A short note about using Windows Updates

by Dmitry Kirsanov 16. August 2013 00:00

On second Tuesday of each month Microsoft releases batch of patches for Windows and everything. Some of these patches require restarts of machine. Sometimes during the process machine can shut down instead of restarting. Sometimes the machine can’t even shut down properly. Yet in many cases production servers have "Install updates automatically" setting turned on. This is a sort of Russian roulette.

Morale: do not enable automatic installation of updates on production servers or machines you can’t switch on immediately.

What happens when you leave your Windows session unattended for days

by Dmitry Kirsanov 11. August 2013 08:33

IE_VM13

This is a CPU usage graph of a Windows Server 2008 R2 machine, with all latest patches applied, and Internet Explorer 10 left opened for a few days. It had only two pages opened, both are Microsoft’s own support pages with no active content.

Remote session (RDP) was opened for about 5 days, and every hour Internet Explorer process took more and more memory and CPU, until it took most resources from server.

More...

SQL Bits: Working with AlwaysOn Availability Groups in SQL Server 2012

by Dmitry Kirsanov 24. February 2013 22:23

In SQL Server 2012, we have 4 main options for High Availability: Database Mirroring, Failover Clustering, Availability Groups and Log Shipping. All but Availability Groups (AG) are available in SQL Server 2008 as well. Today we’ll review Availability Groups and how to create and use them.

Before we begin, make sure you understand what is Windows Server Failover Cluster (WSFC). I covered it almost a year ago for Windows Server 2008 R2 and SQL Server 2008 R2, and you’ll need WSFC in order for AG to work.

A few points about Availability Groups to make sure they are what you are looking for:

  • Availability Groups are not share-nothing scalability option. They are using shared storage, such as storage area network (SAN), although it’s not a requirement. We’ll speak about share-nothing scalability later.
  • For AlwaysOn Availability Groups, you need SQL Server 2012 Enterprise edition or higher. Business Intelligence edition or Standard won’t do.
  • AG provide failover with up to 5 readable nodes.
  • AG provide you with something like load balancing option, but AG is not NLB. Also, all nodes can work independently, i.e. you can still connect to them to retrieve information. Only the primary node can change information in the database.
  • AG does not require working in the same IP subnet, but it requires Active Directory domain. This means, that you can have geographically remote nodes participating in one AG, but they must be members of the same AD domain.
    In case of multi-subnet cluster, you’ll have to implement the file replication solution on your file servers to synchronize the data.
  • AG is database-level, as opposed to node-level failover cluster. AG serves group of databases, unlike the simple database mirroring, with 4 replicas instead of one.

Overall, the AlwaysOn Availability Groups are conceptually similar to database mirroring, but provide more advanced functionality and security.

More...

Configuring Failover Cluster in Windows Server 2008

by Dmitry Kirsanov 19. April 2012 06:45

About 5 months ago, I made a video about configuring the network load balancing cluster in Windows Server 2008. I am continuing the series about clustering the Windows Server 2008 with the next type of clusters – the failover cluster. Also known as “high availability” cluster.

Although Windows Server 2008 supports 4 types of clusters – Network Load Balancing, Failover, Computational and Grid, the most commonly used are the first two. Also, we’ll talk about the private clouds later, as they are doing similar job, but in Windows Server 2008 the private cloud is the functionality of an application called System Center Virtual Machine Manager 2012, so it’s not the system core feature, such as clustering.

During the series of demos we’ll talk mainly about failover and network load balancing clusters, as the High Performance Computational cluster requires it’s own special edition of Windows Server 2008, called Windows Server 2008 R2 HPC Edition, and chances are – you won’t ever have the requirement to set up such environment.

Windows Server 2008 Cluster Categories

Windows Server 2008 Cluster Categories

As you can see in the following slide, there are two categories of clusters by the way they share resources.

Failover cluster belongs to the second group, which means that it is a group of computers, where only one node (i.e. the machine participating in the cluster) owns the resource. You may have two or more machines working as nodes in your failover cluster, but only one of them will serve clients at any moment of time. Once that machine fails, another node takes ownership of resources (shared drive, for example) and starts serving clients instead of the failed node.

