Archive for December, 2016

Docker file enable us to quickly deploy Docker containers,we can customize container (add features,create files/folers,copy files from docker host,run startup script…)

This section specify Docker images from which we will derive container

FROM nanoserver/iis

Optionally,define “responsible” persron (who created this image)

MAINTAINER dragan979@yahoo.com

This image has built-in IIS server,in this example we simple deleted default HTML page

RUN del C:\inetpub\wwwroot\iisstart.htm

Create new default IIS page

RUN echo “Greetings from iis container” > c:\inetpub\wwwroot\index.html

Creating new folder in Docker container (note forward slash)

RUN powershell New-Item -ItemType directory -Path c:/test

copy C++ redistributable from Docker host to Docker (to folder created in previous step)

COPY vcredist_x86.exe c:/test/

Copy PS script to Docker container (this script simply restarts IIS service) (note forward slash)

COPY start.ps1 c:/test/

Create new empty file in Docker container (note forward slash)

RUN powershell new-item c:/test/file.txt

Install vcredist_x86.exe

RUN powershell start-process C:\test\vcredist_x86.exe -ArgumentList ‘/quiet’

Run PS script copied in previous step

RUN powershell.exe -executionpolicy bypass c:\test\start.ps1

Download python to c:\test (note forward slash)

ADD https://www.python.org/ftp/python/3.5.1/python-3.5.1.exe c:/test/python-3.5.1.exe

Complete docker file (this file has no extension)

# Sample Dockerfile

# Indicates that the windowsservercore image will be used as the base image.
FROM nanoserver/iis

# Metadata indicating an image maintainer.
MAINTAINER dragan979@yahoo.com

# Creates an HTML file and adds content to this file.

RUN del C:\inetpub\wwwroot\iisstart.htm
RUN echo "Greetings from iis container" > c:\inetpub\wwwroot\index.html
RUN powershell New-Item -ItemType directory -Path c:/test
COPY vcredist_x86.exe c:/test/
COPY start.ps1 c:/test/
RUN powershell new-item c:/test/file.txt
RUN powershell start-process C:\test\vcredist_x86.exe -ArgumentList '/quiet'
RUN powershell.exe -executionpolicy bypass c:\test\start.ps1
ADD https://www.python.org/ftp/python/3.5.1/python-3.5.1.exe c:/test/python-3.5.1.exe

Make sure PowerShell script,vcredist and Docker file is in the current location of CMD or PowerShell (for example if PS or CMD prompt is in C:\Users\username all these files also should be located in that path)

From CMD or PowerShell prompt run:

docker build -t iis .

Note period (.) at the end it means current folder (it defines path of Docker file).

iis is container name

All steps specified in Docker file are execured in order

untitled

Run Docker container:

docker run -it -p 80:80 iis powershell

2

Storing container into https://hub.docker.com

I created private registry (“store” for Docker images)

3

Log in to Docker Hub

docker login

1

Rename our Docker image to be the same as name of Docker Hub registry-dragan979/test in my case (in order to be able to “upload” image into Docker Hub)

docker tag iis dragan979/test

Upload image to Docker Hub

docker push dragan979/test
Advertisements

First we need to install the OneGet PowerShell module and Docker itself:

Install-Module -Name DockerMsftProvider -Repository PSGallery -Force
Install-Package -Name docker -ProviderName DockerMsftProvider

1

If You get error regarding missing KB3176936,installing that package won’t solve the problem.

2

Instead,we need to fully update Windows Server:

sconfig.cmd

 

5

 

Press 6,then press A

4

Press A again

 

5

Now you should be able to install docker (run again)

Install-Package -Name docker -ProviderName DockerMsftProvider

See available Web server images:

docker search iis --no-trunc

 

 

6.png

I choose to install nanoserver/iis (about 300 MB against microsoft/iis 4 GB)

docker run -it -p 80:80 nanoserver/iis cmd

-i interactive Keep STDIN open even if not attached

-t  Allocate a pseudo-TTY

-p 80:80 map docker host port 80 (Windows Server) to container post 80,consider it as port mapping

cmd run Command prompt upon container start

I changed default IIS welcome page:

del C:\inetpub\wwwroot\iisstart.htm
echo "If you see this page,it means you have reached IIS test page running on IIS nano-server container.It's awesome :-)" > C:\inetpub\wwwroot\index.html

Try to access IIS container’s web page,192.168.0.5 is IP address of Windows Server (container host)

 

7.PNG

We can save this modified container for future use,first find out name of this container:

docker ps -a

 

8

Now save this image:

docker commit sharp_lalande modified-iis
docker images

 

 

9

Capturing performance counter data

For example,to query memory events we need to locate it first:

typeperf -q | select-string 'memory'

1a.PNG

For example,to collect Free Memory 3 times every 4 second type:

typeperf "\Memory\Available MBytes" -si 4 -sc 3

1a

Trace record

We use Windows Performance Recorder to find out event providers

wpr.exe -providers

Create trace:

New-EtwTraceSession -Name "ExampleTrace" -LocalFilePath c:\etrace.etl

5

Find ETW (Event Trace for Windows):

wpr.exe -providers | select-string "Kernel-MRemove-EtwTraceSession -Name "ExampleTrace"emory"

6

Start trace:

Add-EtwTraceProvider -Guid '{d1d93ef7-e1f2-4f45-9943-03d245fe6c00}' -SessionName "exampletrace"

7

Remove trace:

Remove-EtwTraceSession -Name "ExampleTrace"

8

Copy trace file to Windows Server (shared folder):

net use z: \\dc.test.com\nano /user:test\administrator Password01
Copy-Item .\etrace.etl z:\

Open trace file in Event Viewer:

12

 

13

 

Adding Nano Server to Server Manager

In Server Manager click Local Server-Manage-Add Server

1

 

