Exclusive Preview of Dell Azure Stack HCI Arc Integrated Configuration Compliance
Who doesn’t enjoy VIP treatment? Exciting opportunities to feel like royalty include winning box seats at a sporting event or getting invited to attend opening night at a new restaurant. I received an unexpected upgrade to business class on a flight a couple years ago and remember texting every celebratory meme I could find to friends and family! These are the moments in life to really savor.
In my line of work as a technical marketing engineer, I relish any situation where VIP stands for Very Important Person rather than Virtual IP address. Private previews of the latest technology often provide both flavors of VIP.
I consider myself fortunate to be among the first to experience cutting-edge solutions with the potential to solve today’s most vexing business challenges. I also get direct access to the best minds in the software and hardware industry. They welcome my feedback, and there’s no better feeling than knowing that I’ve made a meaningful contribution to a product that will benefit the broader community! Now it’s your turn to feel the thrill of gaining early access to long-awaited new software capabilities for Azure Stack HCI.
Your official preview invitation has arrived.
You are cordially invited to participate in an exclusive VIP preview of Azure Stack HCI Configuration and Policy Compliance Visibility from Dell Technologies, integrated with Azure Arc.
The Azure Arc portfolio demonstrates the unique Microsoft approach to delivering hybrid cloud by extending Azure platform services and management capabilities to data center, edge, and multi-cloud environments. Dell Technologies uses the Azure Policy guest configuration feature and Azure Arc-enabled servers to audit software and hardware settings in Dell Integrated System for Microsoft Azure Stack HCI.
Our engineering-validated integrated system is Azure hybrid by design and delivers efficient operations using our Dell OpenManage Integration with Microsoft Windows Admin Center extension and snap-ins.
When we first developed our extension, we delivered deep hardware monitoring, inventory, and troubleshooting capabilities. Over the last few years, we have collected valuable feedback from preview programs to drive further investment and innovation into our extension. Customer experience has helped us shape new features including:
- One-click full stack lifecycle management using Cluster-Aware Updating
- Automated cluster creation and expansion
- Dynamic CPU core management
- Intrinsic infrastructure security management
The Azure Arc integration from Dell Technologies complements Windows Admin Center and our OpenManage extension by applying robust governance services to the integrated system. Our Azure Arc integration creates software and hardware compliance policies for near real-time detection of infrastructure configuration drift at-scale. It protects clusters in the data center or geographically dispersed to ROBO and edge locations from malicious threats and inadvertent changes to operating system, BIOS, iDRAC, and network adapter settings on AX nodes from Dell Technologies. Without this visibility, you leave yourself vulnerable to security breaches, costly downtime, and degraded application performance.
All we need now is your experience and valuable feedback to help us fine-tune this critical capability!
Consider Azure Portal your observation deck.
Intentionally selected AX node attributes and values targeted by our Azure Arc integration are routinely checked for compliance against pre-defined business rules. Then, compliance results are visualized in the Policy blade of the Azure portal as shown in the following screen shots.
Help prevent costly business setbacks.
This guided preview is checking select OS-level, cluster-level, BIOS, iDRAC, and network adapter attributes that optimize Azure Stack HCI. If an unapproved change to these attribute values goes undetected, the integrated system may experience degradation to performance, availability, and security. The abnormal behavior of the system may not be readily traced back to the modified OS and hardware setting – delaying Mean Time to Repair (MTTR). The longer the incident takes to resolve, the greater the consequences to your business in the form of decreased productivity, lost revenue, or tarnished reputation.
Ready for your sneak peek?
Here are just some of the preview benefits in store:
Playing with the newest toys in your own sandbox and directly with the engineers creating the solution
Helping to make a cutting-edge technology even better with a vendor who is listening and responding to your feedback
Achieving superhero status at your business by automating routine administrative tasks that strengthen infrastructure integrity and improve operational efficiency
Availability is limited for this guided preview. To claim your spot, please contact your account manager right away. They will coordinate with the internal teams at Dell Technologies and schedule further conversations with you. A professional services engagement is required to install the Azure Arc integration during the preview phase. We will work together to prepare the Azure artifacts and run the required scripts. Over time, Dell Technologies intends to expand this compliance visibility to a much larger set of attributes in an extensible, user-friendly framework.
