Thursday, September 27, 2012

Azure Virtual Machine the PowerShell Basics

Really, I am not going to go into a lot of explanation here.  I am assuming that you have some PowerShell background and need a bit to get started.  That is what I am covering.

You can find the cmdlets here:

Be sure to have your Azure management certificate properly stored in your Personal certificate store prior to connecting to your subscription.

These first commands are pretty much mandatory when you begin a PowerShell session.

Import the module:

import-module 'C:\Program Files (x86)\Microsoft SDKs\Windows Azure\PowerShell\Azure\Azure.psd1'

Import a settings file (this speeds up as it lists all subscriptions you have access to - to create this file perform Export-AzurePublishSettingsFile (Visual Studio also uses this))

Import-AzurePublishSettingsFile 'C:\Users\Public\Documents\BrianEhServices.publishsettings'

Choose the subscription that you will interact with for your session:

Select-AzureSubscription -SubscriptionName "Sample Subscription"

Set the default Storage account that will be used (it must be in the same subscription)

Set-AzureSubscription -SubscriptionName "Sample Subscription" –CurrentStorageAccount SampleStorageAccount

By the way, do the above is handy.  Like me I assume that you all have alt least two Azure subscriptions (yours and the one your company has given you access to).  Using that settings file allows easy switching.  Now that you have that, go exploring.

If you have a Service or have deployed a Virtual Machine from the Gallery using the Portal you can query it, change it, dispose of it.

If you have VHD images you can manipulate those.  Now, disclaimer here, my experience so far is that CSUPLOAD from the Azure SDK is still the best way to get VHDs into Azure storage and it now supports both stateless and persistent VHD images.  It differentiates between the two because it registers them with the VHD repository for you and sets its life in motion.

But, I assume that you are getting itchy, so lets just begin with making a new Virtual Machine in a new Service.  The very same thing that you would get if you used a Gallery VM image (this is not the Quick VM as that would be New-AzureQuickVM).

First we need to find an image:

List all available images: Get-AzureVMImage

List all available in a table: Get-AzureVMImage | Format-Table

Find images that have been uploaded to your Storage account ('user' images): Get-AzureVMImage | where { ($_.Category -eq "user") }

Now I just want to use the Server 2012 Gallery image and create a VM (we will build on this command).

$svr2012Image = Get-AzureVMImage | where { ($_.Category -eq "Microsoft") -and ($_.Label -match "Server 2012" ) -and ($_.ImageName -match "Datacenter") }

Apply a customization configuration to the image:

$myImage = New-AzureVMConfig -Name MyNewMachine -InstanceSize ExtraSmall -ImageName $svr2012Image.ImageName
Add-AzureProvisioningConfig -VM $myImage -Windows –Password
<complex password>

Create the Service and Provision the VM:

New-AzureVM -ServiceName "MyNewService" –VMs $myImage

Notice after it is finished that Azure automatically created an RDP endpoint to allow remote OS access (if it was a Linux image an SSH endpoint would have been created).

Friday, September 21, 2012

Azure IaaS Virtual Machine concepts

The Azure IaaS Virtual Machine is in Beta and anyone can request access.

For those have worked with Azure VMs in the past (Web, Worker, and VM Role) this is simply an addition, a new option.

There are some interesting contrasts, parallels, and dependencies when we consider both the PaaS and IaaS options (MSFT likes to draw the contrast that way, but fundamentally they are still machines what you can do and need to know is different).

MSFT already has lots of documents out there on the IaaS stuff.  I don’t intend to regurgitate what they have already documented.  They stuff they have not documented is far more interesting.

And there is a gallery of OS images that you can build machine from using the GUI portal.  And you can create and upload your own VHD images (a bit like VM Role).

In my next post I will begin exploring the PowerShell that is available to drive this stuff from the ground, that is a bit more interesting (at least to me).

First of all, what is the Virtual Machine?  If it isn’t a Web, Worker, or VM Role; what is it.

It is a bit like a VM Role, but without any agents to interact with the Azure Fabric, and the storage supports persistence.  Beyond persistence, it is just a machine.  Mind you, the way I state this it does not sound like much, but it took a lot for MSFT to work through extrapolating the PaaS provisioning and storage into supporting this.  There is a lot there.  Just go look up the TechEd talks.

Now, we all know that MSFT al about platforms, so the Virtual Machine by itself is just as uninteresting as it sounds.  Add in Virtual Networks and it gets a bit more interesting.

Virtual Networks allow defining of address allocation spaces.  And those can be divided into subnets.  If you know the SCVMM IP Pool model, it is similar to that with some implementation differences.

A Virtual Network is also a container or a boundary.  All machines within a Virtual Network can freely communicate with each other over the network. No matter the IP that was allocated to the VM, no IP subnet isolation.  A Virtual Network can also span services – provided they are in the same Affinity group and Region.  It all links.

A Virtual Network also supports the Gateway.  The Gateway is a way to ling the Virtual Network defined in Azure with an SSL VPN endpoint on the ground, in your enterprise.  This is just like any point-to-point VPN that you have used to connect branch offices, or to another business.  Before this we only had Azure Connect and its support for IPv6 and that it only acted as a machine to machine forwarder, fundamentally different.

One other concept is the VHD.  There are two types.  Image and OS. 

An Image can be provisioned into multiple VMs and is prepared so that Azure can customize it.  The Windows OS is prepared with sysprep, and the Linux OS is prepared with the Azure Linux Agent deprovision command.  The concept is the same.

When a new VM is created from an image it can and will be customized.  And, the Fabric also automatically creates a management endpoint (SSH or RDP).