1.PNG

After clicking OK we get Access Denied:

9.PNG

 

Right click Nano server-Manage As

10.png

Enter domain admin username/password

1

 

11.PNG

 

 

Managing Nano Server

Posted: December 11, 2016 in Windows Server

Installing roles and features online

Finding modules online:

Save-Module -Path "$Env:ProgramFiles\WindowsPowerShell\Modules\" -Name NanoServerPackage -MinimumVersion 1.0.1.0

Importing Module

cd 'C:\Program Files\WindowsPowerShell\Modules\NanoServerPackage\1.0.1.0'
Set-ExecutionPolicy Unrestricted
Import-PackageProvider .\NanoServerPackage.psm1
Find-NanoServerPackage | ft -wrap

 

 

1

 

2.PNG

Now we can install needed package,in example below i installed Storage Package

Install-NanoServerPackage -Name 'Microsoft-NanoServer-Storage-Package' -MinimumVersion 10.0.14393.0 -Culture en-us -ToVhd 'C:\nano\nano_server.vhd'

 

3.png

Editing existing Nano Server

With Edit-NanoServerImage cmdlet we can:

— Add packages.
— Add drivers.
— Set the computer name.
— Set the administrator password.
— Join a domain.
— Enable debugging.
— Enable Emergency Management Services (EMS).
— Set the static IP address.

In This example we’ll add Nano Server to AD Domain

In Domain joined computer or DC run

djoin.exe /provision /domain test.com /machine nano-01 /savefile c:\nano.djoin

Now we can join Nano Server to the domain:

Edit-NanoServerImage -TargetPath C:\nano\nano_server.vhd -Ipv4Address '192.168.0.10' -InterfaceNameOrIndex 'ethernet' -EnableRemoteManagementPort -Ipv4Dns '192.168.0.5' -Ipv4SubnetMask '255.255.255.0' -Ipv4Gateway '192.168.0.1' -DomainBlobPath 'C:\nano.djoin'

Alternative way of editing Nano Image using Dism.exe

dism.exe /Mount-Image /ImageFile:c:\nano\nano_server.vhd /index:1 /mountdir:c:/mountdir
dism.exe /add-package /packagepath:d:\nanoserver\packages\Microsoft-NanoServer-FailoverCluster-Package.cab /image:c:\mountdirm.exe /Mount-Image /ImageFile:c:\nano\nano_server.vhd /index:1 /mountdir:c:/mountdir
dism.exe /unmount-image /mountdir:c:\mountdir /commit

A few months ago i described how to deploy Nano Server using PowerShell.In this post we’ll create Nano Server using Nano Server Image Builder.

First download and install Image Builder and Windows Assessment and Deployment Kit (ADK).If You doing this on Windows 10,make sure Hyper-V feature is installed

untitled1

Open Image Builder

Untitled.png

Create a New Nano Server Image

1

 

 

2

Specify path to Windows Server 2016 installation disk

 

3

 

Specify path to folder where Nano Server vhd diskand log files will be created,also set  disk size

 

4

Specify which packages will be installed

5

 

Set Nano Server name admin password and time zone:

 

6.PNG

Choose whether to join to domain or not

13.PNG

Configure network and WinRM

 

8.PNG

I created bat file which starts IIS service (net start w3svc),and that script will be executed upon Nano Server start (we will be install IIS-as specified before)

 

10

Enable/Disable EMS

11

 

 

12

 

In case of errors,you can review logs in location we specified earlier

1

 

14.PNG

We can see vhd file is created

1

Now create new Hyper-V VM,and attach this vhd file,type Administrator as username,and password we specified during creation

1

Enable echo reply:

1

 

 

1

 

Press F4 to enable Ping

 

1

 

 

1

Create Azure AD user with PowerShell

Posted: December 5, 2016 in Azure

In one of my previous posts we created user in Azure portal.On of the drawback of this approach is that user is created with a temporary password and the user must log in to set a new one.

Download and install Microsoft Online Services Sign-In Assistant for IT Professionals RTW and Azure Active Directory Module for Windows PowerShell (64-bit version)

Run Windows Azure Active Directory Module for Windows PowerShell

Untitled.png

Put credentials of Global Admininstrator user.This has to be non-microsoft account !!

$msolcred = Get-Credential

capture

Connect to Azure:

Connect-MsolService -Credential $msolcred

Create user:

New-MsolUser -UserPrincipalName admin01@bigfirm.info -DisplayName "admin01" -FirstName "Peter" -LastName "Parker" -Password Password00 -PasswordNeverExpires $true -AlternateEmailAddresses spiderman@bigfirm.info

capture

By Default,this new user has user role

Capture.PNG

To see all available roles with description run next cmdlet:

Get-MsolRole | ft -Wrap

Capture.PNG

Assigning role to user:

Add-MsolRoleMember -RoleName "Company Administrator" -RoleMemberEmailAddress admin01@bigfirm.info

Add domain to Azure:

From Azure portal click Azure Active Directory

untitled

Domain Names:

5.png

Click Add:

6.PNG

Create new domain (the same name as on-premisses one).When creating new domain in Azure,we need to verify it.To do so,we need to add TXT entry in  DNS of domain which we want to add to Azure

7.png

I have domain in GoDaddy,so i created TXT file in DNS:

8.png

Then we can click Verify on Azure portal:

9.png

Now,on bigfirm.biz DC we need to install Azure AD connect.

For this blog i created 3 users:

Untitled.png

I clicked Use express settings

1

Enter credentials of user who have Global Admin Role in Azure portal

capture

Now enter username/password of Enterprise Admin (on premises domain)

capture

 

 

capture

4-5

 

Capture.PNG

Now all on premises accounts are transfered to Azure

4-7.png