Category Archives: Microsoft Azure

Passed Microsoft Exam 70-532 Developing Microsoft Azure Solutions

This Monday, I got certified for 70-532 Developing Microsoft Azure Solutions, which is testing experience in designing, programming, implementing, automating, and monitoring Microsoft Azure solutions. It also tests that we are proficient with development tools, techniques, and approaches used to build scalable and resilient solutions.

Preparation

Having true hands on experience with Windows Azure development really helps in preparing as well passing this exam. In addition to the practical knowledge gained through these experiences, I have used the following resources.

Skills measured

Design and implement websites (15‒20%)

  • Deploy websites
    • Define deployment slots; roll back deployments; create hosting plans; migrate websites between hosting plans; create a website within a hosting plan
  • Configure websites
    • Define and use app settings, connection strings, handlers, and virtual directories; configure certificates and custom domains; configure SSL bindings and runtime configurations; manage websites by using the API, Windows PowerShell, and Xplat-CLI
  • Configure diagnostics, monitoring, and analytics
    • Retrieve diagnostics data, view streaming logs, configure endpoint monitoring, configure alerts, configure diagnostics, use remote debugging, monitor website resources
  • Implement web jobs
    • Write web jobs using the SDK, package and deploy web jobs, schedule web jobs
  • Configure websites for scale and resilience
    • Configure auto-scale using built-in and custom schedules, configure by metric, change the size of an instance, configure Traffic Manager
  • Design and implement applications for scale and resilience
    • Select a pattern, implement transient fault handling for services, respond to throttling, disable Application Request Routing (ARR) affinity

Create and manage virtual machines (20‒25%)

  • Deploy workloads on Azure virtual machines (VMs)
    • Identify workloads that can and cannot be deployed, run workloads including Microsoft and Linux, create VMs
  • Create and manage a VM image or virtual hard disk
    • Create specialized and reusable images, prepare images using SysPrep and Windows Agent (Linux), copy images between storage accounts and subscriptions, upload VMs
  • Perform configuration management
    • Automate configuration management by using PowerShell Desired State Configuration and VM Agent (custom script extensions); configure VMs using a configuration management tool, such as puppet or chef; enable remote debugging
  • Configure VM networking
    • Configure reserved IP addresses, access control list (ACL), DNS at the cloud service level, load balancing endpoints, HTTP and TCP health probes, public IPs, firewall rules, direct server return, and keep-alive
  • Scale VMs
    • Scale up and scale down VM sizes, configure auto-scale and availability sets
  • Design and implement VM storage
    • Configure disk caching, plan for storage capacity, configure shared storage using Azure File service, configure geo-replication
  • Monitor VMs
    • Configure endpoint monitoring, configure alerts, configure diagnostic and monitoring storage location

Design and implement cloud services (20‒25%)

  • Design and develop a cloud service
    • Install SDKs, install emulators, develop a web role or worker role, design and implement resiliency including transient fault handling, develop startup tasks
  • Configure cloud services and roles
    • Configure HTTPS endpoint and upload an SSL certificate, and instance count and size; configure network access rules, local storage, multiple websites, custom domains, and dedicated and co-located caching; scale up and scale down role sizes; configure auto-scale
  • Deploy a cloud service
    • Upgrade an automatic, manual, or simultaneous deployment; VIP swap a deployment; package a deployment; implement continuous deployment from Visual Studio Online (VSO); implement runtime configuration changes using the portal; configure regions and affinity groups
  • Monitor and debug a cloud service
    • Configure diagnostics using the SDK or configuration file, profile resource consumption, enable remote debugging, establish a connection using Remote Desktop CmdLets in Windows PowerShell, debug using IntelliTrace or the emulator

Design and implement a storage strategy (20‒25%)