An OS can be used by one Virtual Machine.  It is not provisioned, and therefore not customized.  It is just created an powered on.  You have to define everything, but it allows you to bring your own, pre-configured machine into Azure (without building it in space).

In the next few posts we will get a bit more into this and specifically driving it all with PowerShell.

The last concept is the Services.  IaaS Virtual Machines still run within a Service just like PaaS VMs.  But the two shall not mix.

You can create a Service without a deployment, this is androgynous, lacking either PaaS or IaaS gender.  As soon as the deployment is defined the service becomes either IaaS (meaning that it can run Virtual Machines) or PaaS (meaning that it can run VMs (or Roles)).  Thus the entire Service becomes stateless or persistent.

The two can interact over the network, but not through Azure Fabric Services.

I think that in the next post I am going to dive straight into the PowerShell.

Tuesday, September 18, 2012

PowerShell v3 everywhere

If you have not caught wind of this yet, you can download and install the “Windows Management Framework 3.0” on your boxes that are not Server 2012 or Windows 8.

As in the past this is more than just PowerShell, it includes WMI and WinRM compatibility updates.  (just not a big BITS update like v2 did).

You can find it here:

This is for Windows 7 SP1 and Server 2008 SP2 or Server 2008 R2 SP1.

And, don’t forget Update-Help after you install it.

But you might as well be on your way to managing your Server 2012 / Windows 8 infrastructure the PowerShell way.

If you need .Net 4 you can find that for Server over here:

And for Server Core here:

If you run an OS that is older.  I am sorry, MSFT does not look back.  You can be one version old, but XP / 2003 is way out.  Winking smile

Thursday, September 6, 2012

FreeBSD on Server 2012 Hyper-V

This has been far more painful that I had expected.  And it seems that this experience was wrapped up in a few things.

Recently, there was an announcement of FreeBSD Integration Components being contributed to the world courtesy of Citrix, NetApp, and Microsoft.

Now, I thought I would give it a go.  So I downloaded the amd64 ISO image for FreeBSD 8.2 (the supported kernel for the Integration Components) and like a good person who hacks at things I downloaded the latest 9.0 release for good measure (just to try, you have to try after all).

Well, a good day went by – installing VMs, trying to get GIT installed, discovering that networking was not working properly, then name resolution was not working properly.  Sorting all that out….

Here is the low down of the experience so far:

Tip 1: Install FreeBSD into a VM using a Legacy Network Adapter. 

DHCP will properly work during installation (check ifconfig before you reboot, you want to know the IP you received).  Upon reboot, it all seems broken.  ifconfig shows no IP, major bummer.  A bit of searching will scratch up some random tidbits to get things working again.  Here is my summary to get past that:

Tip 2:  Before reboot write down your DHCP address (drop to a console if installing 8.2 and use ifconfig; 9.0 will show you in the GUI-ish network setup)

Tip 3:  After reboot, fix the DHCP assignment:

  1. manually apply the IP that you wrote down using ifconfig: 
    1. ifconfig de0 netmask (IP and netmask)
    2. ifconfig de0 down
    3. ifconfig de0 up
  2. Now that you are on the network, release and renew to get DHCP to properly assign all the settings (if you didn’t ‘down’ and ‘up’, this won’t work).
    1. dhclient de0   (you should notice that it gets the IP from your DHCP server and applies it)

That was an immediate and temporary quick fix that I found through searching, however on reboot it means little to me as I have to manually do the workaround again.

Tip 4:  Modify so that DHCP will always work on boot

This is the one step that seems counter intuitive to me.  I thought I set DHCP to be enabled during the installation, why don’t I get an IP address?  I finally uncovered some clues through a few days of searching and learning and refining searches.  (it is amazing how the new still works like the old..)

Edit /etc/rc.conf:

Comment the following with a "#":  ifconfig_de0

Add the following:  ifconfig_de0="SYNCDHCP media 100baseTX mediaopt full-duplex"

This definitely needs more resiliency as we being to think about moving this VM about.  Additional searching shows this is tied to the DEC 100Mbps driver in FreeBSD (“de” device).  The edit forces the device to full-duplex.  Without this edit there is a duplex mismatch between the driver in the VM and the port of the vSwitch.  Interesting details..

Tip 5:  Fix the DNS settings so remote name resolution actually works (if it is not, as mine wasn’t / didn’t)

So, if you follow the instructions from github to install the Integration Components, step 2 is to install git.  Well, I tried and tried and DNS would not resolve.  Looking at /etc/resolv.conf I see my DNS servers, but nothing was resolving.

edit /etc/resolv.conf and add the word ‘search’ before your DNS servers name (which were auto inserted) – if it isn’t there. 

search brianeh.local

If that does not work add a public name server.  nameserver

I also had the problem where DNS requests that were forwarded were not coming back to the VM.  (I only had this problem after I set the hostname equal to the FQDN.  If I removed the domain from the hostname and only had a machine name then DNS forwarding worked properly.  So, it is obviously some strange FreeBSD thing that I don’t know enough about.  I did find a note that you can only have three, in the list.

You can find a list of public name servers here:

Tip 6:  Reboot after installing git. 

For some reason git is installed ( just by “pkg_add –r git” ) but the fetching of packages fails.  All that I can assume is that dependent services are not running.

Is that it?

Golly, I hope so.  I still could not get the Beta Hyper-V integration components to properly compile and run.  I built the kernel, did this and that.  I am sure it will come along, as there are other folks that will want to use a synthetic NIC (it was never detected).

I really hope this helps others and the project.