Tech Blog

Hello,

More DR stuff for me, I needed to restore a VM from Recovery Vault, heres how I did it:

Open PowerShell and connect to Azure:

Connect-AzAccount

Lets get started, as before, theres lots to change so READ it carefully:

#Find your vault and resouce Group, CHANGE FOR YOUR ENVIRONMENT
$vault = get-AzRecoveryServicesVault -Name "LinuxVault" -ResourceGroupName "LinuxRG"
Set-AzRecoveryServicesAsrVaultContext -Vault $vault

#Set the fabric of your vault, CHANGE FOR YOUR ENVIRONMENT
$PrimaryFabric = Get-AzRecoveryServicesAsrFabric -name asr-a2a-default-northeurope

#Set these
$PrimaryProtContainer = Get-AzRecoveryServicesAsrProtectionContainer -Fabric $PrimaryFabric -Name "asr-a2a-default-northeurope-container"

#set your network, CHANGE FOR YOUR ENVIRONMEN
$TFOVNet = Get-AzVirtualNetwork -Name uks-kil-dr-test-vnet
$TFONetwork= $TFOVnet.Id

#Here we get the VM and start the recovery, CHANGE FOR YOUR ENVIRONMENT
$ReplicationProtectedItem = Get-AzRecoveryServicesAsrReplicationProtectedItem -ProtectionContainer $PrimaryProtContainer -FriendlyName "Linux-Server-1"
$TFOJob1 = Start-AzRecoveryServicesAsrTestFailoverJob -ReplicationProtectedItem $ReplicationProtectedItem -AzureVMNetworkId $TFONetwork -Direction PrimaryToRecovery

#Same but a different VM
$ReplicationProtectedItem = Get-AzRecoveryServicesAsrReplicationProtectedItem -ProtectionContainer $PrimaryProtContainer -FriendlyName "Linux-Server-2"
$TFOJob2 = Start-AzRecoveryServicesAsrTestFailoverJob -ReplicationProtectedItem $ReplicationProtectedItem -AzureVMNetworkId $TFONetwork -Direction PrimaryToRecovery

#Same but a different VM
$ReplicationProtectedItem = Get-AzRecoveryServicesAsrReplicationProtectedItem -ProtectionContainer $PrimaryProtContainer -FriendlyName "Linux-Server-3"
$TFOJob3 = Start-AzRecoveryServicesAsrTestFailoverJob -ReplicationProtectedItem $ReplicationProtectedItem -AzureVMNetworkId $TFONetwork -Direction PrimaryToRecovery

#Same but a different VM
$ReplicationProtectedItem = Get-AzRecoveryServicesAsrReplicationProtectedItem -ProtectionContainer $PrimaryProtContainer -FriendlyName "Linux-Server-4"
$TFOJob4 = Start-AzRecoveryServicesAsrTestFailoverJob -ReplicationProtectedItem $ReplicationProtectedItem -AzureVMNetworkId $TFONetwork -Direction PrimaryToRecovery

#Same but a different VM
$ReplicationProtectedItem = Get-AzRecoveryServicesAsrReplicationProtectedItem -ProtectionContainer $PrimaryProtContainer -FriendlyName "DC-Server-1"
$TFOJob5 = Start-AzRecoveryServicesAsrTestFailoverJob -ReplicationProtectedItem $ReplicationProtectedItem -AzureVMNetworkId $TFONetwork -Direction PrimaryToRecovery

Once you’re done with you’re restored VMs should clean up your work if you need too (I was using them to test DR so wanted to deleted them after):

#Get teh VM you cloned and bin it off, CHANGE the VM name FOR YOUR ENVIRONMENT
$ReplicationProtectedItem = Get-AzRecoveryServicesAsrReplicationProtectedItem -ProtectionContainer $PrimaryProtContainer -FriendlyName "Linux-Server-1"
$Job_TFOCleanup = Start-AzRecoveryServicesAsrTestFailoverCleanupJob -ReplicationProtectedItem $ReplicationProtectedItem