  • Implement Azure Storage blobs and Azure files
    • Read data, change data, set metadata on a container, store data using block and page blobs, stream data using blobs, access blobs securely, implement async blob copy, configure Content Delivery Network (CDN), design blob hierarchies, configure custom domains, scale blob storage
  • Implement Azure storage tables
    • Implement CRUD with and without transactions, design and manage partitions, query using OData; scale tables and partitions
  • Implement Azure storage queues
    • Add and process messages, retrieve a batch of messages, scale queues
  • Manage access
    • Generate shared access signatures, including client renewal and data validation; create stored access policies; regenerate storage account keys; configure and use Cross-Origin Resource Sharing (CORS)
  • Monitor storage
    • Set retention policies and logging levels, analyze logs
  • Implement SQL databases
    • Choose the appropriate database tier and performance level, configure and perform point in time recovery, enable geo-replication, import and export data and schema, scale SQL databases

Manage application and network services (15‒20%)

  • Integrate an app with Azure Active Directory
    • Develop apps that use WS-federation, OAuth, and SAML-P endpoints; query the directory using graph API
  • Configure a virtual network
    • Deploy a VM into a virtual network, deploy a cloud service into a virtual network
  • Modify network configuration
    • Modify a subnet, import and export network configuration
  • Design and implement a communication strategy
    • Develop messaging solutions using service bus queues, topics, relays, and notification hubs; create service bus namespaces and choose a tier; scale service bus
  • Monitor communication
    • Monitor service bus queues, topics, relays, and notification hubs
  • Implement caching
    • Implement Redis caching, implement Azure Cache Service

Good luck for your exams.

Passed Microsoft Exam 70-533 Implementing Microsoft Azure Infrastructure Solutions

Last month, I got certified for Microsoft 70-533 Implementing Microsoft Azure Infrastructure Solutions, which is implementing an infrastructure solution in Microsoft Azure. It also tests our experience implementing and monitoring cloud and hybrid solutions as well as supporting application lifecycle management.

Preparation

I have been working with Microsoft Azure since 2008 (lead the team who built Java SDK based on WS-* protocols for .NET Services (Service Bus Relay) and did drive the efforts to simultaneous shipping of the Java SDK, when Windows Azure was announced in Build conference in 2008. Recently we are helping many organizations across the globe on developing software solutions and implementing infrastructure hybrid solutions. In addition to the practical knowledge gained through these experience, I have used the following resources.

Skills measured

Implement websites (15-20%)

  • Deploy websites
    • Define deployment slots; roll back deployments, configure and deploy packages, deploy web jobs, schedule web jobs
  • Configure websites
    • Configure app settings, connection strings, handlers, and virtual directories; configure certificates, custom domains, and traffic manager; configure SSL bindings and runtime configurations; manage websites by using Windows PowerShell and Xplat-CLI
  • Configure diagnostics, monitoring, and analytics
    • Retrieve diagnostics data; view streaming logs; configure endpoint monitoring, alerts, and diagnostics; monitor website resources
  • Configure scale and resilience
    • Configure auto-scale using built-in and custom schedules; configure by metric; change the size of an instance
  • Manage hosting plans
    • Create hosting plans; migrate websites between hosting plans; create a website within a hosting plan

Implement virtual machines (15-20%)

  • Deploy workloads on Azure virtual machines (VMs)
    • Identify supported Microsoft workloads; deploy and connect to a Linux VM; create VMs
  • Implement images and disks
    • Create specialized and generalized images for Windows and Linux; copy images between storage accounts and subscriptions; upload VHDs
  • Perform configuration management
    • Automate configuration management by using PowerShell Desired State Configuration and custom script extensions; enable puppet and chef extensions
  • Configure VM networking
    • Settings include reserved IP addresses, access control list (ACL), internal name resolution, DNS at the cloud service level, load balancing endpoints, HTTP and TCP health probes, public IPs, firewall rules, direct server return, and Keep Alive
  • Configure VM resiliency
    • Scale up and scale down VM sizes; auto-scale; configure availability sets
  • Design and implement VM storage
    • Configure disk caching; plan storage capacity; configure operating system disk redundancy; configure shared storage using Azure File service; configure geo-replication; encrypt disks
  • Monitor VMs
    • Configure endpoint monitoring, alerts, and diagnostics

