August 2022 - Seite 4 von 49 - Cloud Computing Köln

Managed Service for Microsoft Active Directory (Managed Microsoft AD) is a Google Cloud service that offers highly available, hardened Microsoft Active Directory running on Windows virtual machines. We recently added on-demand backup and schema extension capabilities that can help Google Cloud users more easily and effectively manage AD tasks. Managed Microsoft AD is a fully managed service with automated AD server updates, maintenance, and security configuration, and needs no hardware management or patching. The service is constantly evolving, adding new capabilities to effectively manage your cloud-based, AD-dependent workloads. Here’s a closer look at the benefits for Google Cloud users of the new on-demand backup and schema extension capabilities.Flexibility to manage your AD domain with on-demand backup and restoreManaged Microsoft AD already offers scheduled backups which are taken automatically every 12 hours. Now with on-demand backup and restore, customers will have the ability to create checkpoints (snapshots) at any point in time and restore back to that state when needed. The new on-demand backup and restore functionality is now generally available in addition to the scheduled backups. This functionality can provide flexibility for customers to initiate backup and recovery based on their unique needs. Here are two scenarios where on-demand backup and recovery can be used:Critical domain changes now can be done anytime without aligning to the next backup schedule. Users can restore to a point back in time from backups without having to raise a support request.With this release, users can create up to five on-demand backups. Managed Microsoft AD APIs also offer management functionalities for backups that includes listing of all backups (both on-demand and scheduled,) restoring to a selected backup, updating labels, and deleting a backup. All these capabilities help users to effectively manage their backup administrative tasks. Power application integrations with Schema Extension supportNote: Schema Extension feature is in public preview and covered by the Pre-GA Offerings Terms of the Google Cloud Terms of Service. Active Directory (AD) relies on schema to organize and store the directory data. The AD schema contains a formal definition of every attribute and class that can exist in an Active Directory object. When you create a Managed Microsoft AD instance, it creates a default schema on the domain controller as well. However, there can be a situation where you want to customize the classes or attributes. Such a need arises when you have applications that require new types of information to be stored in Active Directory (e.g., to support single sign-on capabilities). Managed Microsoft AD now supports schema extension and enables modification of the existing schema to customize attributes via API using an LDAP Data Interchange Format (LDIF) file. The following LDIF change types are supported: add, modify, modrdn and moddn. It is generally recommended to do a domain backup before schema changes are applied. To simplify this, Managed Microsoft AD initiates a backup every time schema changes are triggered. This schema extension support enables additional context for users and for integrating with applications that are dependent on specific classes or attributes.Use case: Schema extension for LAPSYou can store and rotate the local account passwords of domain-joined computers in AD using Local Administrator Password Solution (LAPS), a Microsoft tool for password management. Any device that LAPS is deployed to can randomize the local administrator password, store that password in Active Directory, and then change that password on a set schedule. For LAPS to work with Active Directory, it needs the schema to be extended for storing the required attributes. For this use case, we assume that you have already installed LAPS and have your Managed Microsoft AD up and running. LAPS requires the following two additional attributes:ms-Mcs-AdmPwd – This attribute stores the local administrator passwordms-Mcs-AdmPwdExpirationTime – This attribute stores the expiration time of administrator passwordLet’s now look at how to add the required attributes using the Managed Microsoft AD schema extension feature.Step 1: Prepare an LDIF file to add ms-Mcs-AdmPwd and ms-Mcs-AdmPwdExpirationTime attributes.code_block[StructValue([(u’code’, u’dn: CN=ms-Mcs-AdmPwd,CN=Schema,CN=Configuration,dc=example,dc=comrnchangetype: addrnobjectClass: attributeSchemarnldapDisplayName: ms-Mcs-AdmPwdrnadminDisplayName: ms-Mcs-AdmPwdrnadminDescription: LAPS PasswordrnattributeId: 1.2.840.113556.8000.9999.2.2rnattributeSyntax: 2.5.5.5rnoMSyntax: 19rnisSingleValued: TRUErnsystemOnly: FALSErnsearchFlags: 904rnschemaIdGuid:: 64e85e0a-f479-4206-880d-ecbf73e2babbrnrnrndn: CN=ms-Mcs-AdmPwdExpirationTime,CN=Schema,CN=Configuration,dc=example,dc=comrnchangetype: AddrnobjectClass: attributeSchemarnldapDisplayName: ms-Mcs-AdmPwdExpirationTimernadminDisplayName: ms-Mcs-AdmPwdExpirationTimernadminDescription: LAPS Password Expiration TimernattributeId: 1.2.840.113556.8000.9999.2.3rnattributeSyntax: 2.5.5.6rnoMSyntax: 65rnisSingleValued: TRUErnsystemOnly: FALSErnsearchFlags: 0rnschemaIdGuid:: b3fea135-c39a-4169-aec7-c618cc8cb6ffrnrndn:rnchangetype: modifyrnadd: schemaUpdateNowrnschemaUpdateNow: 1′), (u’language’, u”), (u’caption’, <wagtail.wagtailcore.rich_text.RichText object at 0x3eaa5b788850>)])]Step 2: Login as a delegated administrator to your VM hosted in Google Cloud that was domain-joined with Managed Microsoft AD.Step 3: Extend the schema by running the following gCloud CLI command:code_block[StructValue([(u’code’, u’gcloud beta active-directory domains extend-schema DOMAIN_NAME –ldif-file=LDIF_FILE_PATH –description=u201dSample descriptionu201d –project=PROJECT_ID’), (u’language’, u”), (u’caption’, <wagtail.wagtailcore.rich_text.RichText object at 0x3eaa5b4f0d50>)])]Managed Microsoft AD creates a backup automatically when you initiate schema extension. You can use this backup to perform an authoritative restore, which returns the domain to a previous point before addition of these attributes. Step 4: To verify the schema changes, run the following command in Windows PowerShell:code_block[StructValue([(u’code’, u”get-adobject -Identity ‘cn=ATTRIBUTE,cn=Schema,cn=Configuration,dc=example,dc=com -Properties *”), (u’language’, u”), (u’caption’, <wagtail.wagtailcore.rich_text.RichText object at 0x3eaa5b4f0410>)])]The Managed Microsoft AD schema is now extended with the required attributes for configuring LAPS. You can now proceed with the rest of the LAPS setup as usual, including password settings, access permissions, and GPO configuration.These new features make it now easier to integrate applications with your Managed Microsoft AD and provide flexibility for operations like backup and restore. Here are additional resources where you can learn more about Managed AD and these new features.Managed Service for Microsoft AD documentationBackup and restore a domain in Managed Microsoft ADIntroduction to schema extension in Managed Microsoft ADExtend the schema in a Managed Microsoft ADRelated ArticleAnnouncing support for on-premises Windows workloads with Certificate Authority ServiceTo mitigate the challenges in managing and migrating digital certificates, Google Cloud is debuting a new technology partnership with CA …Read Article
Quelle: Google Cloud Platform

