 Hello and welcome to this show. My name is Benne Frank, and I'm going to be one of the presenters of today's session. You may have seen the wrong title. Yes. That was the one from the previous session. What we are intending to do today is to do the integrate Azure services with Azure Stack HCI today. With me is Kastan Rahval. Hey Kastan, nice to have you here and say some words about yourself. I will, I will. Thank you. Benne, I was so perplexed that we suddenly were on screen because usually there is something playing in front of us. This is my fourth session and I was so perplexed. Then you started in German. We have to say we are a complete German team today. It's me. I'm a German, Bernard is a German and our supporter, our producer, Flo Fox, we will see you on the next slide is also from Germany. We were chatting in German before. Sorry for that. Today's learning life session is about integrating Azure services with Azure Stack HCI. We will see a lot of things. First, some words for me because I'm completely perplexed. I'm Kastan Rahval, 55 years old. I'm a Microsoft MVP in Cloud and Data Center Management. In the Cloud and Data Center Management group, I call this the on-prem group. There is everything on-premise and I'm also very honored. I have a second MVP Award in the Azure. I'm also an Azure MVP. I'm perfect for this session. It's a hybrid session. We will talk about some things you can do from Azure with Azure Stack HCI. Bernard, about you. You are a Microsoft employee for some years. Yeah. Whereas Kastan is some sort of an independent guy dealing with customers out there. I'm working with the provider, which means I'm working at Microsoft. I recently changed position. I was a Cloud Solution Architect before in the working with German partners and now I'm a Senior Customer Engineer within the FastTrack team, which is one part of the product group. Also, one of my focus is besides Azure infrastructure, it's also Azure Stack HCI, which belongs to that section. Right. Maybe a second, Bernard, a second about the FastTrack team. If a customer wants to do Azure Stack HCI, and there is the possibility to engage with Microsoft, and your team will help them to get faster into the Azure ecosystem, and Azure Stack HCI is also Azure, right? Right. We are not cost-free consultants, but that doesn't mean that we cost anything. No, we don't cost, but there are some hurdles or some things, some levels that you have to meet. Right. You meet some requirements in order to get to the benefit of us, but then we'll get to help and as the name says, we are here to do some unblocking to fast-start the customer, to act as a sparing partner for the customer, his thoughts so he can reflect his thoughts on our Cloud to us, and we'll say, well, that's maybe a good idea or that's maybe not a good idea. Have you thought about this kind of thing? Right? Yeah. We are also supporting customers within the Azure Stack HCI, also with proof of concepts. Yeah. Let's start with the session, as I would say. Okay. So I shouldn't add that we work for many years together, and we had a lot of fun in the past. Thousands of people were at our IT camps, so we do this quite a time. The topic changes, but not the format, right? So, Banna, we're talking about what today? Yeah. Today, as you all may have seen, the learning course are proceeding through the learning course. Now, it's time the Azure Stack HCI cluster is there. However, we need to integrate it with some other Azure services in order to ease the operation of it, and there monitoring comes into place, which is a quite interesting one. We talked about a little bit last week, however, or in the previous session. However, we dive a little bit deeper into this section. Next one is how to protect virtual machines that are running on our on-premise Azure Stack HCI by using Azure Site Recovery. Next one is how to do a backup of virtual machines that are running on our Azure Stack HCI systems with Azure Backup, what's there? Then the last and final point, I think, is to implement the network adapter in Azure Stack HCI scenarios. We're not really implementing it today, but we're talking about it and what you can do with it. Banna, can I add something? Charlie, these offers are optional, and also if you do monitoring, and you should monitor your environment, of course, Azure Monitoring is one of the possible solutions. It's an offer for Microsoft, but it's not the only one. The same with backup, for example, there is an offering from Microsoft where you can backup your workload to the Cloud, but it's not the only one. These are offerings, you can choose them, but you don't have to. Right, it's probably the first way to look at, because it's built-in within to the product or streamlined with it. However, as you said, there are third-party solutions that are perfectly valuable for doing these kind of things, and sometimes they also bring a different angle or some more value add to a specific area that you want to achieve. Okay, so Azure Stack HCI, like Windows Server as well, integrates with a lot of Azure services to enhance the on-premise part with things from the Cloud that are operated in the Cloud and spans this hybrid scenarios. And for our purpose of our fixtures company, which is the Contoso.Limited, they have been looking into some of the capabilities as they are evaluating Azure Stack HCI, and some of the parts are coming up now. So what we want to do, for example, so our Contoso.Limited is a medium-sized financial services company located in New York, right? And until recently, they were operating most of their hardware on-premises, right? Operational overhead was significant because they didn't use a lot of automation and they relied on outdated technologies, legacy hardware, software-resulted in frequent stability and performance issues. And this is why during a modernization environment, they are looking into a software-defined data center set of strategy, and therefore, they are looking into Azure Stack HCI and what it brings and what it can offer together with Azure IS services, so the infrastructure services and platform as a services that are available in Azure. And yeah, and some of these things, you know, so they are trying to make things easier to have a new cloud strategy on consistent hardware and that's the sort of framing for today's talk. Okay, so let's drill into Azure Monitor. What is Azure Monitor, right? So, you know, for Contoso, the most important thing is, you know, what can it do? How can I use it and how does it help to maintain my Azure Stack HCI deployment? So this is the most important reasons or questions that Contoso has. Bernard, I get sometimes the question, what's the difference between managing something and monitoring something? So a lot of people ask me, we have Windows Admin Center as a great solution on premise. We have seen a lot of Windows Admin Center and we will talk about it today also a bit. Can you monitor with Windows Admin Center or is there more of the managing approach? What's the difference? What do you think? Yeah, well, okay, so for managing, you know, Azure, Windows Admin Center is the tool, right? So you have access to the consoles. You can launch PowerShell. Basically, Windows Admin Center is a GUI around launching PowerShell commandlets, right? It does also bring some, you can do some sort of performance monitoring, right? So it has access to the performance of the nodes, right? And you can define which metrics you wanna look at. And it also has some sort of nice dashboards to look at the health of your system, right? If you're sitting in front of it. Yeah, but it doesn't have any alerting mechanism. So the time when you are at home, you know, enjoying your dinner or whatnot, right? And something goes wrong, you wouldn't experience this. With combining with Azure Monitor, you can make use of alerting. That means you gather the data