Contact & Subscribe RSS

LinkedIn
RSS

Migrate Hyper-V Virtual machine to Azure

In this post I will describe how to migrate virtual machines to Azure without Virtual machine manager.

My setup:
Hyper-V host: On-premise Hyper-V Server with VM’s on it.
Azure site recovery agent: The provider which communicates with Azure site recovery over port 443 HTTPS.
Azure subscription: My azure subscription, with my storage account and virtual networks.

First create a Recovery vault in Azure Recovery Services Vaults.
Usually under “More Services” -> “Recovery services vaults” (i pinned this one to my menu) -> “+ ADD”

create_recovery_vault_azure

Next, fix the pre-requirements which are located under the “Getting started” tab which are placed in the “Settings” tab.

Step 1: Prepare the infrastructure

Protection goal:

  • We want to replicate to Azure
  • From my Hyper-v server
  • Without virtual machine manager (VMM)

Source prepare / register the source Hyper-v host wich is placed on-premis:

  • Create a Hyper-v Site (can be anything, just a name of your Azure Hyper-v Site)
  • Check if the Hyper-v server can acces the following urls:  (*.accesscontrol.windows.net / *.backup.windowsazure.com / *.hypervrecoverymanager.windowsazure.com / *.store.core.windows.net /*.blob.core.windows.net / https://www.msftncsi.com/ncsi.txt with port 443)
  • Download the installer for the Microsoft Azure Site Recovery Provider.
  • Install the azure site recovery provider on your local Hyper-v server
  • After the completed setup, you must register your Hyper-v server in the azure cloud. To accomplish this you must download the register file and import this in the “after setup / register wizard”.

download_regfile_azure

Target prepare:

  • After 10 minutes and refreshing the azure page I saw that the server is registered in the cloud.
  • Next, select your subscription and the deployment model. I prefer the new one (Resource manager).

Replication settings:

  • Create a replication policy, and wait till the Hyper-V host is associated with the new policy.

Capacity planning:

  • Download the capacity planner and / or Click you have completed the capacity planner :).

Step 2: Replicate application

  • Select the source Hyper-v host
  • Select your target Azure subscription
  • Select the virtual machine you want to replicate
  • Configure the virtual machine propertys (Windows / linux)
  • Click on the last OK and then Enable replication.

When you look into Hyper-v Manager you see that there was taken a snapshot wich will be send to Azure.
See the replication health, right click on the VM -> Replication details

replication_statistics_azure

Step 3: Select recovery plan

Using a recovery plan you can specify the order of recovery of the virtual machines. The virtual machine placed in group 1 will recover and start first, and then the virtual machine in group 2 will follow.

In this example we are not using a recovery plan.

Step 4: Planned failover

Confirm you want to failover the Virtual machine from on-premis to Azure.
You may get an error about Virtual machine networks. Go to your replication VM and select the correct network settings.

recoveryplan_network_settings

 

Planned failover:

azure_planned_failover

That’s it.

 

Manage Microsoft Azure with PowerShell

Today I finally activated my free trial subscription on Microsoft Azure. This gives me the possibility to play around with all the nice Azure features. After playing around in the GUI I wanted to start looking at the PowerShell commands to manage my Azure subscription with PowerShell locally.

There is a difference between the old and the new PowerShell module, the old module is the “Azure” module with is based on the old portal and Azure Service Manager (ASM) model. The new module “AzureRM” is based on the Azure Resource Manager (ARM) technology. Don’t like old stuff so I use the new AzureRM commands.

Fist we need to Install the Resource Manager module, start PowerShell as Administrator.

Then login to your subscription with the command.

Now you are connected to the Azure Resource manager.
Some sample commands:

 

The WinRM client cannot process the request. If the authentication scheme is different from Kerberos

When a computer is not a domain member and there are no SSL Certificates available for HTTPS. You must change the trusted hosts on the client side.

Run: gpedit.msc
Then: Computer Configuration -> Administrative Templates -> Windows Components ->  Windows Remote Management (WinRM) -> WinRM Client
Last: Enable “Trust the remote machine” and add the server to the trustedhost field.

Or with PowerShell:

 

How to: Create Nano server image

With Server 2016 TP5 available today, we want to test it by ourselves.
First; how-to deploy a Nano server image.

Download the server 2016 ISO and mount it.

  1. Launch PowerShell as Administrator.
  2. Copy Nano server folder with the following command:
  3. Import the PowerShell module for building the the image with the following command:
  1. Run command

Gives a GUI where you can give the parameters for deploying the nano server VHD.
* Note: When you select other roles you must use the -Mediapath variable to the ISO.
** Note: AdministratorPassword must be a secure string. In the GUI Password field: (ConvertTo-SecureString -String “YourPassword” -AsPlainText -Force)

In order to automate things you can also do it by hand:

 

Get PowerShell version

Sometimes you need to check the PowerShell version of your Windows System, to get the PowerShell version you need to open a PowerShell prompt (taskbar type PowerShell).