30. August 2022

da Agency

Azure Virtual Machines with Ampere Altra Arm–based processors—generally available

Microsoft is announcing the general availability of the latest Azure Virtual Machines featuring the Ampere Altra Arm–based processor. The new virtual machines will be generally available on September 1, and customers can now launch them in 10 Azure regions and multiple availability zones around the world. In addition, the Arm-based virtual machines can be included in Kubernetes clusters managed using Azure Kubernetes Service (AKS). This ability has been in preview and will be generally available over the coming weeks in all the regions that offer the new virtual machines.

Earlier this year, we launched the preview of the new general-purpose Dpsv5 and Dplsv5 and memory optimized Epsv5 Azure Virtual Machine series, built on the Ampere Altra processor. These new virtual machines have been engineered to efficiently run scale-out, cloud-native workloads. Since then, hundreds of customers have tested and experienced firsthand the excellent price-performance that the Arm architecture can provide for web and application servers, open-source databases, microservices, Java and .NET applications, gaming, media servers, and more. Starting today, all Azure customers can deploy these new virtual machines using the Azure portal, SDKs, API, PowerShell, and the command-line interface (CLI).

Customers build and run a vast variety of workloads on Azure, whether they are digitally transforming and modernizing their businesses or building all-new innovative distributed apps and services that the world has never seen before. At the same time, customers want to maximize operational efficiency and are taking a holistic approach across their application portfolios. They are also beginning to evaluate sustainability factors and the overall impact of their technological choices. Azure’s Ampere Altra Arm–based virtual machines represent a cost-effective and power-efficient option that does not compromise the level of performance that customers require.

Customers like Amadeus, the leading IT provider for the global travel industry, shared their perspective:

"The preview of the Ampere Altra Arm–based Dpsv5 Azure Virtual Machine series on Azure was the perfect opportunity to explore how these new instances could improve Amadeus Search and Shopping products for our customers. During our tests and benchmarks, we experienced an already mature Arm ecosystem and a seamless integration with Azure services. As expected, the high throughput and the reduced energy consumption makes this Series a must for improving both the performance and the sustainability of our Compute footprint. Following this conclusive experience, we are now planning on using these instances in production to run our Cloud workloads at scale."—Antoine Collier, Cloud Engineer at Amadeus

A growing partner ecosystem

Microsoft has over 20 years of experience with Arm-based technologies, and we continue to participate in the vibrant Arm ecosystem to help accelerate customer innovation. We are uniquely positioned to help customers build great solutions by collaborating with software and hardware companies—such as Ampere and Arm—across the globe, and we can also help customers deploy workloads more easily and run them with high performance.