I hope you’re as excited as I am to deliver this configuration and policy compliance visibility using Azure Arc to Dell Integrated System for Microsoft Azure Stack HCI. The technical previews that I’ve been a part of have been some of the most memorable and rewarding experiences of my career. An unexpected upgrade to business class is nice but contributing to the success of a technology that will help my industry peers for years to come? Priceless.
Author: Michael Lamia
Twitter: @Evolving_Techie
LinkedIn: https://www.linkedin.com/in/michaellamia/
Related Blog Posts
Experts Recommend Automation for a Healthier Lifestyle
Wed, 20 Oct 2021 19:59:25 -0000
|Read Time: 0 minutes
Like any good techie, I can get a little obsessed with gadgets that improve my quality of life. Take, for example, my recent discovery of wearable technology that eases the symptoms of motion sickness. For most of my life, I’ve had to take over-the-counter or prescription medicine when boating, flying, and going on road trips. Then, I stumbled across a device that I could wear around my wrist that promised to solve the problem without the side effects. Hesitantly, I bought the device and asked a friend to drive like a maniac around town while I sat in the back seat. It actually worked – no headache, no nausea, and no grogginess from meds! Needless to say, I never leave home without my trusty gizmo to keep motion sickness at bay.
Throughout my career in managing IT infrastructure, stress has affected my quality of life almost as much as motion sickness. There is one responsibility that has always caused more angst than anything else: lifecycle management (LCM). To narrow that down a bit, I’m specifically talking about patching and updating IT systems under my control. I have sometimes been derelict in my duties because of annoying manual steps that distract me from working on the fun, highly visible projects. It’s these manual steps that can cause the dreaded DU/DL (data unavailable or data loss) to rear its ugly head. Can you say insomnia?
Innovative technology to the rescue once again! While creating a demo video last year for our Dell EMC OpenManage Integration with Microsoft Windows Admin Center (OMIMSWAC), I was blown away by how easy we made the BIOS, firmware, and driver updates on clusters. The video did a pretty good job of showing the power of the Cluster-Aware Updating (CAU) feature, but it didn’t go far enough. I needed to quantify its full potential to change an IT profressional’s life by pitting an OMIMSWAC’s automated, CAU approach against a manual, node-based approach. I captured the results of the bake off in Dell EMC HCI Solutions for Microsoft Windows Server: Lifecycle Management Approach Comparison.
Automation Triumphs!
For this white paper to really stand the test of time, I knew I needed to be very clever to compare apples-to-apples. First, I referred to HCI Operations Guide—Managing and Monitoring the Solution Infrastructure Life Cycle, which detailed the hardware updating procedures for both the CAU and node-based approaches. Then, I built a 4-node Dell EMC HCI Solutions for Windows Server 2019 cluster, performed both update scenarios, and recorded the task durations. We all know that automation is king, but I didn’t expect the final tally to be quite this good:
- The automated approach reduced the number of steps in the process by 82%.
- The automated approach required 90% less of my focused attention. In other words, I was able to attend to other duties while the updates were installing.
- If I was in a production environment, the maintenance window approved by the change control board would have been cut in half.
- The automated process left almost no opportunity for human error.
As you can see from the following charts taken from the paper, these numbers only improved as I extrapolated them out to the maximum Windows Server HCI cluster size of 16 nodes.
I thought these results were too good to be true, so I checked my steps about 10 times. In fact, I even debated with my Marketing and Product Management counterparts about sharing these claims with the public! I could hear our customers saying, “Oh, yeah, right! These are just marketecture hero numbers.” But in this case, I collected the hard data myself. I am still confident that these results will stand up to any scrutiny. This is reality – not dreamland!
