Reverse engineering the “AADLoginForLinux” in order to tweak proactive user configuration

Introduction

Last summer I posted about taking a look under the hood of the Azure Active Directory integration for a Linux Virtual Machine. For today, let’s take it a bit further… What if we would want to pre-provision a set of UIDs (User IDs) & GIDs (Group IDs) on a range of virtual machines for cross machine consistency. Let’s say, we would want to make use of an NFS drive and use the same UID/GID across all those boxes. Can we do that with the AAD extension? If so, how can we do it? Let’s hope we can… Otherwise it’ll become a rather short blog post.

 

Disclaimer

This post is based upon my personal experience reverse engineering how this extension works. This is by no means a support statement. If you’re a technical nut (like myself) and want to know how you can tweak this at your own doing… Then this post is for you. 😉

Continue reading “Reverse engineering the “AADLoginForLinux” in order to tweak proactive user configuration” →

Taking a look under the hood of the Linux VM Authentication

Introduction

Today we’ll do a deep-dive into how you can log into an Azure Linux VM with Azure Active Directory (AAD). In essence, we’ll go through the following documentation flow, and then take a look how that looks under the hood.

 

Part one : “Creation”

The part on creating & integrating the VM is VERY straightforward…

• Create a resource group
  
• Create a Linux virtual machine
  
• Add the “Azure AD login VM”-extension
  

And that’s it! Really, that’s it…

Continue reading “Taking a look under the hood of the Linux VM Authentication” →

Using B-series for your Dev VM in Azure

Introduction

Earlier this week I tweeted my excitement of using an Azure B-series machine for my Dev VM in Azure. And Jan was curious to know what type I used…

Which size do you use?

— Jan Tielens (@jantielens) April 16, 2018

Which got a response from Sven that I would probably blog on it…

Wait a couple hours, days... He will create a blogpost with his full setup. 🙂 Would be great for everyone, sharing you experience. 🙂

— Sven Van den brande (@SVandenbrande) April 16, 2018

So…

Continue reading “Using B-series for your Dev VM in Azure” →

What Azure Virtual Machine size should I pick?!?

Introduction

Remember the last time you went shopping for a shirt? Then you surely also recall the moment in time when you were looking to find the right shirt size for yourself…

You probably also noticed that sizes might differ a bit depending on the context. A  woman’s size vs & men’s size is totally different. There are geographical differences… and some people just like to wear cloths that have more “free space”.

So is today’s post about buying cloths? Hell no… 😉 But it’s to point out that there are analogies between finding the right shirt for you, and finding the right Azure Virtual Machine. Today we’ll delve into the aspects that will guide you a given T-shirt size in Azure ; for instance, why choose an FS1 above an A1_V2, where they both have 1 core & 2GB of memory. Though there is a price difference of 10€ per month on them.

Continue reading “What Azure Virtual Machine size should I pick?!?” →

Virtual Connect : “Patch Panel” or “Active Component”?

A while ago we had an internal discussion whether or not a Virtual Connect (HP Blade Technology) is to be considered as an active component or as a patch panel.  The answer is that it is kinda like a switch. It cannot be seen as an actual switch, where it comes close to a virtual switch (like defined by VMware). More details can be found op page 25 in the document (linked below), where a nice comparison table is listed.

Source :HP Virtual Connect: Common Myths, Misperceptions, and Objections, Second Edition (Google cache / quickviewer)

#1: VC Ethernet is just another switch
Incorrect: While VC uses tried-and-true, IEEE standard, Layer 2 bridging functionality, its primary purpose is to provide many server virtualization and management features that are non-existent in traditional switches. VC may perform some functions like a traditional switch; however, VC has many additional features which clearly distinguish it from a traditional switch. …

#18: VC Ethernet doesn’t provide Layer 3 routing capabilities
Correct: Virtual Connect is not a router, therefore, Virtual Connect does not provide Layer 3 capabilities (routing).

#14: HP server blade NICs stay active even after VC Ethernet uplink failure
Incorrect: Virtual Connect provides many features for ensuring highly available network connectivity for HP server blades. One feature, SmartLink, is used to disable a server blade NIC port anytime the NIC is connected to an external network where all VC uplink(s) have failed. In other words, VC can be configured to proactively disable a server NIC port whenever the server NIC is isolated from the external network. VC’s SmartLink feature, combined with NIC Teaming on the server, allows for highly available network configuration with no single point of failure.

#3: VC Ethernet doesn’t support Spanning Tree (STP)
Correct: Much to the delight of VC users, Spanning Tree support on VC is not needed. VC provides HP server blade network connectivity just like a hypervisor provides virtual server network connectivity and neither of these technologies require Spanning Tree support. VC doesn’t have to support Spanning Tree just like hypervisor hosts don’t have to support it, yet both provide network redundancy and load balancing. Just like a hypervisor host, VC provides network redundancy and load balancing features that are modeled after NIC Teaming/bonding technology instead of switch technologies like Spanning Tree. A Spanning Tree configuration error on any single switch in the data center can negatively affect any other connected switch in the network, in addition to all servers connected to the same network. With Virtual Connect, any redundancy and load balancing configuration problems only affect a single blade enclosure1
Fundamentally, VC doesn’t require support for protocols like STP because VC presents itself to the network as a “termination endpoint”, as does a typical server or a hypervisor host. VC is not and does not present itself as a “transit device”, as does a traditional switch.

