Understanding StorSimple

StorSimple - @SeniorDBA

Microsoft is selling an appliance named StorSimple, that can be used for archiving files, a network backup target, or even as a file server. Microsoft bought the company named Xyratex, a former subsidiary of Seagate, to acquire this solution. This appliance was originally not very useful, because:

  • It shared storage via iSCSI only so it didn’t fit well into a virtualization stack, especially Hyper-V which has moved more to SMB 3.0.
  • The file storage engine that decided which files stayed local vs. were moved to the Azure cloud was almost useless.
  • The physical appliance required space in your server rack, when virtualization is the focus for most solutions.
  • While the box was free, it did require a purchase of an enterprise agreement and paying for moving files out of Azure as some files were accessed.

Microsoft has improved StorSimple over the years and now the product is much more useful.

Continue reading “Understanding StorSimple”

Advertisements

Economics of the Cloud

Cloud Economics

For most companies, maintaining a large IT presence implies large capital expenditures and a non-trivial amount of accounting and record-keeping to track depreciation, tax considerations, and so forth. When you purchase the hardware and the software, they become yours (in every sense of the word) and your long-term responsibility.  The traditional model of enterprise computing is a capital-intensive function that requires expensive data centers (electricity, air conditioning, servers, networks, storage, etc.) and operations staff (hardware swaps, networks, backups, OS updates, upgrades, etc.) to keep it all running effectively. With an on-premises data center, you must plan and provision for maximum utilization, which is financially inefficient.

Data Center

The appeal of cloud computing includes the ability of enterprises to pay for only what they use. If demand decreases and you no longer need the assigned capacity, you can turn off systems and you are no longer charged for those systems. Since the cloud is a subscription-based model, it is an “operating expense” model. Computing becomes a service for which businesses are billed a monthly charge that is metered by actual usage. The more (compute, network, and storage resources) that you use the more expensive your monthly bill. The less you use, the less you will be charged.

Another way to save money is cloud operations frees your enterprises of the costly tasks of system backups, routine network maintenance, software patches, etc. because you cloud provider can handle these tasks.

Azure Spend

Most IT organizations find wide variations in system utilization. Some applications are seasonal and other applications run for a short period of time before being shut down. You might have other applications that are simply unpredictable and you can’t apply a cost saving model.

Building your server infrastructure in a cloud environment can save your business money and allow for greater innovations for less money.

 

AzureAD PowerShell V2.0 is now GA

Azure - SeniorDBA

Microsoft has announced that PowerShell Azure AD v2.0 cmdlets are now generally available. They updated the names of all cmdlets to conform with the Azure PowerShell naming conventions. Since they’re publishing a new module for these cmdlets, the name of the module has changed as well: the existing module’s name was “MSOL”, the new module is now called “AzureAD”.

