Assert-AutoShutdownSchedule 2.0.2 BST fix

If you are using this in your Azure subscription, you might want to consider a fix for BST

Around line 60

$VERSION = "2.0.2"
 
# DEAL WITH BST
$bst_on="03/27/2016 01:00:00"
$bst_off="10/30/2016 02:00:00"
 
#2015	Sunday, 29 March, 01:00	Sunday, 25 October, 02:00
#2016	Sunday, 27 March, 01:00	Sunday, 30 October, 02:00
#2017	Sunday, 26 March, 01:00	Sunday, 29 October, 02:00
#2018	Sunday, 25 March, 01:00	Sunday, 28 October, 02:00
#2019	Sunday, 31 March, 01:00	Sunday, 27 October, 02:00
...

and then around line 67

function CheckScheduleEntry ([string]$TimeRange)
{	
	# Initialize variables
	$rangeStart, $rangeEnd, $parsedDay = $null
	$currentTime = (Get-Date).ToUniversalTime()
    $midnight = $currentTime.AddDays(1).Date
 
 
	# BST	
	if($currentTime -ge $bst_on -and $currentTime -le $bst_off) {
		write-output "Adjusting $currenttime to BST"
 
		$currentTime = ($currentTime.addHours(1))
 
		write-output "BST is $currenttime"
	}	        
...

and then around line 283

# Main runbook content
try
{
    $currentTime = (Get-Date).ToUniversalTime()
 
	# BST
	if($currentTime -ge $bst_on -and $currentTime -le $bst_off) {
		write-output "Adjusting $currenttime to BST"
 
		$currentTime = ($currentTime.addHours(1))
 
		write-output "BST is $currenttime"
	}
...

Remember to publish your script after you edit it, and of course, test it !

Make sure your Azure ARM VM’s are not a threat

The script below will deploy or un-deploy the Azure antimalware extension from all VM’s in a resource group. You need to ensure the anySettings and SqlSettings are correct for your world.

[cmdletbinding()]
param (
    $rgname="release4.11.0.1",
    [bool]$adding = $true
)
 
# Get-AzureVMAvailableExtension | fl -Property Publisher, ExtensionName
 
$location="north europe"
$extName="IaasAntimalware"
$extType="IaaSAntimalware"
$extPublisherName="Microsoft.Azure.Security"
 
 
$anySetting = @"
{
"AntimalwareEnabled": true, 
"RealtimeProtectionEnabled": true,
"ScheduledScanSettings": {
       "isEnabled": true,
       "day": 1,
       "time": 120,
       "scanType": "Quick"
       },
"Exclusions": {}
}
"@
 
$sqlSetting = @"
{
"AntimalwareEnabled": true, 
"RealtimeProtectionEnabled": true, 
"ScheduledScanSettings": {        
       "isEnabled": true, 
       "day": 1, 
       "time": 120, 
       "scanType": "Quick"  
       },        
       "Exclusions": {
             "Extensions": ".mdf;.ldf",
             "Paths": "D:\\;E:\\",
             "Processes": "excludedproc1.exe;excludedproc2.exe"    
             }
       }
"@
 
 
$allVersions= (Get-AzureRmVMExtensionImage -Location $location -PublisherName "$extPublisherName" -Type "$extType").Version
$versionString = $allVersions[($allVersions.count)-1].Split(".")[0] + "." + $allVersions[($allVersions.count)-1].Split(".")[1]
 
 
$vms = get-azurermvm -ResourceGroupName $rgname
 
$vms | % {
    $thisVm = $_
 
    $whichSetting="Any"
    $setting = $anySetting
 
    if($thisVm.Name -like "*-sql") {
        $setting = $sqlSetting
        $whichSetting="SQL"
    }
    if($adding) {
 
    write-host ("ADDING $whichsetting setting to " + $thisVm.Name)
 
    Set-AzureRmVMExtension `
            -ResourceGroupName $rgname `
            -VMName $thisVm.Name `
            -Name "$extName" `
            -Publisher "$extPublisherName" `
            -TypeHandlerVersion "$versionString" `
            -ExtensionType "$extType" `
            -Location "$location" `
            -SettingString "$setting"
    }
    else {
        write-host ("REMOVING FROM " + $thisVm.Name)
        Remove-AzureRmVMExtension -ResourceGroupName $rgname -VMName $thisVm.Name -Name "$extName"
    }
}

All my Azure VPN connections just vanished

As part of the process for setting up VPN’s in azure, you may need to download the network.xml config file, edit it and upload it back to Azure.