into Azure and then define some certain triggers or alerts as they are called with certain actions like, hey, send me an SMS or send me an email or, you know, do a push notification to my Azure app. And that's, you know, something that's not in Windows Admin Center. That's something that you can use with the Azure Monitor piece. Cool, so let's look into it, right? Okay, yeah, so let me spin the presentation a bit forward. So we'll have a look over Azure Monitor and what it can bring to our solution, right? So as I told you already, it's there for, it's basically, you know, a mixture of two things. Azure Monitor needs the data, right? So what can it look at? And the data is stored in a so-called log analytics workspace. So this is your data repository, right? Which data can go in there? Well, it could be performance counters, it could be event logs, right? It could also be custom logs, logs that maybe, you know, you define or you want to bring into a log analytics. So if we have, you know, gathered and collected and stored all these logs, we can, you know, we can visualize them. We can also do queries like off the different data tables, like for example, we can combine a query of spanning different event logs, right? So bringing more intelligence to it. And then if we have done such a query, for example, we can react on it and not only, you know, when we are sitting in front of it, but we can also create alerts from it that do that stuff, right? So there are two important things, you know, you can, that are always brought up, which is the part that what can be collected. There are two things, like the metrics. Metrics are more like the performance kind of way of things, right? So CPU usage over a certain time with it in regular intervals that you are looking at. And the logs, logs are really, you know, event logs, for example, but also activity logs in Azure. So you can, if someone does something, you know, for example, on a resource group or on a virtual machine, like stopping it or starting it or deleting it, that's an activity. And that activity, you know, it might be important to figure out who does what in Azure, right? Can also be a data source and gathered with Azure Monitor. So if you say logs, so let me just add here logs for the event logs, for example, there is every information that we need if there is something not okay with our cluster. So let's say we have some slow performance network failures. Everything is logging information or errors, warnings into the event log system of Windows. And it's grasped with the Azure Monitor agent. And then it's stored in the Log Analytics workspace. Then you can, Azure Monitoring can look at it and find the information and do something with it. For example, alerting us. Right, and what some people do, that's why I kept the previous slide, was some people are triggering, you know, they have some sort of ticketing system, bug tracking system, ITSM tool, which they are combining with Azure Monitor and the alerts in order to, you know, create a ticket if an alert triggers. So that, you know, that the operations team that looks at this tool, you know, gets an open ticket that knows what to look at, right? And as you said, there are some components that come into place if we want to gather this information, right, so we need to have, it's an agent-based model, right, so you install a piece of software within the nodes that you want to monitor, for example, if it's, you know, like a Windows machine, if it's a Linux machine, obviously the code or the agent changes, right? So it's a different build then, however, it's not only, you know, confined to servers or cluster nodes, it's also, for example, there are monitoring components, you know, for Kubernetes, for example, so you may have heard that you can run Kubernetes or AKS on-prem on Azure Stack HCI and Azure Monitor, can also monitor Kubernetes on-prem, right? Does it use the same agent? No, it uses a different approach, but it's using also some sort of component or container that is being, or an extension, I think is the right word for this. And you also have SQL, for example, as an application, there are also application monitoring there. It's a solution that covers a lot of different, workloads operating systems and so on. Okay. Right, and we are not, so that means we are not only offering one agent or one piece of software, we also, for example, if we are looking at our Azure Stack HCI nodes that's what we are about to do, we are experiencing not only one agent software, but two, for example, the dependency agents, which is able to display, you know, the network traffic, so how are different services running on a monitor system talking to via the network, which TCP port, which process on another server, for example, right? So we get this service map that can be used for figuring out how the systems are relating to each other, and that's, you know, one side aspect is people are using that dependency agent, not only for documentation and for troubleshooting, but also for, you know, for migration projects in figuring out which kind of workload needs to be migrated as, you know, as a whole to Azure in order to work, right, and to function right. Okay. Yeah, so, and yeah, I think we'll have a look in there. So let me, yeah, the onboarding part is when you are referring to the online documentation for this learning chapter, I think the onboarding part regarding Azure Monitor has a little bit of an outdated video. That means it's not a problem if you set it up that way. You know, there are multiple ways of getting this agent onto your cluster nodes, but it, the lucky us, it has been a little bit easier these days in order to onboard the cluster to Azure Stack HCI, right? Let me add here, the module was mainly designed for Azure Stack HCI 20 H2. We are now in 21 H2 and we got some better integrations or easier integrations with monitoring and everything. So it's much easier today than it was a year ago and that's a nice thing with a fast-involving system. We have, you can always talk about new stuff, right? There's a lot of change there. And it gets, usually it gets easier. So, you want to do a video here, right? Yeah, it's getting easier and sometimes, you know, things are flipping a little bit around in the UI. So, and also, you know, one of the things that you will do when working with Windows Admin Center is, updating it, right? So, update the Windows Admin Center as itself, but updating also the extensions that come with it and do this on a regular basis. Because sometimes if things break, it would be good to check if there's an update for this very thing that does this stuff. So, okay, so we are looking at my demo environment. You know, you may have, you know, have it in mind from the previous section last time. This is a two-node cluster system. So, I can't see these two nodes here, right? It's the 222 and the 221. And if I would not have set up Azure Monitoring, it would have shown me here, hey, set up Azure Monitoring. So, the process is like, you go into the section of the cluster, you go to the Azure Monitor part, then the next thing that you do is set up Azure Monitoring, right? What it asks you maybe is to create a log analytics workspace first, if you don't have one, right? And then you will see your nodes get this agent here. And this agent is, if we look at this, you know, you can see it in the installed applications on a node, if I would go there, all right? You see the monitoring agent, which is the one, but also the dependency agent, as I was talking about. See, these two guys are the ones, you know, that are gathering data. However, one task that might be still you need to do is, you know, these services are, you know, the agents are connected, but they, there is most of the time an additional step that needs to be done, which is the onboarding phase, which will, you know, this little guy here gets grayed