Azure Active Directory V2 PowerShell Cmdlets
  • Add-AzureADAdministrativeUnitMember – Add an administrativeUnit member
  • Add-AzureADApplicationOwner – Add an owner to an application
  • Add-AzureADDeviceRegisteredOwner – Add an owner to a device
  • Add-AzureADDeviceRegisteredUser – Add a user to a device.
  • Add-AzureADDirectoryRoleMember – Add a member to a directory role
  • Add-AzureADGroupMember – Add a member to a group
  • Add-AzureADGroupOwner – Add an owner to a group
  • Add-AzureADScopedRoleMembership – Add a scoped role
  • Add-AzureADServicePrincipalOwner – Add an owner to a service principal
  • Confirm-AzureADDomain – Validate the ownership of the domain.
  • Connect-AzureAD – Connect with an authenticated account to use Azure Active Directory cmdlet requests.
  • Disconnect-AzureAD – Disconnects the current session from an Azure AD tenant
  • Enable-AzureADDirectoryRole – Activates an existing directory role in Azure Active Directory
  • Get-AzureADAdministrativeUnit – Get an Administrative Unit by objectId
  • Get-AzureADAdministrativeUnitMember – Get administrativeUnit members.
  • Get-AzureADApplication – Get an application by objectId
  • Get-AzureADApplicationExtensionProperty – Get group extension properties
  • Get-AzureADApplicationKeyCredential – Get an application’s key credentials
  • Get-AzureADApplicationOwner – Get owners of an application.
  • Get-AzureADApplicationPasswordCredential – Get and application’s password credentials
  • Get-AzureADApplicationPolicy
  • Get-AzureADContact – Retrieves a specific contact from Azure Active Directory
  • Get-AzureADContactDirectReport – Get the contact’s direct reports.
  • Get-AzureADContactManager – Retrieves the manager of a contact from Azure Active Directory
  • Get-AzureADContactMembership – Get contact memberships.
  • Get-AzureADContract – Retrieves a specific contract from Azure Active Directory
  • Get-AzureADDevice – Retrieves a specific device from Azure Active Directory
  • Get-AzureADDeviceRegisteredOwner – Get users that are registered as owner on the device.
  • Get-AzureADDeviceRegisteredUser – Get users that are marked as users on the device.
  • Get-AzureADDirectoryRole – Retrieves a specific directory role from Azure Active Directory
  • Get-AzureADDirectoryRoleMember – Get the members of a directory role.
  • Get-AzureADDirectoryRoleTemplate – Retrieves a list of directory role templates in Azure Active Directory
  • Get-AzureADDirectorySetting – Retrieves a directory setting from Azure Active Directory.
  • Get-AzureADDirectorySettingTemplate – Retrieves directory setting template from Azure Active Directory.
  • Get-AzureADDomain – Get an domain by objectId
  • Get-AzureADExtensionProperty – A collection that contains the extension properties registered with the directory.
  • Get-AzureADGroup – Get a group by objectId
  • Get-AzureADExtensionProperty – Gets extension properties registered with Azure AD.
  • Get-AzureADGroupAppRoleAssignment – Get group application role assignments.
  • Get-AzureADGroupMember – Get members of a group.
  • Get-AzureADGroupOwner – Get owners of a group.
  • Get-AzureADMSGroup – Retrieves a group from the directory
  • Get-AzureADMSGroup – Gets information about groups in Azure AD.
  • Get-AzureADOAuth2PermissionGrant – Get a list of all oAuth2PermissionGrants granted by users within the directory.
  • Get-AzureADObjectSetting – Retrieves a object setting from Azure Active Directory.
  • Get-AzureADPolicy
  • Get-AzureADPolicyAppliedObject
  • Get-AzureADScopedRoleMembership
  • Get-AzureADServiceAppRoleAssignment – Get service principal application role assignments.
  • Get-AzureADServiceConfigurationRecord – Get serviceConfigurationRecords
  • Get-AzureADServicePrincipal – Get a service principal by objectId
  • Get-AzureADServicePrincipalCreatedObject – Get objects created by the service principal.
  • Get-AzureADServicePrincipalKeyCredential – Get a service principal’s key credentials
  • Get-AzureADServicePrincipalMembership – Get service principal memberships.
  • Get-AzureADServicePrincipalOAuth2PermissionGrant – Get the list of the oAuth2PermissionGrants that a user granted this service principal.
