Deploying Windows Nano Server and configuring IIS

Here is a simple task list for the subject setup

• Download the script module, template and makecert files to your local drive; deployment instructions also exist

https://www.thomasmaurer.ch/tag/remoting/

• Deployment code snippet

Set-ExecutionPolicy -ExecutionPolicy Bypass

Import-Module C:\NanoServerAzureHelper_20160927\NanoServerAzureHelper.psm1 -Verbose

Set-ExecutionPolicy -ExecutionPolicy RemoteSigned

New-AzureRmResourceGroup -Name "NanoGroup" -Location "Southeast Asia"

New-AzureRmKeyVault -VaultName "NanoVault" -ResourceGroupName "NanoGroup" -Location "Southeast Asia" –EnabledForDeployment

New-NanoServerAzureVM -Location "Southeast Asia" –VMName "nanoservervm" -AdminUsername "AdminNano" -VaultName "NanoVault" -ResourceGroupName "NanoGroup" –Verbose 

• Remote connection to Nano VM (You need a GUI Windows VM in the network where Nano is to remote manage Nano VM)

New-PSSession -ConnectionUri https://nanoservervm.southeastasia.cloudapp.azure.com:5986/WSMAN -Credential AdminNano 

• Disable Windows firewall

 New-AzureStorageContainer -Name ext -Permission Blob -Context ((Get-AzureRmStorageAccount -Name nanostg -ResourceGroupName NANOSE).Context)

Set-AzureStorageBlobContent -File VMCustExt.PS1 -Container ext -BlobType Block -Context ((Get-AzureRmStorageAccount -Name nanostg -ResourceGroupName NANOSE).Context)

$Location = Get-AzureRmLocation|Where-Object{$_.DisplayName -eq 'Southeast Asia'}

$LocationName = $location.DisplayName

$rgName = Get-AzureRmResourceGroup -Location $locationName | Select-Object -Property ResourceGroupName -ExpandProperty ResourceGroupName

$vmList = gc 'C:\vmlist.txt'

$vmlist | % {

$StgKey = (Get-AzureRmStorageAccountKey -Name nanostg -ResourceGroupName NANOSE).Value[0]

Set-AzureRmVMCustomScriptExtension -ResourceGroupName NANOSE -VMName $_ -Location 'Southeast Asia' -Name VMCustExt -FileName 'VMCustExt.PS1' -StorageAccountName nanostg -StorageAccountKey $StgKey -ContainerName ext -Run 'VMCustExt.PS1'

} 

netsh advfirewall set allprofiles state off #--> This cmdlet must go into 'VMCustExt.PS1'

• Configure firewall for remote management and services

 $rulesHTTP = New-AzureRmNetworkSecurityRuleConfig -Name HTTP -Protocol Tcp -Description "HTTP" -SourcePortRange * -DestinationPortRange 80 -SourceAddressPrefix * -DestinationAddressPrefix * -Access Allow -Priority 101 -Direction Inbound

$nsgNano = New-AzureRmNetworkSecurityGroup -Name NanoSG -ResourceGroupName Nanogroup -Location 'Southeast Asia' -SecurityRules $rulesHTTP

$NanoNIC = Get-AzureRmNetworkInterface -Name nanoservervm-NIC -ResourceGroupName Nanogroup

$NanoNIC.NetworkSecurityGroup = $nsgNano

Set-AzureRmNetworkInterface -NetworkInterface $NanoNIC 

• Enable and configure IIS

#Start the WinRM service on the local PC which is in the same network as the remote machine (Nano system) and accessible 

Start-Service WinRM

#Enable access to the remote machine

Set-Item WSMan:\localhost\Client\TrustedHosts -Value "nanoservervm"

#Logon to the remote machine

$cred = Get-Credential

Enter-PSSession -ComputerName nanoservervm -Credential $cred

#Install the package provider

Install-PackageProvider NanoServerPackage

Find-NanoServerPackage -Name *

Install-NanoServerPackage -Name Microsoft-NanoServer-IIS-Package -Culture en-us -Verbose

#Alter the content of the default webpage

PSEdit .\iisstart.htm

#Start the IIS (By default any newly installed service/package will be in stopped mode and has to be manually started)

Start-Service W3SVC

• Launch the website

Rare secrets of the syllable OM, and attaining TURIYA!