Implement cloud services (15-20%)

  • Configure cloud services and roles
    • Configure instance count and size, operating system version and family, upgrade and fault domains, ACLs, reserved IPs, and network access rules; configure local storage; configure dedicated and co-located caching, local and cloud configurations, and local disks; configure multiple websites; configure custom domains
  • Deploy and manage cloud services
    • Upgrade a deployment; VIP swap a deployment; package a deployment; modify configuration files; perform in-place updates; perform runtime configuration changes using the portal; scale a cloud service; create service bus namespaces and choose a tier; apply scalability targets
  • Monitor cloud services
    • Monitor service bus queues, topics, relays, and notification hubs; configure diagnostics

Implement storage (15-20%)

  • Implement blobs and Azure files
    • Read data; change data; set metadata on a container; use encryption (SSL); perform an async blob copy; configure a Content Delivery Network (CDN); implement storage for backup and disaster recovery; configure Azure Backup; define blob hierarchies; configure custom domains; configure the Import and Export Service
  • Manage access
    • Create and manage shared access signatures; use stored access policies; regenerate keys
  • Configure diagnostics, monitoring, and analytics
    • Configure retention policies and logging levels; analyze logs
  • Implement SQL databases
    • Choose the appropriate database tier and performance level; configure point in time recovery and geo-replication; import and export data and schema; design a scaling strategy
  • Implement recovery services
    • Create a backup vault; deploy a backup agent; backup and restore data

Implement an Azure Active Directory (15-20%)

  • Integrate an Azure AD with existing directories
    • Implement DirSync, O365 integration, and single sign-on with on-premises Windows Server 2012 R2; add custom domains; monitor Azure AD
  • Configure the Application Access Panel
    • Configure single sign-on with SaaS applications using federation and password based; add users and groups to applications; revoke access to SaaS applications; configure access; federation with Facebook and Google ID
  • Integrate an app with Azure AD
    • Web apps (WS-federation); desktop apps (OAuth); graph API

Implement virtual networks (15-20%)

  • Configure a virtual network
    • Deploy a VM into a virtual network; deploy a cloud service into a virtual network; configure static IPs; configure internal load balancing; design subnets
  • Modify a network configuration
    • Modify a subnet; import and export a network configuration
  • Design and implement a multi-site or hybrid network
    • Choose the appropriate solution between ExpressRoute, site-to-site, and point-to-site; choose the appropriate gateway; identify supported devices and software VPN solutions; identify networking prerequisites; configure regional virtual networks and multi-site virtual networks

Good luck for your exams.

Configure new SSH authorization key for Linux on Azure

If you would like to use SSH with Linux virtual machines on Azure, there is a great documentation here. One question I have seen in the forum, which is not clearly explained in the documentation is, how do we add a new SSH authorization key, if we missed adding the SSH file, during the creation of virtual machine.

Giving the steps I have followed to setup a new SSH authorization key below:

Step 1: I created a Linux VM (Ubuntu 14) on Azure using quick create VM (linuxvmforssh.cloudapp.net).

Step 2: Executed following commands from Git shell on my Windows 8.1 laptop

GIT> ssh-keygen -t rsa -b 2048 -v -f azurecert.key
	
GIT> scp azurecert.key.pub azureuser@linuxvmforssh.cloudapp.net:/home/azureuser

GIT> ssh azureuser@linuxvmforssh.cloudapp.net

azureuser@linuxvmforssh:~$ cat azurecert.key.pub >> .ssh/authorized_keys

azureuser@linuxvmforssh:~$ sudo service ssh restart

azureuser@linuxvmforssh:~$ exit

GIT> ssh -i azurecert.key azureuser@linuxvmforssh.cloudapp.net

Hope this helps you to setup new SSH authorized keys for your Linux virtual machines.