out. If you need to do it, right? It will tell you something like in yellowish, hey, onboarding needs to be done, something like this, right? If you click on this, then it will take a couple of minutes and then your onboarding will be done, right? If that fails, sometimes that happens. Don't be afraid of it, right? There's, because there's another way of doing things, right? If Windows Admin Center lets you down, you can try to do it the Azure way, right? Through the portal, because what happens in the portal is, let me bring up my dialogue here. You go to the, to the log analytics workspace, right? That you have configured your cluster to do. And then you go to, no, that's not the one, sorry for that, you go to the monitoring part. And you go to the virtual machines. I know it sounds funny. It's, you know, although it's a physical box, it's still manageable under the virtual machine section. And you go to the not monitored part, right? And you should see your notes, right? Your physical notes there with something saying like, hey, it's available, but it's not enabled. Should I enable this? Please click me, right? If you do that, it takes a couple of minutes, then these guys go to, you know, go to enabled. And what happens is the agents on these notes get the information of what together, right? So which kind of event logs. And we can also look at this, right? And that was my previous link, which is configured under the log analytics workspace. Let's go there. And there you have the agents configuration, as I would say, right? And these are, you know, all the event logs that I want to look at, right? Maybe you do have not so many that I have, right? So it's always, you know, might be a good one to, if you want to look for example, the cluster logs or any other log that you are interested in, you can add this here. However, this is the guy that you should see because that's the one that Azure Stack HCI brings in order to do the management of this system. So if I get it right, you can add event logs, as he usually says, that is automatically collected. But if you want to have more information or you can also, you will come to that, I think, but you can also write some queries. So you can design your own alerts. And if you need more information from the system, you can add event logs here. So we talked about gathering the data and configuring how much data is being gathered, you know, maybe also the performance counter, you know, and in which cadence like or in which interval I want to collect these performance counters, right? You can add yours, right? Azure Monitor is or log analytics is built with the data that is stored within, right? So make sure if you do a sample rate of one, you get a lot of data and you pay a little bit more because more data, right? However, that's for the data gathering part. But now let's visualize the data we've got, right? And that's back again, sorry for this flipping, that's in the monitoring section. And as you could see here in the bottom or maybe in halfway through, there's in Azure Stack HCI preview for which contains, you know, some sort of dashboard that is just made for Azure Stack HCI nodes, right? So if you would have, for example, other clusters that you have not onboarded to Azure Monitoring, they would turn up here, right? Currently I only have one which is this guy here. If we would have have multiples, you can choose the one that you would want to look at. And this is, you know, you get some, this is a workbook, meaning a dashboard that comes from the product group and visualizes, you know, the most predominant counters or things that are there, right? So cluster health, let's have a look at the servers, which servers are included in that, right? So these are my two nodes or they're up and running. What's the CPU usage? You know, how many virtual machines are being executed on this system, right? I see a lot of stopped virtual machines. Maybe that's not a good thing, right? So I can drill down there or go to my servers and start the virtual machines. And I can also have a look at my storage subsystem and get some data there, right? So that's one part of looking at things. You know, be aware that there is a part in Azure Monitor and you can also create alerts that are, you know, being triggered whenever something happens. And the good thing is, you know, Azure's Windows Admin Center brings already some alerts that we think are suitable for monitoring and Azure Stack HCI cluster, which are these guys here, you know, oh, sorry for that. Which are these here at the bottom. You may need to set it up, right? So there's the alerts and action parts I have done that and where does that happen? Where does the alerts trigger or get created? Well, they get created here in the alert rules section in Azure in your log analytics workspace. However, you are not restricted to these. You can do your own. And that's for example, one thing that I did with my missing updates thing, which is a, you know, some sort of a, an informational alert, right? So sometimes it's good to keep the systems up to date, right? And you can query, for example, the event log of, which is this guy here for event 26, which is, hey, which new updates did you find, right? And you can do some parsing, do some projections. You know, it's like a sort of a programming, a SQL programming language kind of thing. And this can also, you know, send you an email and you get notified that, hey, you might need to install updates on your cluster, right? So we have some predefined rules that you can enable, but you can, it's very powerful. You can write or a programmer or DevOps can write the own alerts if you are looking for other things that are not predefined by Microsoft. Cool. Right. And this guy sends me an email, you know, but it could also trigger, you know, a ticket or you could do it, you know, with a webhook, you could attach it to an ITSM or bug tracking or, you know, issue tracker tool so that, you know, someone gets a ticket and does the job finally, right? There's also another view on this, which is the Azure Arc side of things. So sometimes, you know, the cluster is registered with Azure, you most probably, you know, also have, it Arc enabled. And there's also a view on, you know, the monitoring part is monitoring enabled or not, which is, you know, on, can be seen here, right? So if these guys turn up in green, then you're good to go. Sometimes you need to make it green by jumping in here and, you know, pressing the stuff. Once it's done, you can, you should be able to do some monitoring information here on the monitoring tab, which is sort of, you know, a different place in Azure where you could see the most important information, right? Okay, so let's go back to, should we do the quiz? I think we should do the quiz, right? Okay, good. So a knowledge check and of course, you gave a lot of additional information. That's great about monitoring. The part in the learning path module was mostly about what is Azure monitoring and how to install it. So our first question is, as part of your evaluation of Azure Stack HCI for Contoso, you onboarded a four node Azure Stack HCI cluster to Azure Monitoring. Now you want to review the service map displaying communication between the cluster nodes. What should you do? And if you want to participate in the poll, just scan these QR code or go to HTTPS colon double slash aka.ms slash polls and you can answer there. So we have three proposed answers. A, in Windows Admin Center, browse to the monitor pane. We have seen that, right? In Azure Portal, browse to the Azure Lock Analytics blade. In Windows Admin Center C, browse to the Azure pane. So to be clear, the question is about the service map displaying communication. We talked about that, where you can see which port is used between the different things, right? So... We haven't shown it in... We haven't shown it