#24: VC Ethernet doesn’t support the Cisco Discovery Protocol (CDP)
Correct: VC supports Link Layer Discovery Protocol (LLDP) – the industry standard (IEEE) version of the Cisco proprietary protocol CDP. Many Cisco devices support both CDP and LLDP (for example, 14 ). The use of the IEEE standard version, LLDP, is recommended by HP to ensure customers are not locked into a proprietary protocol.

#17: VC only supports a limited number of VLANs
Correct: The supported limit is 320 VLANs per Virtual Connect Ethernet module when using Shared Uplink Sets. The VC architecture supports 1000+ VLANs per c-Class enclosure.

ESXi on a USB memory key

Check out the following guide @ vminfo.nl :

Create an ESX 3i USB boot key

This guide will describe the basic steps to create your own VMware ESX 3i USB key.
I need to say that VMware is not supporting this way of running ESX, so be careful with this on
production environments.
When you want to use ESX 3i in production environments without the need of local hard drives,
contact your hardware manufacturer; like HP, Dell or IBM. They have supported ways to run ESX
on USB or SD cards.
Pre-requirements
• USB key of 1GB
• IZArc – http://www.izarc.org/download.html
• WinImage – http://www.winimage.com/download.htm
• VMware ESX 3i (ISO) – http://www.vmware.com/download/vi/

Seamless Linux applications on Windows

Seamless Options
One of the all-time-favorite articles here is “Running your dual boot windows inside Vmware Server within Ubuntu“. Yet some might like it the other way around, and a bit more seamless? Two handy options here are “VirtualBox” & “Ulteo Virtual Desktop“.

Virtualbox
You can put Virtualbox in the same range as Vmware. They provide a performant virtualization platform. Yet one of their core features (which I still miss in Vmware, apart from Fusion) is the “seamless” mode. It means your guest OS can appear on your desktop without having to be inside a window. You can run application (say notepad) and it will appear as a single window on your desktop.
More info?

Ulteo
With Ulteo Virtual Desktop, you just have to run the application you need to use from the Ulteo panel and its window will show up like any other Windows application. Ulteo steps in to avoid the point where you need to maintain your virtualization platform (as with the seamless solution of Virtualbox). See it as an application that will (install and) maintain the seamless solutions for you. Check out their website (and the /. comments).

Innotek (VirtualBox) Acquired by Sun

Press announcement

SANTA CLARA, CA February 12, 2008 Sun Microsystems, Inc. (NASDAQ: JAVA) today announced that it has entered into a stock purchase agreement to acquire innotek, the provider of the leading edge, open source virtualization software called VirtualBox. By enabling developers to more efficiently build, test and run applications on multiple platforms, VirtualBox will extend the Sun xVM platform onto the desktop and strengthen Sun’s leadership in the virtualization market. This software is available for all major operating systems at http://www.virtualbox.org and http://www.openxvm.org.

So sun strengthens it’s product portfolio by adding a virtualization option.

The Virtualization options in Linux

Check out the following article at TechThrob.com.
An excerp of the intro:

This week Canonical, the company behind Ubuntu Linux, announced a partnership with Parallels, maker of the Virtualization products Parallels Workstation and Parallels Desktop for Mac. Consequently, the Parallels Workstation virtualization software is now available to download and install in Ubuntu Linux, completely supported by Canonical, and done entirely through the Add/Remove programs interface. This makes four different virtualization programs — three of which are installable via the package repositories — that run on Ubuntu Linux. (See the Correction: in the Installing VirtualBox section for more information)

This article compares four virtualization products available for Ubuntu Linux: the free, open source x86 emulator Qemu; the closed-but-free versions of VirtualBox and VMware-Server, and the commercial Parallels Workstation.

What we often forget when implementing virtualization solutions

“The beginning is the half of every action”
Someone once told me “There is nothing more permanent than temporarily.” (roughly translated), and it’s something you often see in the IT world. A server goes down, let’s do the quick fix now and do the in depth analysis/coding later. The last step is often moved the the refrigerator called “on hold”-, “TODO” or “when we have time” boxes.

The following situation might ring some bells:

X : How de we save on infrastructure costs?
Y : Maybe by virtualizing our infrastructure?
X : Sounds good, how do we do this?
Y : Let’s first try our lab/development/staging environment?
X : And if that works move all servers to it!

Help!!! My virtual servers are breeding like rabbits
Most companies who’ve started with virtualizations, like for example VmWare of Xen, have found themselves rushing (or stumbling) way too fast in this new enviroment. The virtual infrastructure needs the same amount of thought as your physical infrastructure. It’s not because a virtual server is created at a fraction of the time it would take a physical one, that one shouldn’t follow the same steps.

Perhaps the sexiest aspect of virtualization is its speed: You can create VMs in minutes, move them around easily, and deliver new computing power to the business side in a day instead of weeks. It’s fun to drive fast. But slow down long enough to think about making virtualization part of your existing IT processes

It’s not because it’s virtual that it doesn’t need to be managed
Continue reading “What we often forget when implementing virtualization solutions” →