Azure SQL Virtual Machine for Development and Testing

Though Microsoft Azure provides virtual machine images with SQL server installed, during development and testing, I may not need those optimizations. All I might need is a virtual machine with database engine installed. Also, from a cost standpoint, using an evaluation version of SQL server on a virtual machine might be preferred over a SQL VM image, for development and testing purposes. Providing how I prepare my SQL experiment virtual machine (most of the time, I use the machine for a week or two and once the experiment is complete, I delete the virtual machine).

Azure Virtual Machine Images with SQL


Build a Virtual Machine with SQL Database Engine

Step 1: Create a new ‘Windows Server 2012 R2 Datacenter’ virtual machine with required configuration. Once virtual machine is up and running continue with next steps.

Step 2: SQL Server requires .NET 3.5 to be installed on server. This is not installed by default on Azure virtual machines.

Install-WindowsFeature -Name NET-Framework-Core
Install-WindowsFeature -Name PowerShell-V2

Step 3: Download SQL server installer from an Azure storage account. You should run the following commands from Microsoft Azure PowerShell window.

CD C:\

$context = New-AzureStorageContext `
                -StorageAccountName '<todo>' `
                -StorageAccountKey '<todo>'

Get-AzureStorageBlobContent -Container '<todo>' `
                            -Context $context `
                            -Blob 'SQLServer2014-x64-ENU.iso'

Step 4: Mount downloaded ISO image to a drive

$sqlIso = "C:\SQLServer2014-x64-ENU.iso"

$sqlDrive = (Mount-DiskImage -ImagePath $sqlIso `
                            -PassThru `
                            -WarningAction Ignore | 
                            Get-Volume).DriveLetter + ":"

Step 5: Silently install SQL Server from command line. For more details around command line based install check product documentation.

$domainName = Get-Content env:USERDOMAIN
$userName   = Get-Content env:USERNAME
$adminUser  = $domainName + "\" + $userName
$saPassword = "Secret@2015"

$installCommand = "$sqlDrive\Setup.exe /Q /IACCEPTSQLSERVERLICENSETERMS /ACTION=install /UpdateEnabled=0 /FEATURES=SQLENGINE,CONN,SSMS,ADV_SSMS /INSTANCENAME=MSSQLSERVER /SECURITYMODE=SQL /SAPWD=$saPassword /SQLSVCACCOUNT='NT Service\MSSQLSERVER' /SQLSYSADMINACCOUNTS=$adminUser"

Invoke-Expression $installCommand 

Step 6: Once installation is complete, open SQL Management Studio and test with both Windows as well as SQL authentication.

Upload SQL installer to Storage

You can use the following script to upload SQL installer to blob storage for future use.

$context = New-AzureStorageContext `
                -StorageAccountName '<todo>' `
                -StorageAccountKey '<todo>'
				
Set-AzureStorageBlobContent `
			-Blob "SQLServer2014-x64-ENU.iso" `
			-Container '<todo>' `
			-File "SQLServer2014-x64-ENU.iso" `
			-Context $context `
			-Force 

Cleaning up Azure Storage Accounts

I wanted to put some structure around the experiments that I was doing on Microsoft Azure. I noticed that I had lots and lots of storage accounts created in the past. I used to create new virtual machines from UI and shut it down whenever I am done with the required purposes. Whenever it shows me that I ran out of quota on cores or cloud services, I used to delete the virtual machine and cloud services. However, since most of the time, I used the option to create a new storage account as part of virtual machine creation, there were lot of storage accounts left out.

How do I go about finding which ones are still used vs. which ones are not in use. I can go through the portal click through each of the storage accounts, go to containers tab and look if there are files inside containers. But I thought it will be fun to write a PowerShell script that can traverse all storage accounts, containers and list the files and their sizes. If I see a storage account with no files, or storage account with only a ‘vhd’ container with couple of .status files only, then they are good to be delete.