1. The syllable OM is a whole sound, comprising of the three syllables, A, U, M.

2. The three Syllables, briefed (Understand them from Tamil / Sanksrit languages standpoint to avoid confusion)

Syllable A
— It is the epitome of the Awake state; it symbolises awakening.
— It means Aapti / Vyapti, which can be defined as the liaising / contact with the “Outer” world.
 — This is when the eye forms its links with the all pervasive External world / Universe.
— It developed / evolved into the Rig Veda, which starts from A and ends in E.

Syllable U
— It symbolises the state of Dream.
— It means Utkarsha, which refers to drawing in / folding inwards / absorption.
— It is about losing liaison / contact with the “Outer” world and exploring the Mind’s world; simply termed as a state of mind in psychological / metaphysical terms.
— It developed into the Yajur Veda, due which this starts from E and ends in U

Syllable M
— It symbolises the humble Sleep of the Soul; merging itself into God or simply the combining of our "Pure Consciousness" and the "Absolute Consciousness".
— It is a cue or sign of the “Sama Nada” which refers to the sonic and musical dimensions of the Veda, personifying the Almighty simply as Sound. Indian classical music has its roots in the Sama Veda, hence the purpose of singing the praise of God as a notion of our respect. This is part of “Sonic Theology” which deals with Hinduism and Sacred sound.

3. This way, the Syllable “OM” encompasses the “Sight” world consisting of “Awake”, “Dream”, “Sleep” states and the “Sound” world comprising of “Rig”, “Yajur”, “Sama” vedic hymns, thereby becoming the seminal sound, seminal sound (a figurative name per se) and the mystic seed (letter) that contains the entire space-time continuum of our existence and beyond (Multiverse), whose starting and ending points we have not known yet.

4. The one that determines and establishes all of these, who encompasses the three syllables symbolising all forms and sounds, the secret name of that pervades “Vishwa” (Matter), “Thaijasa” (Energy), and “Pragya” (Consciousness), is contained in OM.

5. We have to touch the fourth state, by being in the cities of the three. This is the destiny that can be grasped through sound, referred to as "Turiya". This is called “Paravasudeva”, the supreme soul, which is beyond the forms/incarnations of the Almighty, “Aniruddha”, “Pradyumna”, and “Sangarshna”.

6. This is the way of the seeker; route to “Realisation”. This is the path to “Salvation”, “Liberation”.

I have transliterated this excerpt from the video source depicting the life and teachings of Sripad Madhwacharya's,  https://www.youtube.com/watch?v=leoAUu1rD7I, from 2:36:06 to 2:38:20.

Please feel free to share your thoughts and comments on this. I would like to provide a physical and mathematical derivation of this path to realization. It will be great if some mathematical expert or theoretical physicist shall be able to help me with proving this conception scientifically or at least mathematically.

AFAIK, this hovers around the concepts detailed out in the Einstein's theory of relativity, Quantum physics, "String Theory" and nearly matches with the phenomenon known as "Sonoluminescence".

Microsoft Azure Availability Set: Fault Domains | Update Domains

Here is my rambling about this topic, after a brief conversation with another colleague where I tried hard to explain all the aspects pertaining this feature/service. I hope this helps. Your comments or feedback are highly appreciated.