directly, right? So, but we have looked at the Admin Center section. Yeah, maybe it's more complex than Admin Center can handle, right? We need something more capable, like something maybe in the cloud. Yeah, think of where the data is. Like, you know, the data is in Azure already. So I think it's, you know, I think it's a good way to think it maybe also from that perspective, right? And if you vote, go ahead. Hopefully that works. And we give you 10 more seconds. Okay. So let's show the right answer, huh? And the right answer is in the Azure Portal, right? So it's besides all the other stuff that we were showing there, you can see the, you know, the service map section, which displays you the communication between the nodes, right? Okay, so let's go ahead a little bit. And yeah, just one note. If you have any questions, please let us know. We do have Flo in more watching the chats. So he's trying to answer directly or replay the question into our channel so that we can try to answer it. Okay. Next topic. Next part is protecting our workload. So we have monitoring and now we want to protect maybe our VMs, right? So how will we do that? Well, you know, let me ask you one question. I mean, which kind of different ways of protecting, you know, my virtual machines do I have, right? So what comes up very often, like for example, the malware kind of thing or the data center? Yeah, there are two different ways of different issues, of course. There could be a user who is deleting some information and you want to be protected against that. So I know we talked about the modules for that. Usually we have backup. So we backup our data, we can archive it for multiple days, weeks, months and so on. And that is backup. That's our third module. And then there is maybe malware. So or we have a disaster, for example. So imagine we have our four node Azure Stack HCI cluster in our premises. So and now we have a fire or the power is off for longer than half an hour or we have something with water or earthquake. In Germany, we rarely have those things but there are other areas on the world where there are more of these natural catastrophes. And for that, it would be nice if our data is somewhere else, not on our premises and not in our backup server. And maybe the data is more frequently updated somewhere. So for that is maybe something like a site recovery or synchronous replication. We have Hyper-V replica for that. And we have also an offering in Azure, right? So it's a site recovery. Right, so you were, for example, for a data center outage or for a fire alarm that would be a good fire would be, if you have two data centers, right? Or at least two locations or two racks and have the money to do it on your own, then you can do, for example, stretch clustering. Like we talked about last session, right? But if you don't have another data center, right? Or if you want to be a little bit further apart, right? Then you can rely on Azure to be your second data center, so to speak, and replicate the stuff over to Azure, which is not synchronously, but as synchronously and depending on your internet line as synchronously could also mean almost not far away in a time perspective. So we'll let's look at Azure site recovery here and then do the backup stuff afterwards, right? Okay, so Fixtures Company, Contoso has been experienced frequent stability and performance issues which expose the lack of sufficient disaster recovery provisions, so they are looking into what they can do with Azure if they want to, for example, fail over into an Azure data center region and then run the workload there or also then maybe falling back if things are smoothing out and then workload can be run on-premise again. Yeah, and this is a use case that is there for quite a while. So Azure site recovery is not brand new, it's been there for quite a while. It's allowing you to replicate your virtual machines over to Azure, run it there. It's not only dedicated for Windows workload, you can also replicate Linux virtual machines up to Azure and run it there. Yeah, and it's also available not only for Azure Stack HCI where the virtual machines are living or Windows Server Hyper-V, you also have solutions for other hypervisors like VMware, for example. So you can also use Azure site recovery to choose some of your VMs in the VMware environment and replicate them to Azure. So if you have a failure, you have them immediately with a very short time where you don't have the actual data. With the backup, for example, we maybe have done our backup eight, nine, 10 hours ago, then we have a failure. We lose all these 10 hours of work with Azure site recovery. It's much shorter, right? Yeah, and you can also do a plan failover, meaning you set it up now when you do have the time and also the time to test the thing, right? Because if it's IT for me, and I hope I assume that I'm not the super whiz guy, most of the times when I try IT things for the first time, they don't work, right? So I need to test it and try it again, play with it, make it work, and that you could also do with Azure site recovery, right? Placing the virtual machines in the right network, for example, turning them on, see, hey, do I have all the virtual machines I require because you have a service spending multiple machines? Yeah, it might be a good thing to have all these virtual machines that are compiling the whole application, you know, migrating it up or replicating it up to Azure, right? So play with it when you are, you know, good and know how the service works, then in terms of a failure or a planned outage, you can easily, you know, switch the button. The last data will get replicated over, the virtual machines will be shut down on your site and started in Azure, and you would also almost see almost no outage, right? Which is, if you set it up right, the thing that you want, right? Okay, so how does that work? Well, it's also like the monitoring part agent-based. So you are creating, you know, some service vault in Azure, which gets your virtual machines and also the configuration for the replication. And once you do create your world, you, you know, you configure it and you tell it, hey, where's my source? Is it VMware? Is it, in our case, Azure Stack HCI, right? And then which kind of virtual machines do I want to replicate? Maybe not all of them, right? So only a couple. And also, hey, in which network should these virtual machines go if I, you know, started in Azure? Should they get a different IP address range? Should they, how should the connectivity be done? Right, which virtual machine type should they get in Azure? Small, medium, large one, right? And that's interesting though, because, you know, there happen some things because Azure Site Recovery does not only copy the, the bits from one place to another, right? So it needs maybe to take care of some other things or you may need to take care of some other things, like for example, IP address ranging, right? And that's something that's happening with Azure Site Recovery. So as another, you know, use case of Azure Site Recovery is the migration phase, right? If you want to migrate data over from on-premise to Azure, you could also Azure Site Recovery for doing that, right? But that's, you know, a side aspect of it. So let's maybe look a little bit into the PowerPoints to get some screenshots, right? So it is, as I would say, an agent-based way. So you install something on your Azure Stack HCI notes and I'll show that in a minute in my demo environment. And then you do, you know, you set up the configuration what you want to replicate, which kind of virtual machines you want to replicate. This is the screenshot from the Windows Admin Center where you go into your cluster section then you have on the top the information, hey, do you want to have a disaster recovery in place? If not, you may click here and set this up. This is the dialogue that comes