Microsoft

Getting Ready for AWS re:Invent 2017

Theresa Miller - Tue, 11/14/2017 - 06:30

The time is upon us again, and soon we will prepare to descend on Las Vegas. It is time to begin getting ready for AWS re:Invent. This year’s event begins on November 27th and runs through December 1st.  There are pre-event activities on Sunday December 26th as well, but let’s concentrate on what you’ll want […]

The post Getting Ready for AWS re:Invent 2017 appeared first on 24x7ITConnection.

Virtualize deep learning environments – is it possible?

Theresa Miller - Tue, 11/07/2017 - 19:24

As an industry, we have years of experience virtualization applications, but can we virtualize deep learning? In my last post, I mentioned HPC applications are architected in several ways. But how can we architect a virtual environments if we don’t understand the applications we’ll run on them? In this post, I’ll describe deep learning applications, and […]

The post Virtualize deep learning environments – is it possible? appeared first on 24x7ITConnection.

A great way to collect logs for troubleshooting

Microsoft Virtualisation Blog - Fri, 10/27/2017 - 23:30

Did you ever have to troubleshoot issues within a Hyper-V cluster or standalone environment and found yourself switching between different event logs? Or did you repro something just to find out not all of the important Windows event channels had been activated?

To make it easier to collect the right set of event logs into a single evtx file to help with troubleshooting we have published a HyperVLogs PowerShell module on GitHub.

In this blog post I am sharing with you how to get the module and how to gather event logs using the functions provided.

Step 1: Download and import the PowerShell module

First of all you need to download the PowerShell module and import it.

Step 2: Reproduce the issue and capture logs

Now, you can use the functions provided as part of the module to collect logs for different situations.
For example, to investigate an issue on a single node, you can collect events with the following steps:

Using this module and its functions made it a lot easier for me to collect the right event data to help with investigations. Any feedback or suggestions are highly welcome.

Cheers,
Lars

Categories: Microsoft, Virtualisation

What Powered HashiCorp’s Latest Funding Round

Theresa Miller - Thu, 10/26/2017 - 05:30

The team at HashiCorp have been extremely busy lately, which has been further evidenced by HashiCorp’s latest funding round.  Many of HashiCorp’s products have also been updated around the time of the funding announcement.  HashiCorp is known among virtualization admins, cloud admins, and developers for the variety of provisioning products as well as other ecosystem […]

The post What Powered HashiCorp’s Latest Funding Round appeared first on 24x7ITConnection.

Container Images are now out for Windows Server version 1709!

Microsoft Virtualisation Blog - Wed, 10/18/2017 - 19:30

With the release of Windows Server version 1709 also come Windows Server Core and Nano Server base OS container images.

It is important to note that while older versions of the base OS container images will work on a newer host (with Hyper-V isolation), the opposite is not true. Container images based on Windows Server version 1709 will not work on a host using Windows Server 2016.  Read more about the different versions of Windows Server.

We’ve also made some changes to our tagging scheme so you can more easily specify which version of the container images you want to use.  From now on, the “latest” tag will follow the releases of the current LTSC product, Windows Server 2016. If you want to keep up with the latest patches for Windows Server 2016, you can use:

“microsoft/nanoserver”
or
“microsoft/windowsservercore”

in your dockerfiles to get the most up-to-date version of the Windows Server 2016 base OS images. You can also continue using specific versions of the Windows Server 2016 base OS container images by using the tags specifying the build, like so:

“microsoft/nanoserver:10.0.14393.1770”
or
“microsoft/windowsservercore:10.0.14393.1770”.

If you would like to use base OS container images based on Windows Server version 1709, you will have to specify that with the tag. In order to get the most up-to-date base OS container images of Windows Server version 1709, you can use the tags:

“microsoft/nanoserver:1709”
or
“microsoft/windowsservercore:1709”

And if you would like a specific version of these base OS container images, you can specify the KB number that you need on the tag, like this:

“microsoft/nanoserver:1709_KB4043961”
or
“microsoft/windowsservercore:1709_KB4043961”.

We hope that this tagging scheme will ensure that you always choose the image that you want and need for your environment. Please let us know in the comments if you have any feedback for us.

