Windows Server 2019 + Microsoft Azure = hybrid management updates

Windows Server 2019 + Microsoft Azure = hybrid management updates


– Coming up, we look at
updates to Windows Admin Center and Windows Server 2019 that line up practical hybrid management
scenarios with Microsoft Azure. Starting with Azure File
Sync to sync your local files to the cloud and virtually
unlimited storage with fast and secure access. Azure Network Adapter for
streamlined and encrypted connectivity from your
Windows Server environment to Azure, using your existing hardware, and how you can now easily
protect and failover your virtual machines to Azure. (upbeat electronic music) I’m joined once again by Jeff Woolsey, welcome back to the show.
– It’s great to be back. – Now on our last show we
covered some major enhancements in Windows Server 2019,
and if you missed it, you can check out that
show with the link shown. Now one of the things
you highlighted is how Windows Admin Center is the new management plane for Windows Server. That’s only one aspect of Admin Center. It also enables hybrid scenarios as well. – It sure does. Windows Admin Center makes it much easier for you to take advantage
of safe, practical, and secure ways to leverage
the cloud with Azure. It’s built for hybrid management, giving you a single pane of
glass to discover Azure services from networking to
security, and much more. In addition, you can leverage Azure for critical, everyday scenarios, such as file storage,
backup, server replication, and disaster recovery.
– Okay, great. So I know that we have
got a packed show here, so let’s make it real for people. Would you agree that the number one use for a server is to share files? – Yes, it’s the number
one scenario for a server. In fact, file servers, they’re ubiquitous. – So our viewers are likely gonna know what a headache it is to
ensure that there’s enough storage capacity for their organization. If you think about it, how many times have you had to send out those please delete your old files emails? So what are we gonna do to help there? – Matt, I could not agree more. We asked many of you about
your file server pain points, and heard that there’s
never enough capacity. – Which isn’t surprising,
because users just tend to leave their stuff on file shares forever. – Yes, and purchasing
more and more storage with no end in sight is
really a costly proposition. And finally, people struggle with the need for better and easier
data sharing across sites. So we developed Azure File Sync to address these challenges and more. So let’s say I have a
file server in Seattle. When I purchased it, I thought, hmm, 20 terabytes, that’s gonna be plenty. Well, now my storage is getting low. And before, I would have to
purchase and add more hardware. Instead, we can set up Azure File Sync, which allows us to tier the
least-used files to cloud. What this means is that
all of the data being used, really the hot data, that stays local, while the data that hasn’t been touched transparently tiers up to Azure. This provides virtually bottomless storage and your file server becomes a hot cache. – [Matt] Okay, so how did you set this up? Can you show us?
– Absolutely. So setup is naturally done through the Azure File
Sync tool in Admin Center. You can see we’ve done some
really cool things here. So let’s go ahead and
click on the setup button, and this begins the setup process, which walks you through
the process step by step. Now you can see that
the server does not have the Azure File Sync agent installed. So let’s go ahead and
click on the next button, and here you can see the
installation directory, and configure this option
to update this agent via Microsoft Update. Now if you use a proxy
in your environment, we support that as well. In this case, I’m gonna
leave everything as is, and I’m just gonna click
to deploy the agent. Now right now, in just a couple of clicks, we’re installing the Azure File Sync agent on the file server, all remotely
from a Windows 10 system. While that continues, let’s go ahead and switch to this other
file server, just like this, and you can see that the
Azure File Sync agent is already installed on this server. Now notice it provides the installed and latest versions for your convenience. So let’s go ahead and
click on the next button to configure our subscription information. The resource group, the
storage sync service. Now give me one second while we go ahead and adjust the resource
group, just like that. So let’s go ahead and click next to take us to the next
step, which is to register the file server, your
on-premises file server, with the Azure storage sync service. So let’s go ahead and click
on the register server button, where it will take a
few moments to establish the trust relationship
between these resources. And you can see the process is done, the button will turn into a finish button to let you know that the
whole process is complete. – This is awesome, Jeff, and so easy, but let’s just recap what happened. On your Windows 10 system,
without RDPing into a server, you just deployed the
Azure File Sync agent on a file server remotely, configured the storage sync service with
your Azure subscription info, and registered the file server with the Azure storage sync service. – Yes.
