Azure window server in-place upgrade but plan is still the same - azure

In order to avoid doing some overhead work, I decide to use a work-around to upgrade my VM from server 2016 to 2019. The work around was successful and everything is running fine. One hiccup though is that I still see the plan being set to "2016-Datacenter".
(Correct me if I am wrong) So far doing some digging I see that this is set at the create time of the VM; it corresponds to the sku of the image used to build the VM.
My question is, are there any gotchas if the VM is running server 2019 but the plan is set to "2016-Datacenter"

Plan information is metadata Microsoft uses to track Marketplace offers. If you want to create an image in a shared gallery, using a source that was originally created from an Azure Marketplace image like this, you may need to keep track of purchase plan information. You may face issues when you create a VM from the Azure Marketplace image if there is wrong plan information. Read here for more details.
We are able to do an Azure VM in-place upgrade to Windows Server 2019. Here is the step by step process to update the IaaS VM Windows server to Windows Server 2019 for your reference.
However, it's not recommended to do because Microsoft does not support an upgrade of the operating system of an Azure VM.. It prefers to use a clean uninstallation and installation. To work around this issue, create an Azure VM that's running a supported version of an operating system, and then migrate the workload.

Related

Azure Update Management - includes Exchange and SQL updates?

There appears to be no mention anywhere in the docs about other Microsoft apps that might be updated as part of Azure Update Management.
Will SQL and Exchange receive updates via this route? I don't expect rollup packages, but at least security updates would be good.
Using Update Management in Azure Automation you can manage operating system updates for your Windows and Linux virtual machines or virtual machine scale sets in Azure, physical or VMs in on-premises environments, and in other cloud environments.
As mentioned in the documentation Update management uses external dependencies to deliver there software updates.
As mentioned in the github , if you are using SQL server on azure VM the SQL updates are deployed through Microsoft Update (MU), so you should be able to utilize either (as long as the machine is configured to install 1st party updates).Not sure if the sql solution supports clustering. Specifically, SQL has Cumulative Updates (CUs) that get published to Microsoft Update. Then MU does automated patching.
We would suggest you to raise a request product feedback using this link.

Azure WebApps - Are they patched by Microsoft?

If you have a Virtual Machine you are required to apply patches every Patch Tuesday and ensure the OS is up to date to prevent security issues.
If you get a PAAS Azure WebApp do Microsoft take care of patching the underlying OS?
If so would you see downtime when this happens? Or are all the apps on that Host OS moved to another Host in some way?
For the first question, that is kind of the point of PaaS. Azure takes care of the patches for the OS.
As for an answer to your other questions, this GitHub issue is quite good: https://github.com/Azure/app-service-announcements/issues/63.
Most updates can be performed without affecting your services running on the platform’s infrastructure. For this update, you’ll notice a restart of your web apps, the same that takes place during our regular monthly OS update. Our goal is to avoid service interruptions and, as with every upgrade to the service, we will be monitoring the health of the platform during the rollout.
Your apps are moved to another update domain transparently while the patch is applied to the update domain that hosted your app. It does cause an app restart of course.
Take a look a the blog we just published describing what goes on behind App Service updates - https://blogs.msdn.microsoft.com/appserviceteam/2018/01/18/demystifying-the-magic-behind-app-service-os-updates/

Azure Security Center missing updates

Using Azure Security Center and I have most of my VMs showing an informational warning regarding their System Updates. When I go into them, they don't have any recent data. There is recent data for the OS Vulnerability column, so I know the connection is working, but this data isn't showing up.
What is the mechanism used to scan these for updates? Do I need Windows Update service to be started and Automatic, or anything like that? All my VMs are Windows 2012 or 2012R2, including the few that do appear to be working correctly.
What is the mechanism used to scan these for updates? Do I need
Windows Update service to be started and Automatic, or anything like
that?
Azure VM needs to update by enabling the Update in the VM or manually. This works just like how your local machine works.
Azure Security Center provides a quick view into the security posture of your Azure and non-Azure workloads, enabling you to discover and assess the security of your workloads and to identify and mitigate risk. It cannot updating your VM.

