How I can provide IaaS, PaaS, DBaaS from my Existing Datacenter

Azure technology in your datacenter ...............

Once installed in your datacenter, the Windows Azure Pack integrates with System Center and Windows Server to help provide the following capabilities.

Basically you can provide your service .Windows Azure Pack is a collection of Microsoft Azure technologies available to Microsoft customers at no additional cost. It integrates with Windows Server, System Center, and SQL Server to offer a self-service portal and cloud services such as virtual machine hosting (IaaS), database as a services (DBaaS), scalable web app hosting (PaaS), and more

How I can provide IaaS, PaaS, DBaaS from my Existing Datacenter

Azure technology in your datacenter ...............

Once installed in your datacenter, the Windows Azure Pack integrates with System Center and Windows Server to help provide the following capabilities.

Basically you can provide your service .Windows Azure Pack is a collection of Microsoft Azure technologies available to Microsoft customers at no additional cost. It integrates with Windows Server, System Center, and SQL Server to offer a self-service portal and cloud services such as virtual machine hosting (IaaS), database as a services (DBaaS), scalable web app hosting (PaaS), and more

How to Deploy Microsoft Nano Server

get started nano-server quick start

What is the Microsoft Nano Server and What are the Benefits of use

This will be the Future Operating System which we are installing in our Datacenter. As of right now, it is targeted as an OS for born-in-the-cloud applications and cloud OS. The majority of Company corporate strategy is a concerted push toward the cloud, whether it's public, private, or a hybrid cloud environment. Nano Server is another key component of Microsoft's strategy to be highly competitive in the private cloud market. Nano Server, a stripped down version of Windows Server 2016 that's designed specifically for cloud environments.

Unlike Server Core, Nano Server is intended to be a completely headless installation (no local UI and no local console). Also, where the Windows UI can be installed on top of Server Core, Nano Server has no such capability.

What are the Benefits Of Microsoft Nano Server

1. Secure Server

The attack surface is much smaller now. There is no Internet Explorer, no Windows Explorer, and no GUI to exploit. Also, the default ports open with a base install is 12 as opposed to 34 ports open by default with a full Windows GUI Server install. This makes Nano Server a much more secure OS than its predecessors.

2. Costs

Because this server creates such little overhead, the amount of resources needed to run Nano Server VMs on a Hyper-V host will be miniscule. With its potential to lower costs and increase margins, this will be one of the biggest reasons for companies to use Nano Server VMs whenever appropriate. Allowing companies to get the most out of every dollar spent on hardware is huge.

3. Faster boot times

Nano Server is only installed with the components that are going to be used, so the startup time is significantly faster. The boot IO is around 150MB. In fact, at Microsoft Ignite when Snover presented a demo of a Hyper-V Nano Server cluster, the servers were powering up faster than the switch was!

4. Fewer reboots required

IT Admins will no longer be frustrated by unnecessary reboots caused by patching windows components that aren’t even used on their servers. Since only the components needed are installed, the amount of patches and updates that are pushed out to Nano Server will be much less. With the current Nano Server build, the estimated amount of reboots a year are 3, and Microsoft is working diligently to try to get this down to 2. Fewer reboots on Hyper-V hosts and their VMs means less interruptions, which also means less “after hours” work for some environments.

5. Easier remote management

With Nano Server there is no local logon, it will be managed entirely remotely. This direction on Microsoft’s part requires them to focus on improving the remote administration capabilities of Windows Server. They have recently been working on improving some of the remote management aspects that were previously lacking. For example, as part of the Azure stack, there is now a remote task manager that allows admins to connect to VMs and view performance and processes running. This will benefit IT Admins by improving the remote administration experience when managing Hyper-V hosts and VMs.

6. Smaller server image

Nano Server is 20x smaller than the full Windows Server with a GUI. Because of this, storing Nano Server VMs on a SAN or Hyper-V local storage will not consume large amounts of space.  Mass deployments of Nano Server VMs will not take as long to install and configure; and copying server images over to Hyper-V nodes will take less time. The small footprint of this OS is what really makes it shine.

Here is the benefits comparisons for all three server version which available in market 

Nano Server Use Cases

The obvious downside of having a stripped-down version of Windows Server is that it has limited capabilities. At this time, Nano Server supportability and compatibility we can listed as below.

