation setup of SCVMM 1801.

When this is done the installation of SCVMM 1801 will not end with the error described above.

Figure 7 – Upgrade to SCVMM 1801 successfully completed

Changing the port classification may be temporary, and after the upgrade is possible to evaluate to name them at will.

Conclusions

This specific error condition occurs in a systematic way if there is the described situation, so it's good if you can consider it before proceeding with the upgrade of SCVMM 1801, in order to avoid it. In case you encounter the error is still possible to easily solve it with the information reported in the article.

OMS and System Center: What's New in February 2018

The month of February was full of news and there are different updates that affected Operations Management Suite (OMS) and System Center. This article summarizes in concise terms to have a global vision and it contains the necessary references to learn more about it.

Operations Management Suite (OMS)

Log Analytics

Everyone who uses Azure ExpressRoute will be glad to know that you can now monitor it by using the Network Performance Monitor (NPM). This feature has been in previews for a few months and has now passed in the state of general availability. Among the features of this monitor solution we find:

  • Ability to view interactively, using the topology view of NPM, the various components (network on-premises, circuit provider edge, circuit ExpressRoute, edge Microsoft, and the Azure VMs) and latency measured in each hop. This allows you to easily identify any performance issues in connectivity and quickly locate the problematic segment of communication.
  • Ability to view the bandwidth usage of primary and secondary ExpressRoute circuit . Thanks to drill-down is also possible to intercept the bandwidth usage for each vNet connected to the ExpressRoute circuit.
  • Ability to create queries and custom views thanks to the fact that all details of the solution are available in the repository of Log Analytics and therefore you can use the native search functionality and correlation to suit your needs.
  • Ability to diagnose various problems of connectivity present in ExpressRoute circuit .

Figure 1 – Azure ExpressRoute Monitoring

For more information about how to configure the ExpressRoute monitor with NPM please visit the Microsoft's official documentation.

Also in Network Performance Monitor (NPM) was introduced the Service Endpoint Monitor with the integration into the monitor and into the performance of your application also of the performance end-to-end of the network. This feature allows you to create different types of tests (HTTP, HTTPS, TCP and ICMP), that must be carried out in key points of the network infrastructure, so you can quickly identify whether the problem encountered is related to the network or is related to the application. Through the use of the network topology map the problem and its nature is easily locatable. This is a feature in public preview whose characteristics are described in detail in this article.

Agent

This month the new version ofOMS agent for Linux systems fixes some bugs and also introduces an updated version of the components SCX and OMI. To obtain the updated version of the OMS agent you can access to the official GitHub page OMS Agent for Linux Patch v 1.4.4-210.

Figure 2 – Bug fixes and what's new for the OMS agent for Linux

Azure Backup

In this article is described how to build the solution of monitor in Log Analytics for Azure Backup. With this monitor solution, you can control the main aspects of Azure Backup as the backup and restore jobs, backup alert and use of cloud storage. You can do all cross Recovery Service vault and cross subscription, being able to take advantage of the features built into Log Analytics, such as the automated opening of ticket via webhooks or through integration with ITSM. It is a community solution, and each contributed is obviously welcome.

For Azure Backup was announced (in general availability) the possibility of creating consistent backups at the application layer for Linux virtual machines running on Azure. On Windows systems this is done using the VSS component, while for Linux VM it is made available one scripting framework through which you can run the pre-scripts and post-scripts to control the backup execution.

Figure 3 – Mechanism for realization of backup application consistent in VMs Linux on Azure

For more details on this you can consult theofficial announcement, while for more information about Linux virtual machine protection in Microsoft Azure, using Azure Backup, you can view the article: Azure Backup: the protection of Linux on Azure.

Azure Backup introduces the ability to protect natively Azure File Shares. This feature is currently in Public Preview and the main features are:

  • Chance, accessing Recovery Service vault, to make the discovery of storage acccount and detect files shares unprotected.
  • Large-scale protection: there is the possibility to back up multiple file shares contained in a storage account and apply a common security policy.
  • Instant and granular restore. The protection is based on file share snapshots and this allows you to quickly restore files selectively.
  • From the Azure portal you can explore the different restore point available to easily identify which files to restore.

Figure 4 – Backup of Azure File Shares

For further information you can consult theofficial announcement.

This month has been released a Mandatory Update for the Microsoft Azure Recovery Services agent (MARS). For all those who use Azure Backup you must install this update as soon as possible to avoid failures in backup and recovery tasks.

Azure Site Recovery

In Azure Site Recovery was made available a wait functionality, that allows to protect virtual machines having managed disk, in the replication scenario between different Azure regions, allowing greater flexibility for Disaster Recovery scenarios with systems in Azure.