– All from Admin Center? – Yes, and there’s more. You can see Azure File Sync
configured for this file server. You can see the installed
server agent version, as well as the latest version available. So I know, at a glance, I’m all set. Now because we just
configured this server, I don’t have any shares synced. So I’m gonna go ahead and
click to the next tab, where I have a file
server already configured, and now you can see the larger picture. Again, we have the local agent info, and we can immediately
see it’s up to date. We can see the Azure Storage
subscription we’re synced to. We have a link to the Azure portal for this registered server, along with any docs you need for reference. Now if you look below
at the server endpoints, we can see all the file
shares synced to Azure, whether cloud tiering is enabled, and what the cloud tiering
policy is, for example, 20%. Finally, if you wanna see a
specific sync group in Azure, all I have to do is
click on the sync group, and it takes you to the
exact right spot in Azure. – Awesome, I love that
integration between on-premises and Azure, and this is a great solution for your storage needs,
and we can stop sending out those nagging emails, please
delete your files, et cetera. How does this solve for
sharing between locations? – The great thing about Azure File Sync is when you sync your
file server to the cloud, it provides the ability to sync across all your branch offices. So my files that I saved to
the file share in Seattle, they get uploaded via Azure File Sync, and shared to my offices in New
York, or Tokyo, for example. – Okay, but what if I’ve got apps running in Azure, and I
need to access the data in those synced file
shares in branch offices? How does that work? Do the apps in Azure have to
access the on-premises network? – Well, that’s where the advantage of direct cloud access comes into play. Let’s say you have some Azure
Paas services or IaaS VMs that need access to data
on a synced file share. Because everything
already resides in Azure, you can access the data in Azure and don’t need to use up
precious network bandwidth going all the way back
down to the branch office. – So this all sounds awesome. But speaking of branch
offices, what about networking? What about those smaller branch offices where you wanna securely access Azure resources but might not wanna buy a bunch of extra networking hardware? Do we have anything to help there? – Yes, now ideally you’d set up a secure point-to-site
VPN, and that’s exactly what we’ve done with the
Azure Virtual Network Adapter. Before Windows Admin Center,
you’d need to spend money and purchase a hardware appliance
to create a secure tunnel. Or you could try to
configure this in software. Well, honestly, this was a
arduous process to set up. Our guidance amassed dozens
of pages of documents. He had to do things like
create the gateway subnet, create an Azure public IP, figure out the client address space, create the Azure Virtual Network Gateway, create certificates,
obtain public key file for the root certificate, et cetera, et cetera, and the list goes on. And then of course you had to download and configure the VPN client. – Yup, I’ve actually done this, and it’s a huge amount of work. – I’m sorry, by the way. So look, it took a networking expert on my team about 90 minutes. This guys knows networking in and out. Took him about 90 minutes to set this up without Admin Center, and we knew we could make this much easier. So let me show you how easy it is to create an encrypted network to Azure, all using your existing hardware with the Azure Network Adapter. So here’s one of my servers,
and I’m gonna go ahead and click here to launch
a PowerShell console to try and access an Azure IP address. I’m gonna go ahead and
paste in 172.17.3.4. I’m gonna go ahead and I’m gonna
ping this server right now, and you’ll see, oh, request timed out. So you can see this
server doesn’t have access to my resources in Azure. So I’m gonna go ahead and
leave the PowerShell console and go to the network tool,
where I have a new option to add the Azure Network Adapter. Now I’m gonna go ahead,
and I’m gonna select my network adapter and click
add Azure Network Adapter. Now once I do that, I have the option to put in our subscription information, put in our location information, for example, the western US, and we’re gonna attach it
to our virtual network. That’s it. Matt, something that took once
90 minutes in four clicks. So now we’re gonna click create. This is the fifth one, and we’ve created this point to site VPN. And so we’re gonna go
ahead, click confirmation, we’re connecting, and just like that we’re connected to Azure. And to prove it, I’m gonna go
back to the PowerShell console and ping that same IP
address running in Azure. This time you can see we have access securely through VPN just like that. I did all this in software
in less than 60 seconds, and all through Windows Admin Center. – This is great stuff. So you can configure a
Windows server instance to securely access Azure
resources, from anywhere, without the need to set up new hardware, and this new point-to-site VPN’s great for small, remote branch
offices that need Azure access, but would you use this solution
to connect many servers? – So Azure Network Adapter right now is currently a point-to-site solution. However, between you, me