More...

SCCM For Poor - Windows Intune at Glance

by Dmitry Kirsanov 8. February 2012 13:00

imageHow many products of major brands float under your radar, unnoticed and unevaluated? Perhaps Windows Intune is one of them, but if you are Windows system administrator – that’s the one product you should know about, whether you’re using it or not. So this post is about Windows Intune.

More...

Introduction to scripting for Systems Administrators - PowerShell

by Dmitry Kirsanov 19. November 2011 21:28

There was a time, when IT specialists were mainly either systems administrators or developers. There was a time, when being Database Administrator would also mean having perfect knowledge of SQL. New generation of IT specialists don’t remember that time, and that only because technology evolved so greatly, it is considerably harder to possess the whole range of features offered by a monster product such as SQL Server 2008.

But this post is not about databases at all. It’s about how we can manage the growing complexities of enormous range of technologies that we have to use in business. More...

Deploying Windows 7 by Using Windows Deployment Services

by Dmitry Kirsanov 14. November 2011 09:10

In one of the previous topics, I was showing how  to deploy Windows 7 using Automated Installation Kit, or AIK. This time it’s more hardcore, and is about Windows Deployment Services.

Using Windows Deployment Services you can deploy your fine tuned Windows 7 image to hundreds of computers in a matter minutes. It’s not the most hardcore way of doing it, as I will show in SCCM course later, but still mind blowing if you are either haven’t heard about it before.

It’s not a rocket science though, so the whole lab is just 16 minutes. Very short indeed, but it contains even the installation phase.

Enjoy!

Deploying Windows 7 by Using Windows Deployment Services

Network Load Balancing Clusters in Windows 2008 - when one server is not enough

by Dmitry Kirsanov 14. November 2011 08:52

Russians says – “One is not a warrior at the battlefield”, meaning that one is just too small number for a real war. When the time of real battle is coming to your web site, it’s time to become a … farmer. The geeky one.

Web farm, or Network Load Balancing (NLB) cluster is when there are more than one web server behind a single web address. Of course, it’s not only about web – some other stateless resources can be scaled that way as well – DNS server, for example, or SMTP. However, the most popular use of NLB clusters is web, as most requests in the Internet are going through it.

Network load balancing clusters are rather frustrating topic for many systems administrators, as it’s very common for them to know clustering till the time of their exam. MCSEs and MCITPs of all kinds have to know that stuff, but rarely use it. Who might be more interested in clustering – that’s web developers, who’s web applications serve more and more visitors each day and should be infinitely scalable by design.

Developers

But what it takes to build an application, which could be scaled out by simply adding more hardware? If your application is working fine and attracts more customers than it can handle – that’s when you are wondering whether you’re in trouble. The trouble comes when you realize, that the architecture of your project does not support scaling and situation is even worse if your web developer has no clue about how to make it work in the cluster.

For .NET developers, though, the situation is much better than for PHP developers, for example. They can use SQL server to store the state data (and SQL server may reside on failover cluster, which is the second type of windows cluster that we’ll review later), files can be stored at mirrored network area storage (NAS) and that’s it.

Systems Administrators

For administrators, though, the situation is more difficult. First of all, they are the ones who needs to care about installation, maintenance and management of the cluster. They are the ones who migrate old applications to new clustered servers and must ensure they understand why these applications do not work under new conditions. While usually developers have the harder burden, this time it’s not the case, thanks to Visual Studio and .NET.

There is not much we can say about developer’s part of the job, as there is too little and too simple stuff to do, there is pretty much to say and to show to system administrators.

That’s why I had no choice than to prepare my first narrated lab about creating Windows Server 2008 Network Load Balancing cluster. Enjoy!

Implementing Network Load Balancing Clusters in Windows 2008

Perhaps my future labs will become narrated as well, excerpt for the short and simple ones. It takes a bit more work, since I am not preparing the text and have limited time to complete the lab (always do it in one take), but is definitely more fun, as I can tell more than you want / need to know about the subject.