Role/Feature

1. Hyper-v
2. Failover Clustering
3. File Server and Storage
4. Internet Information Server (IIS)
5. Desired State Configuration (DSC)
6. System center Agent
7. DNS Server
8. Secure Startup
9. Shielded VM
10. RAM Disk supportability

Nano Server Management

The big news in regards to Nano Server is on the management front. Clearly, as a completely headless version of Windows Server, all management of Nano Server is accomplished remotely. A variety of Microsoft management tools are available to use, including MMC (Microsoft Management Console) Snap-Ins like Hyper-V Manager or Services, Windows PowerShell, Desired State Configuration (DSC), Server Manager, and Microsoft System Center. Microsoft also states that third party management tools, such as Puppet and Chef, Nano will be supported.

Microsoft has designed Nano Server to be fully manageable through automated means in keeping with their cloud strategy, but fully realizes that some organizations will prefer to perform some administration with GUI tools. It's important to recognize the distinction between the headless nature of Nano Server and a system that is only manageable through a command line. Nano Server does offer support for management through GUI tools using remote management.

MORE DETAILS FOR :- How to Deploy Microsoft Nano Server

How to Setup Disaster Recovery as A Service (DRaaS) for your Organization

Disaster recovery (DR) planning has a reputation for being difficult and time consuming. Setting up alternate processing sites, procuring hardware, establishing data replication, and failover testing have been incredibly expensive undertakings. To top it all off, the need for 24x7x365 business application availability threatens to make disaster recovery planning an exercise in futility.

Disaster Recovery as a Service, will help you to setup your DR site with below listed benefits

1.       low cost with – Pay as you go

2.       High availability -

3.       Simplicity and Easy Setup

4.       Scalability

5.       Flexibility

6.       Compliance

7.       Easier Testing

Step to Setup your DRaaS

·         Understanding your Disaster Recovery Requirement and Needs

o   Understand today DR Practices – Hot, Cold and Warm Sites  

o   Public / Private

·         Defining Your Requirements for a DRaaS Solution

o   Perform a Business, Impact Assessment

o   Setting Recovery Targets (RTO and RPO)

o   Backup and Replication with bandwidth limit

o   Understanding how DRaaS untangles network complexities (Latency and Bandwidth)

o   Working through the legal and compliance issues associated with DRaaS

o   Data Protection and Geography and the Law

o   Data Ownership, access and Use

o   Data Custodian,

o   Data Retention,

o   Data Location,

o   Bootstrapping Recovery Site,

·         Defining your correct Backup Technology

o   3-2-1 Rule

·         Implementing DRaaS

o   Build a successful DR Plan with Clear Scope

·         DRaaS Operations and Maintain with Testing    

o   Operational aspects of a DRaaS system, including network monitoring, conducting failovers and failbacks, and testing a DR plan.

o   Cutover test, Paralle test, Simulation, and Document

·         Building an Exit Strategy

o   Monitor and analyze, Periodic business reviews

Find the right resources to help you to plan and deploy Core infrastructure solutions. Join with us we will provide support and service to setup your DRaaS for your organization.

How to do the More than 95% Windows Client Patch Compliance

As I know this is very critical task all the IT admin and IT managers. And this must be in place as per the security compliance.

If you’re not in up to date patch level, definitely your environment in high vulnerable situation.

This article will explain to you how you can do more than 95% Windows client patch compliance in the security reports.

Solution – Implement System Center Configuration Manager (SCCM)

KEY FACTS

                Correctly Design your SCCM Architecture - Consideration for the correct Architecture   

Numbers of Connecting Devises,

Numbers of Remote Site,

Remote Site Bandwidth,

Numbers of Application and Image and capacity of them,

Integrate Intune – If you want to manage devices which are non-join domain and non-Windows Operating System,

Integrate WSUS,

               

                Correctly Assign Job Role what your expecting with SLAs

                                    Patch Admin – Manage and Distribute all the patches

                                    Image Admin – Test and Deploy correct image to required devises

                                    App Admin – Test and deploy correct Apps to correct user or devise groups

KEY BENEFITS

                Patch Management and Reporting

                Application Management and Reporting

                Assets Reporting and Inventory – Asset Intelligent

                Operating System Deployment (OSD)

                Settings Management (DCM)

                End Point Protection

In this Article we are considering only How to do the More than 95% Windows Client Patch Compliance

Guidelines for How to do the More than 95% Windows Client Patch Compliance

Purpose –                      

Ensure timely delivery of Security updates, help make environment secure and provide consistent user experience.

Target Compliance –   

Deploy active exploit update to 95% of computers with three business days.

Deploy critical update to 95% of computers within seven business days.

Compliance period –        Comply within 3 or 7 business days, as appropriate.  

Recommended Patching Process –

Pre-Update Deployment –  

Silent, Interactive or on-demand patching you can choose for this.

