Microsoft Azure 70-553 - Part 1

Microsoft Azure 70-553 - Part 1

This post is just to help me start capturing some of those moments when I got something working in Azure as I studied the syllabus and went "cool"!!

So 15-20% of the score goes to Azure App Service apps, otherwise called WebApps. These are simple web services that you can play with while making up silly website names. One of the first things to play with is deployment slots. I wanted to hack the starting web page so I'd know which of the deployment slots was active as I swapped them in and out to simulate real developer actions as they makes changes / revert changes to a website.

I was having trouble getting WinSCP to FTP to my test WebApp so I dropped to DOS and got it connect there. Steps:

Deploy a WebApp:

Create a few Deployment Slots - I copied the existing WebApp config:

Reset the Deployment Credentials with something you can type in (I'd keep a long cryptic key for Production however):

Log in with the FTP client while in the C:\Temp folder on your local PC:

So I used waws-prod-sn1-013.ftp.azurewebsites.windows.net as the Hostname, alicemushroom\jsoap as the username and the password was one I made up that met the security requirements. Then I was able to navigate to site\wwwroot and download a copy of hostingstart.html.
cd site
cd wwwroot
get hostingstart.html
edit this file in notepad in C:\Temp and make the desired changes
put hostingstart.html

I edited this in Notepad near the bottom, changing the heading to:

Then I was able to use deployment slots to swap it out of Production and back in again. This edited the live Production WebApp. You can edit a Deployment slot directly by using the same URL but changing the username - my first deployment slot uses username: alicemushroom__beta1\jsoap

You need to update each deployment slots credentials but once done you can edit each HTML directly and then swap / revert the Deployment Slots to check each change using the Production URL. AutoSwap is also possible. So when you make a change and save it back to the Deployment FTP it then goes live with it automatically - handier for Developers if you have a BETA and STAGING Deployment Slot - they test in BETA and publish to STAGING to go live. 

I went back to WinSCP and got the same settings working allowing me to log in with a GUI interface and have a look around at the WebApp structure. 

Simple but fun!!!! 

Note: when using your FTP client remember to change the initial directory you are in to site\wwwroot or you will drop the updated html file to the wrong location and scratch your head about why the website isn't updating & AutoSwap isn't working!!! Also try a different browser to avoid cache traps!! 

PowerShell:

Where would we be without a few PowerShell cmdlets to keep us going?!! I've listed the ones below that mirror some of the objectives done with the Portal above. If you delete the WebApp portal created earlier and recreate it using the same names in PowerShell prepare for some wierd Portal issues. Either clear the cache or switch to a different browser or it will list the new WebApp or sub components thereof as Deleted!!

New-AzureRmResourceGroup -Name alicerg -Location "North Europe"
New-AzureRmAppServicePlan -Name aliceasp -Location "North Europe" -ResourceGroupName alicerg -Tier Standard
New-AzureRmWebApp -ResourceGroupName alicerg -Name alicemushroom -Location "North Europe" -AppServicePlan aliceasp
New-AzureRmWebAppSlot -ResourceGroupName alicerg -Name alicemushroom -Slot staging -AppServicePlan aliceasp
Switch-AzureRmWebAppSlot -ResourceGroupName alicerg -Name alicemushroom -SourceSlotName staging -DestinationSlotName production

Microsoft Azure - Basics

Microsoft Azure - Basics

This post is to help me when returning to use Microsoft Azure after a stint working on other Technologies. Sometimes it takes me a few minutes to figure out the URLs and PowerShell steps to get connected.

I'm currently studying for the Infrastructure Exam 70-553 after it was updated in November 2016. I'm not sure if the exam prep companies have caught up yet. None I've found are clear about when they update their exams so I've sent off an email to one to find out if they have updated their question base specifically since then.