$ReplicationProtectedItem = Get-AzRecoveryServicesAsrReplicationProtectedItem -ProtectionContainer $PrimaryProtContainer -FriendlyName "Linux-Server-2"
$Job_TFOCleanup = Start-AzRecoveryServicesAsrTestFailoverCleanupJob -ReplicationProtectedItem $ReplicationProtectedItem

$ReplicationProtectedItem = Get-AzRecoveryServicesAsrReplicationProtectedItem -ProtectionContainer $PrimaryProtContainer -FriendlyName "Linux-Server-3"
$Job_TFOCleanup = Start-AzRecoveryServicesAsrTestFailoverCleanupJob -ReplicationProtectedItem $ReplicationProtectedItem

$ReplicationProtectedItem = Get-AzRecoveryServicesAsrReplicationProtectedItem -ProtectionContainer $PrimaryProtContainer -FriendlyName "Linux-Server-4"
$Job_TFOCleanup = Start-AzRecoveryServicesAsrTestFailoverCleanupJob -ReplicationProtectedItem $ReplicationProtectedItem

$ReplicationProtectedItem = Get-AzRecoveryServicesAsrReplicationProtectedItem -ProtectionContainer $PrimaryProtContainer -FriendlyName "DC-Server-1"
$Job_TFOCleanup = Start-AzRecoveryServicesAsrTestFailoverCleanupJob -ReplicationProtectedItem $ReplicationProtectedItem

Hello,

So something fun I’ve been working on recently is cloning a Linux Azure VM from a snapshot, for my case so I can test it for DR.

To do this you basically need to:

1. Create a vnet for the clone if you need too (I reference it in the script)
2. Create a snapshot of the VM
3. Create a managed disk for the snapshot
4. Create a VM with different name using the managed disk
5. If needed rename the VM on the OS level to match the VM name.

Or you could use some PowerShell:

First open PowerShell and run:

Connect-AzAccount

The you need to change some of the below (look for “CHANGE THIS FOR YOUR ENVIRONMENT”):

#Existing virtual network where new virtual machine will be created, CHANGE THIS FOR YOUR ENVIRONMENT
$virtualNetworkName = 'uks-dr-test-vnet'  
  
#Resource group of the VM to be clonned from, CHANGE THIS FOR YOUR ENVIRONMENT
$oldresourceGroupName = 'UKS-VM1-DR'  
$newresourceGroupName = 'UKS-VM1-DR-TEST'  

#Region where managed disk will be created, CHANGE THIS FOR YOUR ENVIRONMENT
$location = 'UK South'  
  
#Names of source and target (new) VMs,CHANGE THIS FOR YOUR ENVIRONMENT
$sourceVirtualMachineName = 'Linux-VM1'  
$targetVirtualMachineName = 'Linux-VM1-DR'  

#Set the subscription for the current session where the commands wil execute,CHANGE THIS FOR YOUR ENVIRONMENT
Select-azSubscription -SubscriptionId '111111111-1111-1111-1111-111111111111'  
  
#Get the existing VM from which to clone from  
$sourceVirtualMachine = Get-AzVM -ResourceGroupName $oldresourceGroupName -Name $sourceVirtualMachineName  

$osdisk = Get-AzDisk -DiskName $($sourceVirtualMachine.StorageProfile.OsDisk.name) 
#Create new VM Disk Snapshot  
$snapshotconfig = New-AzSnapshotConfig -Sourceresourceid $osdisk.Id -Location $osdisk.Location -CreateOption copy  
$snapshot = New-AzSnapshot -Snapshot $snapshotconfig -SnapshotName "$($osdisk.name)-snapshot" -ResourceGroupName $oldresourceGroupName   

#Create a new OS Managed Disk from the Snapshot  
$disk = New-azDiskConfig -AccountType $osdisk.sku.Name -DiskSizeGB $($osdisk.DiskSizeGB) -Location $location -CreateOption Copy -SourceResourceId $snapshot.Id  
$disk = New-azDisk -Disk $disk -ResourceGroupName $newresourceGroupName -DiskName "$($osdisk.name)-DR"
  
#Initialize virtual machine configuration  
$targetVirtualMachine = New-azVMConfig -VMName $targetVirtualMachineName -VMSize $($sourceVirtualMachine.HardwareProfile.VmSize)
  
