Select Page

Using the Azure VM Agent to find server health

I discovered a pool of servers that seemed to be unused, and used the Azure VM Agent “Run PowerShell Script” to determine the real health.

The output told me: not domain joined, not managed, not being patched, so targets for decommissioning.

$boot = Get-CimInstance -ClassName Win32_OperatingSystem

$hotfix = Get-HotFix | Sort-Object InstalledOn -Descending | Select-Object -First 1

$name = Get-CimInstance -Classname Win32_ComputerSystem

write-host “Server $($name.name) Domain $($name.domain)”

write-host “Last reboot $($boot.LastBootUpTime)”

write-host “Last patch $($hotfix.HotFixID) $($hotfix.InstalledOn)”

Server FOOSERVER Domain WORKGROUP
Last reboot 10/12/2022 18:50:02
Last patch KB4495585 05/15/2019 00:00:00

Windows Admin Center and Dell OpenManage/iDRAC integration

Back in a previous life I worked closely with colleagues working on the integration of Dell, HPE and other server hardware vendors into the Microsoft infrastructure management tooling from System Center.

I’m a year in to using Windows Admin Center and the integration with Dell OpenManage and the Dell iDRAC.

It’s (usually) a joy; as part of the patching cycle, open the Dell OpenManage integration blade in Windows Admin Center, check for compliance, see which components need updating, update them.

image

image

Microsoft re-certifications

Four re-certifications in the last few days.

I really like the Microsoft model – free to re-certify, keep up to date on the latest areas of technology.

AZ-104, AZ-700, AZ-400, AZ-500 all current again.

If you’re about to re-sit these my top tips: read the exam subject matter, see what changed since you took the last test. Microsoft Learn has training, documentation and guidance – https://learn.microsoft.com – and you can also revisit learning resources such as John Savills Technical Training.

Open book test, 45 minutes. Bing is your friend.

Screenshot 2023-04-24 193000Screenshot 2023-04-24 082226Screenshot 2023-04-18 155113Screenshot 2023-04-18 085831

Windows Server DHCP lease cleanup

Tiny piece of housekeeping, note for self for future use.

Previous reservations are wedged in the DHCP database, and not accessible through the DHCP MMS snap-in. Scope reconciliation shows the rogue entries.

Solution is to delete the reservations from the DHCP database.

Show all DHCP clients, i.e active leases and reservations

NETSH DHCP SERVER SCOPE [scope] SHOW CLIENTS

Remove individual, expired reservations

NETSH DHCP SERVER SCOPE [scope] DELETE LEASE [IP ADDRESS]

I could have done this with PowerShell, but NETSH was fast and easy.

Microsoft Flow – MSN weather connector, units

I’ve had a Microsoft Flow connector in production for a long time. It runs twice daily, reads the weather forecast for my location (Issaquah, WA), and if it’s forecast to be warm, sends an email to remind that plants need watering.

At some point recently, the flow stopped working correctly. It was triggering for Fahrenheit temperatures rather than Celsius. Cue twice daily emails when it’s cold outside.

I pulled apart the flow – and the Inputs for the connector had changed:

 

imageimage

Azure Function timer triggers

Deep joy working with Azure Function apps, and using timer triggers this last few weeks.

I’ve been working on a set of Azure Functions that fire on a schedule, to read information from across the Azure environment, and write the results to Cosmos DB. Simple enough.

The trigger is set as a Timer:

image

The timer takes an NCRONTAB format for when it fires.

The various pieces of documentation are pretty clear, and I’ve got a lot of familiarity with CRON running on Linux.

My initial schedule was 0 0 */8 * * * – which should fire every 8 hours.

image

Instead – some really variable and unreliable results. I found "8-ish" hours between triggers to be best case, often the whole function stopped firing. Restart the function, and "8-ish hours" later it fired.

After a bunch of reading and testing, I changed the schedule to 0 0 0/8 * * * – which fires at 00Z, 08Z, 16Z – so every 8 hours, but locked to midnight, 8.00am and 4.00pm UTC.

image

So far – so good.

This was a good NCRONTAB expression tester: NCrontab Online Expression Tester Evaluator (swimburger.net)

Hosting updates again

This blog (and several others) have been Azure hosted, on a monolithic SLES 15 virtual machine for a good few years.

I seem to have done the rounds on various flavours of Azure hosting. App Service with Project Nami, straight IaaS (like today), App Service with WordPress as a Microsoft provided service.

This last weekend I pulled the database out from the various blog VMs and moved that to a PaaS MySQL environment. It’s cheap, burstable, and seems more than performant for what I need. The other cool feature is VNET isolation – so the database engine is only accessible from my infrastructure running in Azure.

Access to the local Enphase Envoy API through code

Introduction

In April 2022 I had a PV system installed, with a local Enphase Envoy as part of the configuration.

The Enphase Envoy acts as a management gateway for the Enphase system. Collecting, storing and forwarding data to Enphase for the consumer Enlighten datapool and application.

My installation consists of an IQ Combiner; but I believe these instructions are valid for any Envoy running software greater than version 7. At the time of writing my Envoy is running D7.0.85.

Some history

I was interested in the raw data coming from the PV system. During vendor selection I reviewed the access and APIs available; and Enphase seemed to have a good mix of capabilities.

At some point in late 2021/early 2022 access to a local Envoy gateway was changed to require a JWT access token. This caused many home automation and data logging integrations to break. The documentation from Enphase showed how to interactively get the token and login. I found no documentation on doing this automatically through code.

After much reading, reviewing multiple blogs and github repos, and trial and error – I have this now working.

Authentication flow

Firstly, there’s a lot of head scratching on this approach from Enphase. Yes – it protects access behind a token, but it’s all intended for interactive work. I can only surmise that the market for this is not the home integrator or API data scraper. I see Enphase pushing that persona towards the Enlighten API v4 – which has a different set of issues (which I’ll write about in the future).

So the flow:

The third step of this, posting the JWT to /auth/check_jwt, does not seem to be documented anywhere.

Also, and most troubling, the JWT itself is returned as part of the body of a html page. Some regex is needed to extract the specific text string. This has risk in the event that the html document structure changes in the future.

I posted a sample PowerShell script here.

Using this approach, I now have data being pulled from the local IQ Combiner, parsed, posted to a NoSQL database, and then graphed.

COVID – wrapping up after 110 weeks

COVID-19, the disease caused by the SARS-CoV-2 virus, is not gone. People around the globe are still getting sick, having long term issues from "long COVID", and dying.

However, after 110 weeks of blogging, the news cycle has moved on.

Over 11 billion vaccines and boosters have been given. The global distribution is not fair or equitable.

Vaccination, masking and empathy are polarising, political, issues. The scars will be felt for decades.

So here we are. Over 6 million deaths, multiple waves of disease. Lockdown, disruption, anger, fear.

I predict these events:

  • annual combined "flu and Covid" shot by late 2022
  • continued politicisation of vaccination, especially in the US
  • continued cases across the globe
  • emergence of new variants, several of which will break out
  • a winter 2022/2023 wave, with no restrictions or mask mandates

On the positive side:

  • Covid vaccine development and technology innovation will lead to breakthrough prevention and treatment regimes for multiple diseases
  • an approved vaccine for under 5s
  • safe, cheap and effective vaccination supply chains across the globe.

Signing off for the final time on this subject.

–Martin

image

 

image