Note: We currently do not intend to use the build numbers to specify Windows Server version 1709 container images. We will only be using the KB schema specified above for the tagging of these images. Let us know if you have feedback about this as well

Regards,
Ender

Categories: Microsoft, Virtualisation

Microsoft’s strong SMB story with Microsoft 365 Business

Theresa Miller - Tue, 10/17/2017 - 05:30

When Microsoft announced the Microsoft 365 solution set, a lot of people scratched their heads and wondered what they were thinking. Did this replace Office 365? Was it just a marketing wrapper bundle of existing products? Microsoft staff still get hassled about the naming choice (out of the control of most of them). But now […]

The post Microsoft’s strong SMB story with Microsoft 365 Business appeared first on 24x7ITConnection.

Join Theresa Miller and Phoummala Schmitt at VMWorld 2017 on The Cube

Theresa Miller - Thu, 10/12/2017 - 05:30

The tech ‘fit’ debate: Universal tech in a couture IT world At VMworld Phoummala Schmitt and Theresa Miller were interviewed on The Cube.  We discussed where our careers started, our goals, what we do, and some of our thoughts on VMWorld 2017.  You won’t want to miss the write-up and discussion! Technology advancements may be […]

The post Join Theresa Miller and Phoummala Schmitt at VMWorld 2017 on The Cube appeared first on 24x7ITConnection.

Interactive Learning on AWS by Finding flAWS

Theresa Miller - Tue, 10/10/2017 - 05:30

Learning about security is something that is, or should be, on everyone’s todo list. As we look to the public cloud for new ways to deploy and manage infrastructure, we also have to look at how new security models and procedures have to come along with it. An interesting way to make this easier and […]

The post Interactive Learning on AWS by Finding flAWS appeared first on 24x7ITConnection.

Join me on Datanauts to discuss Migrating Exchange to Office 365

Theresa Miller - Thu, 10/05/2017 - 16:52

Are you thinking about migrating to Office 365 Exchange Online, but  not sure what you should be thinking about for getting started?  Have you started your Exchange Migration, but still finding you have some questions to be answered.  Join me for Datanauts episode where we discuss migrating Exchange to Office 365.  What you should be […]

The post Join me on Datanauts to discuss Migrating Exchange to Office 365 appeared first on 24x7ITConnection.

Can you virtualize HPC Workloads?

Theresa Miller - Tue, 10/03/2017 - 05:05

You may have heard about high-performance computing (HPC), but have you ever wondered if you can virtualize HPC workloads? It is an interesting question. Data Scientists  build HPC applications to do frame rendering that creates realistic animations, numerical simulation that helps build state-of-the-art jets, even modeling and simulations that create the financial models that our economies […]

The post Can you virtualize HPC Workloads? appeared first on 24x7ITConnection.

Turbonomic 6.0 Is Now Available!

Theresa Miller - Thu, 09/28/2017 - 05:30

Turbonomic has recently released the newest version of their self-managing hybrid cloud management software, Turbonomic 6.0. The focus in this release is enabling cloud adoption for organizations, whether it be a public cloud, private cloud, or hybrid cloud strategy. Enabling the Public Cloud One of the biggest challenges organizations face is right sizing their public […]

The post Turbonomic 6.0 Is Now Available! appeared first on 24x7ITConnection.

WHAT YOU DON’T KNOW WON’T HURT YOU. WHAT I WISH I KNEW WHEN I STARTED IN IT (PART ONE)

Theresa Miller - Tue, 09/26/2017 - 14:58

Recently I wrote a post for Solarwinds Thwack. Its interesting, because I wrote a small series that covered why in a way ignorance is bliss. Sometimes what we don’t know can be our saving grace, that being said I also share some insights into what I wish I had know when I started out in […]

The post WHAT YOU DON’T KNOW WON’T HURT YOU. WHAT I WISH I KNEW WHEN I STARTED IN IT (PART ONE) appeared first on 24x7ITConnection.

Docker’s routing mesh available with Windows Server version 1709

Microsoft Virtualisation Blog - Tue, 09/26/2017 - 05:04

The Windows Core Networking team, along with our friends at Docker, are thrilled to announce that support for Docker’s ingress routing mesh will be supported with Windows Server version 1709.