Figure 5 – Enabling replication of a VM with Managed Disks

System Center

As announced in the last few months and as is already the case for the operating system and Configuration Manager, also the others System Center products, in particular, Operations Manager, Virtual Machine Manager, and Data Protection Manager will follow a release of updated versions every 6 months (semi-annual channel). This month there was the first release with the version 1801 of System Center.

Figure 6 – Summary of what's new in version 1801 of System Center

To know the details of what is new in this release, please consult the official announcement. Please remember that for belonging to the semi-annual channel support is guaranteed 18 months.

System Center Configuration Manager

Released the version 1802 for the branch Technical Preview of System Center Configuration Manager: Update 1802 for Configuration Manager Technical Preview Branch.

This release introduces a considerable number of innovations on different areas, including: OSD, Cloud Management Gateway, features of Windows 10 and Office 365, Software Center and Site Server High Availability.

Please note that the releases in the Technical Preview Branch help you evaluate the new features of SCCM and it is recommended to apply these updates only in test environments.

System Center Operations Manager

The feature called "Updates and Recommendations", introduced in SCOM 2016 for Management Packs from Microsoft, is useful to facilitate the process of discovery of appropriate MPs to monitor different workloads present in your infrastructure and keep them updated. This feature is enabled by well over 110 Microsoft workloads. Microsoft announced that it is extending this feature also for MPs produced and offered by third parties. In release 1801 of Operations Manager are currently covered MPs of the following external partners:

Figure 7 – Feature Updates and Recommendations with MPs of partners

As a result of the release of version 1801 of System Center were also made available the following new SCOM Management Packs:

System Center Service Manager

Released a new version of Service Manager Authoring Tool.

Evaluation of OMS and System Center

Please remember that in order to test and evaluate for free Operations Management Suite (OMS) you can access this page and select the mode that is most appropriate for your needs.

To test the various components of System Center 2016 you can access theEvaluation Center and, after registering, you can start the trial period.

System Center Virtual Machine Manager 1711: managing virtual machines on Azure

As is already the case for the operating system from next year for the System Center products Microsoft will release updated versions every 6 months (semi-annual channel). The main objective of releasing new versions of the product at a higher rate is to improve support for increasingly heterogeneous environments, enhancing the user experience, performance and stability, and ensure a speedy integration with the cloud world.

Figure 1 – Release Cadence of System Center products

The only exception is that Configuration Manager will continue to respect the release of 3 versions every year to better support integration with Intune.

System Center 1801 will introduce new features with regard to Operations Manager, Virtual Machine Manager, and Data Protection Manager, while for Orchestrator \ SMA and Service Manager will include only security-related updates and resolution of issues.

In November was announced the preview of the new version of System Center (version 1711) which you can download at this address to evaluate the new features that will be introduced in the next year.

In this article, we will learn the feature found in Virtual Machine Manager that allows you to manage Azure virtual machines from SCVMM console. With the current version of Virtual Machine Manager, this feature is now limited because it only supports the management of virtual machines that you create with the defined deployment model Azure Service Management (ASM) and only for the public region of Azure. Even the authentication process must necessarily be done through management certificate. In SCVMM 1711 (Technical Preview) the integration to manage virtual machines in Azure extends by introducing the following changes:

  • Support for virtual machines created using the deployment model Azure Resource Manager (ARM).
  • Authentication in Azure Active Directory and not only certificate-based.
  • Subscription management present not only in the public region of Azure, but also in specific region as Germany, China and US Government.

Following are the steps that you must follow to configure this integration using Azure Active Directory as authentication and authorization process. This authentication method is required to manage both Azure virtual machines created in classic mode (ASM) that in ARM mode. To do this configuration it is necessary to create an Azure Application and assign the necessary permissions to access to the Azure subscription. To create the application you can follow the step reported in detail in Microsoft's official documentation.

Figure 2 – Adding a new Azure Active Directory Application

After you create the Azure Application you should make a note of its Application ID and you need to generate a new Application Key. These values are required by the configuration wizard of SCVMM:

Figure 3 - Application ID and the generation of an authentication key

The Azure AD Application must be a member of a role that only allow you to manage the virtual machines in the Azure subscription. For this reason, you must associate the App you just created to the role Virtual Machine Contributor in the Azure subscription.

Figure 4 - Assignment of the role "Virtual Machine Contributor" to the Azure AD App

By accessing the Virtual Machine Manager console, from the workspace VMs and Services you can add one or more Azure subscriptions:

Figure 5 – Addition of the Azure subscription from the SCVMM console

The configuration screen requires the input of data relating to the subscription and the information to perform the authentication process by Azure AD App:

Figure 6 – Subscription data and authentication information through Azure AD

At the end of this configuration will be displayed in the Virtual Machine Manager console the virtual machines configured in the Azure subscription. On these virtual machines at the moment you can do only the following basic tasks: Start, Stop, Stop e Deallocate, Restart and launch the RDP connection. In addition, for each virtual machine there are some information related to the configuration of the Azure environment.

