Sunday, December 14, 2014

SCVMM Fabric Controller Script

We are reaching the holidays, and besides public speaking, I am trying to slow down a bit in order to prepare for the arrival of my baby girl early in January.

However, I haven’t been all that lazy, and in this blog post I would like to share a script with you.

During 2014, I have presented several times on subjects like “management stamp”, “Windows Azure Pack”, “SCVMM” and “Networking”.

All of these subjects have something in common, and that is a proper design of the fabric in SCVMM to leverage the cloud computing characteristics that Azure Pack is bringing to the table.
I have been visiting too many customers and partners over the last months just to see that the design of the fabric in VMM is not scalable or designed in a way that gives some meaning at all.

As a result of this, I had to create a Powershell script that easily could show how it should be designed, based on one criteria: turning SCVMM into a universal fabric controller for all your datacenters and locations.

This means that the relationship between the host groups and the logical networks and network definitions need to be planned carefully.
If you don’t design this properly, you can potentially have no control over where the VMs are deployed. And that is not a good thing.

This is the first version of this script and the plan is to add more and more stuff to it once I have the time.

The script can be found at downloaded here:

Please note that this script should only be executed in an empty SCVMM environment (lab), and you should change the variables to fit your environment.

Once the script has completed, you can add more subnets and link these to the right host groups.

The idea with this version is really just to give you a better understanding of how it should be designed and how you can continue using this design. 

Wednesday, December 3, 2014

Setting Static IP Address on a VM Post Deployment

This short blog post is meant to show you how you can grab an IP address from a VMM IP pool for your virtual machines post deployments.

Recently, I found out that during specific DR scenarios with ASR (E2E), you have to use static IP addresses for some of your VMs, depending on the actual recovery plan you have created (but that is a different blog post).

In order to allocate an IP address from the VMM IP Pool, you can use the following lines of powershell:

$vm = Get-ScvirtualMachine -Name “NameOfVM"
$staticIPPool = Get-SCStaticIPAddressPool -Name "NameOfIPPool"
Grant-SCIPAddress -GrantToObjectType "VirtualNetworkAdapter" -GrantToObjectID $vm.VirtualNetworkAdapters[0].ID -StaticIPAddressPool $staticIPPool
Set-SCVirtualNetworkAdapter -VirtualNetworkAdapter $vm.VirtualNetworkAdapters[0] -IPv4AddressType static

Check the job view in VMM to see which IP is allocated to the vNIC on the VM and ensure that these settings are reflected within the guest operating system as well.

Wednesday, November 19, 2014

Windows Azure Pack with DR add-on (ASR)

One of the good things with Windows Azure Pack is that it is an extensible solution where we are able to customize, extend and integrate WAP to meet our desired configuration.

I have already covered the majority of the API’s we have available, both from an admin perspective and from a tenant perspective.

These blog posts can be found here:

The intention of this blog post is to drive awareness of the solution that Microsoft now has made available.

Offering managed DR for IaaS workload with ASR and Windows Azure Pack

Many people have requested that Windows Azure Pack should have an integration with Hyper-V Replica, or Azure Site Recovery.
If you are not familiar with Azure Site Recovery as a concept, you can think of it as the umbrella for all the DR capabilities that Microsoft provides, including storage replication that will be available in the Update Rollup 5 for SCVMM (currently in preview). Azure Site Recovery let you use Hyper-V Replica through SCVMM on-premise to either replicate to a secondary datacenter (on-premise) or use Microsoft Azure as your DR target.
No matter what and where you go, the experience will be the same and provide you with consistency.

I will not cover the setup or the actual workflow of the DR integration with WAP since it is very detailed explained in the URL above.
Instead, I would point out the high-level design of this solution and what you really need to think of.

After you have installed Update Rollup 4 for Windows Azure Pack, you will see some small changes in the UI when you drill into the Plan in WAP and explore the VM Cloud services.

This is where we will enable DR as an add-on, meaning that tenants are able to associate that add-on to an existing subscription they have.

The DR add-on will consist of several SMA runbooks that you will have to import into your WAP environment in the Admin Portal.