Just when I thought it couldn’t get any better
So why am I blogging about a project I did last year? Just when I thought the testing results in the white paper couldn’t possibly get any better, Dell EMC Integrated System for Microsoft Azure Stack HCI came along. Azure Stack HCI is Microsoft’s purpose-built operating system delivered as an Azure service. The current release when writing this blog was Azure Stack HCI, version 20H2. Our Solution Brief provides a great overview of our all-in-one validated HCI system, which delivers efficient operations, flexible consumption models, and end-to-end enterprise support and services. But what I’m most excited about are two lifecycle management enhancements – 1-click full stack LCM and Kernel Soft Reboot – that will put an end to the old adage, “If it looks too good to be true, it probably is.”
Let’s invite OS updates to the party
OMIMSWAC was at version 1.1 when I did my testing last year. In that version, the CAU feature focused on the hardware – BIOS, firmware, and drivers. In OMIMSWAC v2.0, we developed an exclusive snap-in to Microsoft’s Failover Cluster Tool Extension to create 1-click full stack LCM. Only available for clusters running Azure Stack HCI, a simple workflow in Windows Admin Center automates not only the hardware updates – but also the operating system updates. How do I see this feature lowering my blood pressure?
- Applying the OS and hardware updates can typically require multiple server reboots. With 1-click full stack LCM, reboots are delayed until all updates are installed. A single reboot per node in the cluster results in greater time savings and shorter maintenance windows.
- I won’t have to use multiple tools to patch different aspects of my infrastructure. The more I can consolidate the number of management tools in my environment, the better.
- A simple, guided workflow that tightly integrates the Microsoft extension and OMIMSWAC snap-in ensures that I won’t miss any steps and provides one view to monitor update progress.
- The OMIMSWAC snap-in provides necessary node validation at the beginning of the hardware updates phase of the workflow. These checks verify that my cluster is running validated AX nodes from Dell Technologies and that all the nodes are homogeneous. This gives me peace of mind knowing that my updates will be applied successfully. I can also rest assured that there will be no interruption to the workloads running in my VMs and containers since this feature leverages CAU.
- The hardware updates leverage the Microsoft HCI solution catalog from Dell Technologies. Each BIOS, firmware, and driver in this catalog is validated by our engineering team to optimize the Azure Stack HCI experience.
The following screen shots were taken from the full stack CAU workflow. The first step indicates which OS updates are available for the cluster nodes.
Node validation is performed first before moving forward with hardware updates.
If the Windows Admin Center host is connected to the Internet, the online update source approach obtains all the systems management utilities and the engineering validated solution catalog automatically. If operating in an edge or disconnected environment, the solution catalog can be created with Dell EMC Repository Manager and placed on a file server share accessible from the cluster nodes.
The following image shows a generated compliance report. All non-compliant components are selected by default for updating. After this point, all the OS and non-compliant hardware components will be updated together with only a single reboot per node in the cluster and with no impact to running workloads.
Life is too short to wait for server reboots
Speaking of reboots, Kernel Soft Reboot (KSR) is a new feature coming in Azure Stack HCI, version 21H2 that also has the potential to make my white paper claims even more jaw dropping. KSR will give me the ability to perform a “software-only restart” on my servers – sparing me from watching the paint dry during those long physical server reboots. Initially, the types of updates in scope will be OS quality and security hotfixes since these don’t require BIOS/firmware initialization. Dell Technologies is also working on leveraging KSR for the infrastructure updates in a future release of OMIMSWAC.
KSR will be especially beneficial when using Microsoft’s CAU extension in Windows Admin Center. The overall time savings using KSR multiplies for clusters because faster restarts means less resyncing of data after CAU resumes each cluster node. Each node should reboot with Mach Speed if there are only Azure Stack HCI OS hotfixes and Dell EMC Integrated System infrastructure updates that do not require the full reboot. I will definitely be hounding my Product Managers and Engineering team to deliver KSR for infrastructure updates in our OMIMSWAC extension ASAP.