Figure 7 – Managing Azure virtual machines from SCVMM console

Conclusions

Having in a single console all virtual machines, including those present in Azure, enables administrators to manage, even with simple tasks, easily and with greater rapidity hybrid environments. At the moment it comes as a basic integration but thanks to an accelerated release cycle expected for Virtual Machine Manager is very likely that this integration can be expanded more and more.

OMS and System Center: What's New in November 2017

In November there have been several announcements from Microsoft concerning Operations Management Suite (OMS) and System Center. This article will summarize briefly with the necessary references to be able to conduct further studies.

Operations Management Suite (OMS)

Log Analytics

As already announced since 30 October 2017 Microsoft has launched the upgrade process of the OMS workspaces not yet updated manually. In this regard has been released this useful document that shows the differences between a legacy OMS workspace and a updated OMS workspace, with references for further details.

Solutions

Those that use circuit ExpressRoute will be glad to know that Microsoft announced the ability to monitor it through Network Performance Monitor (NPM). This is a feature currently in preview that allows you to monitor connectivity and performance between the on-premises environment and vNet in Azure in the presence of ExpressRoute circuit. For more details about the features announced you can consult theofficial article.

Figure 1 – Network map showing details of ExpressRoute connectivity

Agent

As usual it was released a new version of the OMS Agent for Linux systems that now takes place on a monthly basis. This release fixes bugs related diagnostics during agents onboarding. Are not being introduced new features. To obtain the updated version please visit the official GitHub page OMS Agent for Linux Patch v 1.4.2-124.

Protection and Disaster Recovery

Azure Backup always protected backups from on-premises world toward Azure using encryption that takes place using the passphrase defined during the configuration of the solution. To protect VMs in Azure the recommendation for greater security in the backup was to use VMs with disk-encrypted. Now Azure Backup uses Storage Service Encryption (SSE) to do the encryption of backups of virtual machines on Azure, allowing to obtain in an integrated manner in the solution a mechanism for the implementation of the backup security. This also will happen to existing backup automatically and through a background task.

Microsoft, in order to bring more clarity with regard to pricing and licensing of Azure Site Recovery, updated the FAQ which you can see in the official page of pricing of the solution.

System Center

As is already the case for the operating system and System Center Configuration Manager, the other System Center products, in particular, Operations Manager, Virtual Machine Manager, and Data Protection Manager will follow a release of updated versions every 6 months (semi-annual channel). The goal is to rapidly deliver new capabilities and to ensure a speedy integration with the cloud world, which is essential given the speed with which it evolves. In November was announced the System Center preview version 1711 which you can download at this address.

Figure 2 – Summary of what's new in System Center preview version 1711

To know the details of the new features in this release, please consult theofficial announcement.

System Center Configuration Manager

For System Center Configuration Manager current branch version 1706 was issued an important update rollup you should apply as it solves a lot of problems.

Released the version 1710 for the Current Branch (CB) of System Center Configuration Manager that introduces new features and major improvements in the product. Among the main innovations of this update definitely emerge the possibilities offered by the Co-management that expand the possibilities for device management using either System Center Configuration Manager and Microsoft Intune.

Figure 3 – Features and benefits of Co-management

For a complete list of new features introduced in this version of Configuration Manager, you can consult theofficial announcement.

Released the version 1711 for the Technical Preview branch of System Center Configuration Manager. The new features in this update are:

  • Improvements in the new Run Task Sequence step.
  • User interaction when installing applications in the System context even when running a task sequence.
  • New options, in the scenario of using Configuration Manager associated with Microsoft Intune, to manage compliance policy for devices Windows 10 related to Firewall, User Account Control, Windows Defender Antivirus, and OS build versioning.

I remind you that the releases in the Technical Preview Branch allows you to evaluate in preview new SCCM functionality and is recommended to apply these updates only in test environments.

Released a updated version of the Configuration Manager Client Messaging SDK.

System Center Operations Manager

Released the new wave of the SQL Server Management Packs (version 7.0.0.0):

The Management Packs for SQL Server 2017 can be used for the monitor of SQL Server 2017 and subsequent releases (version agnostic), this allows you to avoid having to manage different MPs for each version of SQL Server. The controls for versions of SQL Server earlier than 2014 are included in the generic MP "Microsoft System Center Management Pack for SQL Server".

System Center Service Manager

Microsoft has published a series of tips and best practices to be followed during Authoring Management Pack of System Center Service Manager (SCSM).