Ingress routing mesh is part of swarm mode–Docker’s built-in orchestration solution for containers. Swarm mode first became available on Windows early this year, along with support for the Windows overlay network driver. With swarm mode, users have the ability to create container services and deploy them to a cluster of container hosts. With this, of course, also comes the ability to define published ports for services, so that the apps that those services are running can be accessed by endpoints outside of the swarm cluster (for example, a user might want to access a containerized web service via web browser from their laptop or phone).

To place routing mesh in context, it’s useful to understand that Docker currently provides it, along with another option for publishing services with swarm mode–host mode service publishing:*

  • Host mode is an approach to service publishing that’s optimal for production environments, where system administrators value maximum performance and full control over their container network configuration. With host mode, each container of a service is published directly to the host where it is running.
  • Routing mesh is an approach to service publishing that’s optimized for the developer experience, or for production cases where a simple configuration experience is valued above performance, or control over how incoming requests are routed to the specific replicas/containers for a service. With ingress routing mesh, the containers for a published service, can all be accessed through a single “swarm port”–one port, published on every swarm host (even the hosts where no container for the service is currently running!).

While our support for routing mesh is new with Windows Server version 1709, host mode service publishing has been supported since swarm mode was originally made available on Windows. 

*For more information, on how host mode and routing mesh work, visit Docker’s documentation on routing mesh and publishing services with swarm mode.

So, what does it take to use routing mesh on Windows? Routing mesh is Docker’s default service publishing option. It has always been the default behavior on Linux, and now it’s also supported as the default on Windows! This means that all you need to do to use routing mesh, is create your services using the --publish flag to the docker service create option, as described in Docker’s documentation.

For example, assume you have a basic web service, defined by a container image called, web-frontend. If you wanted to publish this service to port 80 of each container and port 8080 of all of your swarm nodes, you’d create the service with a command like this:

C:\> docker service create --name web --replicas 3 --publish 8080:80 web-frontend

In this case, the web app, running on a pre-configured swarm cluster along with a db backend service, might look like the app depicted below. As shown, because of routing mesh clients outside of the swarm cluster (in this example, web browsers) are able to access the web service via its published port–8080. And in fact, each client can access the web service via its published port on any swarm host; no matter which host receives an original incoming request, that host will use routing mesh to route the request to a web container instance that can ultimately service that request.

Once again, we at Microsoft and our partners at Docker are proud to make ingress mode available to you on Windows. Try it out on Windows Server version 1709, and using Docker EE Preview*, and let us know what you think! We appreciate your engagement and support in making features like routing mesh possible, and we encourage you to continue reaching out with feedback. Please provide your questions/comments/feature requests by posting issues to the Docker for Windows GitHub repo or by emailing the Windows Core Networking team directly, at sdn_feedback@microsoft.com.

*Note: Ingress mode on Windows currently has the following system requirements:

 

Categories: Microsoft, Virtualisation

First look at updates coming to Remote Desktop Services

Terminal Services team blog - Wed, 09/20/2017 - 22:30

Remote Desktop Services (RDS) allows you to access a remotely-hosted Windows desktop environment or application from almost any device. Were extending the capabilities of RDS to offer more security, flexibility to run Windows apps on any device, and cloud-readiness with upcoming additions to the RDS platform.

This week, I join Simon May to explain and demonstrate the updates to RDS architecture and services. The RDS team has innovated in three key areas:

  1. Security:RDS-hosted environments can use authentication with Azure Active Directory see how you get advantages like Conditional Access policies, Multifactor Authentication, Integrated authentication with other SaaS Apps using Azure AD, and the ability to get security signals from the Intelligent Security Graph. Moreover, by isolating the infrastructure roles (Gateway, Web, connection broker and others) from the desktop and app deployment hosts, we add another layer to separation for higher security of your virtualized environments.
  2. Cloud readiness: There are updates coming to infrastructure roles with innovations in the existing RD infrastructure roles Web, Gateway, Connection Broker, Licensing see how to take advantage of the elasticity and scale capabilities of Azure. Get a first look at the new Diagnostics role that helps you monitor your deployment effectively.
  3. Windows apps on ANY device: RDS has long had the flexibility to run on cross-platform desktop and mobile operating systems using apps, but we are now building support for HTML5 browser-delivered experiences. Of course, RDS works with Windows even Windows 10 S offering even more flexibility for how your apps and desktops are accessed.