up, right? So it knows about all the other notes that are available in your cluster and it will install the agent on these notes and it will also create the Azure artifacts like a resource group, like the Recovery Services Vault if that's not done already for you in Azure and your Azure subscription, right? Sometimes, you know, as said, this should work, right? But sometimes it may not work, but you can also do it from the Azure way. You don't need to do it on the Windows Admin Center side. You can also do it from the Azure way of doing, from the Azure side. So in my case, let me show you how I did it. So I was setting up the agent, the site recovery agent from the virtual machine section of the node, right? So I was going into the virtual machine section telling it, hey, set up site recovery. It asked me a few questions and then it installed the agent on this node. If I look at the software repository of this one, I should see some agent software, which are these guys here, the update and the services recovery agent. And I think it brings also the C++ Redistributable for doing it, right? And also this Azure site recovery services, site recovery provider. These ones are now hooked up to my Azure services recovery vault. So how does that look like? Let me bring that up. So if you go to Azure, you should see your, you'll go for recovery services vault, then you press your recovery services vault and look into the section where it tells you site recovery infrastructure. That is the piece where you configure what to replicate and from where to replicate, which is my source technology or hypervisor that I'm using, because you can also do replicate Azure virtual machines from one Azure data center to another. Also, as Kost mentioned, VMware machines from on-prem to Azure, right? Or Hyper-V machines. And you remember Azure Stack HCI is sort of, it's Hyper-V under the covers, right? So there is a Hyper-V site, which is would be, better naming would be maybe like HCI on-prem or whatever. However, I should see my hosts in there and what I want to see from my hosts if that they have a connected status. So that these guys are connected to this site recovery vault. And now I would be able to enable replication for virtual machines that are on these nodes. How can I do that? Well, you go into your virtual machine section, for example, select the virtual machine that you want to replicate. And then it should work. Let's see. No, not this one. Yeah, you have to go in the cluster. Okay. Yeah, that's maybe better. So and we should maybe also take a running virtual machine and use the replication button. It's not there. Which is currently not there. Not quite sure what happened here. I've seen it today. So not quite sure. It's on a break. Yeah, it's on a break. No worries. It should be there. And it should be able to set it up. Sorry for that. Don't know what happened, but it should be under the management port anyway. Yeah. Okay. So that's for this. But when you enable it, I think you can also configure how often it will, or how near it is to the running machine. It's doing it in intervals, right? So the data is updated continuously and that is reloading his admin center. Maybe we get the button or a button is coming back from the break. Let's see. But we can show you. Let's give it a last try. So. Yeah, this is live. So we don't have videos here. We do it live. And then with live, that can be, yeah, there it is. There you go. It's back from the break. Right. Yeah. So what you need for this is a storage account, right? Azure Site Recovery needs some storage, some storage account for storing your virtual machines, hard disks in, right? This is the storage account that's being used for. So make sure that you have created one or let the tool create one for you. And if you are, you know, enabling it, it won't ask you too many things about it, right? But what should happen underneath is that once the stuff is configured, you should also see something on the hypervisor where this virtual machine is being executed. It's quite funny or quite interesting to see, you know, because it will create some, you know, some checkpoint here. It will also, or it should also tell you about the replication status that it's going to, you know, configure this one once it's done and replicate the stuff over to Azure. And you should see the progress, how much data is already being transported over to Azure. And depending on the size of this, you see, depending on the size of this virtual machine, it should, you know, and your network bandwidth, it's faster or slower, right? Yeah. The data has to be uploaded to Azure. And if it's a 200, 300 gigabyte VM, really depending on IF, a 60 megabit upload here. So that can take a bit, right? If you are fortunate and have a gigabit upload, great. But not here in Germany. Right. Hopefully my video bandwidth will not suffer right now because of me enabling this. Karsten, you would need to take over because it's going over the same wire as I do this session right now. So hopefully, hopefully it will work. Okay. So let's proceed with the PowerPoints. And hold on. Let me get the PowerPoints up, are they? So, maybe you can stop, maybe you can stop the replication because your sound is getting a bit choppy. Okay. What do you call it? You do the questionnaire while I'll fix this stuff, right? Yeah. So Flo, can you please switch to my screen? Thank you a lot. No, that shouldn't be shown. So we are now doing another knowledge check. And as part of implementing disaster recovery for Contoso, you plan to use Windows Admin Center to onboard an Azure Stack HCI cluster to Azure Site Recovery. When you perform onboarding, which of the following tasks is automatically completed? So you don't do that, it's automatically completed. Is it A, provisioning of an Azure Recovery Site Vault? B, creating a recovery plan. C, enabling protection for cluster nodes. So again, you can vote at the QR code, get it in your phone, or go to ttps colon double slash aka.ms slash polls and give us your opinion, what is the right answer? So again, we use Windows Admin Center to onboard our Azure Stack HCI cluster to Azure Site Recovery. And when you perform onboarding, which task is automatically done for you? We'll give you a minute or so to answer. So Bernard, is your, how is my sound? How's my sound? Your sound is good. Your sound is good, your picture is also better. So, yeah, so you see, you know, life. It's life, yeah. And if we push a lot of data over the upload parts, your video is getting, your camera is strange, right? So your experience, the technology is working, right? Yeah, but yeah, that's good. So let's, you know, go to the answer of this one. Well, you provision an Azure Service, Azure Recovery Services Vault, right? That's the part where your ASR Azure Site Recovery data goods goes in or your replicated virtual machines. Okay, so also if you want to set this up, you know, don't do it in a rush. Take your time because it will take some time and it will, you will, as I did, hopefully learn quite a bit on your virtual machine and how it's, you know, working in Azure then. Yeah, let's go to the next chapter, right? We are now at the third chapter and now we want to protect our Azure Stack HCI VMs, not maybe for disaster, but for deletion or a corruption of VMs and therefore we use another tool. If we would rely on Azure Site Recovery and you change the virtual machine somehow, some data in there, so it's replicated to Azure and the Azure Virtual Machine or the data in Azure has the same data after a short time. So you install malware on it, it will be there after some seconds or maybe after some minutes, right? So it's a short time window with Azure Backup. You can travel back in time and revive your your own life again, yeah. So Azure Site Recovery should not be a replacement for a backup, I would say, right? Yeah, there are interesting