Please remember that in order to test and evaluate for free Operations Management Suite (OMS) you can access this page and select the mode that is most appropriate for your needs.

System Center 2016: upgrade of Virtual Machine Manager in high availability

In certain environments System Center Virtual Machine Manager (SCVMM) plays a major role within your infrastructure, to the point that it requires a configuration in high availability. This happens especially at large infrastructures that host a large number of virtual machines, such as Service Provider, where Virtual Machine Manager is used extensively to perform different tasks of managing your virtual datacenter and deliver services. Thanks to the new features in Windows Server 2016 you can address the upgrade of deployments in high availability of SCVMM minimizing catches of service. This article will examine what steps to take to upgrade to Virtual Machine Manager 2016 in a high availability implementation.

A requirement to continue this activity is that Virtual Machine Manager 2012 R2 is updated with at least the update rollup 9. It is also important to ensure that the SCVMM database is hosted on a SQL Server instance of a supported version from SCVMM 2016. Before you begin the activity is essential to carry out the operations mentioned in the specific section of the official Microsoft documentation, in particular, you should ensure that you have a backup of the SCVMM database.

At this point you can follow the steps below that, also relying on the capabilities of Cluster Operating System Rolling Upgrade, allow you to update the implementation of SCVMM 2012 R2 minimizing the catch of the service only for the time needed for a failover and allowing you to also make the switch to Windows Server 2016 of the various nodes in the cluster.

The procedure initially plans to add to the existing cluster that hosts Virtual Machine Manager and with nodes based on Windows Server 2012 R2, an equal number of nodes Windows Server 2016.

Figure 1 – Adding cluster nodes

Figure 2 – Choose servers to add to the cluster environment

Figure 3 - Confirmation of the nodes to add to the cluster

Figure 4 - Adding nodes successfully completed

Since then the cluster will come in Mixed Mode with both nodes Windows Server 2012 R2 and nodes Windows Server 2016 and will continue to provide the service of SCVMM.

Figure 5 – Cluster consisting of nodes Windows Server 2012 R2 and nodes Windows Server 2016

On nodes Windows Server 2016 you must install the component Assessment and Deployment kit (ADK) of Windows 10 and proceed to install Virtual Machine Manager 2016. The installation can also be done on Windows Server 2016 without the desktop experience, assuming that you do not need to set up on the same system the SCVMM Library and that Operations Manager integration is not necessary, as it requires the presence of SCOM console which is not supported on server core.

Figure 6 - Setup of Virtual Machine Manager 2016 in a environment Windows Server 2016 (core)

The setup automatically detects the presence of a highly available SCVMM environment and prompts you to add the new SCVMM server as a node of the actual installation.

Figure 7 – Detection of HA environment

Figure 8 – Selecting features to install

Then you are prompted for information for product registration (Name, Organization and Product Key) and you must accept the license agreement. Continuing with the setup you are prompted as follows:

Figure 9 - Selecting the settings for updating SCVMM via Windows Update

Figure 10 – SCVMM installation path

The check of prerequisites checks whether the environment is suitable to accommodate the installation of SCVMM and returns any warning or error conditions:

Figure 11 – Check the prerequisites

The SQL Server command line utilities is required for SQL Server data-tier apps present in the SCVMM Fabric.

The configuration for your database is detected automatically, you can not edit it, and the setup requires upgrading of the SCVMM database recognizing that it is a DB on the previous version of SCVMM:

Figure 12 – Configuration for accessing the SCVMM database and upgrade notification

Then you are prompted to enter the password of the service account of SCVMM, which must be an administrator of the machine where you are performing the installation:

Figure 13 - Service Account and Distributed Key Management configuration

Even the ports used by the different features of SCVMM are inherited by the current installation and is not allowed to change them during setup:

Figure 14 - Summary non-editable of the ports used by the Management Server

During the setup of a Virtual Machine Manager environment in high availability you cannot specify settings related to the Library, but you must take care of it after the installation.

Figure 15 - Library settings unavailable

At this point, the setup shows a compatibility report where are highlighted some aspects to consider regarding the installation process:

Figure 16 – Upgrade compatibility report

As the last step shows a summary of your choices and you can start the installation process:

Figure 17 – Summary of installation choices

Figure 18 – Setup completed successfully

After the installation it is recommended to install the latest update rollup for System Center Virtual Machine Manager.

Concluded this setup on all new cluster nodes you want to add, you can fail over the SCVMM service to one of the upgraded nodes. After you make sure of the correct functioning of the Virtual Machine Manager 2016 you can proceed with the removal of nodes with SCVMM 2012 R2 and its uninstallation:

Figure 19 - Evict nodes with SCVMM 2012 R2

Following is appropriate to adjust if necessary the configuration relative to the Quorum in the cluster environment and validate the configuration using the Cluster Validation Wizard. Only when there is the certainty that the environment is in a final stable condition you can update the Functional Level of the cluster through the cmdlet Powershell Update-ClusterFunctionalLevel (non-reversible operation).