Once this is done from the tenant side, this will effectively trigger the SMA runbooks that will replicate all the virtual machines running in that subscription to the target environment.
The subscription ID itself will be replicated with all the mapping down towards each and every tenant VM.
However, virtual networks (if using NVGRE) is not replicated. This means the tenant will have to recreate the networking artifacts in the secondary environment, and you – the service provider must perform the initial network mapping in ASR.

The SMA runbooks can be scheduled so that once a new VM is deployed into that particular subscription, the VM will be scheduled for initial replication and be protected.

Now, over to the delicate explanation of the initial design in order to implement this.

In Azure Site Recovery when using DR between on-premises sites, we are doing the mapping at the VMM Cloud level. The Cloud in VMM should contains Hyper-V hosts/clusters within one or more host groups that will be the foundation of the virtual machines and the replica.

As you may be aware of, in Windows Azure Pack when you create hosting plans, these hosting plans that contains VM Services will be bound to a VMM cloud and a VMM server.
In other words, we are not able to replicate with ASR using a single cloud, although we could have two different host groups (primary and replica) within that cloud.

So since we have to have two clouds, we also need two plans. Hence we have an isolation issue to deal with in order to provide DR with a good tenant experience.

The subscription each tenant create will be unique in the environment, and we are not able to use the same subscription twice within an environment. But if we have two subscriptions, then the tenant would have to know which one to use and could easily lead to mistakes.

So in order to keep the subscription ID and its resources, we need to have another Azure Pack environment.
And since we need to have another Azure Pack environment, we also need another instance of Service Provider Foundation (SPF).

So from a tenant perspective during a failover process, they will be redirected to the WAP environment which is currently online, sign in with their credentials and get access to their resources. The only thing that has changed is the URL to the tenant portal itself.

I know it can be hard to absorb this information at first, especially if we are not familiar with the concept of stamp and the actual architecture of the multi-tenant IaaS cloud platform we are dealing with. So I have created some graphics to show each layer and the purpose of each layer.

High-level overview of management stamps with Windows Azure Pack and Azure Site Recovery

Overview of the different layers for the VM Cloud Resource provider in the context of WAP with DR add-on:

Hopefully this makes sense and gives you a better understanding of the design of Windows Azure Pack with DR add-on

Please note that this is a managed DR solution, where the service provider has very clear responsibility.
They need to perform the initial setup, perform all the processes and ensure that testing and planning are compliant with the actual SLA they provides for this solution.

Monday, November 17, 2014

Speaking at Campus Days in Copenhagen

The last week in November, I will present several sessions at "Campus Days" in Copenhagen in Denmark.

Together with my good friend, Flemming Riis, we will show different sides of datacenter and cloud management using a real world fabric in order to hit the high notes together with the audience.

What's cool with this conference is that all sessions will be available on Channel 9 afterwards.

I will have two presentations:

Mastering Networking in VMM (level 400)

A very interesting topic (to say the least) where I will cover the design and implementation of networking in VMM.
This should give you a complete overview of how to implement fabric networks, software-defined networking (NVGRE with NVGRE gateways) and lay the foundation for automation with Windows Azure Pack. If you have any questions related to networking in VMM, this is your chance to speak up, ask questions and join the interactive session.

Virtual Machine Manager (level 300)

A bit vague title, but many interesting things can be place underneath the umbrella of Virtual Machine Manager. This can be your day-to-day management tool, or your fabric controller that will be harnessed by Windows Azure Pack.
Here we will touch several aspects such as compute, networking and storage management, as well as service templates, cloud and much more.

I also recommend you to join Dr. Riis sessions, which you later will find online here:


Tuesday, November 4, 2014

Sessions from TechEd 2014 Barcelona

If you didn’t have time to attend TechEd in Barcelona, or for some reasons missed an important session, you can now watch them all live on-demand on Channel9.

I had the honor to present during this TechEd, and had two sessions.

Planning & Designing Management Stamps for Windows Azure Pack
A topic that I personally think is very interesting, and work with on a day to day basis when designing real world private and public clouds.