though, there are other, you know, third party vendors that sort of combine this to approaches like, you know, like taking or keeping multiple copies of previously replicated virtual machines and combine the idea of both. Also charming, as I would say, but it's a bit of a different approach. So we do have two different services for achieving this. Okay, Azure Backup. So yeah, Azure Backup is there. Also one, it's not new, right? So Azure Backup has been a service that's been there for quite a while. Obviously we needed something like this to backup virtual machines in Azure, right? But it was also for a long time capable of consuming on-premise made backups. And I'm not talking about third party solutions, you know, that we're uploading the backup data to some storage accounts in Azure. No, I'm talking about, you know, Microsoft technology that was doing that with also with, you know, in a data bucket which is hosted in Azure. And that's Azure Backup. So interesting though, we do have sort of different technologies for achieving different goals, right? So for example, the easiest way of creating an on-premise backup would be to use the Azure Recovery Services Agent, the Mars Agent, right? Which is a piece of software that you hook up to Azure. It's also agent-based again, right? So you install this, for example, on your server, could be a virtual machine. It could also be a Hyper-V system, I think, to do host-based backup of virtual machines, right? It's pretty dumb though, right? So you just tell it which thing you want to backup and then you point it to the Azure Backup Store and then it does its thing, right? But every time the backup is made, you transport it over to Azure, right? So you need a lot of bandwidth maybe. Is this a fast recovery in terms if you want to recover it fast? Well, the time it takes for the backup to download might be a little bit time consuming, right? Therefore, there's another solution which is the Microsoft Azure Backup Server, the Maps, which is a dedicated backup server software, right? So think of it like a virtual machine or like with a specific kind of software which has a management GUI, which allows you to backup certain things. If you are familiar with Microsoft System Center Data Protection Manager, it would look like almost the same to you, right? Because it's sharing its code base. So this tool is also quite aged and aging sometimes is not a bad thing. Think of aging with you or with meat. Sometimes aged meat is very tasty, right? So also this, yeah. And also the Azure Backup Server is very mature, it's stable. However, the GUI may look not too nice, like steaks, right? So, depending. But they taste nice. But they taste nice, yes. We have much more possibilities with the Azure Backup Server, right? So you can do incremental backups, for example. Yeah, it's a bit of a way, but you have to do more things to set it up. Yes, and the setup, you know, don't underestimate this because you're setting up a server software, right? So you're setting up almost a system center component. A backup solution, yeah. Well, it's a backup solution. And interesting though, it's a very cheap backup solution. If you, for example, want to do on-premise backups, right? Because it can, you know, backup your whole virtual machine environments and store it locally for, I think, one year. If you, depending on the backup policy that you do, but you couldn't, can keep the virtual machines on-prem for one year. So I can say, hey, give me the virtual, recover the virtual machine from two weeks ago, right? And as this is on-prem, you don't need to, you know, get the data back from Azure. You get it from your storage system, right? And you should be much faster in recreating the virtual machine or whatever you have backed up, right? And then you can say for long-term retention, meaning for, you know, like this limit, like there's always the 99 years data retention period which you have. Don't know how long Azure will resist or exist, but you know, it's practically unlimited. So you say, hey, keep once, you know, a backup reaches a certain age, hey, it's might be good to store it at a different location also in Azure for, you know, for looking back at what happened 10 years ago, maybe. All right. Yeah, so that's, you know, that's sort of Azure backup. And where do you set this thing up, right? So it's also as said before, it's agent-based and depending on what you are doing. And also even the backup server, right, uses the Mars agent for uploading the backup, the long-term retention backups to Azure. So, you know, you have sometimes, depending on the scenario, a combination of both. However, yeah, there is one statement in the learning documentation, which I found is no longer true. And I think it's this one here, right? So let me drill or bring up the documentation or at least the latest link because I think you should be aware of it. Okay. Yeah, this is as of March, 2021. This is one year and at least three months ago. So there's also change in this product, right? Yeah, so I think it's, now this is not the right one, but this is the right one. So backup Azure Stick HCI, virtual machines with Azure backup server, which is the maps, right? And here under the supported scenario, and you could see from the article date that it's not too old. So it was updated fairly recently. And you can also do the Azure Stick HCI back, a host backup with the system state of the host, if you want to, right? And you can also do use virtual machines that are in a cluster, sitting on a cluster shared volume storage, meaning that it can be run on either nodes. This is also something that you can backup and back the maps takes care about cluster shared. Well, that's very important because it was an HCI cluster. All UBMs are on cluster shared volumes, right? Yeah, so it is in there. However, if you want to set this thing up, right? There is an article on this as well. So be aware, you know, if you see that here, that's 18 minutes to read, but I would assume that it's taking hours to set up. We did twice or three times. Yeah, you know, the description looks nice to me. I did it quite some time ago. It has a lot of screenshots for navigating through, right? But, you know, the starting point all over is like Azure site recovery. It is your recovery services vault, right? So, but not now for site recovery, but for backup, right? So if you go into this section, you see that you have, and it's worth to mention, right? So what can you backup with Azure backup, right? Of course we can backup Azure virtual machines, which is, you know, sort of the most logical one, right? So here you have the Mars agent stuff, things that come via the Mars agent or things that come from the Azure backup server, right? You can also use the old school or still valid system center data protection manager, or you can, you know, backup other Azure workload like Azure files, SQL in Azure, or SAP HANA in an Azure virtual machine, which is also quite important. So think about SAP HANA instances, which are huge in size, need to be restored fast. So that's quite demanding on the product. From what I've heard, I'm not a SAP HANA guy, but from what I've heard, it works quite well. So if you go, if you decide for the Azure backup server, you know, you need to create a site first, right? So meaning you need to tell Azure about the infrastructure and hook your on-premise Azure backup server together with your recovery services world, right? So going through the dialogues are quite interesting because here in Azure Stack HCI, you see it's already here, right? And there you have now the system state for the nodes, but you, let's say if we want to, you know, backup virtual machines that are sitting on this Azure Stack HCI, that's the thing that we want to do. We need to prepare our infrastructure and that means, hey, here's the download link for the Microsoft Azure backup