Finally you should consider conducting the following:

  • Update all SCVMM agents.
  • If the deployment of SCVMM 2012 R2 was integrated with Azure Site Recovery you need to completely repeat the installation and configuration.
  • Configure the possible integration with Operations Manager. In this regard it should be noted that the System Center components must comply with a precise order in the upgrade process and SCOM needs to be updated before than SCVMM.
  • Removing and adding driver packages to the Library of SCVMM to allow you to properly complete the discovery process.
  • If there is a PXE server in the Fabric of SCVMM it is necessary to remove it and add it again to renew certificates used by role.

Figure 20 – Removal of systems with PXE Server role

Figure 21 - Adding systems with the role of PXE Server

 

Conclusions

Virtual Machine Manager upgrade process in high availability needs to be approached with utmost caution given the likely criticality of the service, but the intended upgrade path is simple and also thanks to the functionality of Cluster Operating System Rolling Upgrade introduced in Windows Server 2016 it is possible to upgrade the entire environment contemplating also the update of the operating system of the nodes that host SCVMM, with a short stop given by one failover activity.

OMS and System Center: What's New in October 2017

This article lists the main changes announced in October concerning Operations Management Suite (OMS) and System Center. This is a concise summary that contains the necessary references for further study.

Operations Management Suite (OMS)

Log Analytics

In Log Analytics in August was released a major update that introduces a number of changes, as the powerful new query language, the introduction of the new Advanced Analytics portal and greater integration with Power BI. For further information you can consult the specific article Log Analytics: a major update evolves the solution. During the month, Microsoft announced that from 30 October 2017 is started automatically the upgrade process of the OMS workspaces not yet updated manually. Everything will be done in a gradual way for region according to the schedule below:

Figure 1 - Scheduling for rollout of the upgrade of Log Analytics

Also starting from 16 October 2017 the new OMS workspaces are already build in the new mode and there is no possibility to create a legacy workspace. For further information you can consult the article Azure Log Analytics workspace upgrades are in progress.

Solutions

Thanks to the solution Azure Log Analytics Container Monitoring for the Service Fabric under Linux now you can:

  • Centralize and correlate logs that are related to containers.
  • For containers and nodes display in almost real-time metrics for CPU, memory, storage and network utilization.
  • Identify containers with excessive use of resources.
  • Control the use of process-wide resources (Docker container top).
  • See an inventory of the container node that contains information about the Orchestration.

Figure 2 – Container Monitoring solution for Linux Service Fabric

The presence of an Azure Resource Manager (ARM) template that lets you create a new Log Analytics Workspace and install during the deployment the OMS agent on all nodes of the Service Fabric cluster facilitates the activation of the monitor. At the end of the cluster deployment simply add to the workspace of Log Analytics the solution Container Monitoring available in Azure Marketplace, and in a few minutes will be available in Log Analytics information on the Service Fabric. For further information you can consult the article Azure Log Analytics Container Monitoring solution for Linux process Fabric.

By using the Azure Action Groups you can use the Log Analytics solution IT Service Management Connector Solution to automatically open incident in your product or service of IT Service Management (ITSM), if properly supported, against alert generated in the Azure environment. The steps to configure this new feature is documented in the ad Send your Azure alerts to ITSM tools using Action Groups.

Agent

Released a new version of the OMS agent for Linux systems that mainly has solved some bugs and introduced some useful improvements. For more details and to get the updated version please refer to the official GitHub page OMS Agent for Linux GA v 1.4.1-123

Figure 3 – Bug fixes and what's new for the OMS agent for Linux

Azure Automation

As for Azure Automation have been announced, currently in preview, exciting new features:

  • Update management: it allows you to have visibility on the updates compliance for both Windows and Linux systems, regardless of their location (Azure, on-premises or others cloud). It also allows you to schedule the deployment to install the updates within a specific maintenance window. Among the features offered is the ability to exclude specific updates from the deployment and retrieve logs for the deployment useful for troubleshooting.
  • Inventory: it allows you to retrieve inventory information about the installed applications within systems. All this can easily be accessed directly from the portal Azure.
  • Track changes: useful for monitoring changes made to systems for services, daemons, software, registry and files. This feature can be very useful to diagnose specific problems and to enable alerts against unexpected changes.

Figure 4 – New features in preview of Azure Automation

For further details please consult the specific article What's New in Azure Automation: Inventory, Change Tracking and Update Management.