Bake off rematch
I decided to hold off on doing a new bakeoff until Azure Stack HCI, version 21H2 is released with KSR. I also want to wait until we bring the benefits of KSR to OMIMSWAC for infrastructure updates. The combination of OMIMSWAC 1-click full stack CAU and KSR will continue to make OMIMSWAC unbeatable for seamless lifecycle management. This means better outcomes for our organizations, improved blood pressure and quality of life for IT pros, and more motion-sickness-free adventure vacations. I’m also looking forward to spending more time learning exciting new technologies and less time with routine administrative tasks.
If you’d like to get hands-on with all the different features in OMIMSWAC, check out the Interactive Demo in Dell Technologies Demo Center. Also, check out my other white papers, blogs, and videos in the Dell Technologies Info Hub.
Dell APEX Cloud Platform for Microsoft Azure Serviceability
Tue, 26 Sep 2023 14:33:07 -0000
|Read Time: 0 minutes
Whenever an IT company presents a new product, it can be tempting to focus solely on the shiny side of the announcement. How fast are the new processors it incorporates? How much IO throughput can we attain, or how low can the storage latency be? We may be captivated by how easily the new product fits into a hybrid cloud operating model or how it slots perfectly into our multi-cloud strategy. We can focus on the improvements in operational efficiency, the cost savings it introduces, etc. The list is long and attractive, and these are important elements to what makes a new offering worth your time.
But there are a multitude of technologies and processes happening in the background to make these selling points a reality. To keep this new product running and true to the aforementioned benefits, we need to turn our focus to a whole different type of announcement.
Dell APEX Cloud Platform for Microsoft Azure is no different. A fully automated and integrated offering that extends and optimizes the Azure public cloud experience to on-premises IT environments, Dell APEX Cloud Platform for Microsoft Azure accelerates developer productivity, optimizes workload placement to meet application performance, and addresses governance requirements.
Figure 1. Dell APEX Cloud Platform for Microsoft Azure
But what needs to happen in Dell APEX Cloud Platform for Microsoft Azure to make all these perks possible over time and through any and all vicissitudes?
It all comes down to serviceability. Dell APEX Cloud Platform Foundation Software integrates Dell Support and serviceability features/functionality into the APEX Cloud Platform extension in Microsoft Windows Admin Center.
For serviceability, we bundle a wide range of technologies and processes such as:
- Secure Connection for monitoring, providing remote support and handling hardware alerts
- Event Management and Call-Home
- Log bundle collection
- Check service feature
Dell APEX Cloud Platform Connectivity
Providing a secure connection gateway between customers’ facilities and Dell support sets up a trustable platform to send infrastructure, events, and call home, create service requests and deliver remote support for troubleshooting.
These connectivity features can be managed from the Dell APEX Cloud Platform Extension for Microsoft Windows Admin Center, as shown in the following figure.
Figure 2. Connectivity can be enabled, disabled, and configured from Windows Admin Center
As mentioned previously, we can select the type of connectivity, either direct or through Dell Secure Connect Gateway, as shown in figure 3.
Figure 3. Selecting connectivity from the APEX Cloud Platform infrastructure to Dell support
This connectivity, once established, enables you to create support cases and review KB articles from within the Dell APEX Cloud Platform for Microsoft Azure extension for Microsoft Windows Admin Center,
Event Management and Call Home
Dell APEX Cloud Platform for Microsoft Azure Event Management is built around an event processing service that:
- Collects events and transforms them into a common format
- Applies filters and other rules to reduce false alarms and unnecessary traffic
- Stores event history and distributes events to both Dell Call Home and Windows event viewer
In the following figure, we can see an event from the Windows Event Viewer. Dell APEX Cloud Platform for Microsoft Azure Events will appear under the section Hyper-V-Dell-APEX-HCP. In the description pane, we can analyze the event code, which includes event type, source, severity, component, and an index field. Other useful information includes:
- Event message and time of occurrence
- Information on the host, component, and sub-component that caused the event
- If there is any KB available related with the raised event
Figure 4. Dell APEX Cloud Platform for Microsoft Azure event, as seen from Windows Event Viewer
In the Dell APEX Cloud Platform Extension for Microsoft Windows Admin center, we have a dashboard dedicated to Alerts, as shown in figure 5.