Introduction to Corporate Computing

by Dmitry Kirsanov 4. November 2011 01:31

Imagine, that you have a company with 5 000 employees having 6 000 computers. These could be desktop computers, notebooks, various mobile devices – anything running Windows. And you have 10 people to manage all this hardware and software.

When working in such strict conditions you can’t avoid standardizing everything you can. And having such tiny staff with ratio of 600 machines per IT staff member, you want to automate everything and make the environment to be more reliable and independent from system administrators.

Imagine the situation, when you need to install software to all machines, or perhaps to ½ of machines, which is 3 000 computers anyway. With help of Active Directory you can do it automatically, if the source application contains MSI (Microsoft Installer) file. If it doesn’t, you can execute legacy EXE installation and install it using Microsoft System Center Configuration Manager (SCCM) which is version 2007 at the time this post is written, but we already have version 2012 in RC (release candidate) phase.

However, in both cases you might need to change configuration of installation significantly. Remove automatic updates, icons from desktop, shortcuts in Startup and various screens to welcome new users. You may also want to make it impossible to change the installation but keep the Recovery and Uninstall options. Or perform initial configuration, such as configure your program to use DivX drivers or whatever else you can do once the program is installed.

But how?

That’s what repackaging stands for. You can take anything you want and package it into MSI installation file. That’s packaging. When you take existing MSI package or legacy EXE/BAT/whatever package, and transform it to MSI package, that’s called repackaging.

And it’s quite profitable business.

The reason for it to be a profitable business is mainly because you need to be an expert in systems administration and preferably also in hardware and software development in order to successfully repackage the whole software portfolio your 6K-computers company needs.

And most likely you don’t have such specialist or have better tasks for him, right? So you outsource that business to repackaging company and agree to pay per conversion or per day of work, depending from the volume of work required.

Repackaging these days include not only the conversion, but also testing and analysis of your software. For example, you may submit software you were using for years to repackager, and he will test whether his package and the software itself will work in required target operating system, like Windows 7 x64.

If not – then he will recommend the course of actions to make it work, and there is a correlation between his level and “that’s impossible” answer ratio, as more experienced and skilled repackagers tend to solve problem instead of giving up early.

So, let’s return to our company. Once you’ve got your legacy software repackaged into stable and shiny MSI package, you install it wherever you need using SCCM server. SCCM will make sure that older packages are updated with this one, but it won’t track your licenses for it, if any. So as you can see, there is a whole lot of new concepts for a standard systems administrator to uncover.

If you are installing things like Microsoft Office or Adobe Acrobat Pro in your company, the chances are – you need to make sure you don’t install more copies than you paid for. And you want to track how many of them you have left, who needs them and perhaps allow those who needs to install necessary software without you doing much about it. Remember, with ratio of 600 machines per IT administrator, you only have 48 seconds per day for each workstation.

So there are tools that track licenses, allow people to acquire licenses from the pool and automatically install required software once approved by supervisor, or vice versa – remove software from one machine and distribute it to others.

There are even scenarios, when user visits a homepage in local network, requests new computer pre-loaded with required software, and once the request is authorized by his supervisor, receives new computer. But what is important – the computer comes to your company with blank hard drive, and all you need to know as the system administrator – the MAC address of that new computer and the recipient.

You enter the address into your system, power on the machine and forget about it for next half of hour. In 30 minutes it is ready to work, totally loaded with all required software. Then you switch off the old workstation, switch on the new one, user logs in and can continue working right over.

I deliberately don’t name the software packages that make this happen, so it would be easier to understand, that all of them are working on top of the main layer – the Microsoft System Center Configuration Manager, which I am going to talk about soon.

Anyway, as you can see, a single need to operate as much computers as you can with as smaller IT staff as possible, led to whole new sector in IT market and highly sophisticated products, which you should learn if you are about to pursue a career in large organization as Windows Server systems administrator.


Month List