#Attach Managed Disk to target virtual machine. OS type depends OS present in the disk (Windows/Linux)  
$targetVirtualMachine = Set-azVMOSDisk -VM $targetVirtualMachine -ManagedDiskId $disk.Id -CreateOption Attach -linux 

$disks = $sourceVirtualMachine.StorageProfile.DataDisks
#$disks = Get-AzDisk -ResourceGroupName $oldresourceGroupName | where {$_.managedby -like "*$sourceVirtualMachineName" -and $_.Name -like "*Datadisk*"} 
foreach ($disk in $disks){
    #Create new VM Disk Snapshot
    $datadisk = Get-AzDisk -DiskName $disk.name   
    $snapshotconfig = New-AzSnapshotConfig -SourceUri $($disk.manageddisk.id) -Location $datadisk.Location -CreateOption copy  
    $snapshot = New-AzSnapshot -Snapshot $snapshotconfig -SnapshotName "$($disk.name)_snapshot" -ResourceGroupName $oldresourceGroupName 

    #Create a new Managed Disk from the Snapshot  
    $diskconfig = New-azDiskConfig -SkuName $datadisk.sku.name -DiskSizeGB $($disk.DiskSizeGB) -Location $location -CreateOption Copy -SourceResourceId $snapshot.Id  
    $newdisk = New-azDisk -Disk $diskconfig -ResourceGroupName $newresourceGroupName -DiskName "$($datadisk.Name)-dr"   
    $targetVirtualMachine = add-AzVMDataDisk -VM $targetVirtualMachine -ManagedDiskId $newdisk.Id -lun $disk.lun -CreateOption attach 

} 

#Get Virtual Network information,CHANGE THIS FOR YOUR ENVIRONMENT
$vnet = Get-azVirtualNetwork -Name $virtualNetworkName
$subnetid = $($vnet.Subnets | where {$_.Name -like "DR_Sunet"}).id

# Create Network Interface for the VM, CHANGE THIS FOR YOUR ENVIRONMENT
$nic = New-azNetworkInterface -Name ($targetVirtualMachineName.ToLower() + '_nic') -ResourceGroupName $newresourceGroupName -Location $location -SubnetId $subnetid -PrivateIpAddress 172.45.1.252
$targetVirtualMachine = Add-azVMNetworkInterface -VM $targetVirtualMachine -Id $nic.Id  
  
#Create the virtual machine with Managed Disk attached  
New-azVM -VM $targetVirtualMachine -ResourceGroupName $newresourceGroupName -Location $location  
  
#Remove the snapshot  
Get-AzSnapshot -ResourceGroupName $oldresourceGroupName | Remove-AzSnapshot -Force

This chap does something similar too:

https://www.techmanyu.com/how-to-quickly-clone-a-vm-in-azure-c5299ff82496

Hello,

I had to join a Ubuntu server to a Window Domain recently, here’s what I did, the # are just annotated notes:

#Update the \etc\hosts file for 127.0.0.1 to be the hostname
sudo vi /etc/hosts
127.0.0.1 UbuntuServer.domain.com UbuntuServer


#Install the packages
sudo apt-get update
sudo apt-get install krb5-user samba sssd sssd-tools libnss-sss libpam-sss ntp ntpdate realmd adcli

#Update NTP for domain time
sudo vi /etc/ntp.conf

#In the ntp.conf file, create a line an add the following:
server domain.com
# I also removed out all the other NTPs


#stop and start ntp and we are golden
sudo systemctl stop ntp
sudo ntpdate domain.com
sudo systemctl start ntp


#Dicover the fookin domain (Case SeNsAtIvE)
sudo realm discover DOMAIN.COM
#should see the domain


#Initialise Kerberos (Case SeNsAtIvE) use yor own frickin username
kinit -V admin@DOMAIN.COM
#chuck in your password


#join the muther fuzin domain baby, you have a choice here, if your server can reach all your DCs in your domain then use the first command, if it cant then you have to specify one:
#1
#sudo realm join --verbose DOMAIN.COM -U admin@DOMAIN.COM --install=/
#2
sudo realm join --verbose -U admin@DOMAIN.COM dc01.DOMAIN.COM --install=/


