Azure

How to build a server in Azure

Posted on by Cloud Build
Reading Time: 5 minutes

Building a server in Microsoft Azure is simple and has become easier as Microsoft have made improvements on the portal over the years.

In this example, i’ll be building a Windows 2019 Server, so lets get started

Logon to your Azure Portal, search for virtual machines and click + Add


The below interface appears, select your subscription from the drop down list. If you only have the one, it will already be selected

Next, drop down and select a resource group.

What is an Azure Resource Group?
A resource group is a container that holds related resources for an Azure solution. The resource group includes those resources that you want to manage as a group. You decide which resources belong in a resource group based on what makes the most sense for your organisation.

For the purposes of this demo, I’m going to create a new resource group

Next, lets give our virtual server a name and select a region. I have selected UK South

Next, I’m going to create this VM in a new availability set, because I will be building and adding another virtual web server and including it within the same availability set to provide for high availability. If you’re not interested in creating an availability set, you can skip these steps. But because it doesn’t cost anything to create an availability set, you may want to add the server to an availability set if you have plans of setting up redundancy in the future. You’ll obviously be charged for the second server, but the availability set is free. If you decide at this point you don’t require redundancy, but in the future change you’re mind, you will have to delete and recreate the VM to allow you to add it to a new availability set.

What is an Azure availability set?
An availability set is a logical grouping of VMs within a datacenter that allows Azure to understand how your application is built to provide for redundancy and availability. Azure makes sure that the VMs you place within an Availability Set run across multiple physical servers, compute racks, storage units, and network switches.
More info at: Azure Availability Options

Create a new availability set (I’m leave the defaults) and click OK. When you create another server, drop down and select an existing availability set. The below screenshot shows my new availability set. It’s worth looking into how fault domains and update domains function.


Next, select your Operating System. I have selected Windows Server 2019 Datacenter and a size of Standard DS1 v2 for this demo. The higher spec server the more it will cost you so ensure you select the correct server size depending on requirements

You may have noticed Azure Spot Instance. What is Azure Spot? Azure Spot offers unused Azure capacity at a discounted rate versus pay as you go prices. Workloads should be tolerant to infrastructure loss as Azure may recall capacity for pay as you go workloads. It’s recommended to use Azure Spot only if you’re testing and are happy for Microsoft to delete your VM without much notice. Never use this for production or even a test environment you require access to at all times.

Next setup your local administrator account and a strong password. For inbound public ports, I have set none. I will be accessing this server internally via RDP and don’t want to expose RDP to the outside world. If Bastion is available with your region, you could set it up so you can access your VM from within the portal. For more details on how to configure Azure Bastion, click How to Configure Bastion? If you have a requirement for public RDP to be enabled, lock down access to certain IP addresses and it’s worth setting up Azure Just In Time Access.

What is Azure Just In Time Access?
Just-in-time (JIT) virtual machine (VM) access can be used to lock down inbound traffic to your Azure VMs, reducing exposure to attacks while providing easy access to connect to VMs when needed. The just-in-time feature is available on the Standard tier of Security Center

Click next, to configure disks. Select your disk types depending on your server/application requirements

You may also have a requirement to add an additional disk, such as a data disk. Don’t worry about creating a page file disk. You’ll get a temporary disk assigned by default


So here is what my disk configuration looks like. OS and a data disk

Click next to visit networking settings

Select your virtual network, subnet, a public IP if required and basic or advanced NSG. The common NSG is basic but will obviously depend on your company requirements. You can also control the NSG at subnet level within your VNET, or even route all traffic to an external firewall, such as a Paloalto firewall. It’s worth consulting with your networks team on security requirements.


When ready click next and configure management settings as required

I have set my machine to auto shut at 7pm. It’s only a test server and doesn’t need to be powered on after 7pm. Will save me on costs while it’s powered down.


Click next. If you have any requirements to install any extensions, such as Microsoft Antimalware, you can select here. If you’re not sure just yet, don’t worry about it, as you can select extensions after the VM build. It’s worth taking a look at the available extensions though. Click Next when ready

Create tags if required. Explanation of tags below

And click review and create

You’ll receive a notification after the VM has been built

I hope this post was useful. Feel free to comment below if you have any further questions.