To see these new capabilities for yourself, along with new cloud-integrated architectural options explained, check out the show.

-Scott Manchester
Principal Group Program Manager, Remote Desktop Services

Categories: , Microsoft

Changing your Mindset – Monitoring Solutions are Necessary for Successful IT Digital Transformation

Theresa Miller - Tue, 09/19/2017 - 05:30

The way we consume technology is changing rapidly, and the term digital transformation seems to be used in many ways.  So, what does it mean?  To me it means that organizations have adopted their technology base, and have workflows and processes in place that are successful.  But now with technologic advancements changing and reshaping how […]

The post Changing your Mindset – Monitoring Solutions are Necessary for Successful IT Digital Transformation appeared first on 24x7ITConnection.

Microsoft Teams announces external access, with caveats

Theresa Miller - Mon, 09/18/2017 - 05:30

When Microsoft announced its “Slack-killer” conversation-style Teams product, one piece of functionality was glaringly lacking – access into a team for people outside of your own organization. This week, external access was announced, but only partially. You can now invite guests into your teams IF they already have an Azure AD account (which for most […]

The post Microsoft Teams announces external access, with caveats appeared first on 24x7ITConnection.

#VMworld 2017 Brings New Features to VMware Workspace ONE Powered by AirWatch

Theresa Miller - Tue, 09/12/2017 - 05:30

At #VMworld 2017 US, VMware announced a number of new features and new innovations to VMware Workspace ONE powered by AirWatch, and their end user computing portfolio.  Let’s take a look at some of the things VMware has added to the already powerful software suite. One Platform to Rule All Devices One of the biggest […]

The post #VMworld 2017 Brings New Features to VMware Workspace ONE Powered by AirWatch appeared first on 24x7ITConnection.

Delivering Safer Apps with Windows Server 2016 and Docker Enterprise Edition

Microsoft Virtualisation Blog - Tue, 09/05/2017 - 09:00

Windows Server 2016 and Docker Enterprise Edition are revolutionizing the way Windows developers can create, deploy, and manage their applications on-premises and in the cloud. Microsoft and Docker are committed to providing secure containerization technologies and enabling developers to implement security best practices in their applications. This blog post highlights some of the security features in Docker Enterprise Edition and Windows Server 2016 designed to help you deliver safer applications.

For more information on Docker and Windows Server 2016 Container security, check out the full whitepaper on Docker’s site.

Introduction

Today, many organizations are turning to Docker Enterprise Edition (EE) and Windows Server 2016 to deploy IT applications consistently and efficiently using containers. Container technologies can play a pivotal role in ensuring the applications being deployed in your enterprise are safe — free of malware, up-to-date with security patches, and known to come from a trustworthy source. Docker EE and Windows each play a hand in helping you develop and deploy safer applications according to the following three characteristics:

  1. Usable Security: Secure defaults with tooling that is native to both developers and operators.
  2. Trusted Delivery: Everything needed to run an application is delivered safely and guaranteed not to be tampered with.
  3. Infrastructure Independent: Application and security configurations are portable and can move between developer workstations, testing environments, and production deployments regardless of whether those environments are running in Azure or your own datacenter.

Usable Security Resource Isolation

Windows Server 2016 ships with support for Windows Server Containers, which are powered by Docker Enterprise Edition. Docker EE for Windows Server is the result of a joint engineering effort between Microsoft and Docker. When you run a Windows Server Container, key system resources are sandboxed for each container and isolated from the host operating system. This means the container does not see the resources available on the host machine, and any changes made within the container will not affect the host or other containers. Some of the resources that are isolated include:

  • File system
  • Registry
  • Certificate stores
  • Namespace (privileged API access, system services, task scheduler, etc.)
  • Local users and groups

Additionally, you can limit a Windows Server Container’s use of the CPU, memory, disk usage, and disk throughput to protect the performance of other applications and containers running on the same host.

Hyper-V Isolation

For even greater isolation, Windows Server Containers can be deployed using Hyper-V isolation. In this configuration, the container runs inside a specially optimized Hyper-V virtual machine with a completely isolated Windows kernel instance. Docker EE handles creating, managing, and deleting the VM for you. Better yet, the same Docker container images can be used for both process isolated and Hyper-V isolated containers, and both types of containers can run side by side on the same host.

