Monthly Archives: March 2020


How to use Azure Policy to automatically backup your IaaS VMs

In this blogpost you see how easy it is to automatically configure Azure Backup to protect your Azure IaaS workload.

For this blogpost I’m using the Azure portal, configuring using CLI and templates is ofcourse also possible. Open your azure portal and go to the Policy pane :

Policy01

Go to defintions, select the scope of your subscription and select only Backup from the Category option :

Policy02

 

You notice the Configure backup on VMs of a location to an excisting central Vault in the samen location option. Open this default policy. Choose the Assign option :

Now let’s fill in the Scope (Subscription of the Policy). This is the subscription name/ID you’re linking to this specific Azure Policy. You can also specify a specific Resource Group or leave this blank when you wish to apply this policy to all Resource Groups in this Subscription.

Ok…. now we have the possibility to add  exclusions (when applicable), a custom name and a description :

Let’s go through the other panes and fill in the necessary parameters. Choose the Location/Region, the Backup Policy name etc.

Servers already deployed can be remediated and have the Azure backup policy applied. So this applies for already created IaaS VMs as also for existing VMs.

Choose to create the policy. Wait some time. Now go to the Azure Policy pane and see your Policy results :


Help! I want to rename my Azure Resource Groups

Earlier this week someone asked my if it’s possible to rename Azure Resource Group for Governance purposes. Unfortunately you can’t rename resource groups, but… don’t wurry there are ways to achieve the same goal.

Option 1 Create and move..

The first option is that you create a resource group with the new name.

Just go to Resource Groups and hit that create button!

Create Resource Group

Now go to the resource group with the old name and select all resources and click move

Move resources resource group 1

Notice that you have 2 options, move to another subscription or to another resource group :

Move resources resource group 2

Choose to move to another resource group.

Move resources resource group 3

Now select the resource group you’ve just created and check the box. All the resources are now moved. Watch out for the completion notification. Now go to the old resource group, re-check that there are no more resources available and choose the delete option :

Move resources resource group 4

Notice that tools and scripts who use resource IDs hardcoded might fail because the newly created resource group has a different Resource ID.

Option 2 CLI baby…. 🙂

For the techies… it’s a easier way to do this. We could use CLI (oh yeahhh) :

First step, create a new resource group :

az group create -l westus -n MyResourceGroup

Now move all the resources from the old resource group to the new resource group:

Get-AzureRmResource -ResourceGroupName <sourceResourceGroupName> | Move-AzureRmResource -DestinationResourceGroupName <destResourceGroupName>

And finally delete the old resource group :

az group delete -n MyResourceGroup

Help! Someone disabled my virtual network adapter @ my Azure VM

Today someone asked my how to re-enable an Azure VM network adapter. Using an on-premise hypervisor like VMware you can use the console session to access and re-enable the virtual network adapter. In this blogpost I describe how to deal with this situation when it’s inside an Azure VM. Help is on the way!

You can use the Azure Portal or use Powershell to regain access to your virtual machine.

Resolve using the Azure Portal

Log on to the Azure portal and go to the virtual network adapter settings on the Virtual Machine pane :

Azure VM IP Address

Change the IP address to any other valid IP address in the same subnet. After changing Azure automatically re-enables the virtual network adapter. Better safe than sorry, reboot the virtual machine and change the IP address to the old value (when it needs to be static) and now you have access to the virtual machine again!

Resolve using Azure Powershell

Use these steps to use the command line. Go to shell.azure.com or open an Azure powershell environment.

Azure Cloud Shell

Find the NIC details of the VM that we need to fix using the following command :

Get-AzureRmNetworkInterface -ResourceGroupName “My-ResourceGroup”

Notice the network interface name, IP address and allocation method you are using.

Azure VM IP Address PS

Now we need to assign a different IP address to the same nic from the same subnet.

Use the following Powershell commands :

$Nic = Get-AzureRmNetworkInterface -ResourceGroupName "My-ResourceGroup" -Name "my_AzureVM"
$Nic.IpConfigurations[0].PrivateIpAddress = "10.2.5.197"
$Nic.IpConfigurations[0].PrivateIpAllocationMethod = "Static"
$Nic.Tag = @{Name = "Name"; Value = "Value"}
Set-AzureRmNetworkInterface -NetworkInterface $Nic

Reboot your virtual machine and change IP address back to the old value. You are all set!


How to find the Azure Site Recovery Passphrase 2

When you have to manually install the Azure Site Recovery agent you must provide the Passphrase. In this blogpost I describe how you can find the Passphrase.

  1. Sign in to your configuration server, and then open a command prompt window as an administrator.
  2. To change the directory to the bin folder, execute the command cd %ProgramData%\ASR\home\svsystems\bin
  3. To generate the passphrase file, execute genpassphrase.exe -v > MobSvc.passphrase.
  4. Your passphrase will be stored in the file located at %ProgramData%\ASR\home\svsystems\bin\MobSvc.passphrase.

Open this file using your favourite editor and you have found your passphrase. Good luck!