Save Costs with Azure Advisor

Posted on by Cloud Build
Reading Time: 2 minutes

Azure Advisor is a great feature which provides recommendations on High Availability, Security, Performance and saving costs. Yes, that’s right, Microsoft help you save costs. It’s not all about making money for Microsoft, they want to help their customers save costs.

So how do they help customers save? Well, Microsoft will scan your Azure environment and report back any services which you could delete or downgrade via Azure Advisor. Services include:

– Optimize virtual machine spend by resizing or shutting down underutilized instances

– Reduce costs by eliminating unprovisioned ExpressRoute circuits

– Reduce costs by deleting or reconfiguring idle virtual network gateways

– Buy reserved virtual machine instances to save money over pay-as-you-go costs

– Delete unassociated public IP addresses to save money

– Delete Azure Data Factory pipelines that are failing

– Use Standard Snapshots for Managed Disks

How to access Cost recommendations in Azure Advisor

1) Login to the Azure portal
2) Search for and select Advisor

3) On the Advisor dashboard, select the Cost tab

It’s good to know that Microsoft are looking out for their customers when it comes to costs savings. It’s not all about making money for them, but they are passing down savings to the customers aswell.

Microsoft Ignite Free Certification Exam

Posted on by Cloud Build
Reading Time: 2 minutes

I was lucky to attend Microsoft Ignite The Tour London on the 16th and 17th January 2020. Two days of great sessions by Microsoft employees and MVP’s. I enjoyed every minute of these two days, as it was a great opportunity to meet Microsoft employees and third party vendors including VMWare, Bit Titan, Netapp, CloudM. It was interesting talking to the third party vendors on the various solutions they were offering within Microsoft Azure/O365, and I returned with some great applications that I will be trialling in the coming weeks.

The exciting part of these two days were the many new features Microsoft were introducing across their cloud platforms, including Azure and O365. If you missed this event, there are more to come so I would highly recommend attending.

Now, returning to the main reason for posting, I wanted to remind you about the free exam voucher Microsoft are offering to those who attended Microsoft Ignite events recently. If you attended Microsoft Ignite 2019 or a Microsoft Ignite The Tour 2019-2020 event, you may be eligible to receive one free Microsoft fundamentals, role-based, or speciality certification exam. The free exam offer is available for redemption from the beginning of the event which you are attending and is valid for 180 days after the last day of the event. If you do not schedule an exam within that timeframe, you will not be able to redeem your offer.

Eligible exams are listed below:

Azure:
AI-100: Designing and Implementing an Azure AI Solution
AZ-103: Microsoft Azure Administrator
AZ-120: Planning and Administering Microsoft Azure for SAP Workloads
AZ-203: Developing Solutions for Microsoft Azure
AZ-300: Microsoft Azure Architect Technologies
AZ-301: Microsoft Azure Architect Design
AZ-400: Microsoft Azure DevOps Solutions
AZ-500: Microsoft Azure Security Technologies
AZ-900: Microsoft Azure Fundamentals
DP-100: Designing and Implementing a Data Science Solution on Azure
DP-200: Implementing an Azure Data Solution
DP-201: Designing an Azure Data Solution

Dynamics 365 and Power Platform
MB-200: Microsoft Power Platform + Dynamics 365 Core
MB-210: Microsoft Dynamics 365 Sales
MB-220: Microsoft Dynamics 365 Marketing
MB-230: Microsoft Dynamics 365 Customer Service
MB-240: Microsoft Dynamics 365 Field Service
MB-300: Microsoft Dynamics 365: Core Finance and Operations
MB-310: Microsoft Dynamics 365 Finance
MB-320: Microsoft Dynamics 365 Supply Chain Management, Manufacturing
MB-330: Microsoft Dynamics 365 Supply Chain Management
MB-400: Microsoft PowerApps + Dynamics 365 Developer
MB-500: Microsoft Dynamics 365: Finance and Operations Apps Developer
MB-600: Microsoft Power Platform + Dynamics 365 Solution Architect (exam will not be available in beta until after December 31, 2019)
MB-700: Microsoft Dynamics 365: Finance and Operations Apps Solution Architect (exam will not be available in beta until after December 31, 2019)
MB-900: Microsoft Dynamics 365 Fundamentals
PL-900: Microsoft Power Platform Fundamentals

