Getting more out of Azure IaaS using OMS

During a recent meeting I was demonstrating my all-in-one OpsMgr TP3 environment. I use this environment to showcase the functionality which has been put together for both Windows Server Technical Preview 3 (TP3) and Operations Manager TP3. A secondary goal for this environment was to kick the tires to see how I could leverage the functionality available in OMS. In my demo’s at DevConnections this year I showcased how I used the functionality in OMS to increase the capability of my TP3 lab. Specifically I am using the functionality available in Operational Insights, Azure Backup, and Azure Automation. I was recently demonstrating the Azure Backup functionality within OMS when one of my colleagues asked me a very simple but very important question “Can I restore a specific file from an Azure IaaS Backup?” This blog post is will answer that question but I’ll also explain what OMS is (and benefits of OMS), how Azure IaaS backup works and then I will address the original question (if you want to see the answer you can jump directly to the end of this blog post but you will miss a lot of cool stuff). Here’s the summary of the topics in this blog post:

  • What is OMS and what is in OMS?
  • What are the benefits of using OMS?
    • Visualization
    • Automation
    • Backup
  • How do you activate backup for Azure VM’s and how can you see backup status?
  • How do you restore from your Azure IaaS backup?
  • Can you restore a specific file from an Azure IaaS backup?

This blog post will also cover some extras including how to create your own dashboards in OMS and important tips related to user accounts in Azure Automation.

 

What is OMS and what is in OMS?

As I mentioned earlier, part of what I wanted to accomplish with this environment was to leverage a lot of the functionality of Microsoft OMS (www.microsoft.com/oms). The following are the four primary functional sections which OMS lists on their site.

To better understand what each of these does, I am listing the functional sections and what the name of this functionality would be commonly known as.

  • IT Automation / Azure Automation
  • Backup & Recovery / Azure Backup & Azure Site Recovery
  • Log Analytics / Operational Insights
  • Security & Compliance / Operational Insights

Microsoft OMS provides a lot of functionality but at times it’s confusing what it does and does not include. The screenshot below is a slightly altered slide which I used at DevConnections to explain what is in OMS and what the component names are which we may be familiar with.

From my perspective, OMS functionality currently spans what we had previously seen in Azure Automation, Azure Backup, Azure Site Recovery and Operational Insights all together in a single solution.

 

What are the benefits of using OMS?

My all-in-one TP3 environment provides me with a way to effectively test the functionality available in TP3 using a single VM running in Azure. For details on this see the blog post available here. By integrating my TP3 Operations Manager environment with OMS I was able to achieve significantly more benefits. The primary benefits I am seeing are around visualization, backup and automation.

Visualization:

One of OMS’ strengths is its ability to provide useful visualization for data. This was one of the points which I indicated as part of the whitepaper “Is Operations Manager still relevant in the world of the Cloud“. The screenshot below shows a variety of information which is available through the various OMS solutions which currently include: AD Assessment, Alert Management, Automation, Azure Site Recovery, Backup, Capacity Planning, Change Tracking, Configuration Assessment, Malware Assessment, Security and Audit, SQL Assessment, System Update Assessment, and Wire Data.


It would be beyond the scope of this blog post to look into each of these solutions but we’ll hit on a few of them to give you an idea of the type of information available in OMS. The areas which this blog post focus on are those which historically have not been a focus for Operations Manager: Malware, security and system updates.

Malware assessment:

The malware assessment top level view provides insight into the number of systems which have inadequate protection or active threats. As with each of the different pieces of the top level OMS user experience you can drill in to get more details.

System Update assessment:

The system update assessment top level view provides insights into how many servers are missing security and other updates.

The drilldown for system update assessment provides an easy to understand list of what servers are missing the most updates, how old the updates are, what the updates are and what type of updates they are (plus the trend – is the number of missing updates increasing or decreasing in this environment).

Security and Audit:

The security and audit section shows current numbers for a variety of security related items as well as the trend of these items in the environment (IE: Is the number of failed logons in the environment on the increase or decrease).

Logging:

The information gathered by OMS is searchable through the log analytics functionality. For example, there is a pre-built query which shows you the number of alerts counted by their severity:

Type=Alert TimeRaised>NOW-1DAY | measure count() as Count by AlertSeverity

These queries can then be added to your own custom dashboard along with other dashboard items to see whatever data is most important to you from OMS.

The examples above provide several ways to augment an existing Operations Manager environment through increased visualization capabilities. Each of the solutions available in OMS provide strong visualization for the information which the solution focuses.

 

Automation:

Automation was the next item that had direct benefits for my all-in-one environment. As discussed in the first blog post about creating this all-in-one TP3 environment, I have the requirement to easily change this single virtual from running as an A2 (most of the time) to an A4 when I am using the system for demonstrations. Automation is available as a solution in OMS. The top level view for this solution provides a list of the number of runbooks and the number of jobs which have been run in the past 7 days.

Drilling down into the above view brings you into what appears to be the Azure V2 portal within the automation section to your list of available automations. In my environment there are automations to stop and start a VM as well as two automations which will change a VM to an A2 or to an A4.