Script Downloads

https://gist.github.com/Manesh-R/34b9153c366a7d749f5f

Getting started with Microsoft Azure PowerShell

I will be writing a series of blogs around Microsoft Azure & Hybrid Cloud. As a quick start, wanted to write up on how to setup our machines with PowerShell to work with Microsoft Azure.

Setup machine with Microsoft Azure PowerShell

  1. If you haven’t installed Web Platform Installer, you can download and install it from http://www.microsoft.com/web/downloads/platform.aspx
  2. Download and install ‘Microsoft Azure PowerShell’ from Web Platform Installer. If you do not find that in ‘Spotlight’ you can perform a search for ‘Microsoft Azure PowerShell’




Set your default subscription and storage account

Download Azure Publish Settings file , configure default subscription and configure default storage account. There is a very good blog article from Michael Walsham explaining this step-by-step. I strongly recommend you read through that post. There is one minor change in Azure PowerShell cmdlet usage (based on a cmdlet update from Microsoft), from the post you see in the blog. I have written a PowerShell script with minor updates, which you can download from here.

Script Downloads

https://gist.github.com/Manesh-R/9ba344e08ebf7e6743a9



# Ref: https://manesh.me/2015/02/05/getting-started-with-microsoft-azure-powershell/
# Step 0: Define all variable values
$publishSettingsFile = "C:\Users\Manesh\Documents\AzureSubscriptions.publishsettings";
$location = "West US";
$subscriptionName = "Visual Studio Premium with MSDN";
# Sometimes, you might have multiple MSDN subscriptions
# If someone else add you as a co-admin on their MSDN subscription etc.
# If so, choose the subscription Id option
$subscriptionId = $null;
# Sometimes, this account is created by someone else.
# So if the script fails, you might want to change this.
$storageAccountName = "manesh";
# Step 1: Import Azure Publish Settings File
Import-AzurePublishSettingsFile $publishSettingsFile
# Step 2: Set current subscription
Get-AzureSubscription
if ($subscriptionId -eq $null) {
Select-AzureSubscription -SubscriptionName $subscriptionName -Current
} else {
Select-AzureSubscription -SubscriptionId $subscriptionId -Current
}
# Display only current subscription
Get-AzureSubscription -Current
# Step 3: Set current storage account
$isStorageGood = $false;
try {
Get-AzureStorageAccount –StorageAccountName $storageAccountName -ErrorAction Stop | Out-Null
if ((Get-AzureStorageAccount –StorageAccountName $storageAccountName).Location -eq $location) {
$isStorageGood = $true;
Write-Host "'$storageAccountName' storage account already exists, skipping creation"
} else {
Write-Host "'$storageAccountName' storage account already exists, but in a different location. Try another storage."
}
}
catch {
if (!(Test-AzureName -Storage $storageAccountName)) {
Write-Host "Creating Storage Account $storageAccountName"
New-AzureStorageAccount -StorageAccountName $storageAccountName -Location $location
$isStorageGood = $true;
}
else {
Write-Host "'$storageAccountName' storage account already exists and is owned by some other subscription. Try a different name."
}
}
if ($isStorageGood) {
if ($subscriptionId -eq $null) {
Set-AzureSubscription -SubscriptionName $subscriptionName -CurrentStorageAccountName $storageAccountName
} else {
Set-AzureSubscription -SubscriptionId $subscriptionId -CurrentStorageAccountName $storageAccountName
}
# You should see the provided subscription and storage account name while executing following command
Get-AzureSubscription -Current
Write-Host "All is well"
} else {
Write-Host "Try a different storage account name and re-run the script"
}

.

https://hyper-v.nu/

My views on technology

Virtualization and some coffee

My views on technology

Thomas Maurer

Cloud and Datacenter Blog focusing on Microsoft Azure

Cloud Administrator in Azure World

Begin Your Azure Management Journey with the Cloud Administrator