Microsoft 365
MD-100: Windows 10
MD-101: Managing Modern Desktops
MS-100: Microsoft 365 Identity and Services
MS-101: Microsoft 365 Mobility and Security
MS-200: Planning and Configuring a Messaging Platform
MS-201: Implementing a Hybrid and Secure Messaging Platform
MS-300: Deploying Microsoft 365 Teamwork
MS-301: Deploying SharePoint Server Hybrid
MS-500: Microsoft 365 Security Administration
MS-600: Building Applications and Solutions with Microsoft 365 Core Services
MS-700: Managing Microsoft Teams
MS-900: Microsoft 365 Fundamentals

How to register for Microsoft Ignite or Microsoft Ignite The Tour free Microsoft exam:

– MS Ignite 2019 attendees, click https://register.ignite.microsoft.com/

– The Tour attendees, please go to https://register.msignite-the-tour.microsoft.com/cityname, e.g. https://register.msignite-the-tour.microsoft.com/london

For further details including terms and conditions, click Microsoft Ignite and Microsoft Ignite The Tour: Free Certification Exam Offer

Create an Azure Log Analytics workspace and add a Virtual Machine

Posted on by Cloud Build
Reading Time: 4 minutes

This blog post will go through the process of creating an Azure Log Analytics workspace and connecting a test azure virtual server to the Log Analytics workspace. We will then setup the work space to collect System event logs from the test Azure VM.

1) Login to the Azure Portal

2) Search and select Log Analytics workspaces

3) Click Create Log Analytics workspace

4) Configure:
– Give your new Log Analytics workspace a name
– Select your subscription
– Select a Resource Group
– Select Location
– Pricing Tier (Only one pricing Tier exists as of the year 2018). At the time of writing this blog post, the one available Tier was named Pay-as-you-go (Per GB 2018)

5) Click OK

6) Now that you have created your Log Analytics workspace, let’s join a VM to this new work space

Note that adding servers to the work space will automatically deploy a monitoring extension (agent) to the server

7) Click your new Log Analytics workspace

8) From the left pane under Workspace Data Sources, click Virtual Machines. As you can see from the screenshot, you can also connect other resources to your workspace


Note: Workspaces work across different regions, so you could add servers to a workspace no matter what region they are located in.

9) As you can see from the right pane, I have two virtual servers and the Log Analytics Connection is showing as not connected

10) Click a VM you wish to add to this work space (Ensure the VM is powered on)

11) As you can see from the below screen shot, the server is not connected to the work space, but we have the option to connect.

12) Click Connect

13) Wait for the virtual server to connect (A monitoring agent (Extension) is being deployed to the virtual server)

14) Now that the machine is connected to your workspace, the status is displayed as below. If you wish to disconnect, click disconnect.



Note: Now that the extension agent is deployed, you will find that the monitoring agent has been deployed to the VM. Locate the VM under virtual machines and click extensions from the left pane. The screenshot below shows the MicrosoftMonitoringAgent has been provisioned successfully.

15) If we go back to our workspace, we’ll find the server is now showing as a connection of this workspace along with a green tick.

16) Now, let’s enable logging for this workspace. Note that these logs will apply for all resources attached to this resource, so if you have different logging requirements for different resources, create different work spaces. You could also complete this step straight after the Logs Analytics Workspace has been deployed.

17) Click on your Log Analytics Workspace, and click Advanced Settings from the left pane.

18) The screen below will appear

Note: If you wish to connect physical servers to your Log Analytics Workspace, you can do so by downloading the required agent.

19) Click Data

20) A few different options appear which may be of interest to you. For this demo let’s click Windows Event Logs. Click the plus icon (blue box) to the right of the screen

21) For this demo, we will monitor the system logs, type system into the text box, select system and click the plus icon located within the blue box.

22) All logs are selected by default. You can select the logs as per your requirements.

23) Click Save and OK

Hope this helps 🙂