Azure Automation also introduces the ability to implement runbook written in Python 2 and adds support for the role Hybrid Runbook Worker under Linux. These features are currently in public preview.

System Center

TheUpdate Rollup 4 for Microsoft System Center 2016 has been released.

These are the System Center products affected by the update that resolves several issues and introduces some improvements:

The Update rollup 4 introduces support for the security protocol TLS 1.2 for all encrypted communications. Earlier versions of TLS and SSL encryption mechanisms are not considered with a high level of security, for this reason Microsoft has decided to introduce for the following System Center products official support for the security protocol TLS 1.2:

  • System Center Operations Manager (SCOM)
  • System Center Virtual Machine Manager (SCVMM)
  • System Center Data Protection Manager (SCDPM)
  • System Center Orchestrator (SCO)
  • Service Management Automation (SMA)
  • Service Provider Foundation (SPF)
  • System Center Service Manager (SM)

Enabling TLS 1.2 requires that you follow the following macro step:

  1. Install security updates for Windows Server, .NET 4.6 and SQL Server.
  2. Install the Update Rollup 4 of System Center 2016 on the different components. Regarding Service Management Automation (SMA) and Service Provider Foundation (SPF) you still need to apply the latest Update Rollup available. In addition to SMA you need to update its Management Pack.
  3. Change the settings to enable TLS 1.2 in the Windows environment on all System Center components.
  4. Adapt the System Center component-specific settings that require it (SCOM, SCDPM and SCO).

For more details you can follow the specific deployment guide.

System Center Configuration Manager

Released version 1709 for the branch Technical Preview of System Center Configuration Manager: Update 1709 for Configuration Manager Technical Preview Branch – Available Now!

The new features in this update are:

  • Co-management: solution that allows the management of devices using either System Center Configuration Manager and Microsoft Intune. Thanks to Windows 10 Fall Creators Update there is the opportunity to join the device both to the Active Directory domain (AD) on-premises and to Azure AD in the cloud. This expands the possibilities for management of devices using the Configuration Manager client and the MDM agent of Intune.

Figure 5 – Co-Management from the SCCM console

  • Improvement regarding the use of SCCM connected to Intune for the management of the mobile devices with regard to the settings of VPN profiles. With this update, in fact while creating a new VPN profile shows only the appropriate settings for the platform that you intend to configure. More details about you can retrieve them in this article.

Also released version 1710 always for the branch Technical Preview of System Center Configuration Manager. The many innovations introduced with this update are available in the announcement Update 1710 for Configuration Manager Technical Preview Branch – Available Now!.

I remind you that the releases in the Technical Preview Branch allows you to evaluate in preview new SCCM functionality and is recommended to apply these updates only in test environments.

System Center Operations Manager

In the table below the news about SCOM Management Pack 2016:

The changes introduced by these new MPs can be found in the article DHCP 2016 and 2012 R2 Management Pack release.

System Center Orchestrator

Released the latest version of’Integration Pack for System Center 2016.

To test and evaluate for free Operations Management Suite (OMS) you can access this page and select the mode that is most appropriate for your needs.

OMS Log Analytics: How to collect Virtual Machine Manager jobs

In OMS there is a new solution Virtual Machine Manager (VMM) Analytics that allows to centralize inside Log Analytics, jobs from one or more instances of Virtual Machine Manager to have an overview of all activities performed by VMM in the virtualization infrastructure.

In this article we will see how to enable and configure this new solution so you can use the tools offered by the OMS platform to more easily diagnose any issues related to the activities carried out on the virtualization hosts and virtual machines using Virtual Machine Manager. Furthermore, through the power of language to create queries in OMS you can search and correlate data collected by others OMS solutions in a simple and functional way.. Don't overlook the possibility of implementing automated tasks through runbooks in Azure Automation for the resolution of any issues.

In order to implement the solution Virtual Machine Manager (VMM) Analytics you will need the following requirements:

  • Azure Subscription.
  • OMS Workspace where to deploy the solution.
  • Azure Automation Account with the presence of the Hybrid Worker role able to communicate with Virtual Machine Manager.
  • Credentials with read permission on the VMM server from which you want to collect information.

It is an open-source solution that can be included in the workspace OMS following this steps.

First, it is necessary to access the Azure Portal and select the subscription that contains the OMS workspace which you want to add the solution. To start the deployment of the solution simply access to its GitHub page and press the button Deploy to Azure. Automatically compare the template that requires the inclusion of the following parameters:

Figure 1 – Parameters required by the template of the solution

The template of the solution requires you to select, in addition to the basic information such as the name of the Subscription and the Resource Group, the name and the region of the OMS Workspace on which will be deployed the solution. Are also requests information relating to the Automated Account that will contains everything needed for the automation allowing the solution to catch the information relating to the Virtual Machine Manager system, whose name is specified as the last parameter.