Figure 5. Alerts UI from the Dell APEX Cloud Platform Extension for Microsoft Windows Admin Center
We can sort and categorize systems alerts by acknowledging them or not.
Establishing the connectivity with Dell support to configure Call Home will enable the automatic creation of Dell support cases based on these alerts.
Log Bundle collection
Dell APEX Cloud Platform for Microsoft Azure allows the user to collect log bundles coming from:
- Cloud Platform Manager
- Each node iDRAC
- Each cluster or node of the Azure Stack HCI platform
In the following example, we have elected to create log bundles from the three available sources.
We can select the nodes or cluster from which we want the logs to be created.
Figure 6. Dell APEX Cloud Platform for Microsoft Azure log bundle creation
You can download the bundles and delete old and/or unneeded logs, shown in figure 7, leaving room for future ones.
Figure 7. Dell APEX Cloud Platform for Microsoft Azure Log management
Check Service
Dell APEX Cloud Platform for Microsoft Azure includes a profile-based check service. Depending on the need--if we are running a compatibility check, a lifecycle management check, or a cluster validation check--we can create and use different profiles for those validations.
In the following table, we can see the type of checks supported in this version of Dell APEX Cloud Platform for Microsoft Azure.
| Scenario | Checker | Description |
|---|---|---|
Node Compatibility check | Hardware symmetry check | Check the hardware symmetry with primary node |
Hardware compatibility check | Check if hardware is supported under a specific version.
| |
Software compatibility check | Check if software is supported under a specific version. | |
Cluster validation | Host disk check | Check host disk. |
Secured core BIOS setting check | Check secured core BIOS setting. | |
Secured core OS feature check | Check secured core OS feature. | |
LCM precheck | Microsoft’s Enterprise Cloud Engine (ECE) health check | Check ECE health state |
ECE running check | Check if there are pending jobs on iDRAC | |
iDRAC pending check | Check cluster component compatibility by Known Good State (KGS) | |
Cluster Component Compatibility Check | Check platform compatibility by KGS service Check if Kernel Soft Reboot (KSR) is disabled | |
Platform compatibility check | Check platform compatibility by KGS service | |
KSR disable check | Check if KSR is disabled | |
Node health check | Check if node power state is ON |
All checks in every profile can be aggregated into a report in .json format.
This report is saved in the Radar docker directory /var/radar/report.
The following figure shows the example of a Day 1 node compatibility check. In it, we can see the compatibility column. The check service has validated that the selected node (with Service Tag 5750003) is compatible to be added to a Dell APEX Cloud Platform for Microsoft Azure cluster.
Figure 8. Day 1 node compatibility check
All the processes and technologies described in this blog enable IT administrators to keep the lights of their Dell APEX Cloud Platform for Microsoft Azure platform on by facilitating systems’ monitoring and troubleshooting.
You can find more information on Dell APEX Cloud Platform for Microsoft Azure on Dell InfoHub.
Resources
We have tons of great content to help you deep-dive into Dell APEX Cloud Platform for Microsoft Azure powered by Dell APEX Cloud Platform Foundation Software.
- InfoHub (White Papers, Blogs, Interactive Journey, and more) – https://infohub.delltechnologies.com/t/cloud-platforms/
- YouTube playlist with educational and demo videos – https://www.youtube.com/playlist?list=PL2nlzNk2-VMEkNM7E8m0ia_lLHWlOuT5h
- Main product page with spec sheets, solution briefs, infographics, and other great collateral – https://www.dell.com/azure
- Dell Support site with administrator guides – https://www.dell.com/support/home/en/product-support/product/apex-cloud-pf-ms-azure/docs
And as always, please reach out to your Dell account team if you would like to have more in-depth discussions about the Dell APEX Cloud Platforms family. If you don’t currently have a Dell contact, we’re here to help on our corporate website.
Author: Inigo Olcoz, Senior Principal Engineer Technologist, Dell HCI Technical Marketing
Twitter: @VirtualOlcoz