Is it possible to downgrade SQL Enterprise to Standard on an Azure VM?

We have a VM set up with SQL Enterprise but are not using the extra features so would like to downgrade to the cheaper standard version. The only place i have seen this possible says that it can be done using separate software but can be risky. is there a safe way for this to be done?
It is not risky, from my point of view. If you created the VM with a SQL Server from the Azure Gallery, then, as far as i know, (Azure does not look into your VM), even if you try to uninstall it, you will be billed for the same software.
So, i would offer to create the new VM from a plain Windows Server image, and install the SQL Server you need.

Memory metrics missing from Azure dashboard

We've recently started using Azure to host some virtual machines, but I've got problems getting the grips on the available resource monitoring metrics.
When I go to the dashboard for the virtual machine, I have the option to add metrics for several things, but Memory Available is missing:
When reading about how to monitor cloud services, it seems clear that you should have the option to add a metrics for Memory Available. Reading other posts here on Stack Overflow, I see other tools such as MetricsHub mentioned - but I don't think this is what we want, as we don't need any monitoring endpoint, we only want to see memory usage in the Azure dashboard (and apps from the Azure store isn't available to us, since we're on an Enterprise Agreement).
Am I missing something obvious here? What must be done to add memory monitoring to the dashboard?
Cloud Services is not the same as Virtual Machines. When you use cloud services, Azure will provision VMs for you and Azure is able to install monitoring tools that see the amount of available memory. When you create your own VMs Azure can't and shouldn't do that. In other words, with VMs you are on your own. The metrics you do see in the portal are the ones that can be measured from outside the VM.
If you do deploy as a Cloud Service then initially you will only have the same metrics as for the VM. There are several ways you can change this.
The easiest is to go to the configuration for your cloud service in the Management Portal and change the logging level from Minimal to Verbose; That will enable a lot more metrics. Alternatively, you can specify which metrics you want collected in the cloud configuration in your project in Visual Studio. It is also possible to do this in code, though that is not the currently recommended practice, instead use the configuration tool in the cloud project in visual studio.
The key thing to understand about the metrics in Cloud Services is that, whichever way you elect to configure them, they are stored in a standard way in Table Storage and Blob Storage. That means using the Azure Management Portal or the tool in Visual Studio or code, the outcome is the same. This also means that a variety of tools including Cerebrata, Visual Studio and, indeed, the management portal can all read this data.
It is also worth noting that because of the way this works, the configuration can be changed at runtime, usually through the portal but there are other tools and approaches in code.
In my experience, you normally only want to sample your performance metrics every two minutes, but do the log shipping every minute. Also note that you can configure trace logs and IIS logs etc to be available to tools like Visual Studio and Cerebrata. For Cloud Services, it is quite rich functionality but it takes some working with it before you start to "get" it all. Enjoy!
You can monitor memory and other "Guest" level metrics in Azure, here's how:
in Azure, go to your virtual machine, scroll down the settings to Monitoring > Diagnostics Settings
Click to enable Guest level monitoring, it can take a few minutes
Then you can go into Metrics for the VM, or Monitor at the top level:
choose the resource (the VM)
choose Guest in the metric namespace, it will load all the new metrics
choose Memory\Committed bytes or whatever ones you want.
You can then pin to dashboard etc as you would normally
It should be possible to install azure diagnostics on VM using powershell command Set-AzureVMDiagnosticsExtension
http://azure.microsoft.com/en-us/documentation/articles/cloud-services-dotnet-diagnostics/#virtual-machine
or using new management portal
http://feedback.azure.com/forums/231545-diagnostics-and-monitoring/suggestions/5535368-provide-azure-diagnostics-runtime-for-vm-iaas
I've tried to configure it using new portal, I can see the the extension IaaSDiagnostics is installed on VM, but no luck yet with getting the data.

Resources