#comment out the use fully qualified thing
sudo vi /etc/sssd/sssd.conf
# use_fully_qualified_names = True

#restart ssssd
sudo systemctl restart sssd

#enable the user to vcreate home dirve
sudo vi /etc/pam.d/common-session
#place the following under the line that contains session optional pam_sss.so
session required pam_mkhomedir.so skel=/etc/skel/ umask=0077

#test
id admin@DOMAIN.COM

#visudo bitches
sudo visudo -f /etc/sudoers
%Domain\ Admins ALL=(ALL) NOPASSWD:ALL


#change the domains so we can login
sudo vi /etc/krb5.conf

        DOMAIN.COM = {
                kdc = dc01.domain.com
                kdc = dc02.domain.com
                admin_server = admin.domain.com
        }

.domain.com = DOMAIN.COM

#allows these to ssh
sudo realm permit -g 'Domain Admins'
sudo realm permit -g 'Tronstride Servers Local Admins'


#toublshoot
tail -f /var/log/auth.log

Hello,

Recently passed my AZ-104 exam (was a good challange).

One of the labs I wanted to setup was a Site to Site VPN and as I had a draytek router kicking about I thought I’d use it.

These are the things you need in Azure:

Local Network Gateway – This is the object that represents my draytek (or site)

Virtual network (vNet) – The network for everything to sit in, in Azure.

Virtual Network Gateway – The frontend of Azure, so the bit the draytek is looking at.

Public IP – For the VPN Gateway

A Azure VM to test with.

The vnet was pretty straight forward, my Azure VM was in here and VPN Gateway.

Now lets configure the Local Network Gateway, basically all you need to do is:

Enter your Drayteks public IP,

In address space enter in the subnet you use at home (or the site your connecting).

Now lets create a connection to the Draytek.

Note here I used IKEv1, thats because my Draytek didnt seem to support v2.

Now make a note of the public IP in the Local Network Gateway overview.

To the Draytek!!!

Enter the following

under IKE pre-shared key I used the key I setup earlier:

Thats it.

Check the Lan to Lan profile to see if its connected.

Now in Azure, try pinging the home network from the Azure VM:

I appreciate this isnt my best blog, sorry (I’m in a rush).

Here’s Microsofts official guide:

https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-site-to-site-resource-manager-portal

As you may have seen we have a Linux server in Azure running some weird stuff, anyhow the time was off screwing with reports and what not, so had to fix it.  Here’s what I did:

First, SSH onto the server and logon.

Check the time:

timedatectl

Find the timezone you would like:

ls /usr/share/zoneinfo/

Now change it:

sudo timedatectl set-timezone Asia/Dubai

Check it again:

timedatectl

Example:

Had an annoying issue where the OS disk on a linux server (hosted on Azure) was partitioned too small:

This disk is 30GB but has loads of free space::

Disk /dev/sda: 136.4 GB, 136365211648 bytes, 266338304 sectors

Then partition /dev/sda2 on the disk: 

Device Boot      Start         End      Blocks   Id  System

/dev/sda2         1026048    62914559    30944256   83  Linux

Feespace:

Number  Start   End     Size    Type     File system  Flags

        16.4kB  1049kB  1032kB           Free Space

1      1049kB  525MB   524MB   primary  xfs          boot

2      525MB   32.2GB  31.7GB  primary  btrfs

        32.2GB  136GB   104GB            Free Space

Here’s how I managed to grow the disk without loosing any data etc:

1) Login to the VM using SSH, we can check the size of the disk by using:

sudo dmesg | grep -i sda

2) To proceed with the partition resize, we will use:

sudo fdisk /dev/sda

type: p
this will show both partitions /dev/sda1 and /dev/sda2 which are basically partitions 1 and 2

type: d then 2 (to delete partition 2)
type: n then p, 2 (to recreate partition 2) you can accept the default values
type: w (to save the new partition)
type: q (to exit fdisk)
sudo reboot (to reboot the VM so the partition is updated)

3) To finalize the resize, after the reboot, execute the command:

For Red Hat 7.3 and CentOS 7.3:

sudo xfs_growfs /dev/sda2

For Oracle 7.3:

sudo btrfs filesystem resize max /