Connect SCOM 2016 Gateway Server to a Load balancer - scom

Evening Everyone,
I have been doing some research to see if a SCOM Gateway server can be configured to work with management servers behind a load balancers. In the reading and examples i see everyone pointing the gateway server directory to a management server.
If anyone has done this I would like to know what issues you faced.

What are you trying to achive?
scom management group is allready managing performance and workload in the resource pool for you... adding a middle NLB between the GW and MS seems very odd..
please be aware that if you evenatully will be using NLB. you need a physical NIC so that you will be able to use the Agent Deploy feature.

Related

Automatically update a domain with an IP address

Over the years, I used No-IP to link a domain to my IP address, and then used No-IP's DUC (Dynamic Update Client) to update my IP, so that the domain will always point to my IP.
That's very handy for running dedicated game servers.
Is there a DUC-equivalent for Google Cloud DNS?
In essence - No - there isn't :(
Unless yo're using Google Domains for your domain hosting then yes - they support just the thing.
Cloud DNS doesn't have that functionality. There are several workarounds like reserving a public IP for your VM which in my opinion would be the best way to do it. Unless your VM get's deployed using Deployment Manager then it may require some more scripting.
Similar questions have been raised on Stackoverflow here and here which you might find helpful.
If you're running Linux here you'll find a complete script how to update DNS records after a machine startup.

How Can I Connect virtual networks from different deployment models using PowerShell?

I googled and searched but no use. I have VNet which is already created in Azure Classic Portal and I want to add a subnet gateway and a gateway in PowerShell to connect it to an existing IaaS v2 Vnet. How can I do that in PowerShell? Please let me know if there's any resources on how to do that.
Thank you
According to your description, if you want to connect the VNets in different deployment models. The most important is that, the address ranges for the VNets do not overlap with each other, or overlap with any of the ranges for other connections that the gateways may be connected to.
Also your PC have installed the last PowerShell cmdlets, make sure you install both the Service Management (ASM) and the Resource Manager (ARM) cmdlets. Now we can create the VPN to connect the VNets in different deployment models.
More information about how to connect VNets in different deployment models, please refer to the link below:
https://azure.microsoft.com/en-us/documentation/articles/vpn-gateway-connect-different-deployment-models-powershell/
If you still have questions, welcome to post back here. Thanks.

ServiceFabric Windows cluster unable to create firewall rules

I've recently upgraded an on premise Service Fabric cluster to 5.1.156.9590 running on Windows Server 2012 R2. I removed the original cluster and created a new one. Unfortunately my new cluster doesn't seem able to create the firewall rules for any ports specified in the service manifests. The only warning I see that seems connected is this from the ServiceFabric Hosting:
Did not enable firewallpolicy for current profile 1
I can't find any help regarding this message. I'm wondering if something has changed as regards specifying ports for a service or there's something on the node boxes that I haven't configured correctly.
Any pointers appreciated as I'm sure I didn't have to open them manually previously.
Unfortunately, I had the same problem and didn't succeed in reanimation of Service Fabric. Only moving to Azure helped to resolve the issue. You can try next things:
Completely remove SF, SDK, related services, firewall rules and directory SFData on C drive, then install everything again.
Check that firewall is enabled
Check that SF service is created and able to start
If the service is not able to start, check events, there is a special folder for SF where you can find additional and detailed infromation
If you have customized the address on which listeners will listen in SF cluster config, try to change it on something different and see if SF would deploy or not

How to make Windows DNS and WINS settings persist in an Azure VM?