• A single servers’ rack in one of the Microsoft’s datacenter providing Azure service is called as a Fault Domain (FD). In other words, a single servers’ rack is an FD boundary.
• It will contain a bunch of servers stacked up vertically within a container, with Network (Top of the Rack switch), Power source (Plug point in raw terms) besides cooling and ventilation arrangements as part of the datacenter design.
• Servers’ rack is called an FD because it is a standalone unit (without a partner) with a single power and network source, hence a single point of failure.
• Enter Availability Set, wherein you introduce a partner servers’ rack to be paired with the existing servers’ rack. Now the risk of single point of failure is automatically mitigated by distributing the (redundant) workload/servers/services/instances between the pair of servers’ rack.
• What happens if you create redundant workload/servers/services/instances without configuring the “Availability Set” optional service?
• Microsoft Azure cloud’s datacenter management fabric does not understand that the redundant instances (let us assume 2 of them) need to be placed on separate servers’ rack and hence end up being housed inside the same servers’ rack and becomes a single point of failure.
• In essence, having multiple FDs configured in an “Availability Set” helps ensure uninterrupted service in case of an unplanned outage due to power or network issues with one of the servers’ rack.
• In essence, a standalone workload/instance constitutes a single Fault Domain (FD) and Update Domain (UD). However, it is a single point of failure. Hence, a pair/group of redundant workload/instances (needless to say, belonging to the same application or function) is required to mitigate the risk of complete downtime due to planned and unplanned outages.
• Let us assume deployment of 8 VMs in 2 FDs and 6 UDs. The placement plan shall be 4 VMs each in two servers’ rack. In case of an unexpected/unplanned datacenter related outage, only 4 of those VMs shall be online. In case of a planned downtime for maintenance, 6 of the workload/instances shall be online, provided no infrastructure anomaly occurs.
• UDs are devised for platform updates (Azure PaaS and SaaS SCM), originally. Later, as a logical extension step, it was enabled to be leveraged for IaaS instances’ patch updates by the end customer. Hence, irrespective which service consumer you are (IaaS, PaaS, SaaS) UD is required for managing services-resources uptime during a planned maintenance done by Microsoft or the customers themselves.

FD/UD Composition

• A simple case of 2 redundant workload/instances configured in an “Availability Set” consists of 2 FDs and 2 UDs ensuring 50% availability during a planned or unplanned downtime.
• Default setup has it that you can span workloads upto 2 FDs and 5 UDs and additional workload/instances shall be rotated in the same cycle. Simply, workload placement for unplanned outage shall be FD0, FD1, then again FD0, FD1, and it goes on. Workload placement for planned downtime shall be UD0, UD1, UD2, UD3, UD4, then again UD0, UD1, UD2, UD3, UD4 and this will go on based on the total number of redundant workload/instances deployed.
• While 3 FDs per redundant workload/instances is a hard limit, UDs shall be increased from the default 5 upto 20, based on the requirement. If you have a default setup of 5 redundant workload/instances of a single application/function in an "Availability Set" with 2 FDs and 5 UDs, then it translates to 50% of the workload available even during unplanned outage (considering the fact that the 2 FDs in a pair do not go down at the same time). Also, only 1/5th or 20% of the workload will be unavailable at any given time during a planned downtime (application/platform maintenance or enhancement). This can be further tweaked by having 20 UDs for a single application/function, in which case only 1/20th or 5% of the workloads will be unavailable at any given time during a planned downtime.
• The basic building block of an “Availability Set” with 2 FDs and 2 UDs directly translates to 50% availability of the overall application workloads/instances during an unexpected situation because of power or network, there is a possibility of achieving more than 50% availability with 3 FDs and 5 or more UDs which will essentially span the redundant workload/instances over to multiple servers racks or multiple FDs.
• Azure cloud compute uptime SLA clock starts only if an “Availability Set” is constituted with at least 2 running workload/instances. Moreover, a 2 FD setup will still suffer 50% application efficiency because effectively only one of them shall be continuously available in case of an unplanned outage.
• It is unwise to configure multiple “Availability Sets” with for a single application/function, for you will lose more workload/instances during planned and unplanned outages due to the fact that Azure places standalone and paired workload/instances in different manner. Whereas paired workload/instances (FD-UD composition) shall be placed based on isolation/separation in case of FD and affinity/anti-affinity rules in case of UD, there is no such rule for placing a standalone application workload/instance which is configured as an “Availability Set”.