  • Get-AzureADServicePrincipalOwnedObject – Get objects owned by the service principal.
  • Get-AzureADServicePrincipalOwner – Get owners of a service principal.
  • Get-AzureADServicePrincipalPasswordCredential – Get a service principal’s password credentials
  • Get-AzureADServicePrincipalPolicy
  • Get-AzureADSubscribedSku – Retrieves a list of subscribed SKUs (subscriptions) to Microsoft services.
  • Get-AzureADTenantDetail – Retrieves the details of a tenant in Azure Active Directory
  • Get-AzureADTrustedCertificateAuthority
  • Get-AzureADUser – Retrieves a specific user from Azure Active Directory
  • Get-AzureADUserAppRoleAssignment – Get user application role assignments.
  • Get-AzureADUserCreatedObject – Get objects created by the user.
  • Get-AzureADUserDirectReport – Get the user’s direct reports.
  • Get-AzureADUserExtension
  • Get-AzureADUserManager – Retrieves the manager of a user from Azure Active Directory
  • Get-AzureADUserMembership – Get user memberships.
  • Get-AzureADUserOAuth2PermissionGrant – Get the list of the oAuth2PermissionGrants that the user granted applications.
  • Get-AzureADUserOwnedDevice – Get registered devices owned by the user.
  • Get-AzureADUserOwnedObject – Get objects owned by the user.
  • Get-AzureADUserRegisteredDevice – Get registered devices registered by the user.
  • Get-AzureADVerificationDnsRecord – Get verificationDnsRecords
  • New-AzureADAdministrativeUnit – Create a new administrativeUnit in Azure Active Directory
  • New-AzureADApplication – Create a new application in Azure Active Directory
  • New-AzureADApplicationExtensionProperty – Create application extension property
  • New-AzureADApplicationKeyCredential – Create a new key credential for an application
  • New-AzureADApplicationPasswordCredential – Create a new password credential for an application
  • New-AzureADDevice – Create a new device in Azure Active Directory
  • New-AzureADDirectorySetting – Creates a directory settings object in Azure Active Directory.
  • New-AzureADDomain – Create a new domain in Azure Active Directory
  • New-AzureADGroup – Create a new group in Azure Active Directory
  • New-AzureADGroupAppRoleAssignment – Assign a group of users to an application role.
  • New-AzureADMSGroup
  • New-AzureADMSInvitation
  • New-AzureADMSGroup – Creates an Azure AD group.
  • New-AzureADObjectSetting – Creates a settings object in Azure Active Directory.
  • New-AzureADPolicy
  • New-AzureADServiceAppRoleAssignment – Assign a service principal to an application role.
  • New-AzureADServicePrincipal – Create a new application in Azure Active Directory
  • New-AzureADServicePrincipalKeyCredential – Create a new key credential for a service principal
  • New-AzureADServicePrincipalPasswordCredential – Create a new password credential for a service principal
  • New-AzureADTrustedCertificateAuthority
  • New-AzureADUser – Create a new user in Azure Active Directory
  • New-AzureADUserAppRoleAssignment – Assign a user to an application role.
  • Remove-AzureADAdministrativeUnit – Delete an administrativeUnit by objectId.
  • Remove-AzureADAdministrativeUnitMember – Removes an administrativeUnit member.
  • Remove-AzureADApplication – Delete an application by objectId.
  • Remove-AzureADApplicationExtensionProperty – Delete an application extension property.
  • Remove-AzureADApplicationKeyCredential – Remove a key credential from an application
  • Remove-AzureADApplicationOwner – Removes an owner from an application.
  • Remove-AzureADApplicationPasswordCredential – Remove a password credential from an application
  • Remove-AzureADContact – Deletes a specific contact in Azure Active Directory
  • Remove-AzureADContactManager – Deletes the contact’s manager in Azure Active Directory
  • Remove-AzureADDevice – Deletes a specific device in Azure Active Directory
  • Remove-AzureADDeviceRegisteredOwner – Removes an owner from a device.
  • Remove-AzureADDeviceRegisteredUser – Removes a user from a device.
  • Remove-AzureADDirectoryRoleMember – Removes a specific member from a directory role.
  • Remove-AzureADDirectorySetting – Deletes a directory setting in Azure Active Directory.