That said there are lots of resources out there and rather than repeat posts others have done on this topic, I'll just list a few links and get on with my Azure Basics capture:

Azure Arm Portal (New one!)
https://portal.azure.com/

Azure Classic Portal:
https://manage.windowsazure.com/

Official Microsoft 70-553 exam page:
https://www.microsoft.com/en-ie/learning/exam-70-533.aspx

Blog on new Exam:
https://buildazure.com/2016/11/06/azure-infrastructure-exam-70-533-gets-arm-refresh/

Did you know you can do the exam at home now? There is a proctoring option you can apply for, they look around your room with a webcam and then monitor you while you answer the questions. Much nicer than travelling to a sterile testing center and walking the walk of shame to collect your failure result afterwards!!!!

I'm using a work MSDN account which gives me free credits a month. I attended the 70-553 course before Xmas also so I'm just getting back to the exam topics and refreshing my knowledge before booking the exam.

The ARM Portal is your main tool. Double click the background to change the colour to a darker one which I prefer.

I got a one year subscription to Pluralsight and watched their Infrastructure Videos before attending the course which helped but being able to ask questions at particular points really aids understanding, so having an instructor is very handy. Having a good instructor is really important. Pluralsight continues to offer new Azure videos all the time so it's a really good resource but the blog link above has several other resources you can use for free so use what works and what you've access to!

The Powershell and CLI Tools are available here:
https://azure.microsoft.com/en-us/downloads/
Scroll down to "Command-line tools" and get the Windows install of PowerShell.

The Web Platform installer 5.0 runs when you launch the exe that is downloaded. This then installs / updates the PowerShell Azure cmdlets.

At this point you can use the same installer to add the CLI tools as shown above.

Note: You can also access & download the Microsoft Web Platform Installer 5.0 by googling "webpi" and browsing to the following URL:
https://www.microsoft.com/web/downloads/platform.aspx?lang=

Open PowerShell and confirm the modules are active with the following command:
Get-Module -ListAvailable Azure*
The following command will give you an error but points you to Login-AzureRMAccount:
Get-AzureRmResource

Now connect up to Azure:
Login-AzureRMAccount
You get a pop up prompting you for your Azure creds, after entering your username, click the password box and pause. This gives it a chance to ask if this is a work or personal email and then you can proceed and enter the password for the correct account.

 It reverts to PowerShell and shows you logged in.

Now you can run Get-AzureRmResource for a load of output!

That's all the interface options, now open the exam section headings and start practising and reading the documentation and off you go! Good luck with the exam and Happy Azuring!

Upgrade Lab to vCenter 6.5

Upgrade Lab to vCenter 6.5

This post will cover upgrading my Lab to vSphere 6.5. After due consideration of the push by VMware to move to the vCenter Appliance I decided that rather than a protracted Server OS change to 2016 and the fact vCenter 6.5 doesn't support SQL 2016 it would be far easier to test the migration wizard and move to VCSA 6.5. It's only my Lab after all!!

Mount the VCSA ISO and copy the "migration-assistant" folder to your vCenter VM. Run the "VMware-Migration-Assistant.exe" file and you should see the following if it doesn't encounter any errors in your environment:

Sorry about the large size but this contains a lot of important information. Next, run the <virtual cdrom letter>:\vcsa-ui-installer\win32\installer.exe file and choose Migrate in my case:

Click Next: 

 Accept the License Agreement:

 Provide the FQDN of your vCenter where you are running the migration wizard from. Ensure the port is open if using a Windows Firewall. Provide appropriate credentials:

 Accept the Thumbprint:

 Provide destination details of the ESXi Host or vCenter where you want to deploy the new VCSA appliance to. Nice to know if you're building out a new environment you can point elsewhere. In my case I'm pointing it back to the same vCenter I'm upgrading, let's see if it copes with that?!!