At the end of the deployment of the solution inside the specified Automation Account will be created the runbook called vmmanalytics, thanks to which is carried out the import in Log Analytics of VMM jobs.

Figure 2 – Runbook used by Virtual Machine Manager solution (VMM) Analytics

Now you need to set the variable LastRunTime in the Assets with a string expressed in the form “yyyy-MM-ddTHH:mm:ss.fffffffZ“. This variable specifies the time from which the runbook will begin to collect the jobs of VMM. At every execution of the runbook this variable is updated automatically. As you can see from the following image there are other variables already populated automatically by the process of deployment of the solution:

Figure 3 – variables used by the runbook of the solution

You also need to specify credentials with the appropriate permissions to read jobs from the instance of Virtual Machine Manager:

Figure 4 – Required credentials for collecting VMM jobs

The runbook vmmanalytics can be run manually, but to import in an automatic and recurring way the jobs of VMM in Log Analytics you can create a specific schedule to suit your needs:

Figure 5 – Schedule creation

Afterwards you must attach schedule created to the runbook vmmanalytics and set which Hybrid Worker use to contact the Virtual Machine Manager instance.

Figure 6 – Scheduling and execution parameters of the Runbook

After successfully completing the first run of the Runbook, using the OMS portal you can access the solution Virtual Machine Manager Analytics which includes a number of useful reports to display in a simple and intuitive way the data collected from instances of Virtual Machine Manager.

Figure 7 – Overview of VMM Analytics solution

The dashboard of the solution also allows you to define the time range to filter, more accurately and to suit your needs, the jobs collected from Virtual Machine Manager.

Figure 8 – Defining the Time Range

Conclusions

Thanks to this new solution is made available to the VMM administrators the potential of the OMS platform. This is very useful because you can hypothesize scenarios where are merged into a single OMS workspace jobs from more instances of Virtual Machine Manager. It may be possible to configure OMS alerts to notify working groups on the state of execution of the job performed using VMM and undertake remediations in the face of problems. Also by correlating jobs collected with this solution with information from others OMS solutions as Capacity and Performance and Change Tracking you can simplify troubleshooting and you can more easily identify the causes of any problems. Virtual Machine Manager (VMM) Analytics is an open-source solution so you can contribute to its development by directly accessing its GitHub page.

To test and evaluate for free Operations Management Suite (OMS) you can access this page and select the mode that is most appropriate for your needs.

Virtual Machine Manager 2016: Installation of ’ agent in Windows Server 2016 (Server Core)

This article contains the steps that are required in order to install the Virtual machine Manager Agent via push 2016 on a Windows server 2016 installed in Server Core mode, that is certainly the most common installation option for Hyper-V systems.

Let's start with the specified that during the installation of Windows Server 2016 the wizard asks you to choose one of the following options:

  • Windows Server 2016 that equates all installation ’ Server Core. This is the recommended server installation mode less than special needs which require the use of the user interface or the graphical tools of management as it requires less disk space usage, reduces the potential attack surface and reduces l ’ management effort. This installation mode is not present in the standard user interface (“Server Graphical Shell”) and to manage the server you must use the command line, Windows PowerShell or you can do it from a remote system.
  • Windows Server (Server with the Desktop Experience) that corresponds to an equivalent version ’ Full of Windows Server 2012 R2 with installed the feature “Desktop Experience”.

Unlike previous versions of Windows Server there is the possibility of converting a Server Core installation to a Server installation with the Desktop Experience or vice versa, the only possibility of conversion is to perform a new installation of the operating system.

In Windows Server 2016 You can also use the Nano Server mode (for owners of the Datacenter Edition) for having a footprint further reduced. For more information about Nano Server I invite you to consult the following articles Windows Server 2016: Introduction to Nano Servers and Windows Server 2016: Use Nano Server Image Builder.

Trying to push install VMM agent 2016 on a default installation of Windows Server 2016 (Server Core) you will receive the following error message because it is necessary to make a number of preliminary tasks:

Figure 1 – VMM error 2016 on default installation of WS2016

By checking the details of the error you are directed towards a series of checks that should be carried out and that require different corrective actions.

  1. Ensure ' Host ' is online and not blocked by a firewall.

The first point is obvious and requires that the system is online and that there is no firewall blocking the communication systems from the VMM server.

