Passed AZ-400 Microsoft Certified Azure DevOps Engineer

Last week I took the AZ-400 exam and I passed succesfully.

exam-az400-600x600.png

This exam counts for the Microsoft Certified Azure DevOps Engineer Expert certification track.  I found this exam quite challeging because it leans heavily on your dev experience. I’m not a very experienced developer so some topics were challeging. Nevertheless I passed the exam.

When you’re going to take the exam in the near future, please check out my collection of links I found on the internet which helped me alot. You can find the links on the menu or here.

Next exams this year : AZ-500 and MS-500 (for the Microsoft Security partner competence)

 

 


PowerCLI “The Aspiring Automater’s Guide” by Altaro

PowerCLI

If you currently use PowerCLI to automate basic tasks with pre-defined scripts, you’ll already know how powerful automation can be. However, taking the next step and customizing scripts to carry out tasks specifically designed for your needs opens a whole new world of opportunities. This new eBook from Altaro takes you there.

Written by VMware vExpert Xavier Avrillier, this free eBook presents a use-case approach to learning how to automate tasks in vSphere environments using PowerCLI. We start by covering the basics of installation, set up, and an overview of PowerCLI terms. From there we move into scripting logic and script building with step-by-step instructions of truly useful custom scripts, including:

  • How to retrieve data on vSphere objects
  • Display VM performance metrics
  • How to build HTML reports and schedule them
  • Basics on building functions
  • And more!

Stop looking at scripts online in envy because you wish you could build your own scripts. Download PowerCLI: The Aspiring Automator’s Guide now and get started on your path to automation greatness!

 


How to use Azure State Configuration to open specific firewall ports

Azure Automation State Configuration is an Azure service that allows you to write, manage and compile PowerShell Desired State Configuration and assign them to target nodes.  Just like in an on oremise environment you can easily manage (virtual) machines running on Azure and also On Premise.

Using DSC it’s possible to set an (security) baseline to all your virtual machines. In this blogpost I describe how to enable specific ports from the Windows Server firewall.

Here is an example of a configuration file I use. As you can see I’m making use of the xNetworking module.

First you have to import the xNetworking module to Azure. Therefore go to your automation account. Go to Shared Resources, Modules and select Modules :
DSC01
Notice the Browse gallery in the upper pane :
DSC02
Now import the xNetworking module,
Now you can the add the code above to open a firewall port. In my example I opened (incoming) port 80.
There are several options although. You can find more information here.
You can use the following command’s on your node to update the configuration :

(This command checks the pull server for an updated configuration and applies it)

(This command applies the configuration to the node)

How to backup Linux VM’s with large data disks (>4 TB)

Recently I ran into an issue on a project I’m working on. The customer has a Linux virtual machine running on Azure with a large data disk (20 TB). I knew – but forgot to remember – that Azure Backup doesn’t support disks larger then 4 TB (more info here). The specific drive is used for logging, so for a moment I thought that Azure files could be a solution but the specific Linux version (RHEL 6.7) isn’t supported for secure transportation towards Azure files. So I found another solution.

I decided to add multiple drives to this virtual machine (and split the needed size by the number of drives). In my example I added 3 disks to this virtual machine.

largedisk1.png

Now logon to the CLI of that specific virtual machine. The 3 datadisks were made available using /dev/sdc, /dev/sdd and /dev/sde.

First we have to create physical volumes on top of /sdc, /sdd and /sde using the following command :

pvcreate /dev/sdc /dev/sdd /dev/sde

You can check this using the following command :

pvs

of for detailed information:

pvdisplay /dev/sdc

Now we are going to create a volume group named logging using the 3 physical volumes with this command :

vgcreate logging /dev/sdc /dev/sdd /dev/sde

Now we create a logical volume using the following command:

lvcreate -n logs -l 100%FREE logging

Now let’s format the volume

mkfs.ext4 /dev/logging/logs default 0 0

Now we have to edit the /etc/fstab file. In my (demo) case I add the following line:

/dev/logging/logs /var/logging ext4 defaults 0 0

My fstab file looks als follows:

largedisk2

After rebooting the new volume is available on /var/logging (in my demo case)

As you can see there is one 9 TB disk (in my demo) which I can access :

largedisk3

Now we are able to use Azure Backup to backup this machine:

largedisk4

Thanks to BM for the feedback! #TheManWithTheSleeve


How to rename your Azure subscriptions (tip)

When you have – like me – multiple Azure subscriptions and they all have the same subscription name (something like Visual Studio Enterprise – MPN for example ) it can be difficult to separate them.