"Ampere’s Cloud Native Processors are uniquely designed to meet both the high performance and power efficiency needs of the cloud. Through our strong partnership with Microsoft, Ampere Altra processors are now generally available as Azure Virtual Machines, bringing new cloud-focused processor technology to end users so that they can deploy the next generation of innovative cloud applications at scale, and do so in a sustainable manner."—Jeff Wittich, Chief Product Officer, Ampere

"The general availability of Microsoft Azure VMs on Arm marks an important milestone in redefining what is possible in cloud computing. Through market-leading scalable efficiency and the liberty to innovate, Arm Neoverse is enabling Azure customers to embrace the increasing diversity of workloads with better overall TCO and cleaner cloud service operations."—Chris Bergey, Senior Vice President and General Manager, Infrastructure Line of Business, Arm

We have been working with the open-source community and various independent software vendors (ISVs) to make several Linux OS distributions including Canonical Ubuntu, Red Hat Enterprise Linux, SUSE Enterprise Linux, CentOS, and Debian available on the new Arm-based Azure Virtual Machines. We will also add support for Alma Linux and Rocky Linux in the future.

"We see companies using Arm-based architectures as a way of reducing both cost and energy consumption. Arm-based architectures are ideal for computing workloads including microservices, application servers, machine learning, open-source databases, and in-memory caches. It truly is a huge advancement for those looking to develop with Linux on Azure. We are pleased to partner with Microsoft to announce the general release of Ubuntu images."—Alexander Gallagher, Vice President of Cloud, Canonical

"Red Hat has long been committed to providing our customers with a choice of architectures that meet their unique computing needs, from on-premises environments to public clouds and edge. We are pleased to support Ampere Altra Arm-based VMs on Red Hat Enterprise Linux on Microsoft Azure, adding to our hybrid cloud-spanning roster of architecture options. We work very closely with key partners like Microsoft to support the evolving needs of enterprise customers, highlighted here by helping to drive greater efficiencies through cloud-based Arm-based processors."—Maryam Zand, Vice President, Cloud Partners, Red Hat

"Given the importance of cloud and edge workloads, SUSE recognizes the significant opportunities with Arm in these environments. SUSE is excited to partner with Microsoft Azure in supporting the Dpsv5 and Epsv5 Azure VM-series based on the Ampere Altra Arm-based server instances in our recently released SUSE Linux Enterprise Server 15 SP4. Arm-optimized solutions in the cloud offer significant market potential as enterprises improve time to value and scale-out cloud environments with Azure Virtual Machines."—Thomas Di Giacomo, CTO SUSE

We have also collaborated with companies like Avanade, Datadog, Elastic, and many others who are building innovative solutions on Azure.

"Ansys simulation tools make use of massively distributed compute resources from cloud providers like Microsoft Azure to analyze some of the world's most advanced electronic and optical designs. Ansys has collaborated with Arm and Microsoft to make Ansys products, including RedHawk-SC and LS-DYNA, available on Ampere Altra Arm-based VMs in Azure. Ansys is dedicated to providing our customers with the best possible solutions for distributed computing and looks forward to continuing this very successful partnership."—John Lee, Vice President and General Manager of electronics, semiconductor, and optics business unit, Ansys

“The Arm-based virtual machines deliver great price performance value for many cloud-native workloads and scale-out scenarios, and the low power consumption per ARM core will enable Avanade to deliver solutions which meet clients’ sustainability goals by further reducing their carbon footprint."—Steve Hunter, Global Azure Platform Services lead, Avanade

"Datadog is proud to be a monitoring partner in the launch of Arm-based architectures on Azure Virtual Machines. By enabling deep visibility into Ampere Altra Arm–based virtual machines, customers can get full visibility into their entire Azure environment, including Arm-based instances to help with migration planning and performance monitoring."—Yrieix Garnier, VP of Product, Datadog

“At Elastic, we are at the forefront of innovation by providing customers the ability to use our solutions on Arm-based architecture. With the new Azure Virtual Machines featuring the Ampere Altra Arm–based processor, Elastic will be able to deliver better throughput and improved price-performance to our customers across their use-cases for observability, security, and search. We are looking forward to introducing the new Virtual machines on Elastic Cloud.”—Uri Cohen, VP, Product Management, Elastic

We know that many Arm applications will also be open source and cloud-native, and that’s why we’ve included support for these new virtual machines in Azure Kubernetes Service (AKS) from the start. Today we’re actively deploying updates across the Azure fleet to also make AKS support for Arm nodes generally available. These deployments will be made region by region and are expected to be fully available within two weeks. To check the status in your region(s), visit the AKS release tracker.