server solution. This is, don't know how much it is, but I think it's a couple of mechs, maybe around 150 or something like that. It also tells you, you know, in order to install a Windows server first, then install the Azure backup server. Maybe there is some requirements that you need to install first, but that's also all in the article. However, bring some time with it, but I think it's worth trying out as it's really a cheap way of backing up. So we install it in an operating system, in a Windows server. Usually we would do that in a VM maybe, running on the Azure Stack HCI. I think it's maybe not the best solution to have the backup software running in the thing you protect. So if you have another hypervisor or another server, put it there. But of course, if you store your data in Azure, all of them, that's not a problem. If you store them locally, maybe think about not putting your data also in the Azure Stack HCI cluster in another VM or so. Then if your cluster has a problem, you can't reach your backup software and so on. And as you've seen with my bandwidth or my video feed going down, it might also be important in which network you place your backup server in. Because what you don't want to do is, you don't want to be the noisy neighbor for all of your guests and for your HR people or for your managers that are working with the applications on that system. Yeah, so sometimes you'd know that better than I, people are doing explicit backup networks, right? Yeah, yeah, sometimes they do. Backup is a huge part. It can be easy, but it can be quite, coming quite complex or becoming quite complex if we are talking about a larger environment. So we are, again, testing our knowledge, right? So the questions we have and again, if you want to participate, scan the QR code or go to HTTPS double colon slash slash aka.ms slash pulse. There you have the questions and I will read the question. You have onboarded an Azure Stack HCI VM at Contoso to Azure backup by using Windows Admin Center with the default backup schedule and retention period. Now you decide to modify the retention period to align it with Contoso compliance requirements. Which of the following tools should you use to update the backup period? A, Microsoft Azure backup server, B, Windows Admin Center, C, Azure backup application on the VM. Well, that's not an easy one. So what have we done? We have used a Windows Admin Center to onboard an Azure Stack HCI VM at Contoso. And we have configured it and now we want to change the period and the retention policy. So the question is, where can we do that? And can we do it in Admin Center? Not sure, have you seen it there, Bernard? No, I haven't. I haven't to be honest. Can we do it in Azure backup server? Do we have an Azure backup server here? Or do we have it to do it in the Azure backup application on the VM? I think it's a hard one. What do you think, Bernard? Yeah, it's a hard one. And I think these guys are not using the Azure backup server, the Azure backup server, where you would usually define such a backup policy, right? So I think they are relating to the Mars agent, which is the small, tiny software piece that you could put also into a virtual machine and back it up from there. Well, it could also be used on a server, right? The VM or server is sort of a little bit misleading here, but the answer is, you know, not to take it too long as the last option here. Oh, which is the... Give us the green. Yeah, I'll give you the green answer here. Okay. So in the last 20 minutes, we are talking about a thing that is only available through Windows Admin Center, so what is it, Bernard? Yeah, what it is, it's... Oh, let me press the right... It's kind of a network adapter, right? Yes, sometimes you have the task or we are talking hybrid here. And also what's very important if it comes to hybrid is hybrid networking, right? Most of the times I would see, you would see site-to-site connections from Azure to your on-premise data center, meaning the data center where your Azure Stack HCI node resides, right? So you have a VPN device on-premise talking to something VPN device like in Azure, right? Yeah, there are multiple possibilities, right? A VPN would be one. There are still some people using directly Azure over the internet, maybe not the safest way. And you also have something like a dedicated line to Azure Express Route, right? Is it called? But usually you are right. If it's a company, they should have a VPN. Yeah, and I'll give you one more. I mean, you could use appliances in Azure as well, like go to a different vendor or a firewall company that you like. And they probably have an Azure representation or an appliance representation in Azure that you could use and install and configure like you would do it on-prem. So there are multiple options. The most obvious one would be in my personal opinion, a site-to-site VPN connection from on-prem to Azure using the Azure VPN gateway, supporting different levels of bandwidth that needs to travel through through an IPsec tunnel. And once you have set it up, your traffic flows almost transparently for the applications. It's just a different IP address range. Well, you should use a different IP address range in Azure than you use on-premise in order to avoid overlapping IP address ranges that would give you routing conflicts, right? However, yeah. Yeah, and the VPN gateway, it's a service that Microsoft cares about. So you don't have to care about updates or upgrading the software. It's just a service. You can deploy it in through the Azure portal. And I think it's quite, the magic behind is quite complex a bit, but you don't have to care about it. Microsoft is doing all the security stuff there. So, as you mentioned, there are other options. There are other VPN solutions from third parties and they maybe do the same. Or you can even deploy a VM with Linux in it and use a Linux solution, but then you have to care about the firewalling, the updates and so on. So the Azure network adapter uses the VPN gateway, right? It uses a VPN gateway, but in our case, I think the most important question is, okay, we talked about site to site that gives me connectivity for my servers that are on-prem to all of the networks that are in Azure. However, what are the use cases for the network adapter then? So meaning like an isolated sort of thing rather than the big site to site usual thing. And the answer for this one is, well, you may still have isolated workloads or networks on-premise that you want to directly connect to Azure, right? Or to some Azure data centers. So it's like a point-to-site connection sort of thing, like these road warriors have with their laptops running around going to the internet cafe and hooking up a private VPN connection, right? So that's sort of a thing for servers with the Azure virtual network adapter in Azure Stack HCI. So you could create a piece of software that's running basically in a Windows system or in a Windows machine that connects you to Azure, right? Yeah, as I said here, so it's like a point-to-site VPN connection from a Windows Server to an Azure virtual network, right? And the good thing about is it is, you would be able to set this up maybe not only with the Windows Admin Center part, but I think the setup for this would be very long. It would be very complex. The documentation there is, I think, a bit complex. And using Windows Admin Center makes it much easier in order to do that whole setup from the Windows Admin Center console. So yeah, let's go a little bit further ahead with the dialogue. So it's built in the Windows Admin Center tool and you'll get asked for most obvious questions. Hey, so where is my subscription? Which location do you want to provision this? What's the network in Azure that's there? I think that's one of the requirements that you need to have. You need to have created the virtual network in Azure before