I advice you to rename your subcriptions and give them a clear name to identify them.

This is how you can do that :

2019-06-08 09_59_37-Microsoft Edge.png

Go to your subscriptions pane in the Azure Portal and select your Azure subscription. Click overview and there you find the Rename button. Just choose to rename your subscription and after 10 minutes or so your Subscription has a new name!


How to add a data disk to your Azure Linux VM the right way

In this blogpost I shall describe how you add an extra data disk to your Linux VM running on Azure.

Step 1 Add a new disk to your Linux VM using the Azure Portal

2019-06-08 07_55_11-Microsoft Edge.png

Choose Add data disk to add an extra data disk and choose create data disk.

2019-06-08 07_57_12-Microsoft Edge.png

For demo purposes I quickly entered a default 20 GiB HD, nothing fancy 🙂

Don’t forget to save your changes!

2019-06-08 07_58_27-Microsoft Edge.png

Step 2 Connect to your VM using SSH or use the Serial console on your VM Pane in the Azure Portal

2019-06-08 07_53_04-Microsoft Edge.png

Use the following command to find all your data drives :

You see all your drives and the newly created drive

2019-06-08 08_00_53-Microsoft Edge.png

Here, sdc is the newly added disk. Let’s continue.

Now we have to partition the added disk using the following command :

Use the n command to add a new partition. In this example, we also choose p for a primary partition and accept the rest of the default values. The output will be similar to the following example:

2019-06-08 08_04_33-Microsoft Edge.png

Now we are going to write a partition (format) the newly added disk using the following command :

2019-06-08 08_06_03-Microsoft Edge.png

Now we are going to mount the formatted drive using the following commands :

2019-06-08 08_07_45-Microsoft Edge.png

You see your newly created disk :

2019-06-08 08_08_55-Microsoft Edge.png

To ensure that the drive is remounted automatically after a reboot, it must be added to the /etc/fstab file. Herefore I’m going to use the blkid utility:

2019-06-08 08_10_11-VMLIN01 - Serial console - Microsoft Azure ‎- Microsoft Edge.png

Now copy the UUID :

2019-06-08 08_11_15-VMLIN01 - Serial console - Microsoft Azure ‎- Microsoft Edge.png

Now we are going to add the UUID to the /etc/fstab. You can use VI or (like I prefer to use) nano.

The format is als follows :

UUID=<YourUUID> /<YourMountPoint> ext4 defaults,nofail 1 2

In my case it looks as follows :

2019-06-08 08_13_41-Microsoft Edge.png

Ok, let’s reboot the VM and check if the drive still exists..

2019-06-08 08_15_22-Microsoft Edge.png

Use the following command to check

As you can see the /MyDataDrive is still available after reboot.


How to display all OU’s & their distinguished Name from your domain

Today I wanted a quick overlook of all the OU’s and their distinguished Name. This is how I did that. Open a PowerShell prompt and enter the following :

U can expect a reply something like below :


How to rename an Azure VM using Powershell

Recently I deployed some VMs on Azure. There was a small change to the naming convention afterwards so I wanted to rename the created VMs. This is how you can do this

After a couple of minutes (depending on the size of the VM) the newly created server with the old disks, NIC etc. is created. Currently this script doesn’t support renaming the NIC, disks to your naming convention. So they have the exact same name as before. When you assigned you NIC, disk etc a custom name you will see the old naming convention. Currently I’m working on it. 🙂


How to force the Windows 10 May Update

After an extended period of testing in the Release Preview ring, Microsoft has finally started rolling out the May 2019 Update to Windows 10 users, albeit in a “measured and throttled” way.

You might be able to get it now by going through Settings > Update & Security > Windows Update or, failing that, via the Media Creation tool. There is a very simple way to force Windows 10 to start the upgrade process immediately however.

If the new feature update is not currently showing up in Windows Update, then go to the Download Windows 10 page, and click on the Update now button. Doing so will download the Windows 10 Update Assistant — a small 5.9MB file.

Windows 10 Update

Save and launch this and then click the Update Now button. It will check to make sure your PC is compatible in terms of CPU, memory and disk space, and then download and verify the files needed for the update.


How to encrypt (and decrypt) your Azure VM disks after deployment

This is how you can encrypt your Azure virtual machine disks :

You can find your keyvault Resource ID here :
 
Keyvault resource ID
The reason that I used the Resource id instead of the keyvault name is that now it’s possible for the keyvault to be part of another resourcegroup.
 
Use the following command to decrypt your VM :