  1. Ensure that file and printer sharing is enabled on ‘Host’ and it not blocked by a firewall.

Using the following command you can check that by default the firewall rule ‘File and Printer Sharing (Echo Request – ICMPv4-In)’ non è abilitata. Nell’immagine seguente è riportato il comando necessario per consentire questo tipo di traffico in ingresso:

Figure 2 – Gestione regola del firewall ‘File and Printer Sharing (Echo Request – ICMPv4-In)

  1. Ensure that WMI is enabled on ‘Host’ and it not blocked by a firewall.

Similar situation also regarding the firewall rule to allow traffic Windows Management Instrumentation (WMI) inbound, default is inactive and you must enable the feature:

Figure 3 – Gestione regola del firewall ‘Windows Management Instrumentation (WMI-In)

  1. Ensure that there is sufficient free space on the system volume.

Of course you need to make sure that on the system volume there is enough disk space for the installation of the VMM agent that requires a few dozen MB.

  1. Verify that the ADMIN $ share on ' Host ' exists. If the ADMIN $ share does not exist, restart ' Host ' and then try the operation again.

During the first phase of push installation of the VMM agent is done copying the setup share ADMIN $ remote server. Windows Server 2016 installed in server core mode is devoid of the File Server role:

Figure 4 – Check for File Server role

By default there is instead the feature to support the SMB Protocol v 1.0 / CIFS which in this case can safely be removed as unnecessary.

To allow access to this share ADMIN $ You then add the File Server role by using the following Powershell command:

Figure 5 – File Server role installation and removal feature for SMB support v 1.0 / CIFS

Terminate these operations you can install the VMM agent push 2016 on a default installation of Windows Server 2016 (Server Core):

Figure 6 – Job of the VMM agent installation successfully completed

 

Conclusions

In Windows Server 2016 installed in Server Core mode task as simple as the VMM agent push installation 2016 require a careful and timely system setup, Despite this I believe this installation mode is the preferred choice in most deployment of Hyper-V.

Virtual Machine Manager 2012 R2: Integrazione con IPAM

In this article I'll show you how you can integrate the IPAM infrastructure with System Center Virtual Machine Manager 2012 R2 and what are its advantages.

IP Address Management (IPAM) is a suite of tools, integrated into the operating system from Windows Server 2012, that schedules, manage and monitor the infrastructure of IP routes using a simple and intuitive interface for centralized administration. All this is made possible thanks to the fact that IPAM is able to locate and communicate directly with DNS and DHCP servers on the network.

Flexible Fabric management provided by System Center Virtual Machine Manager (SCVMM) It allows you to model and manage the networking of your virtual datacenter. To have a full and comprehensive control of assigned IP network-wide directives you can integrate IPAM with SCVMM. The main purpose of the integration of IPAM and SCVMM is ensuring that IP addressing settings also associated with Logical Network and Virtual Machine Networks (VM networks) in SCVMM are synchronized with the information maintained centrally from the server IPAM.

In fact a single server enterprise IPAM can also detect and prevent IP conflicts and overlaps in addressing IP for multiple instances of SCVMM 2012 R2 (fabric stamps), come mostra la figura 1.

2015_07_20_vmmipam-01

Figure 1 – Schema IPAM

Aggiungere un Server IPAM in SCVMM

From the SCVMM console access the workspace Fabric and expand Networking. In the branch Network Service, select "Add Network Services", figura 2.

2015_07_20_vmmipam-02

Figure 2 – Aggiunta Nuovo Servizio

Specify a name and a description for the network service, figura 3.

2015_07_20_vmmipam-03

Figure 3 – Aggiunta Nome

As a manufacturer you must select Microsoft and as Model "Microsoft Windows Server IP Address Management", figura 4.

2015_07_20_vmmipam-04

Figure 4 – Provider

– Specify which Run As account use, who must belong to the following groups on the server IPAM, figura 5:

  • IPAM ASM Administrators: local group on all servers IPAM providing permissions for address space management (Address Space Management, ASM).
  • Remote Management Users: built-in user group that provides access to resources via WMI management protocols.

In this regard, it is recommended that you create a domain account specifically for this purpose.

2015_07_20_vmmipam-05

Figure 5 – Run As Account

In connection string, specify the FQDN of the server IPAM, figura 6.

2015_07_20_vmmipam-06

Figure 6 – Server Name

Complete the tests related to the Configuration provider and make sure you conclude successfully, figura 7.

2015_07_20_vmmipam-07

Figure 7 – Validazione IPAM

To associate this Network Service (IPAM in this case) to the appropriate host, figura 8.

2015_07_20_vmmipam-08

Figure 8 – Selezione Host

At the end of this configuration on the server IPAM will attend all Logical Network and VMS Network defined in VMM and you can run them directly from the Administration console of IPAM. The integration is bi-directional and allows administrators to have more control even of directives that are used by virtual infrastructure IP, come mostra la figura 9.

2015_07_20_vmmipam-09

Figure 9 – Console IPAM