I have a domain controller set up in an Azure VM, and a couple of other servers also set up as VMs. When I set up the server VMs, I configured DNS and WINS to point to the IP address of the DC and joined them to the domain. However, these settings don't survive a shutdown (where the VM is deallocated). When the VM is started back up, DNS and WINS are empty, and domain authentication does not work.
I read that I should provision new VMs via PowerShell commandlets, specifically setting up domain joining. I tried that, and maybe I got something wrong, but it didn't work -- the newly provisioned VM was not joined to the domain, and did not have DNS/WINS set to point to the domain controller.
In any event, my question is: is there any way to re-configure an existing VM to retain network settings through a shutdown or is my only option to figure out how to provision a brand new VM to be married to the domain controller, and then to start from scratch?
Thanks!
You shall never use static configuration on your Azure VM! Neither for IP Addresses, nor for DNS Settings. What I recommend to use is a long story you can read here. It is tested, validated and proven to be effective. A short extract follows:
You should setup at least two sub-nets. Leave one solely for the DNS (and AD/DC if it happens to be the same server). Put all rest of the machines in the other Sub-Net. Thus, you will have 100% predictable IP Address of the DNS Server machine. Having that in mind, configure the DNS for the virtual network via the portal or via PowerShell. But explicitly configure DNS Server for that virtual network. Set IP address for the DNS - the one that you know it will have!
Please do never forget - never manually change network configuration settings for an Azure VM! Doing so is a path to failure.
The above method will help you resolve DNS issue. Now, for the WINS. I don't think you can configure WINS via Virtual Network settings. So, if your VM really loses WINS config, you can create a small powershell script that runs locally on each VM to configure WINS settings upon boot. You can either make this script more generic by looking up the DHCP assigned DNS server and use the same IP Address for WINS, or just put it static, because you know what the IP Address of DNS server will be.
Anton presents a clever and perfectly workable solution, but I wanted to understand what exactly I was doing wrong, because Microsoft guidance suggests that it should be perfectly possible to set up and maintain an Active Directory domain the in the Azure cloud without putting the DC into its own subnet.
After a lot of trial and error (mostly error), I finally figure it out. This is not well documented, so hopefully this will help someone:
In Windows Azure, cloud service is another term for application, or a set of components that scale together. A cloud service is assigned a single DNS name and a single external IP address. In the context of virtual machines, you typically have a 1:1 correspondence between a cloud service and a virtual machine. You only add additional virtual machines to an existing cloud service when you want Azure to automatically load balance and distribute requests among the VMs inside that cloud service, treating them as if they were one.
This brings me to my mistake. Not fully understanding the above, I was attempting to add a new worker virtual machine to the cloud service in which I set up my Domain Controller. That is not a supported configuration. Once I understood that, and properly configured a new VM into its own cloud service, associated with the domain controller as DNS server, everything worked perfectly.

How does MOSS Front End (IIS) load balancing work?

I would like to know how MOSS Front End load balancing works, just an overview or a link to a site that contains this type of information.
In otherwords, I have 2 front end servers in the farm, how does MOSS distribute the work load?
Sorry to disappoint , but I've just been informed that MOSS does not do any load balancing on its own, you need to set this up yourself outside of MOSS.
The MOSS front end farms only sync IIS content between each other - this is provided by MOSS
MOSS lives on Windows 2003 or 2008 servers. You can enable the NLB services within the OS on the web front ends. I don't recall the OS versions that support that but certainly Enterprise and DataCenter editions...
All server versions support NLB (network load balancing). There are really three ways to accomplish load balancing.
You can use DNS to point users to different WFEs by handing out different IP addresses for the same FQDN. This is the 5 minute load balance solution.
The second solution is to use windows version of network load balancing. This is the more robust version of load balancing as it takes into account actual load on the WFEs. If one WFE is processing a large number of request traffic will go to the other box. This solution also accomidates failover if one box goes down. The DNS solution does not.
The third solution is to use a load balancer in front of your WFEs like a cisco or F5 load balancer. This is the solution for farms with many WFE's.
The next question is how do you know if load balancing is occuring. I wrote a webpart for sharepoint that you can add to any page that tells you what server is serving the page. If your load balancing is working you should see the server name change as you make requests to the same page.
You can get the webpart here: Sharepoint Server Info Web Part