Points to ponder

The “Availability Set” configuration only guarantees uptime of state-less applications/functions. However, state-ful applications/functions require additional configuration such as a common/shared storage accessibility by all the redundant workload/instances of the specific application, network based heartbeat/feedback mechanism to continually inspect-probe, identify and enable the application react to planned downtime / unplanned outage of one of the redundant pair/set of nodes, and a decision making logic/intelligence to continually keep the application available on the active node in the form of a storage based quorum or a filesystem based witness.

An “Availability Set” must be constituted with identical workload/instances in terms of their hardware/software capacity/configuration. This is to ensure we benefit from seamless, unperturbed uptime.

3 FDs and upto 20 UDs can be configured for a single application, to avoid additional downtime due to failure of one of the FDs. For example, an application consisting of 12 VMs with 2 FDs and 6 UDs will ensure at leat 6 of the workload/instances (VM) are available during a planned maintenance activity or an unplanned outage. However, introducing 3 FDs and 8 UDs in the above case means 8 VMs shall be available in case of an unplanned or planned downtime. There are many permutation and combination possible for workload placements in a given Microsoft Cloud DC/Site, based on the customer application requirement.

Mayavada: What it means to Dvaita and Vishishtadvaita

This blog is a response to the blog on "Mayavada Darpanam" - http://mayavadadarpanam.blogspot.in/2006/09/attack-on-ajnaana-of-advaita-2.html, which stated that the differences between our empirical world and the ultimate eternal world of Brahman, is illusory.

I was groomed in an Advaita (Non-dualist) ashrama for the greater part of my life, until I recently fell into Vishishtadwaita (Qualified non-dualist) and Dvaita (Dualist) spheres.

If this empirical world is illusory and myself and another are one and the same, is it justified to completely exchange our personal and professional identities, stating we are the one and the same universal Atman?

We must primarily understand there is no proof that we live in an illusory world and that there is a real world out there. Also, the science statement of "Every action has an equal and opposite reaction" deems fit only with non-Advaita schools, for they definitely say that illusion itself is an illusory concept and we can never avoid painful and pleasureful effects and events stating this is an illusory world.

Cause and Effect, Pleasure and Pain, Birth and Death, Feminine and Masculine, Jeevatma and Paramatma are definite, different and can never be ILLUSORY.

My Two Cents.

Spiritual Thinkers! Please contemplate!!!

A Perspective: Monism, Dualism and Attributive Monism

कर्मण्येवाधिकारस्ते मा फलेषु कदाचन।
मा कर्मफलहेतुर्भूर्मा ते संगोऽस्त्वकर्मणि॥

Karman'ye Vadhi'ka'raste Ma Phaleshu Kadha'chanal
Ma Karmaphalahethurbhur Ma the Sangosthvakarmanill

Transliteration
You have a right to perform your prescribed duty, but you are not entitled to the fruits of action. Never consider yourself the cause of the results of your activities, and never be attached to not doing your duty.
- Baghavad Gita: 2.47

Monism
Perform action without feeling that you are performing it, for there is no "I" in this world. Everything in and around is an illusion. "I am the Supreme being personified" or "Aham Brahmasmi"

Attributive Monism
Perform action without feeling that you are performing it, for there is no "I" in this world. Everything in and around is but part or sub sect of the Supreme being. In other words, Supreme being has the only real existence, and it pervades the entirety.

"I" am but a part of the Supreme being, and hence not entitled to fruits of action. Being the primordial cause, the fruits of any action will be determined by the progenitor.

Dualism
Perform action with strong feeling that you are made to perform it, by the Supreme being. Hence, you are not entitled to the fruits of action, for you are performing your prescribed duty as an obligation to the progenitor.

We are not entitled to the results of work or fruits of action. Nevertheless, we certainly are responsible for our actions. Hence, we are obliged to know whether we are performing prescribed action, wishful action or inaction. Being the primordial cause, the fruits of any action will be determined by the progenitor.

There certainly is "I" in the world and every individual being or "I" are unique and essentially different from each other and the progenitor. We can never become the progenitor, similar to the planets in the solar system can never become SUN anytime. Utmost, planets can combine with SUN as beings can combine with Supreme being.