  • Remove-AzureADDomain – Delete an domain by objectId.
  • Remove-AzureADGroup – Delete a group by objectId.
  • Remove-AzureADGroupAppRoleAssignment – Delete a group application role assignment.
  • Remove-AzureADGroupMember – Removes a member from a group.
  • Remove-AzureADGroupOwner – Removes an owner from a group.
  • Remove-AzureADMSGroup – This cmdlet removes a group from the directory
  • Remove-AzureADMSGroup – Removes an Azure AD group.
  • Remove-AzureADOAuth2PermissionGrant – Delete an oAuth2PermissionGrant.
  • Remove-AzureADObjectSetting – Deletes settings in Azure Active Directory.
  • Remove-AzureADPolicy
  • Remove-AzureADScopedRoleMembership
  • Remove-AzureADServiceAppRoleAssignment – Delete a service principal application role assignment.
  • Remove-AzureADServicePrincipal – Delete an application by objectId.
  • Remove-AzureADServicePrincipalKeyCredential – Remove a key credential from a service principal
  • Remove-AzureADServicePrincipalOwner – Removes an owner from a service principal.
  • Remove-AzureADServicePrincipalPasswordCredential – Remove a password from a service principal
  • Remove-AzureADTrustedCertificateAuthority
  • Remove-AzureADUser – Deletes a specific user in Azure Active Directory
  • Remove-AzureADUserAppRoleAssignment – Delete a user application role assignment.
  • Remove-AzureADUserExtension
  • Remove-AzureADUserManager – Deletes the user’s manager in Azure Active Directory
  • Revoke-AzureADSignedInUserAllRefreshToken – Invalidates all of the currently signed in user’s refresh tokens issued to applications (as well as session cookies in a user’s browser), by resetting the refreshTokensValidFromDateTime user property to the current date-time.
  • Revoke-AzureADUserAllRefreshToken – Invalidates all of the user’s refresh tokens issued to applications (as well as session cookies in a user’s browser), by resetting the refreshTokensValidFromDateTime user property to the current date-time.
  • Revoke-AzureADSignedInUserAllRefreshToken – Invalidates the refresh tokens issued to applications for the current user.
  • Revoke-AzureADUserAllRefreshToken – Invalidates the refresh tokens issued to applications for a user.
  • Select-AzureADGroupIdsContactIsMemberOf – From a list of groups Ids select those that the contact is a member of.
  • Select-AzureADGroupIdsGroupIsMemberOf – From a list of groups Ids select those that the group is a member of.
  • Select-AzureADGroupIdsServicePrincipalIsMemberOf – From a list of groups Ids select those that the service principal is a member of.
  • Select-AzureADGroupIdsUserIsMemberOf – From a list of groups Ids select those that the user is a member of.
  • Set-AzureADAdministrativeUnit – Updates a specific administrativeUnit in Azure Active Directory
  • Set-AzureADApplication – Updates a specific application in Azure Active Directory
  • Set-AzureADContact – Updates a specific contact in Azure Active Directory
  • Set-AzureADContactManager – Updates the contact’s manager in Azure Active Directory
  • Set-AzureADDevice – Updates a specific device in Azure Active Directory
  • Set-AzureADDirectorySetting – Updates a directory setting in Azure Active Directory.
  • Set-AzureADDomain – Updates a specific domain in Azure Active Directory
  • Set-AzureADGroup – Updates a specific group in Azure Active Directory
  • Set-AzureADMSGroup – Set a group’s attributes
  • Set-AzureADMSGroup – Changes attribute values on an Azure AD group.
  • Set-AzureADObjectSetting – Updates settings in Azure Active Directory.
  • Set-AzureADPolicy
  • Set-AzureADServicePrincipal – Updates a service principal in Azure Active Directory
  • Set-AzureADTrustedCertificateAuthority
  • Set-AzureADUser – Updates a specific user in Azure Active Directory
  • Set-AzureADUserExtension
  • Set-AzureADUserLicense – Add and remove one or more licenses for a Microsoft online service to the list of assigned licenses for the user.
  • Set-AzureADUserManager – Updates the user’s manager in Azure Active Directory
  • Set-AzureADUserPassword – Sets the password of a user in Azure AD
  • Update-AzureADSignedInUserPassword – Updates the password for the signed in user in Azure AD
Example