Application Secrets

Starting with Docker EE 17.06, support for delivering secrets to Windows Server Containers at runtime is now available. Secrets are simply blobs of data that may contain sensitive information best left out of a container image. Common examples of secrets are SSL/TLS certificates, connection strings, and passwords.

Developers and security operators use and manage secrets in the exact same way — by registering them on manager nodes (in an encrypted store), granting applicable services access to obtain the secrets, and instructing Docker to provide the secret to the container at deployment time. Each environment can use unique secrets without having to change the container image. The container can just read the secrets at runtime from the file system and use them for their intended purposes.

Trusted Delivery Image Signing and Verification

Knowing that the software running in your environment is authentic and came from a trusted source is critical to protecting your information assets. With Docker Content Trust, which is built into Docker EE, container images are cryptographically signed to record the contents present in the image at the time of signing. Later, when a host pulls the image down, it will validate the signature of the downloaded image and compare it to the expected signature from the metadata. If the two do not match, Docker EE will not deploy the image since it is likely that someone tampered with the image.

Image Scanning and Antimalware

Beyond checking if an image has been modified, it’s important to ensure the image doesn’t contain malware of libraries with known vulnerabilities. When images are stored in Docker Trusted Registry, Docker Security Scanning can analyze images to identify libraries and components in use that have known vulnerabilities in the Common Vulnerabilities and Exposures (CVE) database.

Further, when the image is pulled on a Windows Server 2016 host with Windows Defender enabled, the image will automatically be scanned for malware to prevent malicious software from being distributed through container images.

Windows Updates

Working alongside Docker Security Scanning, Microsoft Windows Update can ensure that your Windows Server operating system is up to date. Microsoft publishes two pre-built Windows Server base images to Docker Hub: microsoft/nanoserver and microsoft/windowsservercore. These images are updated the same day as new Windows security updates are released. When you use the “latest” tag to pull these images, you can rest assured that you’re working with the most up to date version of Windows Server. This makes it easy to integrate updates into your continuous integration and deployment workflow.

Infrastructure Independent Active Directory Service Accounts

Windows workloads often rely on Active Directory for authentication of users to the application and authentication between the application itself and other resources like Microsoft SQL Server. Windows Server Containers can be configured to use a Group Managed Service Account when communicating over the network to provide a native authentication experience with your existing Active Directory infrastructure. You can select a different service account (even belonging to a different AD domain) for each environment where you deploy the container, without ever having to update the container image.

Docker Role Based Access Control

Docker Enterprise Edition allows administrators to apply fine-grained role based access control to a variety of Docker primitives, including volumes, nodes, networks, and containers. IT operators can grant users predefined permission roles to collections of Docker resources. Docker EE also provides the ability to create custom permission roles, providing IT operators tremendous flexibility in how they define access control policies in their environment.

Conclusion

With Docker Enterprise Edition and Windows Server 2016, you can develop, deploy, and manage your applications more safely using the variety of built-in security features designed with developers and operators in mind. To read more about the security features available when running Windows Server Containers with Docker Enterprise Edition, check out the full whitepaper and learn more about using Docker Enterprise Edition in Azure.

Categories: Microsoft, Virtualisation

Solaris changed our industry; lighting a candle

Theresa Miller - Tue, 09/05/2017 - 05:00

Solaris changed our industry. But according to reports, the Solaris operating system may be nearing death. Oracle, who acquired Sun Microsystems in 2010, has laid off most of the remaining staff who were working on Solaris. There will be support for the OS until 2030, but this news feels like it needs a memorial.   […]

The post Solaris changed our industry; lighting a candle appeared first on 24x7ITConnection.

What to Expect at VMworld 2017

Theresa Miller - Thu, 08/24/2017 - 05:30

VMworld 2017 is just about to get into full swing. For all of your VMware fans out there, get ready for a week of fantastic announcements from the virtualization giant. Let’s take a look at what we can expect at VMworld 2017 The Keynotes The first clue on what to expect at VMworld 2017 can […]

The post What to Expect at VMworld 2017 appeared first on 24x7ITConnection.

Pages

Subscribe to Spellings.net aggregator - Microsoft