- Interact with Azure Cosmos DB with PowerShell - Tue, Sep 14 2021
- Azure health services: Track Microsoft cloud outages and maintenance - Wed, Sep 8 2021
- Powerline: Customize your PowerShell console - Tue, Aug 31 2021
You might already know that Jeffrey Snover, Microsoft's Windows Server lead architect, feels strongly that graphical user interfaces (GUIs) have no place on servers unless you absolutely need them for legacy support scenarios.
Thus, in the forthcoming Windows Server 2016, we have a new installation option called Nano Server that not only has no GUI, but also is the thinnest, lightest Windows Server version ever produced.
Of course, we've been able to remotely manage Windows Core servers in a variety of ways and these methods still work with Nano Server:
- MMC console remote connectivity
- Windows PowerShell remoting
- Other first- and third-party remote administration tools
If you're a Microsoft Azure subscriber, then you can also manage your cloud and on-premises servers by using the Azure Resource Manager (ARM) portal. Now, not so fast--I know that Azure is a "no go" for many businesses due to security and data sovereignty concerns.
You should know that the Azure team plans to include their Server Management Tools in the upcoming Azure Stack. At the moment, though, what I'm going to teach you today works only with an Azure subscription and managed servers running Windows Server 2016 Technical Preview 4 (TP4).
Describing our lab environment ^
Take a look at the following Visio drawing, which illustrates my lab setup:
Notice that the Azure Server Management tools require the presence of a gateway agent located on the same subnet as the servers you need to manage. I'm getting a bit ahead of myself--let's set this thing up and see how it works.
Building the environment ^
Log into the Azure Portal (portal.azure.com) and find the node called Server management tools connections. If you don't have an Azure subscription, feel free to sign up for a free 30-day trial. Microsoft gives you $200 in service credit to play around with.
Click Add to build a new Server Management Tools connection and then fill out the blade. I show you what this looks like in the following screenshot:
You need to fill in the following fields:
- Computer name: I couldn't get this to work by specifying my on-premises Nano server's hostname. The connection went through fine when I used the host's private IP address 10.0.0.10. Remember that, as of this writing in April 2016, this feature is solidly in "preview" mode. For that matter, Windows Server 2016 is only in Technical Preview status as well.
- Subscription: Self-explanatory
- Resource group: A container for your Azure resources
- Create a new Server management tools gateway: I just added the hostname of my on-premises Windows 10 box. We'll configure the gateway more in just a moment.
- Location: Only select Azure regions are available as of this writing.
When you examine your new Server Management Tool connection's Essentials page, you'll see a big banner that says "Gateway not detected. Click here to configure a Server management tools gateway." Go ahead and click that; I show you what it looks like here:
In the Gateway configuration blade, you can generate a download link for the agent software. This is a small .msi package that's personalized to the hostname of the gateway you provided a moment ago.
The candidate gateway should reside on the same IP subnet as your target hosts. Moreover, the gateway (wait for it) needs to run either Windows 10 or Windows Server 2016 TP4. Go figure!
Performing remote administration from Azure ^
The gateway serves as an "umbilical cord" between your managed servers and the Azure Portal Web UI. After installing the gateway software, refresh your view of the Server Management Tools connection and you should see something similar to the following:
I've called out some touch points in the previous screenshot; let me explain them for you:
- A: Click Manage as to provide administrative credentials for the remote server
- B: Investigate the status of your gateway
- C: See real-time performance metrics
- D: Leverage a rapidly expanding set of remote administration tools
Remember that the Azure product development team ships new features literally every business day. Accordingly, you can expect to see the Server Management Tools functionality broaden and deepen as we get closer to Windows Server 2016's final release date.
You know what they say (whoever 'they' are): a picture is worth a thousand words. Therefore, let me give you three interface screenshots to show you the kind of remote management flexibility you have through the Azure Web portal:
Okay, so what do you think? You may be thinking some of the following perfectly valid arguments:
- The dependency on an Azure subscription is a deal-breaker for me!
- Why do I have to hairpin out to the Internet and back to manage my local servers?
- I thought we were supposed to use code to manage our Windows servers now?!
- How secure is the traffic that's orchestrated between my on-premises Server Management Tools gateway and the Azure cloud?
I'm just speculating here, but I suspect that the biggest consumer of the Azure Server Management Tools are managed service providers (MSPs) who need an easy way to "touch" customer servers (both in the cloud and on-prem) from a central location.
Remember, too, that the Azure Stack will bring much of the Azure public cloud functionality to your local data center so it's probably to your professional advantage to learn how they work to get yourself prepared for the future of datacenter/server management.
Subscribe to 4sysops newsletter!
From what I've read on the Azure support forums, Microsoft plans to continue fully supporting the more traditional remote access tools, from MMC remote connectivity to WinRM/WSMan and beyond.