Update-AzureADSignedInUserPassword – Update a password

PS C:\>Update-AzureADSignedInUserPassword -CurrentPassword $CurrentPassword -NewPassword $NewPassword

This command updates the password for the signed-in user.

Best Practices Checklist for SQL Server on Azure Virtual Machines

Microsoft Azure - SeniorDBA

Just some quick tips for building a SQL Server instance on Azure virtual servers.

Area Optimizations
VM size DS3 or higher for SQL Enterprise edition.

DS2 or higher for SQL Standard and Web editions.

Storage Use Premium Storage. Standard storage is only recommended for dev/test.

Keep the storage account and SQL Server VM in the same region.

Disable Azure geo-redundant storage (geo-replication) on the storage account.

Disks Use a minimum of 2 P30 disks (1 for log files; 1 for data files and TempDB).

Avoid using operating system or temporary disks for database storage or logging.

Enable read caching on the disk(s) hosting the data files and TempDB.

Do not enable caching on disk(s) hosting the log file.

Important: Stop the SQL Server service when changing the cache settings for an Azure VM disk.

Stripe multiple Azure data disks to get increased IO throughput.

Format with documented allocation sizes.

I/O Enable database page compression.

Enable instant file initialization for data files.

Limit or disable autogrow on the database.

Disable autoshrink on the database.

Move all databases to data disks, including system databases.

Move SQL Server error log and trace file directories to data disks.

Setup default backup and database file locations.

Enable locked pages.

Apply SQL Server performance fixes.

Feature specific Back up directly to blob storage.

You can get more information about performing Azure database backups here.

Microsoft releases Visual Studio on the Mac?

Visual Studio for Mac - SeniorDBA

As additional evidence that Microsoft is welcoming cross-platform development, a prematurely revealed Microsoft blog post revealed that Microsoft is working on a version of Visual Studio for Mac.

The idea isn’t that you will use your Mac to create Windows applications, but that you can include Mac users in your pool of developers as you write Android, iOS, and Mac apps with Xamarin and .NET Core. And Mac and Windows users can share projects, which could be very important to a dispersed team. This is seen as a way for Microsoft to emphasize cloud development on Azure without the focus on Windows development.

You should hear an official announcement and receive a preview download of Visual Studio for Mac sometime during Microsoft’s Connect() conference, which runs November 16th through 18th.

Microsoft Azure obtains ISO 27017

Security is probably one of the first things people ask about when looking at a cloud provider. How do you know the cloud provider is performing their required security functions correctly to keep your systems and data secure? Microsoft is continuously adding and improving security to it’s Azure offerings, and now they have achieved ISO certification. ISO is an international organization that establishes standards in a variety of areas, and has over 21,000 different standards. Customers look to a ISO standard to help them measure and compare competitors.

This certification provides guidance on 37 controls in ISO/IEC 27002 and features seven new controls not addressed in ISO/IEC 27002. Both cloud service providers and cloud service customers can leverage this guidance to effectively design and implement cloud computing information security controls. Customers can download the ISO/IEC 27017 certificate which demonstrates Microsoft’s continuous commitment to providing a secure and compliant cloud environment for our customers.

Which Company Rules the World’s Cloud Infrastructure?

There are plenty of companies that want to rule the online cloud infrastructure market. The top four companies are all from the United States, and they have such a significant lead over the other vendors it might not be possible for them to catch up anytime soon. In a study Synergy Research Group, they show Amazon Web Services, Microsoft, IBM, and Google controlling  more than half of the worldwide cloud infrastructure market.

Amazon (AWS) holds a dominant 31% share in the second quarter of this year, with Microsoft (Azure) next with just a 11% share.

Synergy included infrastructure-as-a-service (IaaS), platform-as-a-service (PaaS), and hosted private cloud services in its figures. They also found that the top four leaders are also growing more rapidly than their smaller competitors, with more than double-digit year over year (YoY) growth rates.