and our Mechanics viewers, I’ll let you know that we’re working on a site-to-site solution
for larger deployments, where you wanna have multiple servers share the same secure VPN to Azure. – Awesome, so let’s switch
gears and discuss backup. Now in the data center, many
customers are still using tape, and in remote and branch offices, backup coverage can be
a little bit spotty. So what’s going on in this space? – There’s a lot going
on in this space, Matt. We wanna help you better protect your on-premises investments, and take advantage of
virtually unlimited storage in the cloud with Azure Backup. – Cool, can we take a look?
– Absolutely. So with Backup, you wanna
set it and confidently know that it’s protecting your data. Here’s a server with
Azure Backup configured. Now because I’m using Azure’s
virtually unlimited storage, I don’t need to deal with tape
or running out of capacity. Now at the top, I see my
Azure subscription info. I see the latest backup status, the next scheduled backup,
and whether I’m up to date. Next you can see the job status, and the number of recovery points, including the option below
to back up right now. – But if backups are
scheduled, why would I need an option to back up now?
– Ah, good question. Well, most of the time you probably don’t. But suppose you’re about to
perform a big app upgrade and want to have one
more insurance policy. Well, simply click on backup now, and it will start an immediate backup. Now let me show you what
this looks like in Azure. So by clicking on a smart link here, it takes me directly to
the Azure Backup vault, and to the Backup dashboard. – Cool, so we’ve seen Azure File Sync, and now Azure Backup integration. What about server replication
and disaster recovery? – Ah, great point, Matt. Azure’s site recovery replaces the need for you to create your own secondary sites in order to replicate servers
for business continuity, and we wanna make it as easy as possible. Previously setting this up took many steps and some PowerShell. This can be a little
overwhelming to say the least. The good news is we’ve
VM replication Azure a lot easier all with Admin Center. So let me show you the process now. Here I have a number of VMs
running Windows Server 2019, 2016, 2012, all the way
back to Windows Server 2008. So let’s take a look at this HR server running Windows Server 2008. I wanna protect this VM by
replicating it to Azure. Simply select the VM, click on more, and click on protect VM. That’s it. If I click protect VM, it will begin replicating up to Azure. Now if you look at the
next VM in this list, this LOB inventory VM, it is running Windows Server 2008 R2,
and is already protected. Notice there’s a smart link to the side that says protected. When I click on the smart link, it takes me to the exact right location where this VM is replicated to Azure. So now, if my on-premises server dies, all I have to do is click on
this planned failover button, and this VM will immediately
start running in Azure. Now that the VM is running
in Azure, you have options. You can keep them running
in Azure if you want, and take advantage of the
fact that we’re providing an additional three
years of security updates for Windows Server and
SQL server 2008, 2008 R2 if you’re running in Azure at no cost. And if you still decide you
wanna run this on-premises, because you’re running a workload that needs to access devices
in your local environment, you still have that option too. Just set up your new server, and click on reverse replication.
– Great stuff, Jeff. Now you’ve shown a bunch
of new hybrid capabilities, the new Azure File Sync, the
new Azure Network Adapter, and easy VM replication
with just a few clicks. All great hybrid management scenarios. So how can folks get
started and learn more? – First evaluate Windows Server 2019. We have a trial available
at the link shown. And while you’re evaluating
Windows Server 2019, standardize on Windows Server
2016 as your standard OS. It’s the fastest growing Windows Server OS in Microsoft’s history,
and Microsoft provides industry-leading security,
hyper-converged infrastructure, hybrid cloud, and more. Finally, of course, adopt
Windows Admin Center. Every demo you saw today
was in Admin Center. All new server GUI investments
are happening here, and it’s the hub for our
hybrid cloud integration. Furthermore, it’s part
of your Windows license, so it’s a free download.
– Awesome, thanks Jeff. And of course subscribe and keep watching Microsoft Mechanics for
the latest tech updates. See you next time.

8 thoughts on “Windows Server 2019 + Microsoft Azure = hybrid management updates

  1. So when the Office in seattle sets up a new cache server on prem and attaches to the same sync group does it auto create the share? does it keep the same permissions?

  2. Hey, is this available only for Windows Server 2019 or is it available on previous versions as well ?

  3. Absolutely brilliant, many thanks Microsoft. Azure file Sync and Point to site software adapter great products through WAC.
    Any idea when the Site-Site will be available, even a rough estimate will be much appreciated. Thanks again MS.

Leave a Reply

Your email address will not be published. Required fields are marked *