starting this. And then you select the VPN gateway, the SKU, which determines the throughput, so what is available in bandwidth. And it's also the size that it comes in Azure with is also calculating linear up in the costs, right? So the more it is capable to transport, the more it will cost, right? And you have some choices here. Obviously, this needs also some IP address ranges. So the gateway subnet is, as you could see here, it is a smaller subnet which in Azure, why? Because you don't really are interested in how many, you don't want to give your gateway too many IP addresses, right? Because they would eat up your other address space. And in fact, it really doesn't need too many. And then you also have the client address space that you're originating from. So one is Azure and the other one is your on-premise network that you want to add this to. It'll create self-signed certificates for this, right? So that you have an encrypted connection, yeah. And once this is done, you should be able to communicate over a encrypted private network adapter. Cool connection. Okay. Yeah, I think, God. This is a wait, Bennett. This is an important thing. If you want to do any Azure services with Windows Admin Center, so configure them, you have to register your Azure, your Windows Admin Center to Azure, to your subscription, but you only have to do that once. So it's for Azure backup, it's for Azure site recovery, it's for Azure monitoring, it's for the Azure network adapter. We had it multiple times in the documentation. So it's a hint. If you don't find the things we talked about in Windows Admin Center, first you have to register your Windows Admin Center to your subscription, yeah. So it's a question time again, right? Yes. And the last one actually for this series, oh, not for this series, for this current. Should I read it? Go ahead. So again, you can vote on this on HTTPS colon slash slash aka.ms slash holds. And it gives you some time for this because we have still 11 minutes to the end, but we can finish early. So as part of your evaluation of hybrid capabilities of Azure Stack HCI for Contoso, you are planning to test the setup of Azure network adapter on an Azure Stack HCI VM running Windows Server 2019. What should be the first step to test the setup? So we haven't tested the Azure networking adapter, it's our first thing we do. So should we A, create an Azure virtual network as a first step? Should we B, set up a local VPN device or C, install a VPN client software on the VM? I think we can deduct the wrong answers here. So if you think about it, is it creating an Azure virtual network? Should we set up a VPN device or not? Should we have to do some documentation reading and setting up a VPN device? Well, what's the use then of this wizard, right? So of the network adapter, right? Or should we install a VPN client software on the VM? So I think this one is much, much easier than the last one. Let's see how many people are helping us with the answer. So I got the poll. Okay, yeah, don't stretch it too much. I think I already mentioned the answer. It's A, you need to have the network before testing, right? So the network must exist. The Azure network, the Azure virtual network must exist before that. Maybe there's one caveat to this. If you have ever created a virtual network in Azure, right? You give it an address range. And then most of the times the wizard will create, you know, a subnet for you. Which is smaller than the virtual network itself. So the idea is to have multiple subnets that are fitting into a virtual network, right? However, you would be able to create a subnet that fills out the whole virtual network. But then you're doomed when setting up the virtual network gateway because it doesn't have when setting up the virtual network gateway because it needs a specific, you know, sort of, you know, something that very, yes. And it needs to have the network named like gateway subnet, I think it is, right? So you must need to have some space left for this network to be created. And so that you can still use the stuff. I have done that wrong at the first installations that I've done. Yeah, you know, why do you think I know such a detail? Okay, so this completes our session. So let's recap what we have talked about, right? First, we were talking about monitoring Azure Stack HCI by using Azure Monitor. And Berna did a great presentation, live demo of those things. I love live demos better than slides. Then we were talking about protect Azure HCI VMs by using Azure Side Recovery. And in the third part, we talked about protecting Azure Stack HCI VMs by using Azure Backup. And remember, backup and side recovery are two different things. Side recovery is like a disaster recovery solution. So if your data center fails or burns or whatever, you have a disaster, you have still your VMs in Azure, you can bring them up very easily. A backup thing is more for change, or if you need an older version of something. For example, in Germany, we have some laws that you, if you have some finance data, you have to keep them up for, I think, or archive them for 10 years before you can get rid of it. You wouldn't do that with Azure Side Recovery. You would do that with a backup, right? And lastly, we were talking about implementing Azure Network Adapter and Azure Stack HCI scenarios. And I have to test this. I have never used the Azure Network Adapter, but I think it's a nice solution. I will test it. So we are done with this session. You can learn more in this link. If you are not following the documentation while we are talking about it, have a look at the learning life session. And there are, I think, more coming learning life sessions or I should look also in the presentation, right? Yeah. Yeah, I think, I'm not quite sure if we are done. These are the ones that I volunteered to, so to speak. There are more regarding Azure Stack HCI on the live event platform. For example, we talked about the Kubernetes thing. So installing or using Kubernetes or AKS on Azure Stack HCI has a dedicated learn life session which you may also have a look at. And the next one, Flo mentioned it. The next one is implementing Azure App Services on Kubernetes with ARC. And I'm out there. This was my fourth session. So I'm done now. But I think this is also a very interesting one. Kubernetes is a workload that we can implement on Azure Stack HCI. So we have the Azure Kubernetes Services, the same code or nearly the same code that is running in Azure. When you have a managed Azure Kubernetes cluster, you can have the same implementation on premises for your containers. And there we will have a session about Azure App Services on Kubernetes. Maybe I watch this if I have time for it. Yeah, Kubernetes, as you said, is the new cool kid on the block. Well, it's not maybe not that new, but it's to have it on for us. Yeah, new for us. We are aged, as we said. However, it's a vehicle for other Azure platform services to be portable onto Azure Stack HCI. So if you are looking into the app services like Azure Functions, for example, if you are looking, for example, into managed SQL instances and other services, for example, like the ArcBridge for deploying virtual machines from the Azure portal onto your Azure Stack HCI, these are all workloads that are running or requiring Kubernetes. And guess what? So that means this is one of the workloads that's in your AKS or running in your AKS if you implement it on-prem. So if you are trying out Azure Stack HCI, you'll most probably end up in implementing AKS. And for this, it might be a good idea to do some learning on this one. Yeah, yeah, we are at the end. I hope this was at least informational or maybe also entertaining. With that, I would get it a go, give you two minutes back of your time, take care. And yeah, see you around. We say bye from Germany wherever you are. Thanks for attending and have a nice day.