Do you know the way how to set azure webrole as NTP Server ?
I'd like to synchronize my computer's time with my azure webrole's time exactly instead of 'time.windows.com' or other ntp servers.
Because I need to synchronize my computer's time as accurate as possible with my webrole's time, and I'm thinking of the only way is setting my azure webrole as my local computer's NTP Server.
I tried to command (like 'w32/tm ...~~~' and etc..) on my azure webrole to make it as NTP Server, and it didn't work, although it worked on my different computer which is in my office.
How can I do ?
Windows Azure roles (Web, Worker etc.) do not support hosting of UDP endpoints currently so I'm not sure what you are attempting to do is feasible. Windows Azure Virtual Machines (Preview) can host UDP Endpoints so this might be one workaround (albeit expensive).
Check out this great blog post for a detailed explanation of Azure VM's and NTP Server details.
How frequently is the clock on my Windows Azure VM synchronized? : http://blog.codingoutloud.com/2011/08/25/azure-faq-how-frequently-is-the-clock-on-my-windows-azure-vm-synchronized/
It would be good to know why you want to synchronize with the web/worker roles directly instead of with time.windows.com. The web/worker role VMs are synchronized with time.windows.com by default anyway. Also, Windows Azure does support UDP protocol with their latest June 2012 update.
Related
We need to expose one of our Azure VMs located in a VNet to Internet. We are using F5 ADC for all inbound traffic both to on-premise and to Azure.
What is the best practice to expose an Azure VM to Internet if you have zero-trust approach in mind?
Appreciate all kinds of advice
If you are planning to expose Azure VM to the Internet considering Zero Trust strategy, you should check:
Workloads are monitored and alerted to abnormal behavior.
Every workload is assigned an app identity—and configured and deployed consistently.
Human access to resources requires Just-In-Time.
After above items are completed, check next:
Unauthorized deployments are blocked, and alert is triggered.
Granular visibility and access control are available across workloads.
User and resource access segmented for each workload.
https://learn.microsoft.com/en-us/security/zero-trust/infrastructure
https://learn.microsoft.com/en-us/security/zero-trust/
It depends what on the VM you want to expose to the Internet.
If it is a web site running on the VM you could use a web appication firewall https://learn.microsoft.com/en-us/azure/web-application-firewall/ag/ag-overview
If it is RDP access to the VM you could use Azure Bastion
https://azure.microsoft.com/en-us/services/azure-bastion/
Do machines in Azure's Kubernetes service share the same NTP server(s) and, therefore, keep the same time? I'm looking for accuracy to the second or better (ms, etc.)
This is regarding AKS, but I know they have other Kubernetes offerings too.
For your issue, I read documents and find one that I think it's interesting and particular to you. Azure VM is based on Hyper-V and they synchronize time from the host where they are. You can get the details from this document: Accurate Time for Windows Server 2016.
Can we install 2-3 windows servers on a single Azure virtual machine? Or, can we only install one operating system on a single virtual machine?
I would encourage you to look at Azure Websites. Azure Websites provides "slots" that can be configured as dev/test/staging/production very easily and you can run your entire environment on a single VM or multiple VM's (exactly what you were asking for). Websites also provides excellent publishing capabilities, whether directly from Visual Studio, TFS, Git or whatever.
Websites supports scheduled or auto-scaling, custom domains, SSL, scheduled backups (including the database) and if you need Worker Role (back-end processing) capabilities, WebJobs are built in and are easy to use.
Definitely worth checking out. It is extremely rare that I use VM's to host anything anymore. Azure Websites pretty nearly can handle anything.
Hope that helps.
I use a small webserver for inter-process-communication between .NET and and an executable process on the same machine, i.e. a POST request to http://localhost:3000/
This works fine on my local machine when I allow the process with Windows Firewall.
Having tried the same on Azure Websites, I get an error (kind of expected).
Now my question is, which of the other services allows me to open a port and listen locally? All of them? (VM, Workers, Web Roles)
Thanks
When you want to open a PORT (socket) you can use either of VM, Web Role or Worker Role. You just have to be aware of the specifics of each. Just quick tip for differences:
VM is a IaaS Service (Infrastructure-as-a-Service) - this is where you get a VM with OS and you take care of the OS from then on - updates, patches, everything
Web/Worker Roles are PaaS Service (Platform-as-a-Service) - here you get (a fully customizable) environment under Windows OS to run your code. However about OS and Framework patches and updates someone else is taking care of.
One very good article explaining IaaS, PaaS, SaaS is Pizza-as-a-Service. Which I recommend reading.
Then for your concrete scenario, I would advice you to go for a WebRole. You can combine WebRole with worker processes. Here is a quick tip on how to do this.
But, whenever you go for the cloud, be sure to check out the Azure migration cheat-sheet.
Does anyone know if one can host a website using the VMRole in Windows Azure?
If I have IIS running on the VM can I access that from the outside?
Also, if I scale to multiple instances of the same VM, will that endpoint be automatically load balanced, just like a WebRole?
Note: There are some requirements that I have that cannot be accomplished with the WebRole, so that is why I am not using it. (if you were wondering)
Thanks in advance!
Yes, you can host a web site in an VM Role. The VM Role must be Windows 2008 R2, which has IIS, so you should have everything you need to support your website. You'll just need to work with HyperV locally to construct the VHD, then prep it with Windows Azure tools, etc.
Just curious: What specific requirements do you have that cannot be accomplished with a Web Role? There are three core use cases for VM Role:
The setup process cannot be automated
The setup process is not 100% reliable (e.g. installers periodically fail)
The setup process takes too long (maybe more than 5 minutes or so)
With startup tasks, you shouldn't have any restrictions on installing software, registering COM controls, modifying the registry, etc.