Microsoft Azure Site Recovery: Leveraging Azure as Your Disaster Recovery Site
Together with a living legend, Manoj Jain, we showed how both enterprises as well as hosting services providers (new) can leverage Azure as their DR site for Hyper-V workloads.

Hopefully you’ll find them interesting.

See you soon!

Monday, October 20, 2014

Understanding Windows Azure Pack and your service offerings

Understanding Windows Azure Pack and your service offerings

From time to time, I meet with customers (and also other system integrators) that is not fully aware of the definition of cloud computing.
I never expect people to know this to the very nasty details, but have an overview of the following:

·         Deployment models
·         Service models
·         Essential characteristics

What’s particular interesting when discussing Windows Azure Pack, is that the deployment model that’s relevant, is the private cloud. Yes, we are touching your own datacenter with these bits – the one you are in charge of.

For the service models, we are embracing Infrastructure as a Service (IaaS – using the VM Cloud Resource Provider), and Platform as a Service (PaaS – Using the Web Site Cloud Resource Provider).

The essential characteristics are also very important, as we’ll find elasticity, billing/chargeback, self-service, resource pooling and broad network access.

If you combine just self-service and IaaS, this tells us that we empower our users to deploy virtual machines on their own. Right?
So having the flexibility to provide such service, we also rely on the underlying architecture to support this. Due to scalability (elasticity), we need to ensure that these users constantly have access to the solution – no matter what device they are using (broad network access), we need to find out who is consuming what (billing/chargeback), and last but not least – be able to produce these services in an efficient way that makes it cost effective and profitable (resource pooling).

So, it starting to make sense.

There is a reason for what we are seeing and we are providing these services by abstracting the underlying resources into clouds, plans and subscriptions with the Cloud OS.

Implementing a complete IaaS solutions may bring some obstacles to the table.

Organizations tends to think that IaaS is something they have provided for years. Perhaps they have provided virtual machines, but not a complete IaaS solution.
The reason for that is that IaaS is relying on abstraction at every layer. This is not only about virtual compute (memory, CPU), but also about virtual storage and virtual networking.
This is when it gets interesting, using network virtualization.

Remember that self-service is an essential characteristic of the cloud, right?
So delivering IaaS would also mean that the user is able to do stuff with the networking aspect as well, with no interaction from the service provider/cloud administrator.
This is why Software-Defined Networking (NVGRE) is so essential to this service model, and hence we run into the following obstacles.

·         The customer (most often service provider) wants to continue to provide managed services, such as:
o   Backup (both crash consistent and app consistent)
o   Monitoring (above the operating system level, covering the application stack)

This is what they are doing today, with their infrastructure. But this also has a high cost to operate due to all the manual operations needed and involved to get the wheels moving.

Luckily, Windows Azure Pack is able to cover both scenarios, providing a consistent experience to users/tenants no matter if they are running resources in a “legacy” infrastructure, or a new modern IaaS infrastructure.

The following architecture shows that we are using two Virtual Machine Management Stamps.
Both of these are located behind the SPF endpoint – which present the capabilities, capacity and much more to the service management API in Azure Pack.

A cloud administrator then creates a Hosting Plan in the Admin Portal of Azure Pack, which is associated with the legacy cloud in the legacy VMM server. This plan is available for the users/tenants who are subscribing to managed services.

A new plan is created, associated with the IaaS cloud and the IaaS VMM server, available for the users/tenants that need IaaS, without the requirement of managed services. They are dealing with these themselves.

Hopefully this blog post gave you an overview of what’s possible to achieve using Azure Pack and combine both kind of services using a single solution.

(Want more info? – please join my TechEd session in Barcelona next week).

Tuesday, October 14, 2014

New TechEd session - Azure Site Recovery

New session at TechEd Europe

I have already announced that I will present at TechEd, Planning & Designing Management Stamps for Windows Azure Pack.

Another session is now available on the content catalog, where I will co-present together with Manoj Jain (PM for ASR) on the topic: “Microsoft Azure Site Recovery: Leveraging Azure as your Disaster Recovery Site”.

This will be fun and I really encourage you to join to see how you can extend your services, ensure business continuity and get a true Hybrid Cloud setup using the best from both clouds.