Be warned that if you upload anything but a flat text file, azure may well accept the file, but stop showing your VPN connections on the portal.

So if yours vanish, check the format of the file you uploaded last.

Time to wake up the blog

I have spent the last 18 months – 2 years building tooling to automate the stand up / configure / tear down of various Azure virtual environments for various clients.  This is partly why the blog has been very quiet 🙂

I figure I have a pretty stable and workable solution based upon custom PowerShell scripts, some base VM images and some scheduled PowerShell tasks.

While I was busy doing this, M$ were building pretty much the same thing, calling it Azure Resource Manager.

This is what I must now get to grips with, cross technology training seems to be imminent.

To be fair, the M$ offering does at first glance look slightly improved on my ‘original’

Azure Resource Manager

Build Azure infrastructure using PowerShell

  • Install VS 2012 premium
  • Install Azure SDK
  • Install Azure PowerShell CmdLets
  • Download and convert to latest SIteMonitR – I am using this excellent article to run on my auto created Azure Infrastructure.  You can get it from http://code.msdn.microsoft.com/windowsazure/SiteMonitR-dd4fcf77#content
  • See PowerShell code below to create or re-create infrastructure on Azure, which you will need to run prior to deploying your application. Also, anytime you trash and re-create your infrastructure on Azure, re-do the deployment steps including downloading the publishing files as they will be different each time you generate the infrastructure

So these are the steps

  • Run createAzureInfrastructureForLab.ps1
  • Confirm Storage account, cloud service and Web site are created
  • Now follow instructions from http://code.msdn.microsoft.com/windowsazure/SiteMonitR-dd4fcf77#content relevant ones reproduced below

Load project into VS, May require converting and references updating to latest versions of Azure SDK, VS will take care of all these steps

Go into the dashboard for the new storage account you created and click the Manage Keys button at the bottom of the portal. Copy the storage account’s key to the clipboard.

In Visual Studio 2012, expand the SiteMonitR.Azure project’s Roles node. Double-click the SiteMonitR.WorkerRole node to open up the role’s settings pane.
Select the Cloud option from the Service Configuration drop-down menu.
Click the ellipse button next to the SiteMonitRConnectionString setting.
Enter in the storage account name and primary access key copied from the portal.
Click the OK button.

Repeat the same steps to set the Microsoft.WindowsAzure.Plugins.Diagnostics.ConnectionString setting.
Change the GUI_URL setting to reflect the URL of the Windows Azure Web Site you created using the Windows Azure portal.

Right-click the SiteMonitR.Azure project and select the Publish menu item from the context menu.
If you haven’t yet imported your publish settings, click the Sign in to download credentials link in the publish dialog.
Your web browser will open up and browse to the Windows Azure publish profile download page. When the page tries to download the publish settings file, click the Save button to save the file to your local workstation.
Go back to Visual Studio 2012. Click the Import button in the publish dialog. Then, browse to the publish settings file you just downloaded and select it.
Click the Publish button to deploy the Cloud Service to Windows Azure.
The Windows Azure Activity Log window should open to display the Cloud Service’s publishing process happening.

Go back to the Windows Azure portal. Click the web site you just created to load the site’s dashboard page.
Once the site’s dashboard loads in the browser, click the Download publish profile link.
When the browser tries to download the file, save it to your local workstation.
Right-click the SiteMonitR.Web project in Visual Studio 2012. Then select the Publish menu item from the context menu.
Click the Import button on the publish dialog. Then, find the web site publish settings file downloaded from the Windows Azure portal.
Click the Publish button in the dialog to publish the web site to Windows Azure.