We’re excited that customers can already leverage so many partner solutions to accomplish their goals using Arm-based virtual machines. We’ll continue working closely with the software and partner ecosystem to bring even more packages, partners, and services to Arm on Azure in the months ahead.

Accelerating developer productivity with Arm in the cloud

The Arm ecosystem continues to benefit from the contribution of the global community for most major developer platforms and languages such as Java, Python, Rust, PHP, .NET, and more.

Java has played a critical role in democratizing cross-platform development. Java developers can enjoy the development experience they are familiar with while building and running their applications with the Microsoft build of OpenJDK. Microsoft provides Java 11 and Java 17 binaries for Windows, Linux, and macOS. With Microsoft's recent JEP 388 contribution to OpenJDK, Java applications can now run on a wider range of Arm systems with no additional code changes.

Native support for the Arm architecture is available in .Net 6 on both Windows and Linux. With C# 10 and F# 6, .NET 6 delivers language improvements that simplify your code. Native support for Windows on Arm64 is now also available for the .NET Framework starting with the recent 4.8.1 release for Windows 11 and with Visual Studio 2022 17.3 generally available. The vast ecosystem of .NET Framework apps can receive the benefits of running on Arm now. The latest Microsoft Visual C++ tools (currently in preview and available as part of Visual Studio 17.4 preview) allow you to not just run your apps, but also build natively for Arm, on Arm. Visual Studio 17.4 previews support the desktop (C++ and C#), Web, and Universal Windows Platform (UWP) workloads and will be generally available later this year. The totally free Visual Studio Code editor running natively on Arm enables you to harness the power of the cloud—not just for your production environment, but now also for your development environment.

Outside the datacenter, the Arm hardware landscape continues to expand beyond mobile to a variety of client devices for customers looking for the battery life and performance benefits of Windows on Arm PCs and tablets. Until now, developers and software-provider partners building for Windows on Arm devices have had to build and test their software on physical devices or resort to cross-compilation and inefficient emulation solutions. To support their work, we’ve made Insider Preview releases of Windows 11 Pro and Enterprise available to run on Arm-based Azure VMs. Client application developers can now take advantage of Azure’s highly available, scalable, and secure platform to run cloud-based software and build and test workflows that help them increase their agility. NortonLifeLock was part of the preview:

"We are using Azure VMs featuring the Ampere Altra Arm-based processors to run and test Norton products supporting Windows 11 on Arm. We have found them appealing not only for performance and scalability, but from a cost perspective as well. Microsoft has made it easy for their customers to use their VMs seamlessly across different scenarios."—Leena Elias, Vice President of Product, NortonLifeLock

Azure Arm-based virtual machines support a broad range of workloads

The Azure Arm-based virtual machine families include:

Dpsv5 series, with up to 64 vCPUs and 4GiBs of memory per vCPU up to 208 GiBs,
Dplsv5 series, with up to 64 vCPUs and 2GiBs of memory per vCPU up to 128 GiBs, and
Epsv5 series, with up to 32 vCPUs and 8GiBs of memory per vCPU up to 208 GiBs.

All the new virtual machine sizes support up to 40 Gbps of networking bandwidth; Standard SSDs, Standard HDDs, Premium SSDs, and Ultra Disk Storage can be attached to the virtual machines. Dpdv5, Dpldv5, and Epdv5 virtual machine series also include fast local-SSD storage. Virtual Machine Scale Sets are also supported. Monitor your virtual machines and protect your data with Azure Monitor and Azure Backup.

The Ampere Altra Arm–based Azure virtual machines are now available in the US (West US 2, West Central US, Central US, East US, East US 2), Europe (West Europe, North Europe), Asia (East Asia, Southeast Asia), and Australia (Australia East) Azure regions. We plan to expand Azure regional availability after September 1.

Spot Virtual Machines are also available today. Azure Reserved Virtual Machine Instances pricing will be offered when the Virtual Machines become generally available on September 1. Prices vary by region.

Getting started

We can’t wait to hear about the amazing workloads customers will build with these new virtual machines and tools. Start running your applications on Azure Arm-based Virtual Machines and AKS containers today.

Additional resources

Canonical blog
Datadog blog
Elastic blog
Microsoft’s binary distribution of the OpenJDK and related support.
Dplsv5 and Dpldsv5 virtual machine series documentation
Dpsv5 and Dpdsv5 virtual machine series documentation
Epsv5 and Epdsv5 virtual machine series documentation
Azure portal
Get help selecting the ideal virtual machine for your workload using the virtual machine selector
Azure Virtual Machines overview and Azure Virtual Machines pricing

Quelle: Azure