You can author, edit or run these runbooks in your environments. An example of my runbooks is shown below which changes a hard-coded Azure IaaS virtual (AllInOneOMTP3 in this case) from whatever configuration it currently is to an A4.

The following is the sample code that I have to convert existing system ton an A4. I found that the ability to change the size of a VM could only occur through an inline script which explains some of the complexity shown below. See Ander’s blog for a better way to handle things like this on his article available at: http://contoso.se/blog/?p=4042

workflow Change-VM-A4

{

$cred = Get-AutomationPSCredential -Name ‘AzureAuto’

Add-AzureAccount -Credential $cred

InlineScript

{

$VMS = Get-AzureVM -ServiceName “AllInOneOMTP3” -Name “AllInOneOMTP3”

Foreach($VM in $VMS)

{

$resize = Get-AzureVM -ServiceName “AllInOneOMTP3” -Name “AllInOneOMTP3” | Set-AzureVMSize “ExtraLarge” | Update-AzureVM

Write-Output “Resizing VM : $($VM.Name)”

}

}

}

Important lessons I learned from my first time working with Azure Automation:

  1. Microsoft accounts, formerly known as LiveIDs, cannot be used with Azure Automation! (https://azure.microsoft.com/en-us/documentation/articles/automation-configuring/)
  2. Once you create an account for use with Azure Automation you need to log into the new account in Azure. Automations will not work until you have logged into the account.

For additional reference on Azure Automation I recommend the following:

The automation capabilities available in OMS are extremely impressive and when you combine them with an Azure Hybrid Runbook Worker the sky appears to be the limit to the types of automation which can be done.

 

Backup:

Now that I had my VM integrated for both visualization and automation backup for my VM running in Azure was a next logical step to look into. Backup is available as one of the solutions which are available in OMS. The top level view of this solution shows the number of servers backed up and the amount of data which is currently stored in the backup. The drill-down for backup brings you into the Azure console within Recovery which provides a simple approach to implementing a backup policy for your systems. The remainder of this blog post will focus on how this backup functionality works and how to restore from the backup.

Through using functionality available in OMS, I am able to provide new visualization for my environment, automate common tasks that I need done in my environment and provide a cloud based backup for my environment.

 

How do you activate backup for Azure VM’s and how can you see backup status?

Microsoft has provided excellent documentation on backing up VM’s with Azure which is available at: https://azure.microsoft.com/en-us/documentation/articles/backup-azure-vms-introduction/ so I will just hit the highlights. To use the backup solution you need to use recovery services and add a new vault.

Once you have created the vault you can backup your virtual machine. The process to add a virtual to backup is well documented at: https://azure.microsoft.com/en-us/documentation/articles/backup-azure-vms/

Once you have your virtual backed up visualization for what is backed up is easy to see through the pre-built dashboard which shows any Windows server registered to the cloud, any Azure VM’s protected in the cloud, the total storage being consumed in Azure within the recovery vault, and success/failure/current backup job information.

The protected items section shows the protection status of the system, the backup policy and when the newest recovery is available from.

You can define policies for your backup or utilize a default policy.

The jobs tab shows the history of backup and recovery jobs and provides a quick way to see how long a backup takes (which is just over an hour for my heavily utilize A2 system).

 

How do you restore from your Azure IaaS backup?

Microsoft has provided excellent document on this topic which is available at https://azure.microsoft.com/en-us/documentation/articles/backup-azure-restore-vms/ so again I will just hit the highlights. To restore from a backup, go to the protected items tab and choose the restore option circled in red at the bottom of the screen.

This starts a wizard driven process where you select a recovery point.

You provide a virtual machine name, cloud service, storage account, virtual network and subnet for your restore process.

You can check on the status of your restore jobs under the jobs tab shown below. In my environment my fully utilized A2 system backs up in about 2.5 hours so I had an expectation that the restoration might take a while.

The restore process for my highly utilized A2 VM took approximately one hour. Once the restore was complete, the restored VM appeared under cloud services under the cloud service I had chosen for my VM under the instances as shown below.

After the restore process was completed, the virtual could be connected to via RDP.

 

Can you restore a specific file from an Azure IaaS backup?

The original question posed in this blog post was “Can I restore a specific file from an Azure IaaS Backup?”

The answer to this is no, you currently cannot choose a specific file to restore from the virtual machine you backup. That said while you cannot directly restore just the file or files that you want through the restoration process you can restore the virtual and then extract the file(s) that you are looking for. This works without impacting the running virtual machine as the restoration can occur in the same cloud service but as a different instance (as shown in the graphic above).

 

Summary: The functionality available in OMS goes a long way to provide additional benefits to an existing investment in IaaS through adding capabilities around enhanced visualization, automation and backup. If you are using Azure IaaS but you haven’t tried OMS yet I highly recommend checking it out at http://www.microsoft.com/oms.

For more information on OMS and how it works, I have heard that there will be several OMS sessions which will be occurring at the Midwest Management Summit. Details on the summit are available at: http://mms.mnscug.org/

Thank you to Anders Bengstton for his help debugging issues I was having getting my virtual machine sizes changed in Azure Automation, and thank you to the Microsoft product team for the huge enhancements we have been seeing in the world of OMS!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.