                Create Patch testing Groups with covering all the Operating Systems & application,

                Provide better awareness session about patch testing collection devices users,

                Prior notice them, before start deployment,

                Deploy, Monitor, Create Risk Mitigation plan, Request Feedback.

                Patching testing period define as 7 days with starting patch Tuesday.

Update Deployment –

                Production deployment with Silent Patching.

                Enforce Restart if it required,

                            User Receives Initial restart notification at the 120^th minute, and 

                            Final restart notification at the 60^th minute.

The user continues to receive a restart notification until the system has been restarted.

Post-update Deployment

                Confirm deployment using reports statics

                Cleanup process

                Document

                Publish Final report to all stakeholders

               

Best Practices

People – Make sure that security of the environment is the TOP PRIORITY

Process –

                Communicate to users every month about patch Tuesday

                Deploy update consistently after the validation phase is complete

                Preform quality control on the test deployment before release to production

                Monitor and remediation any issues if you face quickly

                Remove expired update periodically

Technology –

                Maintain 98% client heath all the time

                Defined correct boundaries and boundary group with including correct site servers

                Deploy Automatic Patch Deployment rules for each device collections

                Use WSUS to install the configuration manager client

                Verify SCCM Client settings

                Weekly or at least Monthly Client PC restart schedule 

What's new in Hyper-V Private Cloud on Windows Server 2016

         1.    IN place Cluster upgrade

Finally, we can have in-place cluster upgrade feature, you can now add a node running Windows Server 2016 to a Hyper-V Cluster with nodes running Windows Server 2012 R2. The cluster continues to function at a Windows Server 2012 R2 feature level until you upgrade all of the nodes in the cluster and you upgrade the cluster functional level with the following Windows PowerShell cmdlet, Update-ClusterFunctionalLevel.

After you update the cluster functional level, you can't downgrade it back to Windows Server 2012 R2. Seems it’s going to work as Active Directory functional level.

When the Hyper-V Cluster has a mix of both Windows Server 2012 R2 and Windows Server 2016 nodes, you can still move virtual machines between all of the nodes in the Hyper-V Cluster.

After you upgrade the cluster functional level to Windows Server 2016, the following applies:

·         To enable new virtual machine features, you need to manually upgrade the virtual machine configuration level of the virtual machines using the Update-VmConfigurationVersion cmdlet.

·         You can enable new Hyper-V features.

·         You can't add a node to the Hyper-V Cluster that runs Windows Server 2012 R2.

2.    Nested virtualization

Yes, you can have this feature now. It will let you use a virtual machine as a Hyper-V host and create virtual machines within that virtualized host. This can be especially useful for development and test environments. To use nested virtualization, you'll need:

·         At least 4 GB RAM available for the virtualized Hyper-V host.

·         To run at least Windows Server 2016 or Windows 10 build 10565 on both the physical Hyper-V host and the virtualized host. Running the same build in both the physical and virtualized environments generally improves performance.

·         A processor with Intel VT-x (nested virtualization is available only for Intel processors at this time).

3.    Hot add and remove for network adapters and memory

Yes, finally this also available in VM G2 version, now you can add or remove a network adapter while the virtual machine is running, without incurring downtime. And its support Windows or Linux operating systems.

You can also adjust the amount of memory assigned to a virtual machine while it's running, even if you haven’t enabled Dynamic Memory. This works for both generation 1 and generation 2 virtual machines.

4.    Networking features

New networking features include:

·         Remote direct memory access (RDMA) and switch embedded teaming (SET). You can set up RDMA on network adapters bound to a Hyper-V virtual switch, regardless of whether SET is also used. SET provides a virtual switch with some of same capabilities as NIC teaming. For details, see Remote Direct Memory Access (RDMA) and Switch Embedded Teaming (SET).

·         Virtual machine multi queues (VMMQ). Improves on VMQ throughput by allocating multiple hardware queues per virtual machine. The default queue becomes a set of queues for a virtual machine, and traffic is spread between the queues.

·         Quality of service (QoS) for software-defined networks. Manages the default class of traffic through the virtual switch within the default class bandwidth.

5.    Linux Secure Boot

Linux operating systems running on generation 2 virtual machines can now boot with the Secure Boot option enabled.  Ubuntu 14.04 and later, SUSE Linux Enterprise Server 12 and later, Red Hat Enterprise Linux 7.0 and later, and CentOS 7.0.

6.    Production checkpoints

Production checkpoints allow you to easily create “point in time” images of a virtual machine, which can be restored later on in a way that is completely supported for all production workloads. 

7.    Guest Integration services through Windows Update

Yes, you can have Guest Integration service updates through Windows Update.