 Usual ssl warning:

 Select a Folder:

 Select a Host:

 Give the new VCSA a name and password:

 Select a Size:

 Select a Datastore:

 Give the new VCSA an available IP for the transition period. This will be interesting to see how it gets on and at what point it powers down my old Windows vCenter:

 Check everything and Click Finish:

 Coffee time:

 The VM deploys in the background as shown here. This is coming from the mounted ISO from my PC:

 Here is the console of the new VCSA during the initial startup Phase:

Which should lead to this when it's completed:

 The console shows the following (no IP mentioned):

After Clicking Continue you see the following:

 It communicates with the migration assistant again and offers the following warnings:

 The migration assistant is updated showing it has packaged and send the necessary migration data over from the old vCenter server:

Next provide an Active directory account with appropriate permissions to join AD:

 Decide what information you wish to preserve / migrate over, I'm selecting EVERYTHING!:

 Usual experience program stuff:

 Tick the box to declare you don't care! Then Click Finish

You get one last chance:

Oh no - What have I done?!!!! 

Somewhere along the way I noticed it's given the temporary IP to the VCSA:

Now I've just to wait for the migration to complete. 

Once the copy was over my old vCenter was shut down. 

So how did we do:

 Oh Dear....

You can download the VCSA logs to have a squint. 

Some of the errors in the logs are as follows:

2016-12-21T13:08:50.484Z INFO firstbootInfrastructure [Failed] /usr/lib/vmware-vpx/firstboot/vpxd_firstboot.py is complete

2016-12-21T13:08:50.485Z WARNING firstbootInfrastructure Bug component info file does not exist

2016-12-21T13:08:50.485Z INFO firstbootInfrastructure Firstboot duration: 483 sec

2016-12-21T13:08:50.485Z INFO firstbootInfrastructure First boot is a failure

2016-12-21T13:08:50.486Z INFO firstbootInfrastructure Changing vMon default start profile to ALL

2016-12-21T13:08:50.486Z WARNING firstbootInfrastructure stopping status aggregation...

and

2016-12-21T13:06:04.788Z [main WARN  com.vmware.cis.cm.client.ComponentManagerClient] 

So, looks like it encountered an error and I need to see if I can rollback to the old appliance or not. So, I deleted the VCSA65 VM and powered on LABVC and logged in. First thing to check is if it's still Domain joined!
Well, everything appears to have come back up ok - can log into vCenter and all the services are up.

Domain membership is NOT ok though - error via RDP "The trust relationship between this workstation and the primary domain failed". You can join a workgroup, reboot, rejoin the domain and reboot to resolve.....or....open Powershell and type in "reset-computermachinepassword -server labdc.lab.local" - just replace the server name with the FQDN of YOUR domain controller & reboot.

I could get into the ViClient (C#) and Web Client interfaces again without issue.

I can't say that the experience fills me with confidence. Obviously having backups / snapshots will help rollback but it's a big jump and at this point in a Production environment I'd be logging a support call to check what was the cause of the error but you're completely at their mercy at that point. Would a Windows version upgrade work I wonder? I'm considering my options at this point....

I would imagine that a complex Production environment would be more difficult. Would just choosing the Configuration option only work? Make sure you remove the VCSA65 VM from vCenter to clean it up.

I decided to give it one last try. I cleaned up a lost of dead objects from the Host & Clusters view and a few dead Distributed vSwitches, then tried a Configuration only migration. Result:

Darn it!!! It worked?!!!

 The VCSA65 VM Console now on the right IP:

Now you get a choice of web consoles:

Seriously - "Partial Functionality"?!!!! I thought HTML 5 was fully finished and took over the previous crap web interface?!! The HTML 5 URL is slightly different ending in /ui/:
https://labvc.lab.local/ui/

and what about the good old C# Client: 

Crapola!! 

So, guess where Update Manager is?! It's only in the OLD web client.....yet again we've a two tier management solution for vCenter, well done VMware. Maybe we'll get a fully functional HTML 5 experience by version 8.0?!! 

At least the migration worked so I can get used to the VCSA and ditch the old Windows vCenter and SQL server.....just need to upgrade my Domain Controller to Server 2006 next...!!