Once the site has been published, go back to the site’s dashboard page in the Windows Azure portal. Click the Configure tab.
Change the default document from Default.htm to Default.html. Then delete the other options from the list of default pages. Then, click the Save button to save the site configuration.

Click the Browse button at the bottom of the web site’s dashboard to browse the site.

The site will open and present you with a simple form you can use to provide URL’s of sites you’d like to monitor.

Type in a site URL and click the Add Site button. The site will be added to the list of sites you are monitoring.
Add in as many sites as you would like. All of the sites are monitored by the Cloud Service. Their status will update in real-time as the sites are hit by the service and reported in the web site. To remove a site, click the X button and the site will be removed from the list of sites monitored by the application.

######### POWERSHELL CODE
######### Put this into a powershell file, say createAzureInfrastructureForLab.ps1
 
$errorActionPreference = 'Stop'
 
try {
Import-Module "C:\Program Files (x86)\Microsoft SDKs\Windows Azure\PowerShell\Azure\Azure.psd1" -ErrorAction silentlycontinue
}
catch {
write-host "Module already present"
}
 
$storageAccountName="NameOfYourStorageAccount"
$Location="West Europe"
# ---
$monitorCloudServiceName="YourMonitor"
$MonitorWebSiteName = "YourMonitorSite"
# --- Get next lot of stuff from Azure dashboard for your account
$mySubID = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
$certThumbprint = "40 digit thumbprint"
$myCert = Get-Item cert:\CurrentUser\My\$certThumbprint
$mySubName = "Name of your Azure subscription"
 
# NO STORAGE ID SET HERE
#
Set-AzureSubscription -SubscriptionName $mySubName -Certificate $myCert -SubscriptionID $mySubID
Select-AzureSubscription -SubscriptionName $mySubName
# WEB SITE
try {
$ws = get-AzureWebsite -Name $MonitorWebSiteName
try {
Remove-AzureWebsite -Name $MonitorWebSiteName -Force:$true -Confirm:$False
}
catch {
write-host $_
write-host "Remove web site $MonitorWebSiteName failed."
}
}
catch {
write-host "Web site $MonitorWebSiteName not present."
}
# CLOUD SERVICE
try {
$svc = get-AzureService -ServiceName $monitorCloudServiceName
try {
Remove-AzureService -ServiceName $monitorCloudServiceName -Force:$true -Confirm:$False
}
catch {
write-host $_
write-host "Remove Cloud service $monitorCloudServiceName failed."
}
}
catch {
write-host "Cloud service $monitorCloudServiceName not present."
}
 
# STORAGE ACCOUNT
try {
$sa = Get-AzureStorageAccount -StorageAccountName $storageAccountName
try {
Remove-AzureStorageAccount -StorageAccountName $storageAccountName
}
catch {
write-host $_
write-host "Remove storage account $storageAccountName failed."
}
}
catch {
write-host "Storage account $storageAccountName not present."
}
Read-host "Check it as all gone. Then press ENTER to re-create it all"
#
# NADA NOW !!!!!!!
#
 
# create new bits here
#
 
# STORAGE ACCOUNT
try {
New-AzureStorageAccount `
-StorageAccountName $storageAccountName `
-Description $storageAccountName `
-Location $Location
write-host "Storage account created."
}
catch {
write-host $_
write-host "Storage account create failed.."
}
# CLOUD SERVICE
try {
New-AzureService `
-ServiceName $monitorCloudServiceName `
-Description $monitorCloudServiceName `
-Location $Location
write-host "Cloud service created."
}
catch {
write-host $_
write-host "Cloud service create failed."
}
 
# WEB SITE
try {
New-AzureWebsite `
-Name $MonitorWebSiteName `
-Location $Location
write-host "Web site created."
}
catch {
write-host $_
write-host "Web site create failed."
}
 
# REPEAT TO SET THE STORAGE ID
#
Set-AzureSubscription -SubscriptionName $mySubName -Certificate $myCert -SubscriptionID $mySubID -CurrentStorageAccount $storageAccountName
Select-AzureSubscription -SubscriptionName $mySubName