This information is contained in the following variable:

Will give you the exact version.
Other commands which can be used are:

 

Get external IP Address using PowerShell

In some cases it can be useful to check your external IP Address within a PowerShell script.
So I created this little script:

Create PowerShell monitor SCOM

With scripts you can monitor almost everything in SCOM. Out of the box SCOM uses mostly VBScript instead of PowerShell, because it works on all Windows versions. I prefer PowerShell above VBScript, so I created some PowerShell performance collection rules and PowerShell monitors.

Silect created an awesome tool called MP Author to build management packs wizard driven.

The steps:

– Create new management pack, give it a name, choose a folder, locate the references and select Empty Management pack.
– Create a custom application class. In MPAuthor this called Targets, create a new target. I used WMI to locate the custom application service (Select * From Win32_Service Where Name Like “%Service name%”). We are working with a Windows local application, with Windows Computer as target.
– Next, create a custom PowerShell performance rule or a PowerShell monitor (works the same). New “Script performance rule”. Give the script a name and paste the code in the script area. In the next page provide the parameters:

Object: Testpage.com
Counter: Pagespeed
Instance: Someinstance
Value:  $Data/Property[@Name=’Pageloadtime’]$

Select the target we created the above and finish the wizard.

Example script to explain the used SCOM variables:

 

Access to the registry key ‘HKEY_LOCAL_MACHINE\SOFTWARE\Veeam\Veeam Backup and Replication’ is denied.

There are two ways to solve this:

1. Run VEEAM PowerShell always as Administrator
2. Change the permissions of the following registry key: \\HKEY_LOCAL_MACHINE\SOFTWARE\Veeam\Veeam Backup and Replication\ -> Users full control.

Monitor JEE Java applications with SCOM

It’s possible to monitor the mbeams provided by the java engines with SCOM. Out of the box SCOM Doesn’t discover these applications automatically. There are some more steps needed to complete this.

The steps I followed:

– Download and import the SCOM JEE Management packs from: Download
– Install a SCOM Monitoring agent on the application server.
– Enable agent proxy on the SCOM agent (SCOM Console -> Administration -> Agent Managed -> Right click -> Allow this agent to act as proxy).
– Open port 8080 from the SCOM Management server to the application server.
– Search for the “beanspy.war” files on the SCOM Management server. Usually located in a subfolder of: “C:\Program Files\Microsoft System Center 2012 R2\Operations Manager\Server\Health Service State\Resources”
– In my case i used an application server without authentication so i need the beanspy.notauth.war.
– Rename the beanspy.notauth.war to beanspy.war.
– Deploy beanspy.war to youre application web server, in my case tomcat-7.0.
– Restart the application web server services to load beanspy.war.
– Check if the beanspy module is loaded: browse http://URL:8080/BeanSpy/MBeans?JMXQuery=*:*
– Add the application server with the .\NewJEEAppServer.ps1 powershell script.
– .\NewJEEAppServer.ps1 -ManagementServer FQDN -JEEAppServerType Tomcat -JEEAppServerVersion 7 -Target http://FQDN:8080
– In my situation the standard query defined in the JEE Management packs discovered nothing. (http://FQDN:8080/BeanSpy/MBeans?JMXQuery=Catalina:j2eeType=WebModule,*).  I changed this by overriding the default discovery settings with (*:*). And I changed the discovery interval.
– Now you can create JEE Monitors with the pre-defined Management pack templates.

Debug SCOM Agent

Sometimes it’s unclear what the error messages are when the SCOM Agent is running an VB or PowerShell script. Or the event-log messages say nothing about the issue you actually facing. In this situation the Tracing.cmd could give you more information what is happening.

How to start the SCOM Agent Tracing:

  • Go to the Operations Manager Tools directory. Which is located: “C:\Program Files\Microsoft Monitoring Agent\Agent\Tools”
  • Run: StopTracing.cmd
  • Remove all the files located in the OpsMgr log folder: “C:\Windows\Logs\OpsMgrTrace”
  • Run: StartTracing.cmd VER
  • Wait till the problem reoccur, mostly an eventlog message that some script has runned.
  • Run: StopTracing.cmd
  • Format the logs in human readable information this can be done with the: FormatTracing.cmd
  • The logs are saved in the log directory.

I used SMS Trace to debug the logs.

The issue was found in the “TracingGuidsManaged.log”. Invoke-WebRequest was running under a user account witch not have runned the “IE First time run setup”. You can change a group policy for this issue or simply run the step with the actual account.

Example debug line:

[3]dd/mm/yyyy [AzureModule] [] [Error] :RunspaceController.WriteErrorLine{runspacecontroller_cs412}( 0000000000)PowerShell Script ‘ps1’ WriteErrorLine: Invoke-WebRequest : The response content cannot be parsed because the Internet