8.    Shielded Guest virtual machines

Shielded virtual machines use several features to make it harder for datacenter administrators and malware to inspect, tamper with, or steal data and the state of these virtual machines. Data and state is encrypted.

9.    Windows PowerShell Direct

This will be easy and reliable way to run Windows PowerShell commands inside a virtual machine from the host operating system. There is no network, firewall requirements, or special configuration. It works regardless of your remote management configuration. To use it, you must run Windows 10 or Windows Server 2016 Technical Preview on the host and the virtual machine guest operating systems.

10. Windows Containers

Windows Containers allow many isolated applications to run on one computer system.

How/Why: Hyper-V Server failover cluster

Microsoft has long offered a version of Hyper-V Server, but, for whatever reason, Hyper-V Server has gained a reputation for only being appropriate for use in a lab environment. Believe it or not, it is possible to deploy the Hyper-V Server in a way that allows your Hyper-V virtual machines to be made highly available.

In order to build a fault-tolerant Hyper-V deployment, there are a few things that you'll need.

First, you will need a storage array that can be used for shared storage (CSV). These storage requirements are the same as for any other Hyper-V deployment. Next, you need a copy of Hyper-V Server, which can be found on the Microsoft website.

Third, you require a basic understanding of how failover clustering is normally deployed and configured. Having some up-front knowledge of failover clustering will make it much easier to build a cluster based on Hyper-V Server.

Finally, to build a fault-tolerant Hyper-V deployment, you must have a general knowledge of PowerShell. If your PowerShell comprehension is a little rusty, I recommend taking advantage of the Sconfig.cmd utility. This utility provides a menu-driven interface for configuring a server. Employing this utility will minimize the amount of PowerShell that you will have to use.

The first step in building a failover cluster using the Hyper-V Server is to install Hyper-V Server on each server that will act as a cluster node. Once it has been installed, you will need to use the Sconfig.cmd to establish the initial configuration for each server. This means assigning an IP address to each network interface card (NIC), giving each node a unique and meaningful computer name, joining an Active Directory domain, and enabling remote management. All of these tasks can be easily completed using the Sconfig.cmd utility.

Once you complete the initial configuration process, you must make a few decisions regarding your failover cluster. You will need to choose a name and an IP address for the cluster. You will also need to figure out how you are going to connect the cluster nodes to the shared storage. The easiest solution is to create two Server Message Block file shares. One of these shares will be used as shared storage, while another is used as a File Share Witness.

For the sake of demonstration, let's pretend that you wanted to create a cluster with a cluster name of "Cluster1" and a cluster IP address of 192.168.0.1. Let's also assume that the NIC that you want to use for cluster communications on each cluster node is named "Ethernet 2" -- you can get the actual NIC name by using the Get-NetAdapter cmdlet. Now imagine that your cluster nodes are named "Hyper-V-1," "Hyper-V-2" and "Hyper-V-3". Finally, we will need a Universal Naming Convention path for our File Share Witness. We will also need to assign a name to the Hyper-V virtual switch. For the sake of this demonstration, I will use "Switch1" as the virtual switch name -- each node must use the same virtual switch name -- and I will use "\\storage\witness" as the File Share Witness path. Given those conventions, the commands used to build a failover cluster would be:

Install-WindowsFeature –Name Failover-Clustering –IncludeManagementTools
New-VMSwitch "Switch1" –NetAdapterName "Ethernet 2" –AllowManagementOS:$True
Test-Cluster –Node Hyper-V-1,Hyper-V-2,Hyper-V-3
New-Cluster –Name Cluster1 –Node Hyper-V-1,Hyper-V-2,Hyper-V-3 –StaticAddress 192.168.0.1
Set-ClusterQuorum –Cluster Cluster1 –NodeAndFileShareMajority \\Storage\Witness

The only thing left to do at this point is to connect your shared storage to the cluster. The method that you will use to do so will vary depending on the type of storage that you are using. You can use the Add-ClusterDisk cmdlet to get the job done, but I advise installing the Failover Cluster Manager onto another Windows Server, one that has a graphical user interface, and use that tool to add storage to the cluster. That way you won't have to worry about the complexities of configuring shared storage from the command line.

As you can see, it is possible to achieve high availability using the Hyper-V Server. That being the case, you may be wondering why any organization would pay for a Windows Server license for their Hyper-V nodes. The answer usually comes down to VM licensing. Windows Server 2012 R2 Datacenter Edition for instance allows a properly licensed Hyper-V host to run an unlimited number of Windows Server 2012 R2 VMs. Without such a license, VM licensing must be handled separately, which can be costly and complicated.